From snow at smoke.suba.com  Thu Aug  1 00:37:18 1996
From: snow at smoke.suba.com (snow)
Date: Thu, 1 Aug 1996 15:37:18 +0800
Subject: "An who shall guard the guardians?"
In-Reply-To: <199608010119.UAA24361@manifold.algebra.com>
Message-ID: <Pine.LNX.3.93.960731232510.341C-100000@smoke.suba.com>


On Wed, 31 Jul 1996, Igor Chudov @ home wrote:
> Timothy C. May wrote:
> > ObClipper: "Who shall guard the guardians?" While the various Clipper
> > proposals have putative safeguards to limit access, think of Craig
> > Livingstone, a rent-a-cop the Clintons hire to work on their Enemies List.
> > And think of the dossiers of J. Edgar Hoover. And think of Nixon. And think
> > of what President Pat Buchanan would do with Government Access to Keys.
> What President Pat Buchanan would do with Government Access to Keys, I 
> wonder? (seriously)

     Probably the same as Herr Clinton.
  
Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From jimbell at pacifier.com  Thu Aug  1 00:45:43 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 1 Aug 1996 15:45:43 +0800
Subject: Jewell is the Militia Bomber!!!!
Message-ID: <199608010522.WAA04374@mail.pacifier.com>


At 07:49 PM 7/31/96 -0700, Timothy C. May wrote:
>
>The security guard Jewell is now confirmed to be the prime suspect. While
>NBC News is reporting that no evidence _directly_ links him to the bombing,
>the evidence against him is overwhelming:
>
>1. He is overweight. With the exception of The Unabomber, most perps in
>cases like this are fat.

Uh, just like that guy in Jurassic Park!

('Course, there's an explanation for this.   "The butler did it" went out over 30 years ago.  They're running out of butlers, and, well, many butlers were fat, so...)

>2. They found a _shotgun_ in his cabin.

No, no, Tim.   The proper way to deliver this to a TV audience is, "They 
found an ARSENAL in his COMPOUND!"

(see how much more exciting it is?!?  BTW, how many wives does he have?)


>3. He had an interest in guns. (Back issues of "Guns and Ammo" are bad
>enough, but possession of even a single issue of "Combat Handguns" is
>sufficient to convict in 39 of the 50 states.)

Any copies of that SUBVERSIVE publication Shotgun News?

>4. News sources are reporting that authorities who searched his apartment
>and his cabin "came up empty," which surely implies that he planned this
>crime with the help of others.

And he had to have scoured it clean JUST BEFORE the authorities arrived!  
Yeah, that's the ticket!


Jim Bell
jimbell at pacifier.com





From ceridwyn at wolfenet.com  Thu Aug  1 00:48:05 1996
From: ceridwyn at wolfenet.com (Cerridwyn Llewyellyn)
Date: Thu, 1 Aug 1996 15:48:05 +0800
Subject: fbi, crypto, and defcon
Message-ID: <2.2.32.19960801051356.0069c5f8@gonzo.wolfenet.com>



>> Okay, so their boss is part of the law making process, subject to the checks
>> and balances that exist between the three branches of US government. They
>> are in a position to supply their boss with data and I am personally
>> impressed with their grasp of some of that data (it sounds to me like they
>> are telling their boss that hackers like the ones at Defcon are not the
>> problem).

It was interesting how the Agent made the point that the FBI was there to 
enforce laws, not make policy.  Then his Boss's role in the law making process
was brought up, the Agent said "but any of you can do the same thing, you
all have a voice" etc etc.  Then he refused to answer political questions 
based on the fact that he was there as a representative of the FBI, failing
to see that his Boss is also a representative of the FBI when recommending
legislation.  (Again, I realize he was "under orders" not to discuss it, I 
wish he wouldn't try to justify it with obviously faulty logic.)

>    I think what they are really saying is that they would love to
>bust most hackers, but since they can't they might as well use some of
>them to catch the bigger fish.  If they truly did believe in the laws they
>are supposed to uphold they wouldn't associate with hackers (who commit
>computer crimes) at all.

A more cynical view is that they are there to protect some of the biggest
institutions of "organized crime" (ie: Congress, At&t, Microsoft, etc) who
are ripping people off on a daily basis from the other organizations who
refuse to play by their rules.

//cerridwyn//







From ceridwyn at wolfenet.com  Thu Aug  1 01:16:27 1996
From: ceridwyn at wolfenet.com (Cerridwyn Llewyellyn)
Date: Thu, 1 Aug 1996 16:16:27 +0800
Subject: A Libertine Question
Message-ID: <2.2.32.19960801053838.006a2bb4@gonzo.wolfenet.com>



>Most demands for ID and conformations with police involve the operation of
>motor vehicles.  I have never been "IDed" except at border crossings and
>when I was operating motor vehicles.  Clean and dressed up people are rarely
>IDed on foot.  Maybe you should mention some of the specific practices in
>Seattle that disturb you.

I was downtown Seattle at night time (early morning), walking around, minding 
my own business. Probably not actively maintaining public decorum, but
certainly 
not doing anything unorderly.  A cop approached me and asked what I was doing,
I told him none of his business.  He asked me for my ID, I said why, am I under
arrest?  He said no, but he needs to see my ID.  I told him he has no right to
ask me for my ID, especially when I've been doing nothing wrong, if I wanted to 
live in those conditions, I'd move to Iraq or China or something.  I got out my 
handy pocket tape recorder, and asked him to state his name and repeat his
request 
for the benefit of my lawyer who'd be contacting him. At this point the few
other 
people on the street had sort of gathered a few yards away, and the cop decided
he wasn't gonna win this one, so asked me to return to my home and left before
I could respond.  You are right, "Clean and dressed up people are rarely IDed 
[read harassed] on foot."  I'm not concerned for the clean and dressed up
people 
(with regards to police abuse), I'm concerned about the majority of people who 
aren't.  (For the record, I'm generally clean, but *rarely* dressed up. =) )  

>Or flying on a commercial flight.  So far, prosecutions for "failure to
>possess ID" have not succeeded.  You *can* be prosecuted for failure to
>identify yourself (which is *not* the same thing).  The Philadelphia airport
>was allegedly requiring *two* pieces of ID for flights.  If they are talking
>about two pieces of photo -- government-issued ID, I wonder where the 80% of
>Americans without a Passport (x the 90% of Americans who are not government
>employees) get the second piece of ID. [Is it a violation of something if
>you Heil Hitler od Sieg Heil the airline clerk when they ask to see your ID.
>It's not a threat, it's an expression of honor.]

When I flew from Philadelphia about a year ago, they required one picture ID
and one other ID, just like most stores when you want a check cashed.  I still
don't like it, but I have less of a problem presenting ID when I am seeking
a service of some kind.  It is unacceptable to be asked for ID when I am merely
walking around a public street.






From jimbell at pacifier.com  Thu Aug  1 01:26:41 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 1 Aug 1996 16:26:41 +0800
Subject: "And who shall guard the guardians?"
Message-ID: <199608010551.WAA05766@mail.pacifier.com>


At 02:57 PM 7/31/96 -0700, Martin Minow wrote:

>This question is also relevant to escrowed encryption: how to
>prevent misuse of escrowed keys by file clerks and other people
>who need access to the keys as part of their legitimate duties.
>Since these keys will protect a very large amount of money (consider
>the encryption keys used for interbank clearing) and since we
>know from the Aldrich Ames case that $3,000,000 can buy a
>high-ranking CIA employee, there are significant problems that
>need to be addressed. I would suspect that a Baysian analysis
>would indicate that the risk of holding (and losing) a key is
>greater than the risk of not holding (and needing) a key.

 
However, even that is a somewhat skewed analysis.  Most of us realize that 
the  kinds of advanced surveillance systems that are being promoted these 
days have nothing to do with crimes that are, statistically, the most common 
and feared among ordinary citizens. Will a wiretap ever solve a burglary?  
Rarely.  Will a Clipper-type decrypt bring a rapist to justice?  Fairly 
unlikely.  How about a carjacking?  A strong-arm robbery?  An arson?

Sure, it's always possible, but we know what's really going on.  Governments 
are afraid that technology will not only replace the protections we've 
traditionally been told only came from government (and thus make them 
unnecessary), but also that technology will allow us to force those 
governments to shrink and possibly to disband.  

In other words, to a government-type most of the benefits of a Clipper 
system are to the government itself, certainly not to the person who owns 
the phone and not even to society as a whole.  That's one reason, I suspect, 
why those secret talks given to various people to convince them to support 
Clipper "usually" work if the person is a government-type, but will almost 
never work to an unbiased private citizen.  That's also why the lecture is 
secret:  That way, the government can push two different stories without a 
contradiction being obvious to the rest of us.  





Jim Bell
jimbell at pacifier.com





From adamsc at io-online.com  Thu Aug  1 01:27:18 1996
From: adamsc at io-online.com (Chris Adams)
Date: Thu, 1 Aug 1996 16:27:18 +0800
Subject: Jewell is the Militia Bomber!!!!
Message-ID: <199608010550.WAA19139@toad.com>


On 31 Jul 96 22:40:46 -0800, tcmay at got.net wrote:


>The security guard Jewell is now confirmed to be the prime suspect. While
>NBC News is reporting that no evidence _directly_ links him to the bombing,
>the evidence against him is overwhelming:
>
>1. He is overweight. With the exception of The Unabomber, most perps in
>cases like this are fat.

After all, who could *not* want to conform with crowd?  Anyone who isn't
obsessed with being thin must have something wrong with him.  There ought
to be a law against people like him!

>2. They found a _shotgun_ in his cabin.

Only a criminal would have a reason for that! After, what legitimate use
could a citizen have with one? If he wants to hunt, he should use a
rifle!

>3. He had an interest in guns. (Back issues of "Guns and Ammo" are bad
>enough, but possession of even a single issue of "Combat Handguns" is
>sufficient to convict in 39 of the 50 states.)

Particularly for a cop! Why would anyone in his position need *that*!

>4. News sources are reporting that authorities who searched his apartment
>and his cabin "came up empty," which surely implies that he planned this
>crime with the help of others.

We can take prime examples of this:  The Whitehouse hiring dilemna - if
they can't figure out who hired him, there must be someone in on the job!
 Maybe it's the dead guy. Maybe it's those evil Internet users...

___
Sorry about breaking your sarcasm-meter...
___
>(P.S. I, too, was convinced Jewell was the guy. But in recent hours it is
>looking like a "rush to judgment" could be involved. There is strong
>pressure to "solve the crime" by the close of the Olympics on Sunday.)

I think we could track this to the replacement of literature and culture
with TV - if everyone from T.J. Hooker to Agents Sculley and Mulder solve
a mystery in 30 minutes, surely they can do it in real life, too.

How much do you want to bet that if it is a frame and it is successful,
they'll "find" a PGP encrypted file with plans and use it to promote GAK?

# Chris Adams <adamsc at io-online.com> - Webpages for sale! Se habla JavaScript!
# Automatically receive my resume or PGPKEY by sending email with a subject
# of 'send PGPKEY' or 'send resume'. Capitalization counts so be careful!
# Web site: http://www.io-online.com/adamsc/adamsc.htm
 








From alanh at infi.net  Thu Aug  1 01:28:42 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 1 Aug 1996 16:28:42 +0800
Subject: A Libertine Question
In-Reply-To: <2.2.32.19960731151242.0087632c@panix.com>
Message-ID: <Pine.SV4.3.91.960801015212.23502D-100000@larry.infi.net>


On Wed, 31 Jul 1996, Duncan Frissell wrote:

> You *can* be prosecuted for failure to
> identify yourself 

   Only if you were already under arrest. Arrestees have a duty to 
identify themselves when asked.





From stewarts at ix.netcom.com  Thu Aug  1 01:32:51 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 1 Aug 1996 16:32:51 +0800
Subject: Cracking RC4/40 for massive wiretapps
Message-ID: <199608010603.XAA19276@toad.com>


At 11:13 AM 7/30/96 -0700, frantz at netcom.com (Bill Frantz) mused paranoidly:
>I combine the above with Whit Diffie's observation that, while crypto users
>are interested in the security of *each* message, organizations which
>monitor communications want to read *every* message.  A TLA interested in
>monitoring communications would need to crack RC4-40 much faster than
>1/week.

When we discussed using FPGA machines to crack RC4/40 last year,
someone calculated the cost of cracking a message at 8 cents
if you're doing enough to amortize your machine, and Eric had designed
a system that should be able to crack it in about 15 minutes for $25-50K.
The two basic search approaches are to take a cyphertext and decrypt it
trying many keys to see if you get a likely plaintext, or to take known
plaintext and encrypt with many keys to see if you match the cyphertext.

But those designs are for one-at-a-time cracks.  An interesting question
is whether you can speed up performance substantially by cracking
multiple messages at once.  For instance, if you've got known plaintext,
such as a standard header format saying "FooVoice" or "BEGIN DSA-SIGNED..",
you can try many keys and compare them with _many_ cyphertexts,
which may not slow down the FPGA very much.  Also, even for
unknown-plaintext, since key scheduling is a relatively slow part of RC4/40,
you can split the key-schedule and the block-encryption phases, feeding
one keyschedule output to multiple decrypt-and-compare sessions in parallel.
So the cost per victim of cracking many sessions may be much lower.

>Now expensive specialized cracking equipment can certainly speed up the
>process, but there may be a better way.  If cryptanalysis of RC4 yields
>techniques which make the process much easier, then it is the ideal cypher
>to certify for export.
>The paranoid conclusion is that there is a significant weakness in RC4.

Just keeping the key length down to 40 bits on a fast cypher is a good start.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 
#			Dispel Authority!






From rich at c2.org  Thu Aug  1 01:35:19 1996
From: rich at c2.org (Rich Graves)
Date: Thu, 1 Aug 1996 16:35:19 +0800
Subject: Jewell is the Militia Bomber!!!!
In-Reply-To: <ae25687f0102100499f1@[205.199.118.202]>
Message-ID: <Pine.GUL.3.95.960731224213.20404G-100000@Networking.Stanford.EDU>


On Wed, 31 Jul 1996, Timothy C. May wrote:

> The security guard Jewell is now confirmed to be the prime suspect. While
> NBC News is reporting that no evidence _directly_ links him to the bombing,
> the evidence against him is overwhelming:
> 
> 1. He is overweight. With the exception of The Unabomber, most perps in
> cases like this are fat.

Au contraire:

 Let me have men about me that are fat;
 Sleek-headed men, and such as sleep o' nights:
 Yond Cassius has a lean and hungry look;
 He thinks too much: such men are dangerous.
[...]
        He reads much;
 He is a great observer, and he looks
 Quite through the deeds of men: he loves no plays,
 As thou dost, Antony: he hears no music:
 Seldom he smiles; and smiles in such a sort
 As if he mock'd himself, and scorn'd his spirit
 That could be mov'd to smile at anything.

Which member of the Dream Team does this remind you of?

> (P.S. I, too, was convinced Jewell was the guy. But in recent hours it is
> looking like a "rush to judgment" could be involved. There is strong
> pressure to "solve the crime" by the close of the Olympics on Sunday.)

All I know is:

1. At least one person is dead, and lots more injured.
2. For nothing.

Ferchrissakes, guys, take a step back and look at yourselves. You're playing
the spin control game just as fast and furious as the "bad guys" (?). First
the glee over how easy it was to find bomb-making instructions anywhere,
then saying it was a provocation by the government, now it becomes a
conspiracy against fat people who read gun magazines. 

-rich
 [blue-ribbon disclaimer: it's called sarcasm, son, SARCASM]
 censor the internet! http://www.stanford.edu/~llurch/potw2/
 boycott fadetoblack! http://www.fadetoblack.com/prquest.htm






From alanh at infi.net  Thu Aug  1 01:36:25 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 1 Aug 1996 16:36:25 +0800
Subject: "adjust your attitude with their billy club"
In-Reply-To: <ae24e2ee02021004242f@[205.199.118.202]>
Message-ID: <Pine.SV4.3.91.960801015918.23502E-100000@larry.infi.net>


> When the local cops adjust my attitude with a billy club for dressing like
> a hippie and lounging around in a public place

   I am a defender of your right to not be harrassed by legal-definition 
nuisances, not a fashion cop.  I gave up on trying to clean up the 
unwashed masses, a long time ago.

But if your definition of "lounging" includes (say) playing your boombox as 
loud as you want in the park - then mine includes making a buck by burning 
toxic waste.






From alanh at infi.net  Thu Aug  1 01:52:38 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 1 Aug 1996 16:52:38 +0800
Subject: A Libertine Question
In-Reply-To: <1.5.4.32.19960731223430.006cdb98@pop.atl.mindspring.com>
Message-ID: <Pine.SV4.3.91.960801022119.23502I-100000@larry.infi.net>


John Brothers,

Which locality do you live in?  I've got all this toxic waste that I've 
been collecting in return for receiving large sums of money, I'd like to 
get rid of it as cheply as possible. I thought I might just burn it in a 
good  "true" libertarian neighborhood.

You don't mind, do you?





From tcmay at got.net  Thu Aug  1 02:11:26 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 1 Aug 1996 17:11:26 +0800
Subject: Jewell is the Militia Bomber!!!!
Message-ID: <ae25a290040210043ec2@[205.199.118.202]>


At 5:53 AM 8/1/96, Rich Graves wrote:

>Ferchrissakes, guys, take a step back and look at yourselves. You're playing
>the spin control game just as fast and furious as the "bad guys" (?). First
>the glee over how easy it was to find bomb-making instructions anywhere,
>then saying it was a provocation by the government, now it becomes a
                                                     ^^^^^^^^^^^^^^^^
>conspiracy against fat people who read gun magazines.
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Rich, maybe you're spending too much time amongst the Zundelsite Neo-Nazis.
You no longer recognize humor even when it's pretty damned obvious.


--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From shamrock at netcom.com  Thu Aug  1 02:50:11 1996
From: shamrock at netcom.com (Lucky Green)
Date: Thu, 1 Aug 1996 17:50:11 +0800
Subject: A Libertine Question
Message-ID: <v02120d08ae25ff4436d1@[192.0.2.1]>


At 11:12 7/31/96, Duncan Frissell wrote:

>Most demands for ID and conformations with police involve the operation of
>motor vehicles.  I have never been "IDed" except at border crossings and
>when I was operating motor vehicles.  Clean and dressed up people are rarely
>IDed on foot.  Maybe you should mention some of the specific practices in
>Seattle that disturb you.

I have been IDed numerous times for no other reason than walking on the
sidewalk at a late hour in an area where most people use cars to go to the
7/11 down the block. Southern California is especially bad in this regard.
A friend, who had the same problem, finally got a dog. After that the cops
left her alone. Seems walking your dog is a legitimate reason to be out at
night...



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From shamrock at netcom.com  Thu Aug  1 02:53:11 1996
From: shamrock at netcom.com (Lucky Green)
Date: Thu, 1 Aug 1996 17:53:11 +0800
Subject: Violation or Protection? [OLYMPICS]
Message-ID: <v02120d09ae26039239a3@[192.0.2.1]>


At 12:03 7/31/96, David Rosoff wrote:
[...]
>On the local news I saw footage of a couple schmoozing in the Olympic
>(Centennial?) Park after its reopening. The voice-over said that all
>bags are being searched, and the couple said that rather than be
>alarmed or nervous, they "appreciated" it.
>
>I'm not quite sure what to think about this. I don't have enough
>experience to form a well thought-out opinion. I'd like to hear some
>of everyone's thoughts on this: Is this bag-searching a violation,
>(which was my immediate reaction) or is it not, because you have to
>already be going into the controlled area to get searched?

You are confused because you wonder how it could be that the couple could
appreciate having their bags searched, something you intuitively regard as
a violation of their rights. The very simple answer is that, generally
speaking, individuals enjoy to have their rights violated, provided that
they are given a (often false) sense of security in return.

Surveys from a few years ago showed that a majority of Americans would
approve of warrantless house-to-house searches, including their own, to
combat the use of narcotics.

ObCrypto:
The public will cheer the day that strong, non-escowed crypto is outlawed.


-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From shamrock at netcom.com  Thu Aug  1 03:12:07 1996
From: shamrock at netcom.com (Lucky Green)
Date: Thu, 1 Aug 1996 18:12:07 +0800
Subject: Smart cards "a giant leap backwards" - Canadian Privacy	  Commissioner
Message-ID: <v02120d07ae25fd16b3a4@[192.0.2.1]>


At 11:12 7/31/96, Duncan Frissell wrote:
>At 02:23 PM 7/30/96 -0400, Richard Martin wrote:
>>Very little that might be new or enlightening to the world; attendees
>>of CFP '96 will remember [fuzzily, in my case] the closest thing to
>>Bruce's counterpart in the states admitting that the USA doesn't actually
>>have much of a counterpart to the privacy commissioner.
>
>Most Central European countries have both privacy commissioners and legal
>requirements that everyone register their addresses with the police.  I'll
>do without the former if I can also avoid the latter.

I remember a time when Privacy Commissioners were a new thing. Their
primary purpose seemed to be to sanction government access to (and keeping
of) large databases on the activities of the population. Their secondary
purpose was to prevent the private sector competition from doing the same.
Eliminating access to such data by the individual in the process.

Things may have changed for the better, but I doubt it.


-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From ceridwyn at wolfenet.com  Thu Aug  1 04:55:07 1996
From: ceridwyn at wolfenet.com (Cerridwyn Llewyellyn)
Date: Thu, 1 Aug 1996 19:55:07 +0800
Subject: fbi, crypto, and defc
Message-ID: <2.2.32.19960801091751.006a9430@gonzo.wolfenet.com>



> Since they were speakers, could they be part of the Spot The Fed contest?

They said that every other time their comrades had come to defcon, they had
tried to come incognito, and got caught every time.  This time, they wore
FBI t-shirts, and the only response was "Hey! Where'd ya get the T-Shirt?!?".
They said "We hacked 'em from the FBI" and that was it, noone suspected... =)
//cerridwyn//






From gnu at toad.com  Thu Aug  1 04:58:03 1996
From: gnu at toad.com (John Gilmore)
Date: Thu, 1 Aug 1996 19:58:03 +0800
Subject: NSA/ARPA/DISA joint research office Memo of Agreement
Message-ID: <199608010857.BAA21140@toad.com>


[I found this at the ARPA web site while looking up the programs there
that are trying to deploy crypto in the Internet.  You can read it as
plain text, the HTML crud peters out after the first page.  If you
look at it on the web, they have reproduced the signatures from the
signature page in a GIF file.  -- John]

<BASE HREF="http://www.ito.darpa.mil/ResearchAreas/Information_Survivability/MOA.html">

<HTML>
<HEAD>
<TITLE>MOA - Information Systems Security Research Joint Technology
Office</TITLE>
</HEAD>
<BODY>
 


<CENTER>
<H3>Memorandum of Agreement<BR>
Between<BR>
The Advanced Research Projects Agency,<BR>
The Defense Information Systems Agency, and<BR>
The National Security Agency<BR>Concerning<BR>
The Information Systems Security Reseach Joint Technology Office</H3>
</CENTER>

<H3>Purpose</H3>

The Advanced Research Projects Agency (ARPA), the Defense Information
Systems Agency (DISA), and the National Security Agency (NSA) agree to
the establishment of the Information  System Security Research Joint
Technology Office (ISSR-JTO) as a joint activity.  The ISSR-JTO is
being established to coordinate the information systems security
research programs of ARPA and NSA.  The ISSR-JTO will work to optimize
use of the limited research funds available, and strengthen the
responsiveness of the programs to DISA, expediting delivery of
technologies that meet DISA's requirements to safeguard the
confidentiality, integrity, authenticity, and availability of data in
Department of Defense information systems, provide a robust first line
of defense for defensive information warfare, and permit electronic
commerce between the Department of Defense and its contractors.

<H3>Background</H3>

In recent years, exponential growth in government and private sector
use of networked systems to  produce and communicate information has
given rise to a shared interest by NSA and ARPA  in focusing
government R&D on information systems security  technologies.  NSA and
its primary network security customer, DISA, have become increasingly
reliant upon commercial information technologies and services to build
the Defense Information Infrastructure, and the inherent security of
these technologies and services has become a vital concern.  From
ARPA'S perspective, it has become increasingly apparent that security
is critical to the success of key ARPA information technology
initiatives.  ARPA's role in fostering the development of advanced
information technologies now requires close attention to the security
of these technologies.<P>

NSA's security technology plan envisions maximum use of commercial
technology for sensitive but unclassified applications, and, to the
extent possible, for classified applications as well.  A key element
of this plan is the transfer of highly reliable government-developed
technology and techniques to industry for integration into commercial
off-the-shelf products, making quality-tested security components
available not only to DoD but to the full spectrum of government and
private sector users as well.  ARPA is working with its contractor
community to fully integrate security into next generation computing
technologies being developed in all its programs, and working with the
the research community to develop strategic relationships with
industry so that industry will develop modular security technologies
with the capability of exchanging appropriate elements to meet various
levels of  required security.<P>

NSA and ARPA now share a strong  interest in promoting the development
and integration of security technology for advanced information
systems applications.  The challenge at hand is to guide the efforts
of the two agencies in a way that optimizes use of the limited
research funds available and maximizes support to DISA in building the
Defense Information Infrastructure.<P>

NSA acts as the U.S. Government's focal point for cryptography,
telecommunications security, and information systems security for
national security systems.  It conducts, approves, or endorses
research and development of techniques and equipment to secure
national security systems.  NSA reviews and approves all standards,
techniques, systems, and equipment related to the security of national
security systems.  NSA's primary focus is to provide information
systems security products, services, and standards in the near term to
help its customers protect classified and national security-related
sensitive but unclassified information.  It develops and assesses new
security technology in the areas of cryptography, technical security,
and authentication technology; endorses cryptographic systems
protecting national security information; develops infrastructure
support technologies; evaluates and rates trusted computer and network
products; and provides information security standards for DoD.  Much
of the work in these areas is conducted in a classified environment,
and the balancing of national security and law enforcement equities
has been a significant constraint.<P>

ARPA's mission is to perform research and development that helps the 
Department of Defense to maintain U.S. technological superiority over
potential adversaries.  At the core of the ARPA mission is the goal to
develop and demonstrate revolutionary technologies that will
fundamentally enhance the capability of the military.  ARPA's role in
fostering the development of advanced computing and communications
technologies for use by the DoD requires that long term solutions to
increasing the security of these systems be developed.  ARPA is
interested in commercial or dual-use technology, and usually
technology that provides revolutionary rather than evolutionary
enhancements to capabilities. ARPA is working with industry and
academia to develop technologies that will enable industry to provide
system design methodologies and secure computer, operating system, and
networking technologies.  NSA and ARPA research interests have been
converging in these areas, particularly with regard to protocol
development involving key, token, and certificate exchanges and
processes.<P>

One of the key differences between ARPA's work and NSA's is that
ARPA's is performed in unclassified environments, often in university
settings.  This enables ARPA to access talent and pursue research
strategies normally closed to NSA due to security considerations.
Another difference is that while NSA's research is generally built
around developing and using specific cryptographic algorithms, ARPA's
approach is to pursue solutions that are independent of algorithm used
and allow for modularly replaceable cryptography.  ARPA will, to the
greatest extent possible, allow its contractor community to use
cryptography developed at NSA, and needs solutions from NSA on an
expedited basis so as not to hold up its research program.<P>

DISA functions as the Department of Defense's information utility.
Its requirements for information systems security extend beyond
confidentiality to include protection of data from tampering or
destruction and assurance that data exchanges are originated and
received by valid participants.  DISA is the first line of defense for
information warfare, and needs quality technology for detecting and
responding to network penetrations.  The growing vulnerability of the
Defense information Infrastructure to unauthorized access and use,
demonstrated in the penetration of hundreds of DoD computer systems
during 1994, makes delivery of enabling security technologies to DISA
a matter of urgency.

<H3>The Information Systems Security Research Joint Technology
Office</H3>

This MOA authorizes the ISSR-JTO as a joint undertaking of ARPA, DISA,
and NSA.  It will perform those functions jointly agreed to by these
agencies.  Each agency shall delegate to the ISSO-JTO such authority
and responsibility as is necessary to carry out its agreed functions.
Participation in the joint program does not relieve ARPA, DISA, or NSA
of their respective individual charter responsibilities, or diminish
their respective authorities.<P>

A Joint Management Plan will be developed to provide a detailed
definition of the focus, objectives, operation, and costs of the Joint
Technology Office.  The ISSR-JTO will be jointly staffed by ARPA,
DISA, and NSA, with respective staffing levels to be agreed upon by
the three parties.  Employees assigned to the JTO will remain on the
billets of their respective agency.  Personnel support for employees
assigned to the JTO will be provided by their home organization.  The
ISSR-JTO will be housed within both ARPA and NSA, except as agreed
otherwise by the three parties.  To the greatest extent possible, it
will function as a virtual office, using electronic connectivity to
minimize the need for constant physical co-location.  Physical
security support will be provided by the party responsible for the
specific facilities occupied.  Assignment of the ISSR-JTO Director,
Deputy Director, and management of other office elements will be made
by mutual agreement among the Directors of ARPA, DISA, and NSA upon
recommendation of their staffs.<P>

<H3>Functions</H3>

By mutual agreement of ARPA, DISA, and NSA, the ISSR-JTO will perform
the following joint functions:
<OL>
<LI>Review and coordinate all Information System Security Research
programs at ARPA and NSA to ensure that there is no unnecessary
duplication, that the programs are technically sound, that they are
focused on customer requirements where available, and that long term
research is aimed at revolutionary increases in DoD security
capabilities.

<LI>Support ARPA and NSA in evaluating proposals and managing projects
arising from their information systems security efforts, and maintain
a channel for the exchange of technical expertise to support their
information systems security research programs.

<LI>Provide long range strategic planning for information systems
security research.  Provide concepts of future architectures which
include security as an integral component and a road map for the
products that need to be developed to fit the architectures, taking
into account anticipated DoD information systems security research
needs for command and control, intelligence, support functions, and
electronic commerce.  The long range security program will explore
technologies which extend security research boundaries.

<LI>Develop measures of the effectiveness of the information systems
security research programs in reducing vulnerabilities.

<LI>Work with DISA, other defense organizations, academic, and
industrial organizations to take new information systems security
research concepts and apply them to selected prototype systems and
testbed projects.

<LI>Encourage the U.S. industrial base to develop commercial products
with built-in security to be used in DoD systems.  Develop alliances
with industry to raise the level of security in all U.S. systems.
Bring together private sector leaders in information systems security
research to advise the JTO and build consensus for the resulting
programs.

<LI>Identify areas for which standards need to be developed for
information systems security.

<LI>Facilitate the availability and use of NSA certified cryptography
within information systems security research programs.

<LI>Proactively provide a coherent, integrated joint vision of the
program in internal and public communications.
</OL>
<H3>Program Oversight and Revisions</H3>

The Director, ISSR-JTO, has a joint reporting responsibility to the
Directors of ARPA, DISA, and NSA.  The Director, ISSR-JTO, will
conduct a formal Program Status Review for the Directors of ARPA,
DISA, and NSA on an annual basis, and will submit mid-year progress
reports between formal reviews.  Specific reporting procedures and
practices of the JTO to ARPA, DISA, and NSA will be detailed in the
Joint Technology Management Plan.  This MOA will be reviewed at least
annually, and may be revised at any time, based on the mutual consent
of ARPA, DISA, and NSA, to assure the effective execution of the joint
initiative.  Any of the parties may withdraw from participation in the
MOA upon six months written notice.  The MOA is effective 2 April,
1995.<P>


<IMG
SRC="http://www.ito.darpa.mil/ResearchAreas/Information_Survivability/sigs4.gif"
ALT="Signatures of Dr. Gary L. Denman, Director ARPA; LtGen Albert J.
Edmonds, Director, DISA; VADM John M. McConnell, Director, NSA; Dr.
Anita K. Jones, Director, DDR&E; Emmett Paige, Jr., Assistant
Secretary of Defense for Command, Control, Communications and Intelligence"><P>

<P>

<address>
<HR>
<A
HREF="http://www.ito.darpa.mil/ResearchAreas/Information_Survivability.html">Return
to Information Survivability Page</A> <BR>
Direct comments concerning this WWW site to: <A
HREF="mailto:Webmaster at ito.darpa.mil">Webmaster at ito.darpa.mil</A></address>
</BODY>
</HTML>





From jsw at netscape.com  Thu Aug  1 05:12:22 1996
From: jsw at netscape.com (Jeff Weinstein)
Date: Thu, 1 Aug 1996 20:12:22 +0800
Subject: The "Secure" version of Netscape for Linux is *NOT*
In-Reply-To: <2.2.32.19960801033402.00fc1ab8@mail.teleport.com>
Message-ID: <32007B4F.300@netscape.com>


Alan Olsen wrote:
> 
> I just installed the "secure" version of Netscape off of the "US Only"
> download site.
> 
> Seems that it is actualy the international version and not the 128 bit version.
> 
> How many people have downloaded this version only to find that they
> downloaded something that they could have downloaded faster from a mirror
> site?  How many people have had their downloads slowed down due to people
> downloading insecure Linux versions from the US only site?
> 
> I think I have a justifiable reason to be pissed.
> 
> Another waste of my time...

  I just downloaded the tar file for linux, and it does contain
the US version.  What makes you think that you got the export
version?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From schryver at radiks.net  Thu Aug  1 05:40:15 1996
From: schryver at radiks.net (Scott Schryvers)
Date: Thu, 1 Aug 1996 20:40:15 +0800
Subject: FPGAs and Heat (Re: Paranoid Musings)
Message-ID: <199608010938.EAA02670@sr.radiks.net>


>At 12:42 AM 7/31/96 -0700, David Wagner wrote:
>>Those estimates assume that a single FPGA can break RC4 in hours.  I think
>>that is an extremely optimistic assumption, given the available public
>>information.  But perhaps NSA is orders of magnitude ahead of us in chip
>>design (unlikely) or orders of magnitude ahead of us in RC4 cryptanalysis
>>(and we're back to paranoid musings).
>
>>> If we assume a machine designed to break *every* message, NSA's response
>>> makes more sense.
>
>I feel like I'm leaning over backwards to defend NSA's response, an
>extremely uncomfortable position (and I could crack my skull when I fall)
>:-).  The most important issue is, what is NSA's state of the art.  If we
>accept their $1000/FPGA chip, then they are indeed at the bleeding edge,
>and suffering from the associated low chip yields.  If they are at the best
>cost-performance point for 2-3 years ago or whenever they started approving
>the export of RC4-40, then they are certainly subject to David Wagner's
>performance limits.
Sorry about mangling quotes. :(
This was about a year and a half ago.
I can't remember the name of it,  but this chip fab industry mag was
talking about how the NSA was obtaining out side help in fabricating what
was at the time a type of ram that did processing off chip in parrallel.

If the chip was basically routing the problem to different sectors and
the same sectors of ram did their own processing on different parts of the 
same problem how many powers of processing time would this increase the 
same amount of acerage?* 

* NSA term for processing. 

Side note: Wired just recently talked about IRAM or Intelligent ram, and 
how it seems to be the future of high speed computation.
PGP encrypted mail preferred.  
E-Mail me for my key.
Scott J. Schryvers <schryver at radiks.net>






From schryver at radiks.net  Thu Aug  1 06:19:20 1996
From: schryver at radiks.net (Scott Schryvers)
Date: Thu, 1 Aug 1996 21:19:20 +0800
Subject: New Clinton Administration Ping Policy
Message-ID: <199608011028.FAA03370@sr.radiks.net>


At 01:22 PM 7/31/96 -0700, you wrote:
>
>Press release:
>
>CLINTON ADMINISTRATION FACT SHEET: U.S. PING POLICY
>(Industry, international cooperation urged)
>
The sad thing here is that I can't tell if this is a joke or not.
:(
PGP encrypted mail preferred.  
E-Mail me for my key.
Scott J. Schryvers <schryver at radiks.net>






From daw at cs.berkeley.edu  Thu Aug  1 06:51:02 1996
From: daw at cs.berkeley.edu (David Wagner)
Date: Thu, 1 Aug 1996 21:51:02 +0800
Subject: Cracking RC4/40 for massive wiretapps
In-Reply-To: <199608010603.XAA19276@toad.com>
Message-ID: <4tq268$nsk@joseph.cs.berkeley.edu>


In article <199608010603.XAA19276 at toad.com>,
Bill Stewart  <stewarts at ix.netcom.com> wrote:
> When we discussed using FPGA machines to crack RC4/40 last year,
> someone calculated the cost of cracking a message at 8 cents

That was the keylength paper.  I think their estimate is way off.

But that's ok-- I do so like the ring of ``8-cent encryption'', even
if I think the derivation is technically dubious :-)

> is whether you can speed up performance substantially by cracking
> multiple messages at once.  For instance, if you've got known plaintext,
> such as a standard header format saying "FooVoice" or "BEGIN DSA-SIGNED..",
> you can try many keys and compare them with _many_ cyphertexts,

Not with SSL.

SSL uses a random 88-bit salt which is different for every session.
This attack doesn't work.  Fun to think about, though, eh? :-)

[ Unsalted 40-bit RC4 is super-dangerous, and there are all sorts of
nasty games one can play with it.  That's why you should avoid it. ]

>                                              Also, even for
> unknown-plaintext, since key scheduling is a relatively slow part of RC4/40,
> you can split the key-schedule and the block-encryption phases, feeding
> one keyschedule output to multiple decrypt-and-compare sessions in parallel.
> So the cost per victim of cracking many sessions may be much lower.

Same deal.


Keep those ideas flowing-- one of 'em is bound to work.
-- Dave Wagner





From meredith at ecid.cig.mot.com  Thu Aug  1 06:51:29 1996
From: meredith at ecid.cig.mot.com (Andrew Meredith)
Date: Thu, 1 Aug 1996 21:51:29 +0800
Subject: Security of Web registration of Lview Pro
Message-ID: <32008FD6.9A5@ecid.cig.mot.com>


Dear Sirs,

I was happy to find that you have put up an SSL form through which one
can register Lview Pro. I filled it in and pressed the button. My
browser then warned me that although the form was sent to me securely,
the data I was sending back was in the clear!

I had a look at the page source for:

  https://commerce.mindspring.com/www.lview.com/iregform.htm

and there is was:

<FORM METHOD="POST"
ACTION="http://www.std.com/Newbury/leonardo/cgi-bin/fp.exe"><P>
        ^^^^

Therefore the only thing protected by this "Secure Form" is the original
text of the form, rather than the credit card details. I know that:

    "If using an SSL Web browser such as Netscape or Microsoft
     Explorer, please click here to access a secure document."

doesn't actually *say* that your customers card details are secure, but
at first glance it sounded like it to me.

Whatever others may think about the rights and wrongs of it, my personal
policy is not to commit credit card details to open networks, unless
under strong encryption.

I look forward to your comments.

Andy Meredith





From gary at systemics.com  Thu Aug  1 06:52:05 1996
From: gary at systemics.com (Gary Howland)
Date: Thu, 1 Aug 1996 21:52:05 +0800
Subject: Jewell is the Militia Bomber!!!!
In-Reply-To: <ae25687f0102100499f1@[205.199.118.202]>
Message-ID: <320090AF.4DAA423A@systemics.com>


Timothy C. May wrote:
> 
> (P.S. I, too, was convinced Jewell was the guy. But in recent hours it is
> looking like a "rush to judgment" could be involved. There is strong
> pressure to "solve the crime" by the close of the Olympics on Sunday.)

Yes, a public hanging would be a fine way to end the Olympics.

After all, this is Georgia we're talking about ...

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From gary at systemics.com  Thu Aug  1 07:07:54 1996
From: gary at systemics.com (Gary Howland)
Date: Thu, 1 Aug 1996 22:07:54 +0800
Subject: Jewell is the Militia Bomber!!!!
In-Reply-To: <199608010522.WAA04374@mail.pacifier.com>
Message-ID: <3200924C.64880EEB@systemics.com>


jim bell wrote:
> 
> At 07:49 PM 7/31/96 -0700, Timothy C. May wrote:
> > 
> >2. They found a _shotgun_ in his cabin.
> 
> No, no, Tim.   The proper way to deliver this to a TV audience is, "They
> found an ARSENAL in his COMPOUND!"

Alternatively, describe the shotgun as a 50 caliber cannon.

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From WlkngOwl at unix.asb.com  Thu Aug  1 07:34:17 1996
From: WlkngOwl at unix.asb.com (Deranged Mutant)
Date: Thu, 1 Aug 1996 22:34:17 +0800
Subject: Cracking RC4/40 for massive wiretapps
Message-ID: <199608011151.HAA07754@unix.asb.com>



Wait a minute: RC4 is an OFB cipher.  The previous plaintext has no 
effect on the ciphertext.  Hence, an attacker with shitloads of 
storage capacity can generate some initial output for each key and 
test each pre-stored key against ciphertext for possible hits.  Using 
'flaws' in the key schedule (esp. if the key is based on a password 
rather than a hash of a password) one could search for 'more likely 
keys' first.

Rob
---
No-frills sig. Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl at unix.asb.com (root at magneto)
Send a message with the subject "send pgp-key" for a copy of my key.





From wwoelbel at midwest.net  Thu Aug  1 08:51:33 1996
From: wwoelbel at midwest.net (W.K. Woelbeling)
Date: Thu, 1 Aug 1996 23:51:33 +0800
Subject: crypto++ help
Message-ID: <199608011226.HAA27596@cdale1.midwest.net>


I recently downloaded the crypto++ class library and am having a bit of
trouble getting things to happen.  I have read the text on the
source-filter-sink concept and was able to create a DES file encryptor.
What I would like to do is use either blowfish or IDEA to encrypt a variable
length data stream.  Does anybody have experience with this library?  A
short code snippet or similar help would be appreciated.

Bill Woelbeling
wwoelbel at midwest.net






From rah at shipwright.com  Thu Aug  1 11:14:07 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Fri, 2 Aug 1996 02:14:07 +0800
Subject: Let's Say "No!" to Single, World Versions of Software
In-Reply-To: <Pine.LNX.3.95.960731154700.578A-100000@gak>
Message-ID: <v03007812ae266148e5d8@[206.119.69.46]>


At 5:16 PM -0400 7/31/96, Tom Weinstein wrote:
> The only thing they can revoke is their permission to provide it for
> download over the internet.  They can't revoke our permission to sell
> it in stores or via snail mail.

Which, of course, would kill your business.



Cheers,
Bob Hettinga


-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From rah at shipwright.com  Thu Aug  1 11:14:33 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Fri, 2 Aug 1996 02:14:33 +0800
Subject: Micali's rights to lightweight certificates etc.
Message-ID: <v03007827ae266b55420b@[206.119.69.46]>



--- begin forwarded text


Date: Wed, 31 Jul 1996 17:28:56 -0400
From: Silvio Micali <silvio at sunspot.tiac.net>
To: cme at cybercash.com, d.adams at xopen.co.uk, frantz at netcom.com, hallam at w3.org,
        rodney at sabletech.com, rsalz at osf.org, silvio at sunspot.tiac.net,
        spki at c2.org
Subject: Micali's rights to lightweight certificates etc.
Sender: owner-spki at c2.org
Precedence: bulk

Dear Carl:

Last April I was forwarded by Ron (Rivest) the
following e-message addressed to you:

     "[Re: Micali's lightweight certificates with hash chains]

      The mechanism maybe patented, but who owns the patent?
      I am aware of claims by two european groups who have
      payment schemes using a combined s/key and signed cert
      technique

      Pghill"


As I do not know the context of your conversation, it is hard for me
to guess which technology's rights the  above question refers to.
There are (at least) two possible technologies the question refers to.
Let me thus answer it in either case. I would appreciate if you could
pass this information to people you feel may be interested in it.
(I am trying to CC all the people CCed in the original message,
but  I am not sure that this reaches all the right people.)


                       RIGHTS INFORMATION

My efficient certificate revocation technology is itself based on my
off-line digital signature technology.

The efficient certificate certificate revocation technology has
been invented by me alone. I have filed for patent protection,
and the patent is currently pending with the U.S. Patent Office.

The underlying off-line signature technology has been invented
by Shimon Even, Oded Goldreich and me. The technology is protected by
U.S. Patent No. 5,016,274. The rights to this technology are only with me.

(The latter technology, among other things, covers the process of separating
the signing process into two stages: a OFF-LINE one --that can be performed
before knowing what the message to be signed is--- and an ON-LINE one
--which is typically performed when one knows exactly what he/she wishes
to sign. In the preferred embodiment,  in the off-line step,
the  signer uses the secret key SK of a first, conventional secret-public key
pair (SK,PK) to digitally sign the publick key, pk, of a
second, restricted but very fast, signature  scheme. In the on-line step,
the signer uses the second secret key --i.e., the one associated with pk--
in order to sign the desired message.

In particular, the second public key, pk, can be
obtained by evaluating k times a given one-way hash function on input
sk. After doing so, one can sign in an off-line step pk together with
a certificate serial number (and other information).
Then, in an on-line step, one can sign  that a certificate is being valid
for at at least i days --where i is between 1 and k--
by releasing the ith inverse of pk; that is, by releasing a value that,
hashed i times, yields pk.
You can thus see the connection between the two technologies.)

Both technologies are available for licensing.
If you or someone in your discussion group is aware of a company
using either technology, I would appreciate if you could facilitate a
contact between me and such a company, so that we can discuss possible
licensing arrangements.

The Efficient Certificate Revocation Paper is presented in
MIT Technical MIT/LCS/TM-542, dated November 95. A better version
appears in a March 1996 manuscript. Either version could be obtained
from me, if more convenient.

Off-Line Digital Signatures also appear in the Proceedings of
Crypto 89.  A better version can be found in
The Journal of Cryptography (1996) 9; pp. 35-67.
Any version is also obtainable from me, if more convenient.

Hope this helps answering the above ``rights'' question.
Thank you also in advance for forwarding the above information
to whomever you believe may be interested in it.

All the best,

Silvio

--- end forwarded text



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From editor at cdt.org  Thu Aug  1 11:29:46 1996
From: editor at cdt.org (Bob Palacios)
Date: Fri, 2 Aug 1996 02:29:46 +0800
Subject: CDT Policy Post 2.29 - Administration, Congress Propose Sweeping Anti-TerrorismInitiatives
Message-ID: <v02140b07ae26690e102b@[204.157.127.16]>


-----------------------------------------------------------------------------
    _____ _____ _______
   / ____|  __ \__   __|   ____        ___               ____             __
  | |    | |  | | | |     / __ \____  / (_)______  __   / __ \____  _____/ /_
  | |    | |  | | | |    / /_/ / __ \/ / / ___/ / / /  / /_/ / __ \/ ___/ __/
  | |____| |__| | | |   / ____/ /_/ / / / /__/ /_/ /  / ____/ /_/ (__  ) /_
   \_____|_____/  |_|  /_/    \____/_/_/\___/\__, /  /_/    \____/____/\__/
   The Center for Democracy and Technology  /____/     Volume 2, Number 29
----------------------------------------------------------------------------
      A briefing on public policy issues affecting civil liberties online
----------------------------------------------------------------------------
 CDT POLICY POST Volume 2, Number 29                        August 1, 1996

 CONTENTS: (1) Clinton Administration, Congress Propose Sweeping
               Anti-Terrorism Initiatives
           (2) How to Subscribe/Unsubscribe
           (3) About CDT, contacting us

  ** This document may be redistributed freely with this banner intact **
        Excerpts may be re-posted with permission of <editor at cdt.org>
         ** This document looks best when viewed in COURIER font **
-----------------------------------------------------------------------------

(1) CLINTON ADMINISTRATION, CONGRESS PROPOSE SWEEPING ANTI-TERRORISM
    INITIATIVES

In the wake of the recent bombing at the Olympics and the suspected
terrorist involvement in the TWA crash, the Clinton Administration and
members of Congress are proposing a set of sweeping counter-terrorism
initiatives. If enacted into law, these proposals will dramatically
increase law enforcement surveillance authority over the Internet and other
advanced communications technologies. An outline of the Administration's
proposal was circulated on Capitol Hill on Monday July 29.

President Clinton has urged Congress to pass new counter-terrorism
legislation before the Congressional recess at the end of this week.  While
several prominent Republican members of Congress, including House Speaker
Newt Gingrich (R-GA), have said publicly that Congress should not rush into
any new counter-terrorism legislation, most observers believe there is a
strong possibility that some or all of the Administration's proposal will
be enacted before the August recess.

The draft proposal contains several measures which were rejected by
Congress as part of the previous counter-terrorism initiative proposed
last year after the Oklahoma City bombing, as well as several new measures
including as-yet unspecified changes to U.S. encryption policy and funding
for the Communications Assistance for Law Enforcement Act (CALEA, a.k.a.
Digital Telephony).

CDT is concerned that the latest counter-terrorism efforts on Capitol Hill
are occurring without appropriate deliberation.  Major policy decisions
expanding the surveillance powers of law enforcement should not be made
without careful consideration of the necessity of such proposals and the
relative benefit to society. In the coming days and weeks, CDT will work
with Congressional leaders, privacy advocates, and the net.community to
ensure that constitutional civil liberties and the openness of the Internet
are protected as Congress considers counter-terrorism measures.
________________________________________________________________________

MAJOR POINTS OF THE COUNTER-TERRORISM PROPOSALS CIRCULATING ON THE HILL

The administration's new counter-terrorism initiative and other amendments
circulating this week in Congress contain numerous provisions, but four
are of particular concern to the net.community:

* New Threats to Encryption, Opposition to the Pro-CODE Bill
* Funding for Digital Telephony Without Public Accountability
* Amendment to Criminalize 'Bomb-Making' Information on the Internet
* Expanded Authority for Multi-Point, "Roving" Wiretaps

The full text of the Administration's proposal and background information
are available at CDT's counter-terrorism Web Page:

    http://www.cdt.org/policy/terrorism/

       --------------------------------------------------------

I. NEW THREATS TO ENCRYPTION, OPPOSITION TO THE PRO-CODE BILL

The Administration's outline contains the following statement on encryption:

 "* Encryption -- We will seek legislation to strengthen our ability to
    prevent terrorists from coming into the possession of the technology
    to encrypt their communications and data so that they are beyond the
    reach of law enforcement.  We oppose legislation that would eliminate
    current export barriers and encouraging the proliferation of encryption
    which blocks appropriate access to protect public safety and the
    national security."

While no specific legislative language has yet been proposed, this
represents the first statement by the Administration that they will seek
legislation to further restrict encryption.  Even more troubling, the
Administration is clearly attempting to use the recent suspected terrorist
incidents to push for a new and more restrictive encryption policy.

This new proposal comes as Congress is finally beginning to seriously
consider major changes in U.S. encryption policy. Bipartisan legislation
in both the House and Senate to relax encryption export controls is gaining
momentum.  The Senate Commerce Committee has held 3 hearings in the last 6
weeks, and is preparing to vote to send the Burns/Leahy "Pro-CODE" bill (S.
1726) to the floor of the Senate.  The Administration's attempt to leverage
the public's concern about terrorism to block passage of the Pro-CODE bill
is disturbing, and poses a significant threat to privacy and security on the
Internet.

CDT is working with members of Congress, privacy advocates, and the
communications and computer industries to oppose any attempt by the
Administration to impose new restrictions on encryption, and we continue to
work to move the bipartisan export relief legislation through Congress.

       --------------------------------------------------------

II. FUNDING FOR DIGITAL TELEPHONY WITHOUT PUBLIC ACCOUNTABILITY

The Administration is also seeking to override the public accountability
provisions of the Communications Assistance for Law Enforcement Act (CALEA
- a.k.a. 'Digital Telephony') by providing a funding for the law in a way
that prevents public oversight of the FBI's surveillance ability.

Enacted in October of 1994, granted law enforcement new authority to
influence the design of telecommunications networks (the Internet,
Commercial online services, and BBS's were exempted) in order to preserve
their ability to conduct court authorized electronic surveillance.

Congress balanced this new authority with a number of mechanisms to ensure
public accountability over law enforcement surveillance ability.
While complicated, the public accountability mechanisms are designed to
work as follows:

* Law enforcement provides telecommunications carriers, the Congress,
  and the public with notice of its surveillance capacity needs (i.e.,
  the number of simultaneous wiretaps in a given geographic location)
  with an opportunity for public comment.

* Based on an assessment of the reasonableness of the law enforcement
  surveillance capacity request, Congress appropriates money to cover
  the cost of modifications.  If Congress does not believe law
  enforcement has adequately justified its request, money will not be
  appropriated.

* Telecommunications carriers are not obligated to comply with the
  statute or make any capacity modifications without government
  reimbursement.

In October 1995, the FBI published its first notice of surveillance
capacity (see CDT Policy Post Vol. 1, No. 26).  The telecommunications
industry and privacy advocates used the public accountability provisions of
CALEA to respond to the FBI's request and argued that the FBI had not
adequately justified the extensive surveillance capability contained in the
request.  As a result, Congress has not yet appropriated funds and no
modifications have been made.

The FBI clearly believes that the public accountability provisions of CALEA
are working **too well**, and appears to be using the recent focus on
terrorism to push for a new funding mechanism which does not contain public
oversight.

CDT is fighting hard to ensure that the public accountability provisions of
CALEA, which have until now prevented the FBI from acquiring unnecessary
surveillance capacity, remain a part of the law, and will vigorously oppose
any effort by the FBI and the Clinton Administration to remove the last
opportunity for public oversight over law enforcement power.

       --------------------------------------------------------

III. THE AVAILABILITY OF 'BOMB-MAKING' INFORMATION ON THE INTERNET

Senator Dianne Feinstein (D-CA) has reintroduced an amendment to make it
illegal to disseminate information on how to construct explosives knowing
that the information will be used in furtherance of a federal crime.  The
amendment was adopted by the Senate earlier this month as part of a
Department of Defense Appropriations bill.  CDT believes that the vague
provisions of the Feinstein amendment could have a chilling effect on online
speech, needlessly duplicate existing criminal statutes, and should be
removed.

Feinstein first proposed the amendment as part of the 1995
counter-terrorism bill. The initial Feinstein amendment was extremely broad
and would have resulted in a flat ban on certain constitutionally protected
speech online.  After civil liberties advocates objected, Feinstein
narrowed her amendment substantially, although it was ultimately dropped
from the final terrorism bill signed in April 1996.

       --------------------------------------------------------

IV.  EXPANDED WIRETAP AUTHORITY

The Administration's proposal would also significantly expand current
wiretapping authority to allow multi-point (or "roving") wiretaps. This
would dramatically change surveillance authority to include wiretaps of
INDIVIDUALS instead of LOCATIONS.

This proposal would do away with the delicate balance between privacy and
law enforcement that Congress has struck over 30 years of wiretapping
legislation. Federal law has always required that wiretaps issue for a
specific location, to meet Fourth Amendment requirements. In 1986 Congress
introduced a narrow exception to this rule, only for cases where it could
be shown that the target was intentionally evading wiretaps by changing
facilities. The Administration proposal would completely remove this
standard, allowing so-called "roving taps" for any persons whose behavior
makes wiretapping difficult for law enforcement.

The administration proposed similar provisions in the spring of 1995 in the
wake of the Oklahoma City bombing. These provisions proved controversial in
Congress and were dropped from the final bill.

________________________________________________________________________

FOR MORE INFORMATION

For more information on the counter-terrorism proposals and their impact on
the Internet check out:

CDT's Counter-Terrorism Page:     http://www.cdt.org/policy/terrorism/
CDT's Encryption Policy Page:     http://www.cdt.org/crypto/
CDT's Digital Telephony Page:     http://www.cdt.org/digtel.html
Encryption Policy Resource Page:  http://www.crypto.com/

------------------------------------------------------------------------

(4) SUBSCRIPTION INFORMATION

Be sure you are up to date on the latest public policy issues affecting
civil liberties online and how they will affect you! Subscribe to the CDT
Policy Post news distribution list.  CDT Policy Posts, the regular news
publication of the Center For Democracy and Technology, are received by
nearly 10,000 Internet users, industry leaders, policy makers and
activists, and have become the leading source for information about
critical free speech and privacy issues affecting the Internet and other
interactive communications media.

To subscribe to CDT's Policy Post list, send mail to

     policy-posts-request at cdt.org

with a subject:

     subscribe policy-posts

If you ever wish to remove yourself from the list, send mail to the
above address with a subject of:

     unsubscribe policy-posts

-----------------------------------------------------------------------

(5) ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY/CONTACTING US

The Center for Democracy and Technology is a non-profit public interest
organization based in Washington, DC. The Center's mission is to develop
and advocate public policies that advance democratic values and
constitutional civil liberties in new computer and communications
technologies.

Contacting us:

General information:  info at cdt.org
World Wide Web:       URL:http://www.cdt.org/
FTP                   URL:ftp://ftp.cdt.org/pub/cdt/

Snail Mail:  The Center for Democracy and Technology
             1634 Eye Street NW * Suite 1100 * Washington, DC 20006
             (v) +1.202.637.9800 * (f) +1.202.637.0968

-----------------------------------------------------------------------
End Policy Post 2.29                                             8/1/96
-----------------------------------------------------------------------







From hfinney at shell.portal.com  Thu Aug  1 11:34:02 1996
From: hfinney at shell.portal.com (Hal)
Date: Fri, 2 Aug 1996 02:34:02 +0800
Subject: Cracking RC4/40 for massive wiretapps
In-Reply-To: <199608011151.HAA07754@unix.asb.com>
Message-ID: <199608011445.HAA06675@jobe.shell.portal.com>


RC4 is a stream cypher, so it produces a random stream which is XOR'd
with the plaintext to produce the cyphertext (and vice versa).  With the
old SSL there were spots of known plaintext, but I don't know if that is
the case now.  If you do have some, then you can recover the output of
the cypher.

5 bytes (40 bits) of output should generally determine the key.  So you
could build a massive lookup table indexed by the output which produces
the key.  This would have 2^40 entries (indexed by output values) each
of which was 5 bytes long (key values).  This would take approximately
5K gigabyte disks plus some PC's to attach them to.  Total cost, one to
a few million dollars, perhaps a bit less if you get them wholesale!
(The task of constructing the table is left as an exercise for the
reader.)

Then given that you know output you can quickly find the key.  No
search is involved, you just go to the PC which holds the range of
output values you are interested in, and do a single disk access.

Note that the known plaintext doesn't have to be contiguous, any five
bytes will do.  With fewer known bytes you can do a similar thing but
have a list of possible keys which can generate that set of output
bytes.

Hal





From cts at deltanet.com  Thu Aug  1 12:01:16 1996
From: cts at deltanet.com (Kevin Stephenson)
Date: Fri, 2 Aug 1996 03:01:16 +0800
Subject: VISA Travel Money
In-Reply-To: <2.2.32.19960801045505.00695c6c@gonzo.wolfenet.com>
Message-ID: <3200CBB7.74DE@deltanet.com>


Cerridwyn Llewyellyn wrote:
> 
> >> It's not as anonymous as cash, but it might draw a lot less
> >> attention in my circumstances.  I think it has a place in one's
> >> aresenal of privacy enchancing technologies.
> >
> >     This card has the value "written" when you "purchase" it right?
> >
> >    Any one wanna bet on how long it will take the "Hacker" Community
> >to figure out how to "refill" it? Otherwise all you have is a
> >debit card.
> 
> Interesting related story about DefCon:  for those of you who have been
> to Las Vegas, you know that many casinos have mag stripe cards that are
> issued for a variety of reasons, that are just as good as cash in the
> casino, but can't be used anywhere else.  Many use them as a sort of
> debit card for slot machines.  The story goes that a few DefCon attendies
> acquired a few of these cards from the Tropicana, and re-wrote the stripe
> to read that they had over 60,000 "points".  I guess they discovered that
> the card was re-written each time it was used.  Unfortunately for them,
> what they didn't discover was that the system also kept track on a
> computer somewhere, and the large difference between the computer's tally
> and the card's value set off numerous red flags, they found out relatively
> quickly when two Casino Security guards escorted them to the police station.
> Oops.  I can't help but wonder what would've happened if they only made
> the difference like 10 points instead of 60K?  These two people were not
> too bright, as they were staying at the Tropicana, and probably had all
> the equipment in their rooms.  If they were of age, I believe (depending
> on what they found in the room) they can each get multiple 15 year federal
> sentences.
> 
> Moral of the Story: Mag Stripe cards are never secure by themselves (the
> credit card companies mistakenly relied on security by obscurity and are
> feeling the painful effects still today), but have the potential to be secure
> if backed up by that kind of system.  However, it would only really be
> practical
> in a closed environment like a Casino.
> 
> Thus, for the sake of all the lovely banks I know and love, I hope they
> either A. choose something other than mag. stripes, or B. use them only as
> debit cards that are checked against a bank account when used.
> 
> //cerridwyn//

Those cards are not debit cards. They are used to track a players time
and money spent playing slots and other games. I have a stack of them. 
Whenever I go to the blackjack tables, I give mine to the pit boss
and he writes down the amount of money I am gambling with and time spent
at the table. 

The only thing the cards are used for is "comps". I get a free prime rib
dinner after playing for "x" amount of points. I think the case will
either get thrown out of court, or the casino will drop charges. Since
the points have no monetary value, the fraud charge probably will not
stick (if that is what they were charged with). The two hackers will
probably get a call from "Guido" reminding them never to step foot back
in Vegas.





From rpowell at algorithmics.com  Thu Aug  1 12:12:47 1996
From: rpowell at algorithmics.com (Robin Powell)
Date: Fri, 2 Aug 1996 03:12:47 +0800
Subject: "adjust your attitude with their billy club"
In-Reply-To: <ae24e2ee02021004242f@[205.199.118.202]>
Message-ID: <96Aug1.115045edt.20493@janus.algorithmics.com>


>>>>> In article <ae24e2ee02021004242f@[205.199.118.202]>, tcmay at got.net (Timothy C. May) writes:

    > At 6:28 AM 7/31/96, Alan Horowitz wrote:
    >> I am a strong libertarian. Sell crack cocaine, rent your pussy to horny
    >> middle-aged businessmen, do any non-violent,
    >> non-damaging-to-others-property you want, but damn well maintain public
    >> order and decorum. Or I will scream to my councilman for the cops to
    >> adjust your attitude with their billy club.

Someone please, please, please tell me this guy was being facetious.
Please?  Even if it's not true?  Pretty Please???

In a libertarian society, so-called "public decorum" is dictated by
who owns the property you are sitting on.  If my building code
(i.e. the code of laws set by the person who owns the building I live
in) says I can blast my boombox, your opinion can go to hell: find
another place to live if you don't like it.  Or petition the person
who owns the place.

Burning toxic waste is intrisically damaging to other people,
blasting your boombox is not (unless it is so loud as to actually
cause ear damage to bystanders, but given the volume of music
tolerated at rock concerts, I find this highly unlikely).

-Robin






From rpowell at algorithmics.com  Thu Aug  1 12:19:07 1996
From: rpowell at algorithmics.com (Robin Powell)
Date: Fri, 2 Aug 1996 03:19:07 +0800
Subject: "An who shall guard the guardians?"
In-Reply-To: <sNoyRD6w165w@bwalk.dm.com>
Message-ID: <96Aug1.113051edt.20490@janus.algorithmics.com>


>>>>> In article <sNoyRD6w165w at bwalk.dm.com>, dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM) writes:

    > Duncan Frissell <frissell at panix.com> writes:
    >> At 02:46 AM 8/1/96 -0700, Timothy C. May wrote:
    >> >
    >> >The Latin maxim "And who shall guard the guardians?" has some relevance to
    >> >the headlong rush into converting the U.S. into even more of a security
    >> >state than it is now.
    >> 
    >> Quis custodiet ipsos custodes?

    > Who custodiates the custodians?

Is this not slightly better translated as "who watches the watchers?"?
This is the way I have heard it stated, and it is _WAY_ too long since
I have studied Latin.  One of my great dissapointments is that,
despite having spent my entire school career (less university: I'm
only 20) in private schools, I couldn't take latin or greek except one
year of latin, after which the course was dropped.  Sigh.

-Robin, who really wanted a classical eduation.





From hua at chromatic.com  Thu Aug  1 12:23:54 1996
From: hua at chromatic.com (Ernest Hua)
Date: Fri, 2 Aug 1996 03:23:54 +0800
Subject: algorithms for verifying U.S. IP address ...
Message-ID: <199608011606.JAA23574@ohio.chromatic.com>


How does one verify that an IP address is coming from a U.S. site?
How do most FTP site (e.g. those which carry crypto) determine the
origins of a connection?

It seems to me that if the NSA/DoS is serious about keeping crypto
strong for U.S. internal use, then they would help establish a
method for U.S.-only interchange of this sort of software.  It is
clear, however, that they do NOT have an interest in helping with
this identification effort as it will thwart their own efforts at
tapping U.S. (er ... oh gee ... they're NOT suppose to do that,
right?  okay, they must not be doing it then ...)

Ern





From bdavis at thepoint.net  Thu Aug  1 12:54:56 1996
From: bdavis at thepoint.net (Brian Davis)
Date: Fri, 2 Aug 1996 03:54:56 +0800
Subject: Photo IDs (Re: A Libertine Question)
In-Reply-To: <ae24e032010210047fab@[205.199.118.202]>
Message-ID: <Pine.BSF.3.91.960801114946.8158A-100000@mercury.thepoint.net>


> ... 
> 
> And just what is a "true name" for the purposes of this law, anyway? Birth
> name? And what is that? What about people who marry, change names, etc.?
> Given that there is no "standard" for photo I.D.s, will my Official
> Cypherpunks Card count?
> 
> I can easily make my own photo I.D.s, or even order "fake I.D.s" from
> various mail-order outlets advertising in the Usual Places. If I show up at
> the airline with two photo I.D.s, one showing me to be "Security Officer
> Mickey Mouse" and the other showing me to be "Mickey Mouse, Internal
> Security Agency," will I be violating any laws?
> 
> --Mickey Mouse (I just changed my name--if you don't like it, FAA, fuck off)

Uh oh.  The hell with the FAA.  What about the Disney people?  Michael 
Eisner may sent Goofy to lean on you!

EBD
No longer a federal prosecutor!





From frissell at panix.com  Thu Aug  1 12:59:33 1996
From: frissell at panix.com (Duncan Frissell)
Date: Fri, 2 Aug 1996 03:59:33 +0800
Subject: Brain Tennis with Dorthy
Message-ID: <2.2.32.19960801155921.0085f7c0@panix.com>


I'm following the Brain Tennis Match between Dorothy Denning and John
Gilmore on encryption and the right to absolute privacy on Hot Wired
(http://www.hotwired.com/braintennis/96/31/index0a.html).

Were I a participant in this exercise, I would lob the following to Dorothy:

I have to assume that Dorothy believes in absolute privacy (in some areas).
I am assuming, for example, that she does not believe in torture as an
interrogation technique.  I assume, therefore, that she believes in absolute
privacy in the individual brain.  While she may support imprisonment (or the
threat of imprisonment) as an interrogation technique (jailing for
contempt), I think she would oppose bringing out the hot pokers.

I have a wider point to make but please indulge me for a moment.  The fact
that many wiretapping advocates oppose torture raises a host of absolutely
*fascinating* questions:

1)  If it were technically possible to compel us (without pain) to disclose
the contents of our mind, would Dorothy support the application of such
techniques to suspects (under judicial warrants or other lawful authority)?
That is, does the opposition to torture arise from squeamishness about pain
or from some residual recognition of the right of personal autonomy. 

2)  Would those who support wiretapping but oppose torture waive their
opposition to torture in certain cases.  That is, if the continued existence
of the United States or indeed Life on Earth were dependent on a bit of
information stored in the brain of a single person, would those who
countenance some invasions of privacy in the social interest allow torture
in these (admittedly) rare cases?

Back to the main thread:

Dorothy, if you oppose torture then you have granted the validity of John's
belief in absolute privacy.  You are merely quibbling about where that zone
of privacy ends.  You might say that the zone of privacy ends at the brain
but that is too narrow a range.  Personal autonomy exists in the technical
sense because only I command my thoughts.  Only I can order my muscles to
move.  I can be chained and tortured and even hooked up to some sort of
electrical apparatus to attempt to short circuit my muscular control and get
my hand to jump but such coercion is pretty crude.  If someone else wants me
to dance a Waltz smoothly or write a paragraph of original material, they
are going to need my cooperation (however secured).  My zone of absolute
privacy extends to those things I can directly control with my thoughts.  

This area also extends to communications.  If I arrange things such that no
one else can overhear me and whisper something to another person, then we
both share knowledge that can only be secured by others through torture (and
not always then) or through the decision of one of us to give it up.  The
same thought in two heads is still as much within the zone of privacy as
that thought within one head.  And so on multiplied by 1000.  The zone of
privacy arises from the inability of other people to directly command the
mind of one person or a thousand persons.  We have the control.  Absent
torture, you can't get it if we choose not to give it to you.

Note that this zone already extends beyond the brain case.  It travels down
our nerves to the tips of our fingers and toes.  We command those nerves and
that wiring represents an extension of our brain.  One of the things that we
can do with those nerves is to use them to generate signals of various
kinds.  This signal generation is *also* an extension of our brain.  It is
under our control.  If we like, we can arrange things so that no one else or
only the intended recipient can know our thoughts.  We have that power.  We
have used our zone of privacy to extend its scope.  We have done (continue
to do) it all from inside our brains.  We have not left that sanctuary --
that fortress built by the rejection of torture by advanced societies.

Therefore, if we develop the technical means to *extend* that zone of
privacy beyond our heads, bodies, and those we can whisper to, you can only
break the zone by the torture which you have already eschewed.  The nature
of the zone of privacy is not a grant from the State, it is the result of
our nature as independent *actors* and our collective decision (in the West
at least) to minimize the use of torture by governments.  

The Internet itself is an example of individual cooperation to extend
communications channels from one person to many (it was built by its users).
Those same users can, if they choose, use their autonomy to build in
security features of their collective design.  It belongs to them as their
minds belong to them.  It is an extension of those minds.

Dorothy, you or I may not like the thoughts or communications of specific
people but they have the same right to secure those thoughts and
communications if they choose to.

Now in reading all this, you may wonder what this has to do with key escrow
and Gang of Seven (G7) crypto policy.  Dorothy, as virtually the sole
non-government employee who supports Clipper and SKE, I believe you to be
unique in another way.  I think that you can be "saved" from tyranny (which
is always rough on the tyrants).  Unlike the government employees on your
side of the argument, you have generally not favored outlawing private use
of strong crypto.  We would like to separate you from them on this
fundamental question of personal autonomy.  The Century of Blood that the
world has just lived through at the hands of its governments (160 million
murdered) causes many of us to believe that some of your allies (who BTW
currently include the Kingdom of the Saud and the People's Republic of
China) would use torture and other very inhumane means to violate even our
traditional zone of privacy.

If you will merely grant to us the *morality* of our attempt to use the zone
of privacy which you have granted to us to extend that zone of privacy, we
will grant you an understanding of your fears of this new world (which many
of us share).  

Please, separate yourself absolutely from the torturers.

DCF






From tcmay at got.net  Thu Aug  1 13:25:24 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 2 Aug 1996 04:25:24 +0800
Subject: FPGAs and Heat (Re: Paranoid Musings)
Message-ID: <ae262b5b050210046227@[205.199.118.202]>


At 9:39 AM 8/1/96, Scott Schryvers wrote:

>This was about a year and a half ago.
>I can't remember the name of it,  but this chip fab industry mag was
>talking about how the NSA was obtaining out side help in fabricating what
>was at the time a type of ram that did processing off chip in parrallel.

This was a company in Bowie, Maryland, closely linked with the NSA and with
the "supercomputer centers." The idea of "processing in memory" has been
explored by various companies.

By the way, on the subject of using FPGAs for computers, here's a URL I
found that's interesting:

http://www.io.com/~guccione/HW_list.html

>Side note: Wired just recently talked about IRAM or Intelligent ram, and
>how it seems to be the future of high speed computation.

Side side note: I worked on Intel's "iRAM," standing for "intelligent RAM,"
in 1980-81. It found little market success. The idea of changing the
architecture of RAM bubbles up every few years, but has not yet succeeded
(except in some video-specific applications).

Cautionary Note: Bubble memories, laser pantography, integrated injection
logic, e-beam addressed memory, neural nets, Josephson junctions....

When you've watched the industry for enough years you'll learn to cast a
jaundiced eye on pronouncements that a technology is the Next Big Thing.
The above list--which covers only chips, not similar Next Big Things in
software--is a list of some of the things "Wired" would've hyped, had it
been published back then.

Most such announcements come out public relations departments at major
public labs, or from over-enthusiastic VCs. Or from claims made in papers
presented at the International Solid State Circuits Conference and similar
conferences. Reporters seeking stories then push the story.

The usual form of the press release goes something like this:

"The discovery of foobartronic switches may mean chips that are ten times
faster and one hundred times denser. Researchers say the foobartronic
revolution could reshape the entire industry..."

Few of the advances reported in "Wired" will ever see the light of day....
Some will, of course, but it's useful to remember that most of it is hype.

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jimbell at pacifier.com  Thu Aug  1 13:39:35 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 2 Aug 1996 04:39:35 +0800
Subject: fbi, crypto, and defcon
Message-ID: <199608011621.JAA28782@mail.pacifier.com>


At 10:13 PM 7/31/96 -0700, Cerridwyn Llewyellyn wrote:

>A more cynical view is that they are there to protect some of the biggest
>institutions of "organized crime" (ie: Congress, At&t, Microsoft, etc) who
>are ripping people off on a daily basis from the other organizations who
>refuse to play by their rules.

Speaking of AT+T, as I recall one of the incidents which preceded the 
introduction of Clipper was the news that AT+T was going to introduce an 
encrypted telephone using DES as the encryption algorithm.  According to the 
story, AT+T was "bought off" by the US government.   I haven't looked into 
that for a couple of years, but if we're looking for co-conspirators that 
would be a good place to start.  

Also:  Clipper was fabbed by VLSI Technology.  A few pointed inquiries might 
work wonders here.

Jim Bell
jimbell at pacifier.com





From tcmay at got.net  Thu Aug  1 13:41:58 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 2 Aug 1996 04:41:58 +0800
Subject: Internal Passports
Message-ID: <ae26305c070210048f37@[205.199.118.202]>


At 7:30 AM 8/1/96, Lucky Green wrote:
>At 11:12 7/31/96, Duncan Frissell wrote:

>>Most Central European countries have both privacy commissioners and legal
>>requirements that everyone register their addresses with the police.  I'll
>>do without the former if I can also avoid the latter.
>
>I remember a time when Privacy Commissioners were a new thing. Their
>primary purpose seemed to be to sanction government access to (and keeping
>of) large databases on the activities of the population. Their secondary
>purpose was to prevent the private sector competition from doing the same.
>Eliminating access to such data by the individual in the process.

I'm with Duncan and Lucky on this one. Nations with a "Privacy Ombudsman"
are almost always nations with extensive files on individuals, their
habits, and their political activities.

Having a "Privacy Ombudsman" is a bone thrown to the proles. I suspect a
police state like Singapore has such a person.

And related to the "photo I.D." discussion, most of these nations demand
that passports be left at hotel desks when checking in. (At least they did
when I spent 6 weeks travelling through Europe in 1983.) Perhaps the theory
is that this stops people from running out on their bills, though credit
cards do the same thing (*). However, the police reportedly inspect these
passports and enter them into data bases to track movements.

(* As the credit card companies increase their cooperation with law
enforcement, a la the links between FinCEN and the Big Three credit
reporters,  the passports will no longer be necessary, and the process of
tracking movements can be done just with the credit cards. Those without
credit cards...well, they'll think of something.)

Question (a la "Wired"): "When will the United States introduce an internal
passport?"

May: "2005, but they won't call it that."


--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From sameer at c2.net  Thu Aug  1 13:42:59 1996
From: sameer at c2.net (sameer)
Date: Fri, 2 Aug 1996 04:42:59 +0800
Subject: Let's Say "No!" to Single, World Versions of Software
In-Reply-To: <31FFCD1E.3F54@netscape.com>
Message-ID: <199608011714.KAA08903@clotho.c2.org>


> The only thing they can revoke is their permission to provide it for
> download over the internet.  They can't revoke our permission to sell
> it in stores or via snail mail.

	Where do you get this idea? Got an inside track into the minds
of the supreme court?

-- 
Sameer Parekh					Voice:   510-986-8770
Community ConneXion, Inc.			FAX:     510-986-8777
The Internet Privacy Provider
http://www.c2.net/				sameer at c2.net





From frissell at panix.com  Thu Aug  1 13:43:12 1996
From: frissell at panix.com (Duncan Frissell)
Date: Fri, 2 Aug 1996 04:43:12 +0800
Subject: Welcome Back
Message-ID: <2.2.32.19960801164920.0087e858@panix.com>


At 11:51 AM 8/1/96 -0400, Brian Davis wrote:

>Uh oh.  The hell with the FAA.  What about the Disney people?  Michael 
>Eisner may sent Goofy to lean on you!
>
>EBD
>No longer a federal prosecutor!

Welcome back.  I missed your posts.

Do you have an honest job or are you still taking the King's Shilling?

DCF






From bdavis at thepoint.net  Thu Aug  1 14:02:53 1996
From: bdavis at thepoint.net (Brian Davis)
Date: Fri, 2 Aug 1996 05:02:53 +0800
Subject: Welcome Back
In-Reply-To: <2.2.32.19960801164920.0087e858@panix.com>
Message-ID: <Pine.BSF.3.91.960801125001.8158H-100000@mercury.thepoint.net>



> At 11:51 AM 8/1/96 -0400, Brian Davis wrote:
> 
> >Uh oh.  The hell with the FAA.  What about the Disney people?  Michael 
> >Eisner may sent Goofy to lean on you!
> >
> >EBD
> >No longer a federal prosecutor!
> 
> Welcome back.  I missed your posts.

Thanks.

> 
> Do you have an honest job or are you still taking the King's Shilling?

I have opened a law practice.  Just this morning, I visited a client (in 
jail) charged with conspiracy to distribute cocaine  ...  in other words, 
one of the Four Horsemen. They checked me for weapons, etc., upon entry, 
but no one asked about any cryptographic munitions.

Brian


> 
> DCF
> 
> 





From vinnie at webstuff.apple.com  Thu Aug  1 14:08:07 1996
From: vinnie at webstuff.apple.com (Vinnie Moscaritolo)
Date: Fri, 2 Aug 1996 05:08:07 +0800
Subject: A Libertine Question
Message-ID: <v03007808ae26a39f39a2@[17.203.21.77]>


I think Bob Dole understands the needs for privacy rights for animals..

the following verbatim account of a segment of a Bob Dole appearance a week
or so ago at a cotton cooperative in Bakersfield, California

"My wife was here six days last week, and she'll be back next week,
and she does an outstanding job. And when I'm elected, she will not be
in charge of health care. Don't worry about it. Or in charge of
anything else. (Muffled crowd gasp.) I didn't say that. It did sort of
go through my mind. But she may have a little blood bank in the White
House. But that's all right. We need it. It doesn't cost you anything.
These days, it's not all you give at the White House - your blood. You
have to give your file. I keep wondering if mine's down there. Or my
dog. I got a dog named Leader. I'm not certain they've got a file on
Leader. He's a schnauzer. I think he's been cleaned. We've had him
checked by the vet but not by the FBI or the White House. He may be
suspect, but in any event, we'll get into that later. Animal rights or
something of that kind. But this is a very serious election."


Vinnie Moscaritolo
"Law - Samoan Style"
http://www.vmeng.com/vinnie/
Fingerprint: 4FA3298150E404F2782501876EA2146A







From ichudov at galaxy.galstar.com  Thu Aug  1 14:16:30 1996
From: ichudov at galaxy.galstar.com (Igor Chudov)
Date: Fri, 2 Aug 1996 05:16:30 +0800
Subject: IPSEC for Linux
Message-ID: <199608011800.NAA29524@galaxy.galstar.com>


Hello,

Is there an implementation of IPSEC for Linux?

Thanks,

	- Igor.





From hfinney at shell.portal.com  Thu Aug  1 14:17:20 1996
From: hfinney at shell.portal.com (Hal)
Date: Fri, 2 Aug 1996 05:17:20 +0800
Subject: Cracking RC4/40 for massive wiretapps
In-Reply-To: <199608011151.HAA07754@unix.asb.com>
Message-ID: <199608011709.KAA17457@jobe.shell.portal.com>


When I wrote my previous message about the use of lookup tables, I forgot
about the use of salt, extra key bits which vary per message and are sent
in the clear.  That defeats the table lookup approach for searching for
messages which were encrypted with a given key.  There are really 128 key
bits per message, with 40 of them kept secret.

Hal





From jimbell at pacifier.com  Thu Aug  1 14:21:13 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 2 Aug 1996 05:21:13 +0800
Subject: CDT Policy Post 2.29 - Administration, Congress Propose Sweeping Anti-Terrorism Initiatives
Message-ID: <199608011743.KAA03854@mail.pacifier.com>


At 10:03 AM 8/1/96 -0400, Bob Palacios wrote:

>   The Center for Democracy and Technology  /____/     Volume 2, Number 29
> CDT POLICY POST Volume 2, Number 29                        August 1, 1996
>I. NEW THREATS TO ENCRYPTION, OPPOSITION TO THE PRO-CODE BILL
>The Administration's outline contains the following statement on encryption:
> "* Encryption -- We will seek legislation to strengthen our ability to
>    prevent terrorists from coming into the possession of the technology
>    to encrypt their communications and data so that they are beyond the
>    reach of law enforcement.  We oppose legislation that would eliminate
>    current export barriers and encouraging the proliferation of encryption
>    which blocks appropriate access to protect public safety and the
>    national security."
>
>While no specific legislative language has yet been proposed, this
>represents the first statement by the Administration that they will seek
>legislation to further restrict encryption.  Even more troubling, the
>Administration is clearly attempting to use the recent suspected terrorist
>incidents to push for a new and more restrictive encryption policy.

Even though it may be obvious to the crypto-savvy people in CP, since this 
press release is directed at a somewhat wider audience it would be useful to 
point out that none of these recent terrorist incidents involved encryption 
at all.  

>The Administration's attempt to leverage
>the public's concern about terrorism to block passage of the Pro-CODE bill
>is disturbing, and poses a significant threat to privacy and security on the
>Internet.

Same point.  Unless you mention that encryption wasn't a factor at all, you 
risk leaving the (unsophisticated) reader with the implication that there 
was, indeed, some crypto angle to these incidents.  Like it or not, that's 
the way public discourse seems to be done these days:  Unless a point is 
specifically challenged, implicitly it is deemed ceded to the claimant.  

Sure, Clinton did not actually claim that encryption was a factor, but it 
was there by implication, and the average citizen seeing his proposals would 
come to that conclusion.   Denying this specifically, you'd be "points 
ahead" and would be in a better position to shut down those trying to 
restrict encryption.





Jim Bell
jimbell at pacifier.com





From m5 at vail.tivoli.com  Thu Aug  1 14:24:49 1996
From: m5 at vail.tivoli.com (Mike McNally)
Date: Fri, 2 Aug 1996 05:24:49 +0800
Subject: Internal Passports
In-Reply-To: <ae26305c070210048f37@[205.199.118.202]>
Message-ID: <3200ED63.C96@vail.tivoli.com>


Timothy C. May wrote:
Tim wrote:
> I'm with Duncan and Lucky on this one. Nations with a "Privacy Ombudsman"
> are almost always nations with extensive files on individuals, their
> habits, and their political activities.

That reminds me:  I thumbed through BiBi's terrorism book (the one D.S.
certified as prerequisite reading for particpation in intelligent
discussions about something-or-other) at B&N the other day.  It's a
pretty thin book.  Most of it seems to be about the rise of the Moslem
Menace and how the Sultan's hordes will soon be upon us all.  The last
chapter outlines all the "necessary measures" governments must take
to stamp out the wildfire of terrorism.  Same old same old, mostly,
like allowing suspects to be held without charges, allowing warrantless
searches (I think), thorough weapon registration, and so on.  The last
one (or next-to-last; I think the last one is "brainwash the populace
into thinking this is all a good idea") is about establishing a 
periodic "civil liberties review panel".

Yeah right.


______c_____________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX    * For the time being,
       m5 at tivoli.com * m101 at io.com          *    
      <URL:http://www.io.com/~m101>         *    three heads and eight arms.





From tcmay at got.net  Thu Aug  1 14:28:22 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 2 Aug 1996 05:28:22 +0800
Subject: Blurring the Chains of Causation
Message-ID: <ae2633210802100435c1@[205.199.118.202]>



An unusual thread name, "Blurring the Chains of Causation."

What I mean is this:

- the U.S. legal system has been blurring, or confusing, the chain of
cause-and-effect in crimes

- Example: allowing suits by insurance companies and states against tobacco
companies. A smoker gets cancer by his actions, and it used to be that this
was his action, his responsibility. Now, we hold tobacco companies liable,
and perhaps will someday hold executives of these companies criminally
liable. (This for a product which is not illegal, mind you.)

(There are a bunch of related examples. "Civil liability" is a major way
this blurring is happening. Gun manufacturers being sued for crimes
committed with their guns, ladder makers sued by the families of criminals
who leaned ladders up against electrified fences, and so on. How long
before a bookstore is sued for "allowing" a book to be bought by someone
who later is "inspired" to commit a crime--actually, John Grisham ("The
Firm") is involved in a lawsuit against Oliver Stone for his film, "Natural
Born Killers," which Grisham claims "inspired" a murder. This has got to
stop, in my opinion.)

- "They made me do it" defenses. Hostess Twinkies are implicated in the
brutal murder of San Francisco's mayor and a city councilman. Childhood
abuse is exculpatory in other cases. Psychobabblers blather about what
caused people to behave as they did. A mass murderer says pornography made
him kill 25 women. A lawyer claims his client's son committed suicide after
listening to heavy metal music. And so it goes.

This blurring has links to cryptography, bomb-making instructions on the
Net, availability of porn on the Net, and many other things.

To cut to the chase:

- a librarian who "allows" a person to check out "The Anarchist Cookbook"
is *not* causing a crime, though much of the rhetoric one hears is
otherwise.

- the _author_ of that book (Powell, allegedly) is *also* not causing a crime.

- the _publishers_ of that book (Lyle Stuart, as I recall--my copy is not
handy) also have not committed any crime

To make things clear, some of the language being proposed in the
rush-to-law about anti-terrorism, wiretapping, anti-encryption, etc. As
Sen. Feinstein puts it, "We hope we can wrap up the repeal of the Bill of
Rights and have it on President Clinton's desk before the close of the
Olympics on Sunday." :-(

- if I _advocate_ strong crytography, avoidance of taxes, undermining of
government power, crypto anarchy, etc., I have not committed any crime
(Caveat: advocating the violent overthrow of the U.S. government apparently
is a crime, as are certain forms of conspiracy, a la RICO, tax evasion,
etc.)

- if I _use_ strong cryptography, I have not committed any crime, ipso
facto, nor am I necessarily conspiring to commit any crime

And so on.

Many of the proposed restrictions seek to further blur this chain of
causation, by making someone who provides access to materials which _may_
later be used in a crime, or which may "inspire" someone to crime, a kind
of criminal.

The trend picked up steam with the "deep pockets" precedents in the 70s
(*), was fed by the blame-passing psychobabble of the same decade, and has
now reached its present state by a willingness of the courts to hear such
cases.

People who actually commit real crimes are the criminals, not those who
sold them Hostess Twinkies without first checking their blood sugar level.
Not those who let a library patron look at a "dangerous" book. And not
those who provided strong cryptographic tools which _might_ be used by
terrorists, pedophiles, and money launderers.

--Tim May

(* "deep pockets" -- If there are N parties in a lawsuit, and one of them
shares only 5% of the (putative) blame but has 95% of the overall assets,
go after the party with the "deepest pockets." This forced Cessna and
Piper, the leading light aircraft firms at one time, to stop selling light
aircraft. The example with Oliver Stone being sued is a clear case of
this.)

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From usura at replay.com  Thu Aug  1 14:50:07 1996
From: usura at replay.com (Alex de Joode)
Date: Fri, 2 Aug 1996 05:50:07 +0800
Subject: algorithms for verifying U.S. IP address ...
Message-ID: <199608011712.TAA15658@basement.replay.com>


Ernest Hua (hua at chromatic.com) wrote:
: How does one verify that an IP address is coming from a U.S. site?
: How do most FTP site (e.g. those which carry crypto) determine the
: origins of a connection?

What's the use ? It makes it only nominally more difficult to access
an US crypto site, one needs first to esthablish an US beachhead ie.
open an US account, and ftp the eleet crypto warez using the newly
created US account as an intermediary. 

So the next step will be a tag that a user is an 'alien' ?

bEST Regards,
--
  Alex de Joode  | Replay IP Service & Web DZign  --  The Netherlands
usura at replay.com | http://www.replay.com       mailto:info at replay.com






From anonymous-remailer at shell.portal.com  Thu Aug  1 14:59:16 1996
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Fri, 2 Aug 1996 05:59:16 +0800
Subject: A funny thing happend to my data on the way to the bank
Message-ID: <199608011745.KAA19325@jobe.shell.portal.com>


---------- Forwarded message ----------

The Prime Minister's Social Security Number
Prime Minister Binyamin Netanyahu's US Social Security Number is
172-42-6111, according to the Boston  Consulting Group in Massachusetts,
which employed Netanyahu for about one-year during 1979-80.=20

The number indicated by the marketing firm contradicts information contained
in a credit report by  the US federally-regulated Transunion Company, pulled
from company files during the first days of July.  According to that report,
Netanyahu and an American named   John J. Sullivan both used Social Security
number 020-36-4537.

Questions were raised in the reports as to whether  Netanyahu had attempted
to create a false identity or had used a number which was not his.
Publication of the credit report findings, and later  reports indicating
that Netanyahu's name had suddenly been deleted from Transunion's files,
raised additional questions about possible computer break-ins into the
company's records.

Netanyahu aides have repeatedly claimed that the prime minister does not
remember his number. In order to untangle Netanyahu from the issue, aides
three weeks ago,   asked US officials to provide his number. According to
the Prime Minister's Office, that request has yet to be answered.
(Jerusalem Post e-mail Edition..7/31.. heather at jpost.co.il).
=20








From froomkin at law.miami.edu  Thu Aug  1 15:15:31 1996
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Fri, 2 Aug 1996 06:15:31 +0800
Subject: [off-topic] domain name server needed
Message-ID: <Pine.SUN.3.95.960801145635.1688O-100000@viper.law.miami.edu>


Does anyone have access to a DNS server that they can use to list a very
small number of start of authority records for me for a minor experiment? 

[This message may have been dictated with Dragon Dictate 2.01. 
Please be alert for unintentional word substitutions.]

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here!  And humid!






From mpd at netcom.com  Thu Aug  1 15:41:23 1996
From: mpd at netcom.com (Mike Duvos)
Date: Fri, 2 Aug 1996 06:41:23 +0800
Subject: FPGAs and Heat (Re: Paranoid Musings)
In-Reply-To: <ae262b5b050210046227@[205.199.118.202]>
Message-ID: <199608011848.LAA11828@netcom13.netcom.com>


Timothy C. May writes:

> This was a company in Bowie, Maryland, closely linked with the NSA and with
> the "supercomputer centers." The idea of "processing in memory" has been
> explored by various companies.

That's one of the things that killed Thinking Machines.  It turned out
that a standard supercomputer with PIM chips for memory could give the
same performance for less money.  The PIMs did the massively parallel
computation with the standard architecture redistributing data as needed
using high bandwidth scatter-gather operations and moves.

At the time Thinking Machines went under, Seymour Cray had a big contract
for Cray Computer to deliver a PIM Cray machine to the government, but he
missed some deadlines, got cancelled, and his company went down the tubes
as well.  Too bad, it would have been a nice box. 

BTW, I gave up trying to predict innovations after being dragged down to 
see an early version of Visi-Calc running on an Apple, and horribly 
insulting the developers with comments like "But why would anyone want 
to emulate a ledger sheet?" and "I hope you guys didn't spend a lot of
time on this."  After repeating such performances at startups like Lotus
and Infocom, I realized that predictive history was not one of my talents.

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $







From m1tca00 at FRB.GOV  Thu Aug  1 15:42:25 1996
From: m1tca00 at FRB.GOV (Thomas C. Allard)
Date: Fri, 2 Aug 1996 06:42:25 +0800
Subject: CDT Policy Post 2.29 - Administration, Congress Propose   Sweeping Anti-Terrorism Initiatives
In-Reply-To: <199608011743.KAA03854@mail.pacifier.com>
Message-ID: <3200FAEB.92A@frb.gov>


jim bell wrote:
> 
> At 10:03 AM 8/1/96 -0400, Bob Palacios wrote:
> 
> >   The Center for Democracy and Technology  /____/     Volume 2, Number 29
> > CDT POLICY POST Volume 2, Number 29                        August 1, 1996
> >I. NEW THREATS TO ENCRYPTION, OPPOSITION TO THE PRO-CODE BILL
[...]
> 
> Sure, Clinton did not actually claim that encryption was a factor, but it
> was there by implication, and the average citizen seeing his proposals would
> come to that conclusion.   Denying this specifically, you'd be "points
> ahead" and would be in a better position to shut down those trying to
> restrict encryption.

When Clinton closed Pennsylvania Avenue to vehicular traffic, he cited
the
private plane that crased on the South Lawn as one of the reasons for
the
tighter security.  But closing the road north of the White House would
surely
not have kept an airplane at bay.

If the Feinstein amendment passes (outlawing "bomb-making information"),
will
the Congressional Record be censored?  Will Joe Biden be held
accountable for
making the material available?

-- 
rgds-- TA  (tallard at frb.gov)
I don't speak for the Federal Reserve Board, it doesn't speak for me.
pgp fingerprint: 10 49 F5 24 F1 D9 A7 D6  DE 14 25 C8 C0 E2 57 9D





From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  1 15:47:28 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 2 Aug 1996 06:47:28 +0800
Subject: Attempted balance... too far on the security side
Message-ID: <01I7RK3PK2HG8Y4XIK@mbcl.rutgers.edu>


	Mixed messages, definitely. For one thing, people appear not to be
realizing that even with terrorism, trains and airplanes are still safer per
passenger mile than automobile. Driving people to drive more (no pun intended)
isn't going to save any lives. Besides which, if I've got an emergency flight
to catch, I may be willing to take the risk. Is there some reason that all
flights must be held to the same security, so long as everyone getting on
knows what level of security that is? Moreover, the suggestion of greater
humint bears with it infiltration (and possible agent procacateurship of)
any group that the government doesn't like.
	-Allen

>America's dilemma: Balancing security and an open society

>   _(c) Copyright 1996 Nando.net_
   
>    Associated Press
    
>   WASHINGTON -- after the bombing at the olympics and the loss of twa
>   flight 800, americans grappled sunday with how to maintain security in
>   a society that prizes individual liberty above all.
   
>   Travelers said they would accept longer delays for better baggage
>   checks and politicians reopened debate over thorny provisions cut from
>   an antiterrorism bill. But many weighed the desire for safety against
>   the pleasures of an open society.
   
>   "We must never accept as a fact of life that we will have to live with
>   terrorism," said Deputy Attorney General Jamie Gorelick. "We must and
>   will come up with the tools to prevent these events."
   
>   But Gorelick conceded there may be a price. "Balancing the competing
>   interests in openness and security will be something that will be a
>   subject for all of us for many years to come," she told NBC's "Meet
>   the Press."
   
[...]

>   Joyce Lee, catching a train home to Newark, Del., from Washington's
>   Union Station on Sunday, said she's "a little leery about travel these
>   days."
   
>   "You don't know when you're going to get it. A bomb could go off
>   anywhere, anytime," she said. "I would definitely be willing to go
>   through more security because safety and having to wait a few extra
>   minutes is worth it."
   
>   Security consultants predicted public pressure would force greater
>   restrictions in public places and increased scrutiny at airports. But
>   others noted that security was tight at the Olympics before the
>   bombing, and warned that adopting a police-state mentality would
>   represent defeat.
   
>   "I don't want to see the terrorists win by, in effect, revoking our
>   Constitution," Sen. Patrick Leahy, D-Vt., said on Fox's "News Sunday."
   
>   A terrorist can always move on to the next target. If airports are
>   sealed, will train stations be safe? How about movie theaters?
   
>   "Ultimately the question is, can you protect perfectly in public
>   places?" said Atlanta Mayor Bill Campbell. "And the answer is no."
   
[...]

>   The antiterrorism bill that Clinton signed earlier this year applied
>   the death penalty to terrorism convictions and provided $1 billion for
>   law enforcement to fight terrorists.
   
>   But a provision to allow the FBI to wiretap all phones used by a
>   suspected terrorist was dropped and one requiring explosives
>   manufacturers to insert chemical tracers in their products was
>   weakened.
   
>   Gingrich said Sunday that he was willing to revisit those issues, but
>   that a proposal to allow police to conduct so-called "roving wiretaps"
>   was too great an intrusion of privacy.
   
>   "Our system is designed to go slowly, frankly, to protect freedoms,"
>   he said on "Meet the Press."
   
>   Sen. Sam Nunn, D-Ga., said that despite the recent incidents, the Cold
>   War's end has produced a period of relative safety for the United
>   States.
   
[...]

>   But he warned that unless steps were taken to block terrorists from
>   obtaining weapons-grade uranium or chemical weapons, Americans might
>   soon be longing for the days of the simple pipe bomb.
   
>   The key to fighting terrorism, he said, was increasing the United
>   States' ability to gather human intelligence -- information often
>   gathered covertly by infiltrating terrorist groups or spying on their
>   sponsors.





From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  1 15:51:35 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 2 Aug 1996 06:51:35 +0800
Subject: Three on Clinton, one not crypto-related but positive
Message-ID: <01I7RL42XWAO8Y4XIK@mbcl.rutgers.edu>


	This first one is about as expected. I'm disappointed in Gingrich for
being so conciliatory, and not pointing out (as the person from the ACLU did)
that there's no evidence whatsoever that such expanded governmental powers
would have done anything to stop the TWA (possible) bombing - and evidence that
it would do nothing whatsoever to stop events like the Olympic bombing.

>Clinton calls for expanded measures against terrorism

>   _(c) Copyright 1996 Nando.net_
   
>    New York Times
    
>   NEW ORLEANS -- Spurred by the bombing at the Atlanta Olympics,
>   President Clinton Sunday called on Congress to pass expanded measures
>   against terrorism -- including new federal wiretapping authority --
>   that were dropped from the anti-terrorism bill passed last spring.
   
>   Clinton called on the congressional leadership from both parties to
>   join him and the director of the FBI, Louis J. Freeh, at the White
>   House on Monday to discuss additional steps the government might take
>   to combat terrorism. Speaker Newt Gingrich expressed willingness to
>   consider such measures and said he believed some agreement could be
>   worked out.

[...]

>   Clinton originally proposed such markers, and expanded authority to
>   let the FBI wiretap suspected terrorists or groups who are moving from
>   place to place, after the Oklahoma City bombing in April 1995, but the
>   measures were among those that fell out of the final bill. In an
>   unusual alliance, civil liberties groups and advocates of gun rights
>   joined forces to argue that the wiretapping expansion, in particular,
>   would violate constitutional rights of privacy and free association.
   
[...]

>   Speaking Sunday morning on the NBC News program, "Meet the Press,"
>   Gingrich said there was "a possibility" of reaching an agreement on
>   both issues, given the bombing in Atlanta and the suspicions that a
>   bomb may have brought down Trans World Airlines Flight 800.
   
>   He said that he thought Congress should "re-approach" the issue of
>   wiretapping, and that questions concerning the chemical markers were
>   "going to be negotiated." The Olympic bomb, he said, "shows you why
>   people are looking at that particular solution."
   
>   "I believe that the more there is terrorism, the more pressure we're
>   under to find systematic ways to solve it," said Gingrich, who had
>   opposed the proposals on chemical markers and wiretapping when the
>   administration made them.
   
[...]

>   Clinton said the Group of 7 industrialized nations will meet on the
>   issue of terrorism in a few weeks. Announced at the summit of the
>   group in Lyons, France, last month, the meeting is intended to promote
>   international cooperation among police and intelligence agencies,
>   traditionally reluctant to share information, even among allies.
   
[...]

>   In an interview Sunday, Schumer said that law-enforcement agencies
>   needed to be able to obtain telephone records of both incoming and
>   outgoing calls of suspects in international terrorism cases; to
>   monitor communications over digital networks, to keep up with
>   criminals who may activate a new cellular phone every few days, and
>   otherwise to stay abreast of the communications revolution.
   
>   Schumer said Gingrich was among those who "did everything they could
>   to weaken the bill" the first time it was passed. "Any time the NRA or
>   any of these far right groups sneezed, they jumped," he said.
   
>   Gingrich suggested Sunday that he favored an approach that would allow
>   monitoring of a suspect's calls across any number of telephones, but
>   said that should not mean that any phone that happened to be used by a
>   suspect could be monitored when other people were using it.
   
>   Ever since the TWA flight went down shortly after its departure from
>   John F. Kennedy Airport on July 17, FBI agents have been using the
>   attendant publicity to press the case for broader wiretapping
>   authority. The chief FBI officer on the scene of the disaster, James
>   Kallstrom, has repeated this plea.
   
>   But there continues to be some resistance to some of these ideas in
>   Congress.
   
>   "We're not prepared to extend wiretapping," said Sen. Arlen Specter, a
>   Pennsylvania Republican, in an interview on the CNN program Evans &
>   Novak on Saturday. "There was a judgment made in the Congress that
>   we're prepared to give up that bit of security for that bit of
>   freedom. And I think that's a wise judgment."
   
>   Laura W. Murphy, the director of the Washington office of the American
>   Civil Liberties Union, said the FBI was using terrorism to bolster its
>   arguments for techniques that it really wants to use in more typical
>   criminal cases.
   
>   "The idea that these roving wiretaps are going to lead to new
>   developments in our ability to fight terrorism is a big myth," she
>   said.
   
>   She said that only a minute fraction of wiretaps involve crimes of
>   terrorism, and that the new types of wiretaps the FBI seeks are more
>   invasive and more likely to track innocent parties than the old kinds.
   
	This one is the promised positive one on Clinton.

>   Centura

>     OLYMPIC IRAQI WEIGHTLIFTER WHO CARRIED FLAG DEFECTS TO UNITED STATES

>      Copyright &copy 1996 Nando.net
>      Copyright &copy 1996 The Associated Press
      
>   Ahmed said Iraqi officials had told the country's delegation to turn
>   their heads away from President Clinton while marching in the opening
>   ceremony because Clinton and former President Bush "wanted to destroy
>   Iraq."
   
>   "Everybody else in our group looked away from President Clinton. They
>   were not men. But I turned my head and looked at him and I could not
>   believe my eyes. He was standing and applauding for us," the Times
>   quoted Ahmed as saying. "I know that if the games were in Iraq, Saddam
>   Hussein would not clap for the U.S."
   

	And in this one, Clinton (like other politicians) gets angry at the
thought that they might have to take some of that responsibility that they all
keep talking about. (My suggestion is to remove sovreign immunity and allow
wrongfully prosecuted persons to sue officials for their court and other costs.
It would certainly decrease prosecutions to the absolute minimum.)
	-Allen

>  Avis

>              CLINTON'S TEMPER FLARES WHEN NEWS CONFERENCE STRAYS

>      Copyright &copy 1996 Nando.net
>      Copyright &copy 1996 Reuter Information Service
      
>   WASHINGTON (Aug 1, 1996 2:00 p.m. EDT) - President Clinton displayed a
>   fiery temper Thursday when at a news conference on the economy he was
>   asked about the White House travel office controversy and past drug
>   abuse by some staff members.
   
[...]

>   "There are a lot of people who were never charged with anything, much
>   less offering to plead guilty to anything, who have been dragooned and
>   pulled up and had thousands and tens of thousands of dollars of legal
>   expenses, who were completely innocent, but have been subject to
>   abject harassment.
   
>   "Are we going to pay their legal expenses, too. Are we going to pay
>   the legal expenses of every person in America who is ever acquitted of
>   an offense?" Clinton asked heatedly.





From llurch at networking.stanford.edu  Thu Aug  1 15:52:29 1996
From: llurch at networking.stanford.edu (Rich Graves)
Date: Fri, 2 Aug 1996 06:52:29 +0800
Subject: Jewell is the Militia Bomber!!!!
In-Reply-To: <ae25a290040210043ec2@[205.199.118.202]>
Message-ID: <Pine.GUL.3.95.960801122744.24298D-100000@Networking.Stanford.EDU>


Anyone who thinks I can say "conspiracy against fat people who read gun
magazines" with a straight face, raise your hand. Sheesh.

But there was a serious point in there, as there was in Tim's joke.

-rich

On Wed, 31 Jul 1996, Timothy C. May wrote:

> At 5:53 AM 8/1/96, Rich Graves wrote:
> 
> >Ferchrissakes, guys, take a step back and look at yourselves. You're playing
> >the spin control game just as fast and furious as the "bad guys" (?). First
> >the glee over how easy it was to find bomb-making instructions anywhere,
> >then saying it was a provocation by the government, now it becomes a
>                                                      ^^^^^^^^^^^^^^^^
> >conspiracy against fat people who read gun magazines.
>  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
> Rich, maybe you're spending too much time amongst the Zundelsite Neo-Nazis.
> You no longer recognize humor even when it's pretty damned obvious.
> 
> 
> --Tim May
> 
> Boycott "Big Brother Inside" software!
> We got computers, we're tapping phone lines, we know that that ain't allowed.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
> Licensed Ontologist         | black markets, collapse of governments.
> "National borders aren't even speed bumps on the information superhighway."






From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  1 15:56:05 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 2 Aug 1996 06:56:05 +0800
Subject: Again, disappointed in Gingrich
Message-ID: <01I7RL8DXKCK8Y4XIK@mbcl.rutgers.edu>


	Again, I'm disappointed in Gingrich. This amplifies the earlier
comments.
	-Allen

>Clinton, congressional leaders to meet on terrorism

>   _(c) Copyright 1996 Nando.net_
   
>    Associated Press
    
[...]

>   Gingrich, interviewed on NBC's "Meet the Press," said, "I think that
>   we should have a provision that allows us to recognize that we now
>   live in the age of the cellular telephone and allows us to track an
>   individual person" He said the taggant requirement was "a
>   possibility."





From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  1 15:56:21 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 2 Aug 1996 06:56:21 +0800
Subject: Jim Bell, stay out of Georgia....
Message-ID: <01I7RJRMNIE88Y4XIK@mbcl.rutgers.edu>


	They're arresting this guy because he had one mention of a Molotov
Cocktail? Why am I reminded of the Haymarket trials? Where's a Governor
Altgeld when you need him? Admittedly, this guy doesn't seem too bright... but
if that were a reason to lock him up, the prisons would be even more crowded
than they are now.
	-Allen

>Anarchist charged with advocating government overthrow

>   _(c) Copyright 1996 Nando.net _
   
>    New York Times
    
   
   
>   JONESBORO, Ga. -- An 18-year-old self-styled anarchist who allegedly
>   distributed a free, homemade pamphlet with anti-government rhetoric
>   has been charged with advocating the overthrow of the U.S. government.
   
[...]

>   Clayton County police Lt. Larry Gibson said Moreland turned himself in
>   Sunday. Authorities obtained an arrest warrant for Moreland Saturday
>   after the pipe bombing at Centennial Olympic Park, although police say
>   they don't think he played any role in the crime.
   
>   "He told us he was only interested in destroying property, and I don't
>   think he fully understands the ramifications," Gibson said. "Whatever
>   he was up to, we wanted to nip it in the bud."
   
>   Moreland had been under investigation since July 8 when authorities
>   received a copy of a pamphlet called "Rise Above." Police traced the
>   pamphlets to a mail box service in a shopping center allegedly rented
>   in Moreland's name.
   
>   The pamphlet was laced with with anti-police cartoons, obscenities,
>   and anarchist slogans. The one overt reference to violence was an
>   illustration of a "Molotov cocktail" on the same sheet with a recipe
>   for "soy milk" made from water-soaked soybeans, sugar and vanilla and
>   strained through a T-shirt.





From tomw at netscape.com  Thu Aug  1 15:57:10 1996
From: tomw at netscape.com (Tom Weinstein)
Date: Fri, 2 Aug 1996 06:57:10 +0800
Subject: Let's Say "No!" to Single, World Versions of Software
In-Reply-To: <199608010243.WAA28665@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <320101B9.500F@netscape.com>


Peter D. Junger wrote:
> 
> Tom Weinstein writes:
> 
> : The only thing they can revoke is their permission to provide it for
> : download over the internet.  They can't revoke our permission to
> : sell it in stores or via snail mail.
> 
> Why can't they?  What steps do you take to make sure that the people
> you sell it to aren't--gasp--foreign persons?

We only ship the domestic version to addresses inside the US.  They
State Department seems to think this is sufficient.  Of course, a
foreign person can always fly here and pick up a copy at Fry's, but
that's not our problem.

-- 
You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      | tomw at netscape.com





From jbugden at smtplink.alis.ca  Thu Aug  1 16:01:33 1996
From: jbugden at smtplink.alis.ca (jbugden at smtplink.alis.ca)
Date: Fri, 2 Aug 1996 07:01:33 +0800
Subject: [Editorial] Privacy commisioner right-Canada
Message-ID: <9607018389.AA838936610@smtplink.alis.ca>


Privacy commisioner right
Editorial
Ottawa Citizen, July 31

Bruce Phillips, the privacy commisioner, has again called for reinforcements to
defend personal privacy against the assaults of commercialism and technology. It
is a call that demands action-from the federal government, Parliament and every
Canadian.

The commisioner's annual report proposes two essential recommendations. First,
the government should make the protection of privacy a condition of sale
whenever a government enterprise is sold to the private sector. Second, the
government and Parliament must pass a law extending the enforcement of privacy
rights to private-sector businesses in federal jurisdiction.

Phillips is right. As thousands of public servants are transferred out of
government service, they lose the protection of the Privacy Act -- which covers
only government departments and agencies. And as more personal information about
all of us accumulates in the corporate sector, there is an intensified public
interest in extending legal protections.

*******
Phillips acknowledges the profitability of buying, selling and exploiting
personal data on employees and customers. And he sees the power of new
technologies to make privacy violations faster, cheaper, more comprehensive and
always more intrusive.
*******

But he insists that preserving personal privacy is both possible and necessary:
"If we discard the notion of privacy and simply treat one another as data
subjects, as objects of surveillance, we abandon that fundamental, democratic
notion of autonomy and self-determination."

Right Again.






From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  1 16:10:52 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 2 Aug 1996 07:10:52 +0800
Subject: Bombs & bomb threats in LA
Message-ID: <01I7RKOB77H48Y4XIK@mbcl.rutgers.edu>


	Well, dry ice bombs are in the rec.pyrotechnics FAQ, stored among other
places at:
http://www.nectec.or.th/pub/mirrors/faq/pyrotechnics-faq	

and everyplace else all the news.answers FAQs are stored. What, precisely, is
an acid bomb? Also note the standard blame-the-Internet (not, say, increased
irritation with government after the Republicans failed to reduce it) rhetoric.
	-Allen


>   Cobb Group - Netscape

>      NUMBER OF LEGITIMATE BOMB THREATS HAVE INCREASED IN L.A. OVER 1995

>      Copyright &copy 1996 Nando.net
>      Copyright &copy 1996 Los Angeles Daily News

>   LOS ANGELES (Aug 1, 1996 10:11 a.m. EDT) -- A bomb threat closed the
>   entire roadway network within the Los Angeles International Airport
>   for 45 minutes, creating a massive traffic tangle that came on top of
>   delays from heightened security.

[...]

>   Police say the case is the latest in a rash of bomb threats and
>   suspicious package discoveries in Los Angeles borne of heightened
>   concern and publicity surrounding the recent bombing at the Olympics,
>   the mysterious crash of TWA Flight 800 and last year's Oklahoma City
>   bombing.
   
>   Each threat is taken seriously by law enforcement officials, who who
>   say they are responding to a greater number of calls -- and, in Los
>   Angeles County, finding a greater number of explosive devices.
   
>   A Sheriff's Department spokesman said 178 potentially explosive
>   devices have been found in the county out of a total of 273 calls
>   answered in the first six months of this year.
   
>   By contrast, only 86 such devices were found out of 259 calls in the
>   first half of 1995.

[...]
   
>   "We're going to top 70 for the month -- that is a record in this
>   unit," Spencer said. "And the actual devices that really cause damage
>   has gone up."
   
>   Among devices found by sheriff's deputies: nine pipe bombs, 53 pieces
>   of military ordnance, 44 Molotov cocktails, 12 fireworks-pyrotechnic
>   devices, two acid bombs and five dry ice bombs.
   
>   In the city, the Los Angeles Police Department's bomb squad responded
>   to 972 calls in 1995 -- up from 717 in 1994.
   
>   Of those calls last year, 181 were for either fireworks, ordnance or
>   other potentially threatening items, police said.
   
>   The squad destroyed 73 devices and investigated 41 explosions -- many
>   in mailboxes -- that occurred over the year. Most calls, however, were
>   for suspicious packages that turned out to be harmless.
   
>   "We have had an excessive amount of bomb calls on the heels of the
>   pipe bombing in Atlanta," said Lt. Tony Alba, an LAPD spokesman. "They
>   have been running around like crazy ever since the Atlanta incident, a
>   lot of suspicious package calls."
   
[...]

>   Also on Wednesday, 55 miles north of downtown Los Angeles in
>   Lancaster, the sheriff's bomb squad was summoned to the parking lot at
>   an Elks Lodge where deputies found a homemade device -- which included
>   half-sticks of dynamite and BBs.
   
[...]

>   And Monday, an Ensenada, Mexico-bound Carnival cruise ship, filled
>   with 1,846 passengers, was forced to turn around and head back to port
>   after a bomb threat was made. No bomb was found.
   
>   "To some it is a power thing," said Sgt. Al Humphries of the Sheriff's
>   Department bomb squad. "With 20 cents and a mean spirit you can make a
>   cruise ship turn around, or make an airplane turn back."
   
>   Spencer and security experts agree media attention that focused on
>   bombs in the aftermath of the Centennial Olympic Park and TWA
>   explosions have factored into the flurry of threats and reported
>   suspicious packages.
   
>   William Daly, managing director at Kroll Associates, a New York-based
>   security firm, said the activity will diminish as the spotlight fades.
   
>   "If you look after the World Trade Center bombing, there was a
>   dramatic increase the next day, unfortunately tied to the attention on
>   the issue," Daly said.
   
>   "These people who are on the fringe, they enjoy seeing emergency
>   service, knowing that it is going to disrupt a city," he said. "This
>   is the way they live out their fantasy. The more they see it being
>   received and responded to, the more it will continue."
   
[...]
  
>   Spencer said information about bomb-making on the Internet may be the
>   answer to the greater numbers of actual devices being made.
   
>   "This information is readily available on the Internet," he said.
>   "What we've noticed is that a lot of juveniles have gotten the
>   information off the Internet -- they admit it."
   
>   Alba said the most common devices found by the LAPD are pipe bombs and
>   dry ice bombs, often used to blow up mailboxes.
   
>    Copyright &copy 1996 Nando.net





From tcmay at got.net  Thu Aug  1 16:21:00 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 2 Aug 1996 07:21:00 +0800
Subject: Jew Bits, Credentials, and the Cypherpunk Way
Message-ID: <ae2659ce0b0210044c33@[205.199.118.202]>


At 5:12 PM 8/1/96, Alex de Joode wrote:
>Ernest Hua (hua at chromatic.com) wrote:
>: How does one verify that an IP address is coming from a U.S. site?
>: How do most FTP site (e.g. those which carry crypto) determine the
>: origins of a connection?
>
>What's the use ? It makes it only nominally more difficult to access
>an US crypto site, one needs first to esthablish an US beachhead ie.
>open an US account, and ftp the eleet crypto warez using the newly
>created US account as an intermediary.
>
>So the next step will be a tag that a user is an 'alien' ?

Along with the "Jew bit."

(Credit goes to Hugh Daniel, as I recall, for this one. At the CFP in '95
he made up various badges with things like this, including "Is your Jew bit
set?")

On a serious note, the whole thrust of the CDA discussion raised this
issue, of having "age bits" in all packets and/or credentials. There is the
very real danger, I fear, that the current swirl of topics (terrorism,
exports, G7 New World Order, pornography, bomb-making, etc.) will lead to
moves for "credentials" of various sorts.

(I'm sure the IETF folks can point out the problems with such schemes. I'm
not sure they'd fly, but they may get proposed.)

Such credentials--aka "the Internet Driver's License"--could have fields
for name, true name, key, age, sex, and perhaps even things like special
orders from courts (e.g., "Tim May is under court order in Idaho, U.S., not
to have access to aptical foddering information"). Many countries, which do
not have the nominal separation of church and state the U.S has, will want
fields for religious affiliation, etc.

We cannot fight this at the ballot box, as the trends are simply too strong
(as Lucky notes, Americans will cheer when strong crypto is outlawed). The
only way is the Cypherpunk Way: Direct Action Through Technology.

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From m5 at vail.tivoli.com  Thu Aug  1 16:27:34 1996
From: m5 at vail.tivoli.com (Mike McNally)
Date: Fri, 2 Aug 1996 07:27:34 +0800
Subject: Terror attack!
Message-ID: <32010AC5.1513@vail.tivoli.com>


"I think I see one outside my window!  Help!"


A breaking story from Reuters:

> FBI Chief Says U.S. Under Terrorist Attack

> WASHINGTON (Reuter) - FBI Director Louis Freeh warned Congress Thursday
> that the United States was under attack from foreigh terrorists and 
> said new counter-terrorism weapons were needed to fight back. 



Why don't they just be done with it and declare martial law?
	
______c_____________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX    * For the time being,
       m5 at tivoli.com * m101 at io.com          *    
      <URL:http://www.io.com/~m101>         *    three heads and eight arms.





From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  1 16:27:51 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 2 Aug 1996 07:27:51 +0800
Subject: Republican convention security
Message-ID: <01I7RLOILMNG8Y4XIK@mbcl.rutgers.edu>


	Why am I not reassured by what convention Chuck Vance participated in
in the 1960's? And why do I suspect that the ADF calls a militia any group of
people who have a political viewpoint different from theirs and might be
armed (including via martial arts)?
	-Allen

>   Cobb Group - Netscape

>     SECURITY OUTSIDE THE CONVENTION HALLS IS FOCUS IN SAN DIEGO, CHICAGO

>      Copyright &copy 1996 Nando.net
>      Copyright &copy 1996 The Associated Press
      
[...]

>   WASHINGTON (Aug 1, 1996 10:29 a.m. EDT) -- Beach parties, concerts and
>   fund-raisers will lure delegates from the air-conditioned halls of the
>   Republican and Democratic conventions next month, and officials say
>   keeping these off-site venues safe will be one of their biggest
>   challenges.
   
[...]

>   Convention security used to focus on foiling a lone individual bent on
>   disrupting the meeting, but now groups like anti-government militias
>   are more of a worry, said Chuck Vance. The former Secret Service agent
>   helped coordinate security for the 1968 Democratic meeting in Chicago
>   that was punctuated by anti-war protests.
   
[...]

>   Statistics give little reason for security planners to breath easy.
   
>   A recent study by the Anti-Defamation League said the number of
>   antigovernment militia groups in California jumped from two in 1994 to
>   35 last year.
   
>   And in San Diego County, one to five actual or suspected pipe bomb
>   incidents are reported every week, and a total of 32 hand grenade
>   incidents were reported in the first four months of this year, the
>   sheriff's department said. Six pipe bombs have exploded already this
>   year; there were seven in all of 1995. None were targeted at
>   government buildings.

>    Copyright &copy 1996 Nando.net





From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  1 16:30:00 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 2 Aug 1996 07:30:00 +0800
Subject: More evidence that democracy is bunk
Message-ID: <01I7RLTJO3008Y4XIK@mbcl.rutgers.edu>


	And some people think democracies secure civil liberties...
	-Allen

>Poll finds most Americans want broader authority to probe terrorism

>   _(c) Copyright 1996 Nando.net_
   
>    Associated Press
    
>   NEW YORK -- Americans overwhelmingly want the federal government to
>   have more authority to check out terrorist groups, according to a CBS
>   news poll released Tuesday.
   
[...]

>   As an antidote, 80 percent believe the federal government should have
>   more power to investigate terrorists, but just 52 percent believe
>   wiretaps should be expanded.
   
>   Three out of five said they still favor giving the government more
>   power even if that meant groups unrelated to terrorism were
>   investigated, too.
   
>   Even if it cost more, nearly nine out of 10 people surveyed want more
>   security checkpoints, guards and metal detectors -- and they'd be
>   willing to wait longer in lines -- at public events.





From nobody at REPLAY.COM  Thu Aug  1 16:32:54 1996
From: nobody at REPLAY.COM (Anonymous)
Date: Fri, 2 Aug 1996 07:32:54 +0800
Subject: Is 1024-bit PGP key enough?
Message-ID: <199608012016.WAA00739@basement.replay.com>


Is security provided by 1024-bit PGP key sufficient against most powerful
computers that are available today? Say if smoe organization spent 10
billions of dollars on a cracking machine, would it be possible to crack 
the keys in reasonable time?





From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  1 16:33:41 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 2 Aug 1996 07:33:41 +0800
Subject: (Un)Freeh makes claims on wiretapping
Message-ID: <01I7RMDU1JC48Y4XOW@mbcl.rutgers.edu>


	The usual governmental rhetoric. Again, I'm not seeing achnowledgement
from anyone except maybe the ACLU that there's no evidence that such tactics
would have stopped the TWA bombing - not that they would be justified even if
it would have. Legalized drugs, etcetera would free up quite enough law
enforcement to take care of the problem.
	-Allen

>   Cobb Group - Netscape

>           FBI DIRECTOR: WIRETAP PROPOSALS WON'T THREATEN LIBERTIES

>      Copyright &copy 1996 Nando.net
>      Copyright &copy 1996 The Associated Press
   
>   WASHINGTON (Aug 1, 1996 1:41 p.m. EDT) -- FBI Director Louis Freeh
>   said today Americans are under increasing attack by terrorists and
>   proposed new wiretapping authority would not greatly expand
>   government's powers.
   
>   "The country and the American people have been experiencing an
>   increasing war against them by terrorists and terrorist-supported
>   activities," Freeh told a Senate Intelligence Committee hearing.
>   Americans "are clearly under attack and we are the prime targets for
>   this kind of terrorism."
   
[...]

>   Freeh said the wiretap proposals do not involve "expansive powers" for
>   the government and would not lead to "an avalanche of new electronic
>   surveillance."
   
>   A leading GOP opponent of an earlier, more sweeping anti-terrorism
>   bill said today he didn't believe Congress could enact a new package
>   before its recess this weekend.
   
>   "I think it would be very difficult to do in light of the logistics
>   and the opposition," Rep. Bob Barr, R-Ga., told reporters. "The
>   (anti-terrorism) funding is there. No new laws are needed."
   
>   Asked about Barr's comments, Sen. Larry Craig, R-Idaho, head of a
>   bipartisan task force that has been negotiating with administration
>   officials on the anti-terrorism proposals, said, "That's part of the
>   obstacle. It's what we have to deal with. What we do has to reach the
>   level of consensus."
   
>   The negotiators, led by Craig and White House chief of staff Leon
>   Panetta, said they hoped to have a package ready for a vote by week's
>   end before Congress leaves for its August recess.





From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  1 16:39:04 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 2 Aug 1996 07:39:04 +0800
Subject: Looks like they may actually pass something... hell.
Message-ID: <01I7RLJW5WHK8Y4XIK@mbcl.rutgers.edu>


	I had hoped that normal government incompetence would prevent them from
passing something. Well, there's still hope that it'll get clogged up, or that
the courts will toss it out - somehow I think they won't like the idea of
taps without a court order, for instance (giving up a judicial prerogative). I
am also somewhat puzzled by the racketeering law reference - I had thought that
federal racketeering laws allowed civil forfeiture sans conviction (shudder)?
The "funding" for telephone companies sounds suspiciously like funding Digital
Telephony.
	-Allen

>   School House
   
>         WHITE HOUSE, KEY LAWMAKERS AGREE ON ANTI-TERRORISM PROPOSALS

>      Copyright &copy 1996 Nando.net
>      Copyright &copy 1996 The Associated Press
      
>   WASHINGTON (Aug 1, 1996 09:53 a.m. EDT) -- After wrangling with key
>   Republican lawmakers, the White House has won agreement on a package
>   of anti-terrorism measures that would expand wiretapping authority and
>   tighten airport security.
   
[...]

>   But omitted from the agreement was a central part of Clinton's
>   proposals, a study of chemical markers in explosives, called taggants,
>   which had been heavily criticized by some Republicans. Also rejected
>   was a provision to allow the FBI to get information on suspected
>   terrorists from hotels, telephone companies and storage facilities.
   
[...]

   The agreement also would allow prosecution of suspected terrorists
   under federal racketeering laws, which would make anyone convicted
   subject to asset forfeitures and longer sentences.
   
>   The negotiators, led by Panetta and Sen. Larry Craig, R-Idaho, said
>   they hoped to have a package ready for a vote by week's end, before
>   Congress leaves for its August recess.
   
>   But Senate Majority Leader Trent Lott, R-Miss., said earlier in the
>   day that final passage before the recess appeared unlikely. "I don't
>   see how in the world we can get it done" by then, Lott told reporters.
   
>   Lott and other GOP leaders summoned Attorney General Janet Reno,
>   Panetta and FBI Director Louis Freeh to a meeting today to explain why
>   some of the FBI's anti-terrorism funds haven't been spent.
   
>   "We are increasingly concerned that monies and authorities already
>   granted to the administration are not being used effectively or at
>   all," Lott, House Speaker Newt Gingrich, R-Ga., and House Majority
>   Leader Dick Armey, R-Texas, wrote in a letter to Clinton.
   
>   Justice Department spokesman Myron Marlin said the Republican
>   assertions were "misleading."
   
>   Gingrich and Lott also proposed that a blue-ribbon commission review
>   the government's anti-terrorism policy -- a move that would delay
>   congressional action. The new package includes such a commission for
>   longer-term legislative proposals, Craig said.
   
>   He said the lawmakers' aides planned to work through the night to
>   draft the proposals into a package that could be put to a vote before
>   week's end.
   
>   "I feel very positive at this moment," Craig told reporters Wednesday
>   night.
   
>   Craig said the proposals included multipoint wiretaps, which allow law
>   enforcement agents to monitor all phone calls made by a suspected
>   terrorist, rather than just those from a specific telephone, as well
>   as emergency wiretaps, which are valid for 48 hours without a court
>   order.
   
[... yeah, right]

>   Craig stressed that the new wiretap provisions would include "some
>   privacy language that will protect people."
   
>   Other proposals on which accord was reached include the use of special
>   technology to make it easier to trace telephone numbers called by
>   suspected terrorists and a trust fund to reimburse phone companies for
>   expenses they incur in that area.
   
>   Craig listed the proposals but gave few details, which had yet to be
>   worked out.
   
>    Copyright &copy 1996 Nando.net





From tcmay at got.net  Thu Aug  1 16:43:56 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 2 Aug 1996 07:43:56 +0800
Subject: A funny thing happend to my data on the way to the bank
Message-ID: <ae2657840a021004c287@[205.199.118.202]>


At 5:45 PM 8/1/96, anonymous-remailer at shell.portal.com wrote:

>The Prime Minister's Social Security Number
>Prime Minister Binyamin Netanyahu's US Social Security Number is
>172-42-6111, according to the Boston  Consulting Group in Massachusetts,
>which employed Netanyahu for about one-year during 1979-80.=20
>
>The number indicated by the marketing firm contradicts information contained
>in a credit report by  the US federally-regulated Transunion Company, pulled
>from company files during the first days of July.  According to that report,
>Netanyahu and an American named   John J. Sullivan both used Social Security
>number 020-36-4537.
>
>Questions were raised in the reports as to whether  Netanyahu had attempted
>to create a false identity or had used a number which was not his.
>Publication of the credit report findings, and later  reports indicating
>that Netanyahu's name had suddenly been deleted from Transunion's files,
>raised additional questions about possible computer break-ins into the
>company's records.

It is not likely to be a "break-in." Rather, the Big Three credit reporting
agencies, Transunion, TRW Credit, and Equifax, routinely are complicit in
creating false credit histories as part of the "legends" of agents, persons
in the Federal Witness Security Program, etc.

(Do you not think Equifax would "notice" a new identity which popped into
existence in 1995, complete with a 10-year credit history, a high school
diploma, a record of past employment, etc.? There is a good reason these
companies have close ties with the TLAs in the D.C. area...where, perhaps
coincidentally, they have major offices.)

My Cyphernomicon has more information about the roles the credit agencies
have played in creating false identities and maintaining their cover, and
the role of FinCEN and its ties to these nominally-private agencies.

What this report about Net-n-Yahoo has confirmed is his almost certain role
as an agent of the U.S. intelligence agencies. His role in the Pollard case
is likely to come out in the next few months.

(Look for legislation from Feinswine and others making it a felony to
disclose Social Security numbers....)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  1 16:48:45 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 2 Aug 1996 07:48:45 +0800
Subject: Progress on online stock markets
Message-ID: <01I7RM6OZWJK8Y4XOW@mbcl.rutgers.edu>


	Anyone know how secure this company's web servers, etcetera are?
	-Allen

>   Avis

>                 E-TRADE WANTS TO SELL IPOS OVER THE INTERNET

>     Copyright &copy 1996 Nando.net
>     Copyright &copy 1996 San Francisco Examiner
      
>   SAN FRANCISCO (Aug 1, 1996 00:05 a.m. EDT) -- E-Trade Securities Inc.,
>   the Palo Alto, Calif., company that sells stocks over the Internet,
>   has asked the National Association of Securities Dealers for
>   permission to form an investment banking division to sell initial
>   public offerings over the Internet.
   
>   E-Trade executive vice president David Traversi said if the NASD
>   approves his request, the company would start bringing small firms
>   public and would also seek to co-underwrite big deals brought by large
>   investment banks.
   
>   Traversi said E-Trade's two-fold objective aimed to create a new way
>   to bring small companies public and give small investors a chance to
>   buy new stock issues that usually get bought by institutional
>   investors.

[...]

>   Traversi said E-Trade would also try to get listed as a co-underwriter
>   for big IPOs, like last September's Netscape offering. In the past,
>   small investors have complained that such big deals are sold to
>   institutional investors, who rake in huge profits before small
>   investors get a crack at the offering. To offer such deals online,
>   however, E-Trade would have to get the approval of the lead
>   underwriter on each offering.
   
>   "Right now, without naming names, there are large investment firms
>   that have indicated an interest in having us as a co-manager" of their
>   IPOs, Traversi said.
   
>   But before E-Trade can do anything more, its pending application to
>   form an investment bank has to be approved by the NASD, which
>   regulates small securities dealers. Traversi said he expected NASD
>   approval this fall.





From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  1 16:58:36 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 2 Aug 1996 07:58:36 +0800
Subject: CDT
Message-ID: <01I7RM0CJM388Y4XIK@mbcl.rutgers.edu>


-----------------------------------------------------------------------------
    _____ _____ _______
   / ____|  __ \__   __|   ____        ___               ____             __
  | |    | |  | | | |     / __ \____  / (_)______  __   / __ \____  _____/ /_
  | |    | |  | | | |    / /_/ / __ \/ / / ___/ / / /  / /_/ / __ \/ ___/ __/
  | |____| |__| | | |   / ____/ /_/ / / / /__/ /_/ /  / ____/ /_/ (__  ) /_
   \_____|_____/  |_|  /_/    \____/_/_/\___/\__, /  /_/    \____/____/\__/
   The Center for Democracy and Technology  /____/     Volume 2, Number 29
----------------------------------------------------------------------------
      A briefing on public policy issues affecting civil liberties online
----------------------------------------------------------------------------
 CDT POLICY POST Volume 2, Number 29                        August 1, 1996

 CONTENTS: (1) Clinton Administration, Congress Propose Sweeping
               Anti-Terrorism Initiatives
           (2) How to Subscribe/Unsubscribe
           (3) About CDT, contacting us

  ** This document may be redistributed freely with this banner intact **
        Excerpts may be re-posted with permission of <editor at cdt.org>
         ** This document looks best when viewed in COURIER font **
-----------------------------------------------------------------------------

(1) CLINTON ADMINISTRATION, CONGRESS PROPOSE SWEEPING ANTI-TERRORISM
    INITIATIVES

In the wake of the recent bombing at the Olympics and the suspected
terrorist involvement in the TWA crash, the Clinton Administration and
members of Congress are proposing a set of sweeping counter-terrorism
initiatives. If enacted into law, these proposals will dramatically
increase law enforcement surveillance authority over the Internet and other
advanced communications technologies. An outline of the Administration's
proposal was circulated on Capitol Hill on Monday July 29.

President Clinton has urged Congress to pass new counter-terrorism
legislation before the Congressional recess at the end of this week.  While
several prominent Republican members of Congress, including House Speaker
Newt Gingrich (R-GA), have said publicly that Congress should not rush into
any new counter-terrorism legislation, most observers believe there is a
strong possibility that some or all of the Administration's proposal will
be enacted before the August recess.

The draft proposal contains several measures which were rejected by
Congress as part of the previous counter-terrorism initiative proposed
last year after the Oklahoma City bombing, as well as several new measures
including as-yet unspecified changes to U.S. encryption policy and funding
for the Communications Assistance for Law Enforcement Act (CALEA, a.k.a.
Digital Telephony).

CDT is concerned that the latest counter-terrorism efforts on Capitol Hill
are occurring without appropriate deliberation.  Major policy decisions
expanding the surveillance powers of law enforcement should not be made
without careful consideration of the necessity of such proposals and the
relative benefit to society. In the coming days and weeks, CDT will work
with Congressional leaders, privacy advocates, and the net.community to
ensure that constitutional civil liberties and the openness of the Internet
are protected as Congress considers counter-terrorism measures.
________________________________________________________________________

MAJOR POINTS OF THE COUNTER-TERRORISM PROPOSALS CIRCULATING ON THE HILL

The administration's new counter-terrorism initiative and other amendments
circulating this week in Congress contain numerous provisions, but four
are of particular concern to the net.community:

* New Threats to Encryption, Opposition to the Pro-CODE Bill
* Funding for Digital Telephony Without Public Accountability
* Amendment to Criminalize 'Bomb-Making' Information on the Internet
* Expanded Authority for Multi-Point, "Roving" Wiretaps

The full text of the Administration's proposal and background information
are available at CDT's counter-terrorism Web Page:

    http://www.cdt.org/policy/terrorism/

       --------------------------------------------------------

I. NEW THREATS TO ENCRYPTION, OPPOSITION TO THE PRO-CODE BILL

The Administration's outline contains the following statement on encryption:

 "* Encryption -- We will seek legislation to strengthen our ability to
    prevent terrorists from coming into the possession of the technology
    to encrypt their communications and data so that they are beyond the
    reach of law enforcement.  We oppose legislation that would eliminate
    current export barriers and encouraging the proliferation of encryption
    which blocks appropriate access to protect public safety and the
    national security."

While no specific legislative language has yet been proposed, this
represents the first statement by the Administration that they will seek
legislation to further restrict encryption.  Even more troubling, the
Administration is clearly attempting to use the recent suspected terrorist
incidents to push for a new and more restrictive encryption policy.

This new proposal comes as Congress is finally beginning to seriously
consider major changes in U.S. encryption policy. Bipartisan legislation
in both the House and Senate to relax encryption export controls is gaining
momentum.  The Senate Commerce Committee has held 3 hearings in the last 6
weeks, and is preparing to vote to send the Burns/Leahy "Pro-CODE" bill (S.
1726) to the floor of the Senate.  The Administration's attempt to leverage
the public's concern about terrorism to block passage of the Pro-CODE bill
is disturbing, and poses a significant threat to privacy and security on the
Internet.

CDT is working with members of Congress, privacy advocates, and the
communications and computer industries to oppose any attempt by the
Administration to impose new restrictions on encryption, and we continue to
work to move the bipartisan export relief legislation through Congress.

       --------------------------------------------------------

II. FUNDING FOR DIGITAL TELEPHONY WITHOUT PUBLIC ACCOUNTABILITY

The Administration is also seeking to override the public accountability
provisions of the Communications Assistance for Law Enforcement Act (CALEA
- a.k.a. 'Digital Telephony') by providing a funding for the law in a way
that prevents public oversight of the FBI's surveillance ability.

Enacted in October of 1994, granted law enforcement new authority to
influence the design of telecommunications networks (the Internet,
Commercial online services, and BBS's were exempted) in order to preserve
their ability to conduct court authorized electronic surveillance.

Congress balanced this new authority with a number of mechanisms to ensure
public accountability over law enforcement surveillance ability.
While complicated, the public accountability mechanisms are designed to
work as follows:

* Law enforcement provides telecommunications carriers, the Congress,
  and the public with notice of its surveillance capacity needs (i.e.,
  the number of simultaneous wiretaps in a given geographic location)
  with an opportunity for public comment.

* Based on an assessment of the reasonableness of the law enforcement
  surveillance capacity request, Congress appropriates money to cover
  the cost of modifications.  If Congress does not believe law
  enforcement has adequately justified its request, money will not be
  appropriated.

* Telecommunications carriers are not obligated to comply with the
  statute or make any capacity modifications without government
  reimbursement.

In October 1995, the FBI published its first notice of surveillance
capacity (see CDT Policy Post Vol. 1, No. 26).  The telecommunications
industry and privacy advocates used the public accountability provisions of
CALEA to respond to the FBI's request and argued that the FBI had not
adequately justified the extensive surveillance capability contained in the
request.  As a result, Congress has not yet appropriated funds and no
modifications have been made.

The FBI clearly believes that the public accountability provisions of CALEA
are working **too well**, and appears to be using the recent focus on
terrorism to push for a new funding mechanism which does not contain public
oversight.

CDT is fighting hard to ensure that the public accountability provisions of
CALEA, which have until now prevented the FBI from acquiring unnecessary
surveillance capacity, remain a part of the law, and will vigorously oppose
any effort by the FBI and the Clinton Administration to remove the last
opportunity for public oversight over law enforcement power.

       --------------------------------------------------------

III. THE AVAILABILITY OF 'BOMB-MAKING' INFORMATION ON THE INTERNET

Senator Dianne Feinstein (D-CA) has reintroduced an amendment to make it
illegal to disseminate information on how to construct explosives knowing
that the information will be used in furtherance of a federal crime.  The
amendment was adopted by the Senate earlier this month as part of a
Department of Defense Appropriations bill.  CDT believes that the vague
provisions of the Feinstein amendment could have a chilling effect on online
speech, needlessly duplicate existing criminal statutes, and should be
removed.

Feinstein first proposed the amendment as part of the 1995
counter-terrorism bill. The initial Feinstein amendment was extremely broad
and would have resulted in a flat ban on certain constitutionally protected
speech online.  After civil liberties advocates objected, Feinstein
narrowed her amendment substantially, although it was ultimately dropped
from the final terrorism bill signed in April 1996.

       --------------------------------------------------------

IV.  EXPANDED WIRETAP AUTHORITY

The Administration's proposal would also significantly expand current
wiretapping authority to allow multi-point (or "roving") wiretaps. This
would dramatically change surveillance authority to include wiretaps of
INDIVIDUALS instead of LOCATIONS.

This proposal would do away with the delicate balance between privacy and
law enforcement that Congress has struck over 30 years of wiretapping
legislation. Federal law has always required that wiretaps issue for a
specific location, to meet Fourth Amendment requirements. In 1986 Congress
introduced a narrow exception to this rule, only for cases where it could
be shown that the target was intentionally evading wiretaps by changing
facilities. The Administration proposal would completely remove this
standard, allowing so-called "roving taps" for any persons whose behavior
makes wiretapping difficult for law enforcement.

The administration proposed similar provisions in the spring of 1995 in the
wake of the Oklahoma City bombing. These provisions proved controversial in
Congress and were dropped from the final bill.

________________________________________________________________________

FOR MORE INFORMATION

For more information on the counter-terrorism proposals and their impact on
the Internet check out:

CDT's Counter-Terrorism Page:     http://www.cdt.org/policy/terrorism/
CDT's Encryption Policy Page:     http://www.cdt.org/crypto/
CDT's Digital Telephony Page:     http://www.cdt.org/digtel.html
Encryption Policy Resource Page:  http://www.crypto.com/

------------------------------------------------------------------------

(4) SUBSCRIPTION INFORMATION

Be sure you are up to date on the latest public policy issues affecting
civil liberties online and how they will affect you! Subscribe to the CDT
Policy Post news distribution list.  CDT Policy Posts, the regular news
publication of the Center For Democracy and Technology, are received by
nearly 10,000 Internet users, industry leaders, policy makers and
activists, and have become the leading source for information about
critical free speech and privacy issues affecting the Internet and other
interactive communications media.

To subscribe to CDT's Policy Post list, send mail to

     policy-posts-request at cdt.org

with a subject:

     subscribe policy-posts

If you ever wish to remove yourself from the list, send mail to the
above address with a subject of:

     unsubscribe policy-posts

-----------------------------------------------------------------------

(5) ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY/CONTACTING US

The Center for Democracy and Technology is a non-profit public interest
organization based in Washington, DC. The Center's mission is to develop
and advocate public policies that advance democratic values and
constitutional civil liberties in new computer and communications
technologies.

Contacting us:

General information:  info at cdt.org
World Wide Web:       URL:http://www.cdt.org/
FTP                   URL:ftp://ftp.cdt.org/pub/cdt/

Snail Mail:  The Center for Democracy and Technology
             1634 Eye Street NW * Suite 1100 * Washington, DC 20006
             (v) +1.202.637.9800 * (f) +1.202.637.0968

-----------------------------------------------------------------------
End Policy Post 2.29                                             8/1/96
-----------------------------------------------------------------------







From johnbr at atl.mindspring.com  Thu Aug  1 17:08:40 1996
From: johnbr at atl.mindspring.com (John Brothers)
Date: Fri, 2 Aug 1996 08:08:40 +0800
Subject: Jewell is the Militia Bomber!!!!
Message-ID: <1.5.4.32.19960801205207.006acf90@pop.atl.mindspring.com>


At 10:20 PM 7/31/96 -0800, Jim Bell wrote:
>At 07:49 PM 7/31/96 -0700, Timothy C. May wrote:
>>2. They found a _shotgun_ in his cabin.
>
>No, no, Tim.   The proper way to deliver this to a TV audience is, "They 
>found an ARSENAL in his COMPOUND!"
>(see how much more exciting it is?!?  BTW, how many wives does he have?)

None!  and he lives with his mother!  Obviously a complete sicko!

:)
---
John Brothers 
   Do you have a right not to be offended?






From johnbr at atl.mindspring.com  Thu Aug  1 17:17:22 1996
From: johnbr at atl.mindspring.com (John Brothers)
Date: Fri, 2 Aug 1996 08:17:22 +0800
Subject: A Libertine Question
Message-ID: <1.5.4.32.19960801204953.006b2b7c@pop.atl.mindspring.com>


At 02:23 AM 8/1/96 -0400, you wrote:
>John Brothers,
>
>Which locality do you live in?  I've got all this toxic waste that I've 
>been collecting in return for receiving large sums of money, I'd like to 
>get rid of it as cheply as possible. I thought I might just burn it in a 
>good  "true" libertarian neighborhood.
>
>You don't mind, do you?

I live in the Alpharetta area of Georgia, a northern suburb of Atlanta.  You're
welcome to come here and burn whatever you like.  



Oh, of course, I assume that you'll be properly and safely capturing and
disposing the toxic ash.  Because, after all, if a single microgram
of those toxins were to land on my property, I would be forced to sue you, 
take all of that money, and set up a legal robot to continue to sue your
descendents for the next seven thousand generations.  

And, I guess if the investigation were to show that you were criminally
negligent in the proper disposal of those toxins, you would have to be
punished.   Speaking for myself as a darwinist libertarian, the only
fitting punishment to being criminally negligent on such a grand scale
would be to execute you, and sterilize every known trace of your genetic code 
in the gene pool - i.e. all genetic children, brothers, sisters, parents and
so forth.  You may have some illegitimate/secret offspring or siblings which
may survive, but we can't go around tracking everyone's genetic code.. It would
be an affront to privacy, and libertarianism in general.  

I'm sure that your lawyer could probably argue the case down to the point
where the only punishment would be your execution, and I guess that would
have to suffice - your family wasn't directly involved in the planning and
execution of this most heinous crime. 

But, I'm sure that you would be a properly responsible citizen, and clean
up carefully after yourself.  It might smell bad, and be a generally unpleasant
place, but as a libertarian, I don't have a right to control what you do
with your property, nor to object to bad smells - I can purchase filters
and such to avoid that.  And if it got unpleasant enough, I would just move
away, and leave you and your bad smells alone.  

Have a nice day,
 
---
John Brothers 
   Do you have a right not to be offended?






From merriman at amaonline.com  Thu Aug  1 17:19:15 1996
From: merriman at amaonline.com (David K. Merriman)
Date: Fri, 2 Aug 1996 08:19:15 +0800
Subject: Brain Tennis with Dorthy
Message-ID: <2.2.32.19960801064418.006ccf7c@mail1.amaonline.com>


-----BEGIN PGP SIGNED MESSAGE-----

At 11:59 AM 08/1/96 -0400, Duncan Frissell <frissell at panix.com> wrote:
>I'm following the Brain Tennis Match between Dorothy Denning and John
>Gilmore on encryption and the right to absolute privacy on Hot Wired
>(http://www.hotwired.com/braintennis/96/31/index0a.html).
>
>Were I a participant in this exercise, I would lob the following to Dorothy:
>

... <good questions excised> ...

One might wonder how Dorothy's opinions about privacy et al would change were it *her* communications/privacy/person at risk (be it through torture, GAK, etc.).

Were a government - duly elected - to come into power similar to that in 30's Germany or 70's Viet Nam, so that intellectuals or the educated became the targets of oppression, would she be as adamant about the perceived "rights" of Government to intrude in her private life, monitor her communications, and so on?

Inquiring minds want to know.... :-)

Dave Merriman

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgBe+MVrTvyYOzAZAQHoygP/ZeEn00d+uAuJXp29igeMTPe0U8muD3uy
tIZItV2e05D9VLaCNdzZKiK9pqGsjA6VzB1sUd8uRUtPu0GKVGrylgjuA/QoK/m6
xOMGLNcvPZVhVbqGMCkFXwR6U5KifMd1mAb14Au25MR7hpfzpCwMBQZ5y495AhRx
utMueAGDmIo=
=OARQ
-----END PGP SIGNATURE-----






From warlord at MIT.EDU  Thu Aug  1 17:29:11 1996
From: warlord at MIT.EDU (Derek Atkins)
Date: Fri, 2 Aug 1996 08:29:11 +0800
Subject: Is 1024-bit PGP key enough?
In-Reply-To: <199608012016.WAA00739@basement.replay.com>
Message-ID: <9608012108.AA17627@bart-savagewood.MIT.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

Hi,

> Is security provided by 1024-bit PGP key sufficient against most powerful
> computers that are available today? Say if smoe organization spent 10
> billions of dollars on a cracking machine, would it be possible to crack 
> the keys in reasonable time?

Well, this depends on a couple of definitions.  For example, how do
you define "reasonable time"?  The most concise answer I can give you
is "we don't know".  An answer that would make you feel more
comfortable is that we believe that factoring a 1024-bit key using
GNFS is about 300,000 times harder than factoring a 512-bit key using
GNFS.

This doesn't take into account increase in computer power.  If you
take into account increase in technology at the current rate, doubling
every 18 months, then a 1024-bit key should be breakable in about 100
years.

However this doesn't take into account increases in algorithms.  There
is no way to predict the discovery of a new factoring algorithm.  In
addition, there is no way to predict a computational discovery which
might increase the base technology faster than the current trend.

To get back to your question: If smoe [sic] organization spent 10
billions [sic] of dollars on a cracking machine, would it be possible
to crack the keys in a reasonable time?

Well, lets assume a P100 is 50 MIPS and costs $500.  Then the $10B
would purchase 20 million machines.  Discounting the storage
requirements (factoring a number this large will probably require on
the order of hundreds of GBs of storage) and end-time processing power
(unknown) required to factor a 1024-bit number, this set of machines
would provide "enough" relations for a 1024-bit number in about 1.5
years per key.

- -derek

PS: These are napkin-style numbers, and I'm making a lot of
assumptions here...  I assume no responsibility if you use these
numbers and they are wrong.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQBuAwUBMgEcrTh0K1zBsGrxAQGNaALEDEtO8/pXZPp134SBcjUqD3NO2P3siirR
8a4pA6S15fwtVDrl2ZWeZb2XL65hbhcWpZ2s6Q3eaQOvFPOiytLtfcujUFV7ef+i
9zJKgUlUFMkOP9fmhZdjZXA=
=gPv4
-----END PGP SIGNATURE-----





From shabbir at vtw.org  Thu Aug  1 17:40:28 1996
From: shabbir at vtw.org (Voters Telecommunications Watch)
Date: Fri, 2 Aug 1996 08:40:28 +0800
Subject: ALERT: Congress rushing to pass surveillance plan!  Call now! (8/1/96)
Message-ID: <199608012049.QAA13473@panix3.panix.com>


======================================================================
 ____  _____ ____     ___  _     _____ ____ _____ 
|  _ \| ____|  _ \   / _ \| |   | ____|  _ \_   _|  CONGRESS RUSHING TO
| |_) |  _| | | | | | |_| | |   |  _| | |_) || |    ENACT SURVEILLANCE
|  _ <| |___| |_| | |  _  | |___| |___|  _ < | |    LEGISLATION.  CALL
|_| \_\_____|____/  |_| |_|_____|_____|_| \_\|_|    CONGRESS NOW! 8/1/96

		REPOST THIS ALERT WHERE APPROPRIATE
	     DO NOT REDISTRIBUTE AFTER AUGUST 7, 1996
----------------------------------------------------------------------
Table of contents
	Introduction
	What you can do now	
	Background
	Participating organizations
----------------------------------------------------------------------
INTRODUCTION

Late Wednesday, Congress and the Clinton Administration reached a
preliminary agreement on a sweeping new surveillance initiative. The
President and several Congressional leaders are pushing for a vote on the
measure BEFORE CONGRESS RECESSES ON AUGUST 2.

If enacted, parts of the proposal would dramatically impact privacy and
security on the Internet and other advanced communications technologies.

Of particular concern are provisions which:

1. Allows law enforcement to wiretap "suspected terrorists" for up to
   48 hours BEFORE obtaining a court order
2. Provide funding for the Digital Telephony Proposal without any public
   accountability over how the FBI spends the funds

Other provisions are also circulating that would:

3. Threaten to impose new restrictions on encryption technologies
4. Seek to criminalize the distribution of 'bomb-making' information on
   the Internet that is legal in print.

Congress needs to hear from you.  Congress will rush through the passage
of massive new surveillance plans with privacy risks unless you
show them there is support for slow, deliberate, reasoned thought on
the issue.

----------------------------------------------------------------------
WHAT YOU CAN DO NOW

	         CALL KEY MEMBERS OF CONGRESS IMMEDIATELY!
	              NO LATER THAN FRIDAY (8/2/96)

Please contact as many elected officials on the list below as you can.
Urge them to "go slow" and carefully consider the impact these
surveillance proposals will have on the privacy and security of
all Internet users.

Tell them while you appreciate their concern about combating terrorism,
the measures being proposed have many potential side effects which must be
carefully considered.

1. Call the key members of Congress below and ask them to "go slow" and
   examine the issues before rushing into changing the delicate balance
   of law enforcement surveillance and the public.

2. If you are at a loss for words, use the following sample communique:

	SAMPLE COMMUNIQUE

	Dear _________,

	Please do not rush the passage of counter terrorism legislation;
	I'm concerned that Congress is rushing without carefully
	considering the implications of privacy.  I'm from <city, state>.

	Thanks, <click>

   You should call the following members of Congress because they
   are steering this legislation and need to hear there is support
   for slow, deliberate, thoughtful consideration of this issue.
   Some of thee members *have publicly expressed reservations* about this
   legislation, and we should support them in their efforts.

Senate members:

      P ST Name and Address           Phone           Fax
      = == ========================   ==============  ==============
      R MS Lott, Trent                1-202-224-6253  1-202-224-2262
      D DE Biden Jr., Joseph R.       1-202-224-5042  1-202-224-0139
      D SD Daschle, Thomas A.         1-202-224-2321  1-202-224-2047
      R UT Hatch, Orrin G.            1-202-224-5251  1-202-224-6331
      R PA Specter, Arlen             1-202-224-4254  1-717-782-4920
      D VT Leahy, Patrick J.          1-202-224-4242  1-202-224-3595

House members:

   Dist ST Name, Address, and Party       Phone            Fax
   ==== == ========================       ==============   ==============
      6 GA Gingrich, Newt (R)             1-202-225-4501   1-202-225-4656
      3 MO Gephardt, Richard A. (D)       1-202-225-2671   1-202-225-7452
      6 IL Hyde, Henry J. (R)             1-202-225-4561   1-202-226-1240
     14 MI Conyers Jr., John (D)          1-202-225-5126   1-202-225-0072

President William Clinton:
	White House Comment Line: 1-202-456-1414

3. If you get a response, take a moment and send mail to vtw at vtw.org
   with "feedback" in the subject line.

	$ Mail vtw at vtw.org
	Subject: my feedback from calling Congress
	They said they're not going to pass most of Clinton's package,
	because it upsets the delicate balance between law enforcement and
	the public. 
	^D
	Mail sent!
	
----------------------------------------------------------------------
BACKGROUND

Among other things, the law enforcement proposals circulating on Capitol
Hill include provisions which:

o WIRETAPPING WITHOUT COURT ORDER ALLOWED FOR 48 HOURS

  Congress and the President have already agreed to provisions which
  would dramatically expand law enforcement surveillance authority. Both
  of these provisions were proposed by the President as part of the 1995
  counter-terrorism legislation, but were dropped from the final bill
  after Republicans and civil liberties advocates objected.

  The current proposal would expand law enforcement surveillance
  authority in two ways:

  - Emergency 48 Hour Wiretap Authority: Current law requires law
    enforcement officials to get the affirmative consent of a judge
    before installing a wiretap.

    The current proposal would expand law enforcement authority to
    wiretap "suspected terrorists" for up to 48 hours before obtaining a
    court order, limiting a critical 4th amendment safeguard.

  - Multi-Point "Roving" Wiretaps: Current law allows law enforcement to
    tap only specific LOCATIONS (i.e., a telephone number). In certain
    very limited circumstances, law enforcement can tap a specific
    INDIVIDUAL if it can be shown to a judge that the suspect is moving
    from place to place with the specific intent of thwarting law
    enforcement.

  The current proposal would expand this so-called "roving" wiretap
  authority by making it much easier for law enforcement to tap specific
  INDIVIDUALS as opposed to specific physical locations.  This change
  would dramatically effect the balance between 4th Amendment privacy
  rights and public safety which has existed for nearly 30 years, and
  should not be enacted without careful consideration of the
  implications.

o FUNDING FOR DIGITAL TELEPHONY WITHOUT PUBLIC ACCOUNTABILITY

  The Administration and Congress are seeking funding to implement the
  Digital Telephony Law in a way which eliminates any opportunity for
  public oversight of law enforcement surveillance ability.

  The controversial law, known officially as the Communications
  Assistance for Law Enforcement Act (CALEA), granted the FBI new
  authority to influence the design of telecommunications networks.  At
  the same time, the law provided substantial public oversight over the
  FBI's surveillance ability by requiring the FBI to state, on the
  public record, what its surveillance needs are.

  The FBI has faced stiff resistance from civil liberties groups and some
  members of Congress and has not yet been able to obtain funding to
  implement the requirements of the law.

  As part of the current proposal, the FBI is seeking a mechanism which
  will provide funding for CALEA in a way which skirts the public
  oversight provisions of the law.  This is an extremely troubling move
  by law enforcement which, if enacted, would allow law enforcement
  essentially unlimited authority to influence the design of
  telecommunications networks without any accountability.

Other provisions which could show up in legislation in the next 72 hours are:

o BOMB MAKING MATERIAL ON THE INTERNET

  In the wake of the recent public concern about terrorism, Senators
  Dianne Feinstein (D-CA) and Joseph Biden (D-DE) have renewed their
  efforts to pass legislation to restrict the availability of 'bomb-
  making' information on the Internet.

  The Feinstein/Biden amendment was added to the Senate Defense
  Appropriations bill (S. 1762) in early July, and is not currently part
  of the new law enforcement initiative.  However, the amendment poses a
  serious threat to chill the the free flow of information on the
  Internet.

o THREATEN TO IMPOSE NEW RESTRICTIONS ON ENCRYPTION TECHNOLOGIES:

  While no specific legislation has been proposed, the Clinton
  Administration has circulated an outline to Congress which states:

    "We will seek legislation to strengthen our ability to
    prevent terrorists from coming into the possession of the technology
    to encrypt their communications and data so that they are beyond the
    reach of law enforcement."

  This statement marks the first time that the Administration has
  suggested legislation to restrict encryption.  This is especially
  troubling because it comes at a time of growing Congressional support
  for legislation to promote privacy and security tools for the Net.
  Of even more concern, the Administration is clearly attempting to use
  the recent suspected terrorist incidents to push for a new and more
  restrictive encryption policy.

  If the Administration succeeds in passing new restrictions on
  encryption as part of the new surveillance legislation, the future
  of the Internet as a secure and trusted platform for commerce and
  private communication will be threatened.

Some or all of these provisions may be included in a package voted
on by both houses by August 3rd.  It is not clear what a final bill
will look like, and some of these provisions may not be considered by
Congress until later this summer.

----------------------------------------------------------------------
PARTICIPATING ORGANIZATIONS

The following organizations all urge you to take this action to combat the
surveillance initiatives.   Check their pages for more background
information on these issues.

	American Civil Liberties Union (http://www.aclu.org)
	American Communication Association
	Center for Democracy and Technology (http://www.cdt.org)
	Electronic Frontier Foundation (http://www.eff.org)
	EF-Austin (http://www.efa.org)
	Electronic Privacy Information Center (http://www.epic.org)
	Feminists for Free Expression
	National Libertarian Party (http://www.lp.org)
	National Writers Union (http://www.nwu.org/nwu/)
	People For the American Way (http://www.pfaw.org)
	Voters Telecommunications Watch (http://www.vtw.org)
	Wired Ventures Ltd. (http://www.hotwired.com)
======================================================================





From jya at pipeline.com  Thu Aug  1 17:42:27 1996
From: jya at pipeline.com (John Young)
Date: Fri, 2 Aug 1996 08:42:27 +0800
Subject: PCC_war
Message-ID: <199608012131.VAA06059@pipe2.t2.usa.pipeline.com>


   7-29-96. EBNews: 
 
   "Encryption ICs Enable Ironclad Net Security." 
 
      New encryption ICs on PCMCIA cards will be unveiled 
      imminently to allow PC users to make transactions over 
      the Internet with ironclad security. "This will open up 
      electronic commerce pervasively and launch a new market 
      for PCs," said TIS's Bill Sweet. Both National 
      Semiconductor and VLSI Technology plan to unveil 
      affordable chips shortly for PCMCIA encryption cards. 
 
      National's thumb-scan project, which aims to provide an 
      additional security factor, is a joint effort with 
      Identix. In this system, a holographic laser chip on the 
      card would image a portion of the holder's thumbprint. 
      That image will be compared with the holder's digital 
      thumbprint pattern stored on a memory chip in the card. 
 
   7-31-96. Jane's: 
 
   "Future Warfare | Rise of the robots." 
 
      A US Defense Science Board (DSB) task force is putting 
      the final touches to a study that members promise will 
      be one of the most controversial ever produced by the 
      panel. The next century adversary will aggressively use 
      offensive information warfare, rely on underground and 
      covert urban facilities and have some ability to attack 
      low earth orbiting satellites. It will require a 
      "revolution in military affairs" achieved through 
      enhanced surveillance capabilities, weapons of mass 
      destruction, thousands of inexpensive missiles, a few 
      very low observable cruise missiles, mines and diesel 
      submarines. 
 
      The only aspect of tactics and technology that everyone 
      in the DoD seems to agree on is that the most important 
      developments for warfighting over the next 10 to 20 
      years will be related to information systems. 
 
   ----- 
 
   http://jya.com/pccwar.txt  (19 kb for 2) 
 
   PCC_war 
 
 
 
 
 
 





From drose at azstarnet.com  Thu Aug  1 17:53:33 1996
From: drose at azstarnet.com (David M. Rose)
Date: Fri, 2 Aug 1996 08:53:33 +0800
Subject: Internal Passports
Message-ID: <199608012006.NAA22850@web.azstarnet.com>


On 1 Aug 1996 (Timothy C. May) wrote:

>I'm with Duncan and Lucky on this one. Nations with a "Privacy Ombudsman"
>are almost always nations with extensive files on individuals, their
>habits, and their political activities.
>
>Having a "Privacy Ombudsman" is a bone thrown to the proles. I suspect a
>police state like Singapore has such a person.

My understanding is that the acceptable term is "ombud", or possibly
"ombuds".  Cf.: "chair", "anchor", "milk", "post", "g-", "colored",  "fire",
"police", "China", "French", etc.






From jim at ACM.ORG  Thu Aug  1 18:25:07 1996
From: jim at ACM.ORG (Jim Gillogly)
Date: Fri, 2 Aug 1996 09:25:07 +0800
Subject: Is 1024-bit PGP key enough?
In-Reply-To: <9608012108.AA17627@bart-savagewood.MIT.EDU>
Message-ID: <199608012238.PAA25123@mycroft.rand.org>



Somebody says:
>> Is security provided by 1024-bit PGP key sufficient against most powerful
>> computers that are available today? Say if smoe organization spent 10
>> billions of dollars on a cracking machine, would it be possible to crack 
>> the keys in reasonable time?

Derek Atkins <warlord at MIT.EDU> responds with some useful and authoritative
information -- thanks.

But the original author also needs to step back and understand his
security needs.  In particular, if you're trying to protect your
information against an enemy who is willing to spend $10B to get it,
they'll have a lot of options other than hiding in a back room with some
cracking equipment.  Would you be willing to sell them the information
you're trying to protect for (say) 10% of that $10B?  Would your partner?
Your wife?

	Jim Gillogly
	Hevensday, 9 Wedmath S.R. 1996, 22:37





From tomw at netscape.com  Thu Aug  1 18:35:55 1996
From: tomw at netscape.com (Tom Weinstein)
Date: Fri, 2 Aug 1996 09:35:55 +0800
Subject: Let's Say "No!" to Single, World Versions of Software
In-Reply-To: <199608011714.KAA08903@clotho.c2.org>
Message-ID: <3201376A.2847@netscape.com>


sameer wrote:
> 
>> The only thing they can revoke is their permission to provide it for
>> download over the internet.  They can't revoke our permission to sell
>> it in stores or via snail mail.
> 
>         Where do you get this idea? Got an inside track into the minds
> of the supreme court?

The "they" mentioned above is the State Department.  Congress can try
to do anything.

-- 
You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      | tomw at netscape.com





From hua at chromatic.com  Thu Aug  1 18:36:44 1996
From: hua at chromatic.com (Ernest Hua)
Date: Fri, 2 Aug 1996 09:36:44 +0800
Subject: Freeh slimes again: Digital Telephony costs $2 billion now ...
Message-ID: <199608012258.PAA29066@ohio.chromatic.com>


Louis Freeh is now asking the Congress for $2 billion to fund
Digital Telephony.  Yes, that is FOUR TIMES what he said it
would cost the taxpayers to give up their own privacy.  Score
one for the cynics who said $500 million was not enough.

Ern





From jti at i-manila.com.ph  Thu Aug  1 18:41:25 1996
From: jti at i-manila.com.ph (Jerome Tan)
Date: Fri, 2 Aug 1996 09:41:25 +0800
Subject: ****Tacoma, Washington Starts Taxing Internet Access 07/30/96 (fwd)
Message-ID: <01BB8041.12365200@ip95.i-manila.com.ph>


Here in Philippines, the government tax for connecting to the Internet, the percentage is 10%.


Forwarded message:

> Date: Wed, 31 Jul 1996 11:26:59 -0400
> From: "Joseph M. Reagle Jr." <reagle at rpcp.mit.edu>
> Subject: ****Tacoma, Washington Starts Taxing Internet Access 07/30/96
>   	  				 
> >WASHINGTON, DC, U.S.A., 1996 JUL 30 (NB) -- By Bill Pietrucha.  
> >Tacoma, Washington, has just gained the distinction of being the 
> >only municipality in the United States to tax Internet Access 
> >providers (IAPs) like telephone service providers. 
> >

Somebody needs to do their homework. Austin, TX has been taxing ISP's
for at least a year now. A recent Internet Provider meeting on this
issue resulted in a return to ISP's of a goodly amound of their taxes
because of various issues (read that I didn't go to meeting, I don't run an
ISP but a SOHO consultancy w/ Internet services).

> >The city of Tacoma has extended its six percent gross receipts tax on  
> >telecommunications services to include Internet services, Information 
> >Technology Association of America (ITAA) spokesperson Bob Cohen 
> >told Newsbytes. 

I have to pay the state 8.25% interest on any funds my customers deliver
to me.

> >If other cities attempted to follow Tacoma's lead in taxing IAPs,  
> >Miler said, it could cause the "Balkanization of the Internet, a 
> >hodgepodge of confusing, conflicting, and difficult to administer 
> >Internet tax rules and regulations. 

Agreed.

                                                       Jim Choate









From wb8foz at nrk.com  Thu Aug  1 18:42:11 1996
From: wb8foz at nrk.com (David Lesher)
Date: Fri, 2 Aug 1996 09:42:11 +0800
Subject: FPGAs and Heat (Re: Paranoid Musings)
In-Reply-To: <199608011848.LAA11828@netcom13.netcom.com>
Message-ID: <199608012313.TAA12748@nrk.com>


> 
> Timothy C. May writes:
> 
> > This was a company in Bowie, Maryland, closely linked with the NSA and with
> > the "supercomputer centers." 
> 
> That's one of the things that killed Thinking Machines.  It turned out
> that a standard supercomputer with PIM chips for memory could give the
> same performance for less money.  

See:

http://cesdis.gsfc.nasa.gov/linux/beuwolf/beuwolf.html

Don is doing interesting things with less...

-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From adamsc at io-online.com  Thu Aug  1 18:42:59 1996
From: adamsc at io-online.com (Chris Adams)
Date: Fri, 2 Aug 1996 09:42:59 +0800
Subject: Tolerance
Message-ID: <199608012148.OAA21170@cygnus.com>


Just a comment to all of the 'true libertarians' out there, especially
the "defend to the death" types:  How many of you defended Mr.
Sternlight's recent membership?

# Chris Adams <adamsc at io-online.com> - Webpages for sale! Se habla JavaScript!
# Automatically receive my resume or PGPKEY by sending email with a subject
# of 'send PGPKEY' or 'send resume'. Capitalization counts so be careful!
# Web site: http://www.io-online.com/adamsc/adamsc.htm
 








From jimbell at pacifier.com  Thu Aug  1 18:46:38 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 2 Aug 1996 09:46:38 +0800
Subject: Welcome Back
Message-ID: <199608012151.OAA17837@mail.pacifier.com>


At 12:52 PM 8/1/96 -0400, Brian Davis wrote:

>> Do you have an honest job or are you still taking the King's Shilling?
>
>I have opened a law practice.  Just this morning, I visited a client (in 
>jail) charged with conspiracy to distribute cocaine  ...  in other words, 
>one of the Four Horsemen. They checked me for weapons, etc., upon entry, 
>but no one asked about any cryptographic munitions.

Joke of the day:

A swarthy fellow was in jail, and was visited by his sister and nerd brother 
in law.  He tells them, "next time you show up, bring me something with a file 
in it."  His bro in law brought a floppy disk...

Jim Bell
jimbell at pacifier.com





From steve at miranova.com  Thu Aug  1 18:51:11 1996
From: steve at miranova.com (Steven L Baur)
Date: Fri, 2 Aug 1996 09:51:11 +0800
Subject: Terror attack!
In-Reply-To: <32010AC5.1513@vail.tivoli.com>
Message-ID: <m2u3um7le9.fsf@deanna.miranova.com>


>>>>> "Mike" == Mike McNally <m5 at vail.tivoli.com> writes:

Mike> Why don't they just be done with it and declare martial law?
	
Wait 'til after the election.
-- 
steve at miranova.com baur
Unsolicited commercial e-mail will be proofread for $250/hour.
Andrea Seastrand: For your vote on the Telecom bill, I will vote for anyone
except you in November.





From gary at systemics.com  Thu Aug  1 18:55:20 1996
From: gary at systemics.com (Gary Howland)
Date: Fri, 2 Aug 1996 09:55:20 +0800
Subject: Internal Passports
In-Reply-To: <ae26305c070210048f37@[205.199.118.202]>
Message-ID: <3201257B.31D2DE92@systemics.com>


Timothy C. May wrote:
> 
> Having a "Privacy Ombudsman" is a bone thrown to the proles. I suspect a
> police state like Singapore has such a person.
> 
> And related to the "photo I.D." discussion, most of these nations demand
> that passports be left at hotel desks when checking in. (At least they did
> when I spent 6 weeks travelling through Europe in 1983.) Perhaps the theory
> is that this stops people from running out on their bills, though credit
> cards do the same thing (*). However, the police reportedly inspect these
> passports and enter them into data bases to track movements.

Many still do.  Even ski hire shops in France require a passport, credit
card
or drivers licence to be _left_ with the shop (even hire car companies
don't
do this! - I suppose they've figured out you need your driving licence
...)

I was recently at a hotel in the Netherlands, and they required me to
fill
out a form asking for date and place of birth, passport number etc. etc.
I asked "What do you want this for?" and they replied "Oh, don't worry,
it's not for us, it's for the government"!!!  I look around me at the
dozen
or so people happily giving away these details, including my girlfriend
who later has to be given a lesson on misinformation ... (am I the only
one who fills out every form as Alexei Sayle with bad handwriting?)

Alexei
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From bdolan at use.usit.net  Thu Aug  1 19:07:10 1996
From: bdolan at use.usit.net (Brad Dolan)
Date: Fri, 2 Aug 1996 10:07:10 +0800
Subject: Terror attack!
In-Reply-To: <32010AC5.1513@vail.tivoli.com>
Message-ID: <Pine.SOL.3.91.960801175240.3254A-100000@use.usit.net>


On Thu, 1 Aug 1996, Mike McNally wrote:
> 
> Why don't they just be done with it and declare martial law?
> 	

Be patient.  They're working on it.

bd

Reuters, 8/1/96:

FBI Director Louis Freeh warned Congress on
Thursday that the United States was under attack from foreign terrorists and
said new counter-terrorism weapons were needed to fight back.

...

On the Atlanta bomb that caused two deaths and wounded 111 people, he said
the FBI had no evidence "of an international terrorist group or a 
sophisticated group targeting the Olympics in general with respect to 
that incident."

But he said the United States was clearly vulnerable to possible future
terrorist attacks involving nuclear, biological and chemical weapons. He said 
he had recently met Marine Corps Commandant Gen. Charles Krulak to discuss a
possible joint FBI-Marine study on ways of countering weapons of mass
destruction.

...







From wb8foz at nrk.com  Thu Aug  1 19:21:30 1996
From: wb8foz at nrk.com (David Lesher)
Date: Fri, 2 Aug 1996 10:21:30 +0800
Subject: Let's Say "No!" to Single, World Versions of Software
In-Reply-To: <320101B9.500F@netscape.com>
Message-ID: <199608012327.TAA12824@nrk.com>



Tom Weinstein writes:

> We only ship the domestic version to addresses inside the US.  They
> State Department seems to think this is sufficient.  Of course, a
> foreign person can always fly here and pick up a copy at Fry's, but
> that's not our problem.

Or just walk out of a Mission, and buy one on K Street.

But it's easier to just get an account on an ISP.

I recall several chats with a .nl UN Mission Staffer. He was on
Panix or PSI or such. Maybe we should require proof of citizenship
before granting a license to use IP.

(The irony was, he did not realize the Vienna Convention
covered his rented residence as well as the Mission...)


-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From wb8foz at nrk.com  Thu Aug  1 19:30:45 1996
From: wb8foz at nrk.com (David Lesher)
Date: Fri, 2 Aug 1996 10:30:45 +0800
Subject: Bombs & bomb threats in LA
In-Reply-To: <01I7RKOB77H48Y4XIK@mbcl.rutgers.edu>
Message-ID: <199608012350.TAA12975@nrk.com>


> What, precisely, is an acid bomb? 

It may be:
	acid delay fuse;
or
	a "spray acid around" device...

-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From sandfort at crl.com  Thu Aug  1 20:08:10 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Fri, 2 Aug 1996 11:08:10 +0800
Subject: POLL
Message-ID: <Pine.SUN.3.91.960801171855.20425I-100000@crl3.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

The electronic newsletter put out by the TV show, C-NET Central, 
had this item in the most recent issue:

------------------------------------------------------------------

5. "YOUR TURN": SHOULD YOU BE ABLE TO READ BOMB-MAKING INFO?

The United States and seven other governments are moving to
"felonize" distribution of bomb-making information on the Net
and other electronic media. Yet censorship of the Net was
recently dealt a double blow by twin defeats of the
Communications Decency Act. Is this strictly a free speech
issue? Or is there a difference in your mind between pictures of
naked people and blueprints for a pipe bomb? And can the Net
know the difference?

To contribute your opinion, phone CNET at 415/395-7805, enter
extension 5400, and leave a message. We'll listen to the
responses and broadcast some of the best on CNET radio.

Each week Digital Dispatch brings you the new "your turn"
question, and each Wednesday you can hear the responses to the
previous week's question on CNET radio:

		http://www.cnet.com/Content/Radio/

-----------------------------------------------------------------

Some of you may have a comment about this subject.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From tomw at netscape.com  Thu Aug  1 20:11:50 1996
From: tomw at netscape.com (Tom Weinstein)
Date: Fri, 2 Aug 1996 11:11:50 +0800
Subject: The "Secure" version of Netscape for Linux is *NOT*
In-Reply-To: <2.2.32.19960801033402.00fc1ab8@mail.teleport.com>
Message-ID: <32014B0A.41C6@netscape.com>


Alan Olsen wrote:
> 
> I just installed the "secure" version of Netscape off of the "US Only"
> download site.
> 
> Seems that it is actualy the international version and not the 128 bit
> version.

What makes you think you got the export version?

Here's one way to find out.  If you look in the Security Preferences
panel under the Options menu, there are two "Configure" buttons for
configuring what ciphers are enabled for SSL 2 and SSL 3.  The domestic
version supports a greater variety of options, including triple DES.

-- 
You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      | tomw at netscape.com





From aba at dcs.ex.ac.uk  Thu Aug  1 20:29:18 1996
From: aba at dcs.ex.ac.uk (Adam Back)
Date: Fri, 2 Aug 1996 11:29:18 +0800
Subject: crypto CD source
In-Reply-To: <199607311213.OAA19633@basement.replay.com>
Message-ID: <199608011855.TAA02027@server.test.net>



Alex de Joode <usura at replay.com> writez:
> [..]
> : They have a large supply of crypto software available on-line as well.
> : (No mention of ITAR on their software down load pages (78 Mb of
> : security related software they claim), and it looks you could download
> : the lot even if you weren't in the US).
> 
> ftp.replay.com has 220 Mb of crypto software available for download
> at no charge ....

I didn't make clear: their was no charge for down loading their
on-line stuff.  I think they are in the US, and mentioned their crypto
down load as having no restrictions because of the ITAR implications.

Just wondering if anyone outside the US had downloaded `PGP262.ZIP'
from their freely accessible ftp area.

I get my crypto from US sites also, and your's is on the list :-)

	ftp.dsi.unimi.it
	ftp.ox.ac.uk
	ftp.replay.com
	http://www.cs.hut.fi/crypto/

(a few more too that's all I can remember off the top of my head).

Now if their CD cost $10, and they weren't in the US, I might've
bought one.

Adam
--
#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)





From mpd at netcom.com  Thu Aug  1 20:29:22 1996
From: mpd at netcom.com (Mike Duvos)
Date: Fri, 2 Aug 1996 11:29:22 +0800
Subject: Tolerance
In-Reply-To: <199608012148.OAA21170@cygnus.com>
Message-ID: <199608020041.RAA07308@netcom19.netcom.com>


Someone wrote:

> Just a comment to all of the 'true libertarians' out there, especially
> the "defend to the death" types:  How many of you defended Mr.
> Sternlight's recent membership?

There is nothing to defend.  Anyone, including Dr. Sternlight, may
join this list at any time by mailing a "Suscrive" message to 
toad.com, and may leave it at any subsequent time by sending another 
message that says "unSuscrive."  

It's totally user-operated.  No intervention by anyone else required. :)

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $







From tcmay at got.net  Thu Aug  1 20:39:12 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 2 Aug 1996 11:39:12 +0800
Subject: Tolerance
Message-ID: <ae26a3bb0d021004aa87@[205.199.118.202]>


At 10:46 PM 8/1/96, Chris Adams wrote:
>Just a comment to all of the 'true libertarians' out there, especially
>the "defend to the death" types:  How many of you defended Mr.
>Sternlight's recent membership?
>

I certainly did, as you all know.

But, to clear things up, I don't think I've ever in my life uttered the
phrase "defend to my death your right...."

(I don't think asking the 1000+ members of this list to say one way or
another is a good idea.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From aba at dcs.ex.ac.uk  Thu Aug  1 20:51:54 1996
From: aba at dcs.ex.ac.uk (Adam Back)
Date: Fri, 2 Aug 1996 11:51:54 +0800
Subject: Cracking RC4/40 for massive wiretapps
In-Reply-To: <199608010603.XAA19276@toad.com>
Message-ID: <199608020034.BAA02423@server.test.net>



Bill Stewart <stewarts at ix.netcom.com> writes:
> But those designs are for one-at-a-time cracks.  An interesting question
> is whether you can speed up performance substantially by cracking
> multiple messages at once.

For known plaintext attack on pure RC4 this would work marvelously,
should get close to linear speed up I think as the greatest overhead
is the key setup.

This was discussed some during the netscape SSL break, it didn't apply
to 40 bit SSL because it was really 128 bit, just with 88 bits
disclosed, so the 88 bits functioned as a salt.  But it applies just
fine to pure RC4-40, ... or even to ECB DES...

This is interesting as applied to DES, does anyone have any banking or
funds transfer protocols handy which use DES in ECB mode :-)

Perhaps we could get DES down to a manageable number of bits, together
with the argument that the attacker wouldn't care who's money he stole.

> For instance, if you've got known plaintext, such as a standard
> header format saying "FooVoice" or "BEGIN DSA-SIGNED..", you can try
> many keys and compare them with _many_ cyphertexts, which may not
> slow down the FPGA very much.

Thinking of software attacks and RC4-40, if you were attacking pure
RC4-40, you would collect your 16k known-plaintext / ciphertext pairs,
xor them, and sort the xored texts and store them in some kind of
dictionary lookup structure .  Then you'd do the key schedule, then
traverse the btree with each byte that the RC4_encrypt_byte would have
xored with the text being encrypted.  As soon as you took a branch
which didn't exist in the btree you'd move on to the next key and
keyschedule.

[hacking interlude]

I got bored so I hacked up a test of this of the overheads of lookups,
using bsearch under linux I get lookups / sec against number of known
plaintexts:

  known	plaintext/
  ciphertext			actual		avg time to 
  pairs		lookups/s	keys/s	keys/s	find a key
  ========================================================
  16k		71k		23k	376M	24 mins
  8k		77k		24k	193M	48 mins
  4k		91k		25k	101M	1.5 hrs
  2k		100k		25k	52M	2.9 hrs
  1k		125k		27k	27M	5.6 hrs
  1		-		34k	34k	187 days

The tests were done on an AMD 486 dx/4 120 (a 120Mhz i486 clone), the
keys/s for pure rc4-40 are from a hand optimised assembly version
which I'd been playing with.

`actual keys' is the keys from the search space of 2^40.

`lookups/s' is the number of bsearches per second for the given sized
pre-xored table.  (Known plaintext xored with ciphertext allows the
check for correct key to be done with memcmp).

`keys/s' is the number of keys tested at once * the actual keys/s

`avg time..' is the expected time before find a key.

So based on one machine, if you had 1000 known plaintexts, you would
get a key in around 5 hours.  Multiply by 100 machines, some faster
some slower and it gets interesting.

Our only problem now is to find someone dumb enough to use pure RC4-40,

Adam
--
#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)





From tcmay at got.net  Thu Aug  1 21:00:27 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 2 Aug 1996 12:00:27 +0800
Subject: Viet Nam Considered Less Harmful than Cambodia
Message-ID: <ae26a67e0f021004507b@[205.199.118.202]>


(Welcome back, David...I haven't seen you post in a long while)

At 6:44 AM 8/1/96, David K. Merriman wrote:

>Were a government - duly elected - to come into power similar to that in
>30's Germany or 70's Viet Nam, so that intellectuals or the educated
>became the targets of oppression, would she be as adamant about the
>perceived "rights" of Government to intrude in her private life, monitor
>her communications, and so on?

Though I am no defender of the People's Benovolent and Democratic
Government of Viet Nam, I think you must be thinking of Cambodia.

It was Cambodia, in the form of Pol Pot and the Khmer Rouge, which decided
to exterminate all educated persons (except themselves, of course). Those
wearing eyeglasses were considered Enemies of the People, because
presumably they knew how to read.

Compared to Cambodia, Viet Nam was a paradise. In fact, I cheered in '79
when Viet Nam invaded Cambodia.

--Tim May, who wonders if anyone with access to the Net will become part of
the mountains of skulls in Pax Americana

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Thu Aug  1 21:01:29 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 2 Aug 1996 12:01:29 +0800
Subject: Freeh slimes again: Digital Telephony costs $2 billion now ...
Message-ID: <ae26a88610021004cab0@[205.199.118.202]>


At 10:58 PM 8/1/96, Ernest Hua wrote:
>Louis Freeh is now asking the Congress for $2 billion to fund
>Digital Telephony.  Yes, that is FOUR TIMES what he said it
>would cost the taxpayers to give up their own privacy.  Score
>one for the cynics who said $500 million was not enough.

And when this $2 B is defeated by encryption, look for dramatic, drastic,
and draconian restrictions on crypto.

(With the Internet Phone deals--even Intel is entering the market--why are
there no widespread uses of PGP or S/MIME? Yes, I know about about PGPhone,
and also the Nautilus product, but none seem to be used by anyone I know.
Maybe we should spend some time talking about the practical realities of
these tools.)

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From m5 at vail.tivoli.com  Thu Aug  1 21:19:29 1996
From: m5 at vail.tivoli.com (Mike McNally)
Date: Fri, 2 Aug 1996 12:19:29 +0800
Subject: Bombs & bomb threats in LA
In-Reply-To: <199608012350.TAA12975@nrk.com>
Message-ID: <32015CE7.3EF0@vail.tivoli.com>


David Lesher wrote:
> 
> > What, precisely, is an acid bomb?
> 
> It may be:
>         acid delay fuse;
> or
>         a "spray acid around" device...

Remember what Friday said on Dragnet:

	Marijuana is the match,
		Heroin is the fuse,
			And LSD is the BOMB.

Maybe that's what they meant.
	
______c_____________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX    * For the time being,
       m5 at tivoli.com * m101 at io.com          *    
      <URL:http://www.io.com/~m101>         *    three heads and eight arms.





From m5 at vail.tivoli.com  Thu Aug  1 21:28:08 1996
From: m5 at vail.tivoli.com (Mike McNally)
Date: Fri, 2 Aug 1996 12:28:08 +0800
Subject: Tolerance
In-Reply-To: <199608012148.OAA21170@cygnus.com>
Message-ID: <32015C84.4775@vail.tivoli.com>


Chris Adams wrote:
> 
> Just a comment to all of the 'true libertarians' out there

What does being a libertarian, or true libertarian, have to do with
wanting Sternlight on the list?

I strongly suspect you have a dramatic misunderstanding of 
libertarianism.

> Sternlight's recent membership?

For what it's worth, I had no problem with D.S. being on the list.  That
opinion has very, very little to do with my libertarian leanings, I assure
you.

______c_____________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX    * For the time being,
       m5 at tivoli.com * m101 at io.com          *    
      <URL:http://www.io.com/~m101>         *    three heads and eight arms.





From drose at AZStarNet.com  Thu Aug  1 21:37:21 1996
From: drose at AZStarNet.com (David M. Rose)
Date: Fri, 2 Aug 1996 12:37:21 +0800
Subject: Internal Passports
Message-ID: <199608020153.SAA00324@web.azstarnet.com>


Mike McNally wrote:

>That reminds me:  I thumbed through BiBi's terrorism book (the one D.S.
>certified as prerequisite reading for particpation in intelligent
>discussions about something-or-other) at B&N the other day.  It's a
>pretty thin book.  Most of it seems to be about the rise of the Moslem
>Menace and how the Sultan's hordes will soon be upon us all.  The last
>chapter outlines all the "necessary measures" governments must take
>to stamp out the wildfire of terrorism.  Same old same old, mostly,
>like allowing suspects to be held without charges, allowing warrantless
>searches (I think), thorough weapon registration, and so on.  The last
>one (or next-to-last; I think the last one is "brainwash the populace
>into thinking this is all a good idea") is about establishing a 
>periodic "civil liberties review panel".
>
>Yeah right.

OK.  But I sure would like to have an automatic weapon for
self/home/"national" defense w/o going through a tremendous amount of B.S.
(as Israelis are excused from).  I believe that you Texans and we Arizonans
have the privilege; in "urban" states, where the need truly is, good luck.

Also, I don't know what your experience in the Middle East is.  Me, I worked
in Iran and exited just before the Jan. '79 "revolution".  Menace & murder.
You *really* have no idea.  Hint:  I'm alive.

If you still (I don't know your age) think that humans are all the same, but
we juss gots diffrunt colors 'n' cultures, I *strongly* recommend an
extended period of travel to the third world.

In all sincerity,

Dave






From gcg at pb.net  Thu Aug  1 21:43:46 1996
From: gcg at pb.net (Geoffrey C. Grabow)
Date: Fri, 2 Aug 1996 12:43:46 +0800
Subject: Is 1024-bit PGP key enough?
Message-ID: <2.2.32.19960802021606.00697f50@mail.pb.net>


At 15:38 08/01/96 PDT, Jim Gillogly wrote:
>
>Somebody says:
>>> Is security provided by 1024-bit PGP key sufficient against most powerful
>>> computers that are available today? Say if smoe organization spent 10
>>> billions of dollars on a cracking machine, would it be possible to crack 
>>> the keys in reasonable time?
>
>Derek Atkins <warlord at MIT.EDU> responds with some useful and authoritative
>information -- thanks.
>
Also, remember that although the PGP key is 1024 bits, it generates a much
smaller IDEA key with 56 bits (I think... anyone?).  The 56 bit key is
vunerable to that $1 mil mystery machine that the NSA may or may not have.
 
                                                     G.C.G.

 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 | Geoffrey C. Grabow       |      Great people talk about ideas.       |
 | Oyster Bay, New York     |     Average people talk about things.     |
 | gcg at pb.net               |      Small people talk about people.      |
 |----------------------------------------------------------------------|
 |     PGP 2.6.2 public key available at http://www.pb.net/~wizard      | 
 |          and on a plethora of key servers around the world.          |
 |----------------------------------------------------------------------|
 | That which does not kill us, makes us stranger.   - Trevor Goodchild |
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From JonWienk at ix.netcom.com  Thu Aug  1 22:00:06 1996
From: JonWienk at ix.netcom.com (JonWienk at ix.netcom.com)
Date: Fri, 2 Aug 1996 13:00:06 +0800
Subject: Jewell is the Militia Bomber!!!!
Message-ID: <199608020217.TAA22834@dfw-ix7.ix.netcom.com>


On Thu, 01 Aug 1996, Gary Howland <gary at systemics.com> wrote:
>jim bell wrote:
>> 
>> At 07:49 PM 7/31/96 -0700, Timothy C. May wrote:
>> > 
>> >2. They found a _shotgun_ in his cabin.
>> 
>> No, no, Tim.   The proper way to deliver this to a TV audience is, "They
>> found an ARSENAL in his COMPOUND!"
>
>Alternatively, describe the shotgun as a 50 caliber cannon.
>
>Gary

[snip]

Actually, a 12-gage shotgun is approximately .73 caliber.  Maybe it was a 
16-gage?  BTW, many "real terrorist incidents" are acknowledged by the group 
committing them, so that they will win support for their "cause," or notoriety, 
or whatever other gratification their sick minds might derive from carnage.  The 
fact that no one has claimed responsibility for the bombing skews the 
perpetrator probabilities more toward a single disturbed individual or a 
Reichstag rehash.

Ernest Hua (hua at chromatic.com) wrote:
>: How does one verify that an IP address is coming from a U.S. site?
>: How do most FTP site (e.g. those which carry crypto) determine the
>: origins of a connection?

>What's the use ? It makes it only nominally more difficult to access
>an US crypto site, one needs first to esthablish an US beachhead ie.
>open an US account, and ftp the eleet crypto warez using the newly
>created US account as an intermediary. 

>So the next step will be a tag that a user is an 'alien' ?
[snip]

The chupa-cabras, Grays, and the Art Bell Fan Club would file an EEOC 
class-action lawsuit, citing preferential treatment for beings that "the average 
citizen" actually BELIEVES in.  More lawyer-bait.
Jonathan Wienke

"1935 will go down in history! For the first time a civilized nation has full 
gun registration! Our streets will be safer, our police more efficient, and the 
world will follow our lead in the future!"
--Adolf Hitler

"46.  The U.S. government declares a ban on the possession, sale, 
transportation, and transfer of all non-sporting firearms. ...Consider the 
following statement:  I would fire upon U.S. citizens who refuse or resist 
confiscation of firearms banned by the U.S. government."
--The 29 Palms Combat Arms Survey  
http://www.ksfo560.com/Personalities/Palms.htm

1935 Germany = 1996 U.S.?

Key fingerprint =  30 F9 85 7F D2 75 4B C6  BC 79 87 3D 99 21 50 CB






From markm at voicenet.com  Thu Aug  1 22:05:17 1996
From: markm at voicenet.com (Mark M.)
Date: Fri, 2 Aug 1996 13:05:17 +0800
Subject: Tolerance
In-Reply-To: <199608012148.OAA21170@cygnus.com>
Message-ID: <Pine.LNX.3.95.960801221910.5827A-100000@gak>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 1 Aug 1996, Chris Adams wrote:

> Just a comment to all of the 'true libertarians' out there, especially
> the "defend to the death" types:  How many of you defended Mr.
> Sternlight's recent membership?

I had absolutely no problem with Sternlight subscribing to cpunks.  In fact,
I would be opposed to any action that attempted to remove him from the list.
I also have the right to killfile whomever I want to, and I will defend that
right, also.  However, if cpunks was a "closed" list with a definitive charter,
I would not be displeased with any of the list owners who would prevent David
Sternlight from subscribing or posting to the list.

- -- Mark

PGP encrypted mail prefered
Key fingerprint = d61734f2800486ae6f79bfeb70f95348
http://www.voicenet.com/~markm/  


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQCVAwUBMgFnUrZc+sv5siulAQGY3AP9GngPhL570IceIr+Ls8OaE3gIrTRWQVU6
4gvozv/4g0nEUmT/S+KcnM5ySIQACB2E8LlwG8F2Fb8fLHquywS9Ql28mwx0oCfY
OjO/hycM4UGGx5W0nGli8dJ95mpzIm9VDZNsRbrIPKbo8s5bi55Dlx9BwsG28PY5
BVKWCMk+U/g=
=mSZs
-----END PGP SIGNATURE-----





From nobody at c2.org  Thu Aug  1 22:45:25 1996
From: nobody at c2.org (Anonymous User)
Date: Fri, 2 Aug 1996 13:45:25 +0800
Subject: Is 1024-bit PGP key enough?
Message-ID: <199608020305.UAA11868@infinity.c2.org>


> But the original author also needs to step back and understand his
> security needs.  In particular, if you're trying to protect your
> information against an enemy who is willing to spend $10B to get it,
> they'll have a lot of options other than hiding in a back room with some
> cracking equipment.  Would you be willing to sell them the information
> you're trying to protect for (say) 10% of that $10B?  Would your partner?
> Your wife?

The idea is simple. Since it is easy to increase the size of the
pgp key -- certainly easier than improving my wife -- it is not
uneconomical to be a little overly paranoid over the size of my
key. All it costs me is a couple of seconds of CPU time!






From jgrasty at gate.net  Thu Aug  1 22:45:34 1996
From: jgrasty at gate.net (Joey Grasty)
Date: Fri, 2 Aug 1996 13:45:34 +0800
Subject: South Florida Cypherpunks Meeting
Message-ID: <199608020315.XAA66046@osceola.gate.net>


Y'all:

The South Florida Cypherpunks will meet at Hops Grill & Bar
in Boynton Beach, FL on Saturday, August 17 at 2:00 PM.  As
always, our meeting place is at a microbrewery, and this one
has some very fine brews.

In addition, the Cypherpunks Brewmaster, Jim Ray, is brewing 
up a special "summer dark" brew for the meeting.  We will 
enjoy his swill^H^H^H^H^Hfine beer at my house following the
meeting.*

I'll post directions to Hops as we get closer to the meeting
time and put a map on my web page at:

  http://www.c2.net/~winsock/

Please send me a note if you plan to attend so that I can alert
the NSA^H^H^Hrestaurant on how many will attend.  Send me your
key and fingerprint for keysigning if it hasn't been signed by any
subversives^H^H^H^H^H^H^H^H^Hcypherpunks before.

* All joking aside, Jim is a very fine brewmaster.  I just wish
he'd spend a few bucks and ferment in something other than 2 liter
coke bottles that explode in someone's truck...

Regards,

--
Joey Grasty
jgrasty at gate.net [home -- encryption, privacy, RKBA and other hopeless causes]
jgrasty at pts.mot.com [work -- designing pagers]
"Anyone who considers arithmetical methods of producing random digits is,
of course, in a state of sin." -- John Von Neumann
PGP = A7 CC 31 E4 7E A3 36 13  93 F4 C9 06 89 51 F5 A7





From alano at teleport.com  Thu Aug  1 22:49:09 1996
From: alano at teleport.com (Alan Olsen)
Date: Fri, 2 Aug 1996 13:49:09 +0800
Subject: The "Secure" version of Netscape for Linux is *NOT*
Message-ID: <2.2.32.19960802033114.00e9ed38@mail.teleport.com>


At 05:25 PM 8/1/96 -0700, Tom Weinstein wrote:
>Alan Olsen wrote:
>> 
>> I just installed the "secure" version of Netscape off of the "US Only"
>> download site.
>> 
>> Seems that it is actualy the international version and not the 128 bit
>> version.
>
>What makes you think you got the export version?
>
>Here's one way to find out.  If you look in the Security Preferences
>panel under the Options menu, there are two "Configure" buttons for
>configuring what ciphers are enabled for SSL 2 and SSL 3.  The domestic
>version supports a greater variety of options, including triple DES.

I connected to my site running Stronghold 1.3b1.  Only got 40 bit
encryption.  I then connected to Netscape's Store site.  Only got 40 bit
encryption.  I checked the info box (or about box, I don't remember which)
for the connection and it claimed to be running the "exportable" version.
(The Win95 version connects properly to both sites with no tweaking needed.)

I will double check, but neither site would connect with 128 bits straight
out of the tar file.
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From tcmay at got.net  Thu Aug  1 22:54:38 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 2 Aug 1996 13:54:38 +0800
Subject: Let's Say "No!" to Single, World Versions of Software
Message-ID: <ae26a9fa11021004221a@[205.199.118.202]>


At 11:27 PM 8/1/96, David Lesher wrote:
>Tom Weinstein writes:
>
>> We only ship the domestic version to addresses inside the US.  They
>> State Department seems to think this is sufficient.  Of course, a
>> foreign person can always fly here and pick up a copy at Fry's, but
>> that's not our problem.
>
>Or just walk out of a Mission, and buy one on K Street.
>
>But it's easier to just get an account on an ISP.
>
>I recall several chats with a .nl UN Mission Staffer. He was on
>Panix or PSI or such. Maybe we should require proof of citizenship
>before granting a license to use IP.

I know some Russians, through various connections in the Valley. They
routinely stock up on software at Fry's, in Sunnyvale, Palo Alto, etc.,
load up their suitcases, and then fly back to Moscow. (Of course, the bulk
is not too great, because they only buy one copy of each program....)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Thu Aug  1 23:10:23 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 2 Aug 1996 14:10:23 +0800
Subject: Pipe bombs
Message-ID: <ae26cc41120210042fbf@[205.199.118.202]>



So now we are to spend the next six or eight months putting instructions on
how to build pipe bombs in our .sigs, reading endless analyses of how the
"Antiterrorism and Safety Act of 1996" is unconstitutional, following the
CDA-type emergency challenge mounted by VTW/ACLU/NRA, and wondering who
will be arrested first.

Fuck them. Fuck Swinestein, Klinton, Gingrich, and all the rest. And fuck
Dole. (On second thought, don't--it might not be a survivable experience.)

I say they've all earned only our contempt.

It's time to accelerate our efforts to undermine this foolish experiment in
pandering to the masses.

--Tim May

Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack
the powder. Don't even tap the bottom of the pipe to make it settle.  You want
the powder loose.  For maximum explosive effect, you need dry, fine powder
sitting loose in a very rigid container.







From markm at voicenet.com  Thu Aug  1 23:29:31 1996
From: markm at voicenet.com (Mark M.)
Date: Fri, 2 Aug 1996 14:29:31 +0800
Subject: Is 1024-bit PGP key enough?
In-Reply-To: <2.2.32.19960802021606.00697f50@mail.pb.net>
Message-ID: <Pine.LNX.3.95.960802001105.5991A-100000@gak>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 1 Aug 1996, Geoffrey C. Grabow wrote:

> Also, remember that although the PGP key is 1024 bits, it generates a much
> smaller IDEA key with 56 bits (I think... anyone?).  The 56 bit key is
> vunerable to that $1 mil mystery machine that the NSA may or may not have.

Nope.  The IDEA key is 128 bits long and is probably much harder to break than
a 3000-bit RSA modulus.  Of course, the comparison is really useless, since
nobody knows how advanced the NSA's factoring capabilities are.

- -- Mark

PGP encrypted mail prefered
Key fingerprint = d61734f2800486ae6f79bfeb70f95348
http://www.voicenet.com/~markm/  


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQCVAwUBMgGAtrZc+sv5siulAQGDSAP9HDXWsAPMzR/WUc29OLvYs+gg78HWsewH
raZSNPP+O80Kjub/K5vmvz83b227H6wapyzOQpeVByGu+IafKi74ZTO0KhkrMLdK
FX93eY0AKFYLU/PVgxGvTsIJt1SISK5URfSLhymYVbulW/Cevute7nHvf+ZmysHy
YEY6ZQhx3Eo=
=Veh2
-----END PGP SIGNATURE-----





From tcmay at got.net  Thu Aug  1 23:34:36 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 2 Aug 1996 14:34:36 +0800
Subject: Southern Cracker Beer Bombs in Trucks
Message-ID: <ae26d13d140210045b7e@[205.199.118.202]>


At 11:16 PM 8/1/96, Joey Grasty wrote:
>* All joking aside, Jim is a very fine brewmaster.  I just wish
>he'd spend a few bucks and ferment in something other than 2 liter
>coke bottles that explode in someone's truck...

"Explode"?

Is this one of those southern cracker beer bombs?

Let's see...circumstantially, we've got:

- a southerner

- a truck

- an explosion

I'd say that if Jim is either overweight or has ever fired a gun, we've got
an arrest before dawn. But we've got to hurry--NBC wants Katie Couric
present at the bust.

--Louis Freeh


Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack
the powder. Don't even tap the bottom of the pipe to make it settle.  You want
the powder loose.  For maximum explosive effect, you need dry, fine powder
sitting loose in a very rigid container.







From dlv at bwalk.dm.com  Fri Aug  2 00:59:07 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Fri, 2 Aug 1996 15:59:07 +0800
Subject: An example of KKKlintonista harrassment and censorship
In-Reply-To: <199608020040.RAA24954@dfw-ix6.ix.netcom.com>
Message-ID: <P0k1RD1w165w@bwalk.dm.com>


>From mwohler at ix.netcom.com  Thu Aug  1 20:40:35 1996
Received: by bwalk.dm.com (1.65/waf)
	via UUCP; Thu, 01 Aug 96 22:34:41 EDT
	for dlv
Received: from [206.214.98.6] by uu.psi.com (5.65b/4.0.061193-PSI/PSINet) via SMTP;
        id AA25392 for dlv at bwalk.dm.com; Thu, 1 Aug 96 20:40:35 -0400
Received: from Marc's Station (nyc-ny20-18.ix.netcom.com [205.186.166.210]) by dfw-ix6.ix.netcom.com (8.6.13/8.6.12) with SMTP id RAA24954 for <dlv at bwalk.dm.com>; Thu, 1 Aug 1996 17:40:33 -0700
Message-Id: <199608020040.RAA24954 at dfw-ix6.ix.netcom.com>
X-Sender: mwohler at popd.ix.netcom.com
X-Mailer: Windows Eudora Version 2.1.1
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Thu, 01 Aug 1996 20:42:45 -0400
To: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
From: "Marc J. Wohler" <mwohler at ix.netcom.com>
Subject: RE:Clinton is a terrorist and a murderer.

At 05:22 PM 8/1/96 EDT, you wrote:
>"Marc J. Wohler" <mwohler at ix.netcom.com> writes:
>
>> At 10:43 PM 7/29/96 EDT, you wrote:
>>
>> >Clinton is a terrorist and a murderer.
>>
>> Can you explain or expand on this?
>>
>
>How much will you pay me for my time?

Just as  I suspected.*Ignorant bullshit*






From alanh at infi.net  Fri Aug  2 02:10:45 1996
From: alanh at infi.net (Alan Horowitz)
Date: Fri, 2 Aug 1996 17:10:45 +0800
Subject: A Libertine Question
In-Reply-To: <2.2.32.19960731130157.0069c420@mail.io.com>
Message-ID: <Pine.SV4.3.91.960802005945.11780D-100000@larry.infi.net>


We require people who have syphilis to divulge who their sex partners
were. I don't know if it's a good idea or not, but I haven't heard of any
activist movement against it in the past 80-odd years it's been in effect. 

We require property owners who don't have city-sewage hookups, to install 
their septic tanks and maintain them in certain defined configurations 
which estop them from contaminating the neighbor's well. I don't know if 
that's a good idea or not - but I haven't seen sentiment against sewage 
regulation of property owners.


So why should we be terribly upset about an ordinance which makes it 
illegal to operate a residential kitchen and a residential sewge-disposal 
operation in a city park or a city sidewalk?





From alanh at infi.net  Fri Aug  2 02:50:29 1996
From: alanh at infi.net (Alan Horowitz)
Date: Fri, 2 Aug 1996 17:50:29 +0800
Subject: "adjust your attitude with their billy club"
In-Reply-To: <96Aug1.115045edt.20493@janus.algorithmics.com>
Message-ID: <Pine.SV4.3.91.960802013310.11780G-100000@larry.infi.net>


On Thu, 1 Aug 1996, Robin Powell wrote:

> Burning toxic waste is intrisically damaging to other people,
> blasting your boombox is not (unless it is so loud as to actually
> cause ear damage to bystanders, but given the volume of music
> tolerated at rock concerts, I find this highly unlikely).


"Given the loss of privacy tolerated by 99.9999% of American citizens in 
the past twenty years, no one has a right to complain about the 
government taking new powers for itself."


You cannot have it both ways. If you are free to define what is or is not 
a public nuisance when you do it; likewise am I.





From jimbell at pacifier.com  Fri Aug  2 04:06:36 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 2 Aug 1996 19:06:36 +0800
Subject: Southern Cracker Beer Bombs in Trucks
Message-ID: <199608020607.XAA14971@mail.pacifier.com>


At 09:23 PM 8/1/96 -0700, Timothy C. May wrote:

>Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
>ends.  Buy two metal caps to fit.  These are standard items in hardware
>stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
>good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
>on one end. Fill the pipe to within 1/2 inch of the top with black powder.
>Do not pack
>the powder. Don't even tap the bottom of the pipe to make it settle.  You want
>the powder loose.  For maximum explosive effect, you need dry, fine powder
>sitting loose in a very rigid container.

For "safety" purposes (at least for the builder!) I would add that the 
threads on the pipe should be covered with a generous quantity of vaseline, 
grease, wax, or other similar material.  Otherwise, the final tighten-up 
might cause an explosion if granules of powder get stuck in the threads and 
ignite due to friction.


Evidence reduction tips:  

Discard drill bit used to make hole in pipe.  Carefully avoid leaving any 
drill shavings in work area.

Completely use/discard any extra powder/fuse not used in the bomb.  
(Chemical analysis will reveal similarity...)

When tightening the pipe/cap, shield the work with a thick layer of 
folded-up paper towel or other material, so your Vice-Grips (or other such 
wrench, or vice) don't leave "tool marks" on the pipe.  (Discard, by burning, such paper after use.)


Jim Bell
jimbell at pacifier.com





From snow at smoke.suba.com  Fri Aug  2 04:59:05 1996
From: snow at smoke.suba.com (snow)
Date: Fri, 2 Aug 1996 19:59:05 +0800
Subject: Is 1024-bit PGP key enough?
In-Reply-To: <199608012016.WAA00739@basement.replay.com>
Message-ID: <Pine.LNX.3.93.960802002837.833A-100000@smoke.suba.com>


On Thu, 1 Aug 1996, Anonymous wrote:

> Is security provided by 1024-bit PGP key sufficient against most powerful
> computers that are available today? Say if smoe organization spent 10
> billions of dollars on a cracking machine, would it be possible to crack 
> the keys in reasonable time?


     I'd bet if they wanted it that bad they'd spend a half million on 
buying the key.


Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From snow at smoke.suba.com  Fri Aug  2 05:02:11 1996
From: snow at smoke.suba.com (snow)
Date: Fri, 2 Aug 1996 20:02:11 +0800
Subject: Again, disappointed in Gingrich
In-Reply-To: <01I7RL8DXKCK8Y4XIK@mbcl.rutgers.edu>
Message-ID: <Pine.LNX.3.93.960802003342.833C-100000@smoke.suba.com>


On Thu, 1 Aug 1996, E. ALLEN SMITH wrote:

> 	Again, I'm disappointed in Gingrich. This amplifies the earlier
> comments.
> 	-Allen
> >Clinton, congressional leaders to meet on terrorism
> >   _(c) Copyright 1996 Nando.net_
> >    Associated Press
> [...]
> >   Gingrich, interviewed on NBC's "Meet the Press," said, "I think that
> >   we should have a provision that allows us to recognize that we now
> >   live in the age of the cellular telephone and allows us to track an
> >   individual person" He said the taggant requirement was "a
> >   possibility."

     Night of the long knives anyone? I'd bet Mr. Bell has a solution for 
this.

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From ogren at cris.com  Fri Aug  2 05:13:34 1996
From: ogren at cris.com (David F. Ogren)
Date: Fri, 2 Aug 1996 20:13:34 +0800
Subject: Is 1024-bit PGP key enough?
Message-ID: <199608020517.BAA12270@darius.cris.com>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: cypherpunks at toad.com
Date: Fri Aug 02 01:13:30 1996
>Somebody says:
>>> Is security provided by 1024-bit PGP key sufficient against 
most powerful
>>> computers that are available today? Say if smoe organization spent
 10
>>> billions of dollars on a cracking machine, would it be possible to
 crack 
>>> the keys in reasonable time?

I'll defer to Mr. Atkin's numbers here, although I think that TLA's may 
have more computing power than his rough estimates.  No matter what the 
exact numbers are, it seems that the answer is the same. 1024 bit keys 
appear to be secure for 1996, at least for individuals.

You also have to remember that even if a 1024 bit key could be cracked for 
a mere [sic] million dollars, you have succeeded in making it easier for an 
organization to break into your house and bug your computer than crack your 
RSA key. Or use some other method (bribery, extortion, violence) to obtain 
that information.

> Also, remember that although the PGP key is 1024 bits, it generates a
>  much
> smaller IDEA key with 56 bits (I think... anyone?).  The 56 bit key is
> vunerable to that $1 mil mystery machine that the NSA may or may not
>  have.
>  

IDEA keys are 128 bits long. (DES keys are the ones with 56 bits.) However, 
symmetric cryptosystems, such as IDEA, are harder to break by brute force. 
It is currently estimated that a 128 bit IDEA key is the equivalent of a 
2304 bit RSA key.

So, even though the 128 bit IDEA session key is shorter than the 1024 bit 
RSA key, the RSA key is easier to break using brute force.

- --
David F. Ogren                |
ogren at concentric.net          | "A man without religion is like a fish
PGP Key ID: 0x6458EB29        |  without a bicycle"
- ------------------------------|----------------------------------------
Don't know what PGP is?       | Need my public key?  It's available
Send a message to me with the | by server or by sending me a message
subject GETPGPINFO            | with the subject GETPGPKEY
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgGOfOSLhCBkWOspAQEpzgf/Tn1gI8rjg+RxNbor9uIHMZgLWxGHcoMu
WleZrgd2O/K6JNcBySpeLCVe+xgUwbdXPThLO6jP4eSwqpuNtZTLWmaU2LZond+O
XIWSXRzEcvdFPoFISDpxLyLEJtZu122bc1xdlI8zhbO2CqeOcJmJ47WAaTul3wg7
MIyl7zZAvrXrzZ8ByYTpoG7C5d11kEeKCLw7ObxYXCaXXhWFphbxO8Kq3/C597H1
rb9cRu2zyt5OmN1ySMifTbrfMJvkeb9cNsSijv3q5m+ciIX5DKoH07kO82RxjT98
ndpyGbZkbZLWjKvDeNvrh2EtJRV6mfOIIZr2zaQyuyKlYmoP+VKuDA==
=QN4L
-----END PGP SIGNATURE-----




From grafolog at netcom.com  Fri Aug  2 05:15:05 1996
From: grafolog at netcom.com (jonathon)
Date: Fri, 2 Aug 1996 20:15:05 +0800
Subject: A funny thing happend to my data on the way to the bank
In-Reply-To: <199608011745.KAA19325@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.95.960802063901.24383A-100000@netcom9>




On Thu, 1 Aug 1996 anonymous-remailer at shell.portal.com wrote:

> 172-42-6111, according to the Boston  Consulting Group in Massachusetts,
> which employed Netanyahu for about one-year during 1979-80.=20

	It was around then that the Social Security Administration
	was issuing advisories that Social Security Numbers not
	be used for identification purposes, because of errors 
	made in isseing the numbers.

	Specifically, 5% of the numbers were issued to two or more
	people.  3% of numbers were issued to people who allready
	had one or more numbers.  A further 3% to 5%  were issued
	in error for other reasons.

        xan

	Illiterate: adj.  Inability to read write or speak five 
	or less languages.
	Funksioneel Ongeleerd:  a.  Die wat kon nee elf or meer tale 
	lees, skryf and gesprek. 







From llurch at networking.stanford.edu  Fri Aug  2 05:34:13 1996
From: llurch at networking.stanford.edu (Rich Graves)
Date: Fri, 2 Aug 1996 20:34:13 +0800
Subject: Viet Nam Considered Less Harmful than Cambodia
In-Reply-To: <ae26a67e0f021004507b@[205.199.118.202]>
Message-ID: <Pine.GUL.3.95.960802000239.27368C-100000@Networking.Stanford.EDU>


On Thu, 1 Aug 1996, Timothy C. May wrote:

> --Tim May, who wonders if anyone with access to the Net will become part of
> the mountains of skulls in Pax Americana

I once gave an account on my workstation to a Jesuit priest who was later
assassinated in El Salvador, but it was mostly for access to a few things,
not really "on the net." Does that count?

-rich






From alano at teleport.com  Fri Aug  2 05:46:16 1996
From: alano at teleport.com (Alan Olsen)
Date: Fri, 2 Aug 1996 20:46:16 +0800
Subject: The "Secure" version of Netscape for Linux is *NOT*
Message-ID: <2.2.32.19960802054049.00b19604@mail.teleport.com>


At 08:31 PM 8/1/96 -0700, Alan Olsen wrote:
>At 05:25 PM 8/1/96 -0700, Tom Weinstein wrote:
>>Alan Olsen wrote:
>>> 
>>> I just installed the "secure" version of Netscape off of the "US Only"
>>> download site.
>>> 
>>> Seems that it is actualy the international version and not the 128 bit
>>> version.
>>
>>What makes you think you got the export version?
>>
>>Here's one way to find out.  If you look in the Security Preferences
>>panel under the Options menu, there are two "Configure" buttons for
>>configuring what ciphers are enabled for SSL 2 and SSL 3.  The domestic
>>version supports a greater variety of options, including triple DES.
>
>I connected to my site running Stronghold 1.3b1.  Only got 40 bit
>encryption.  I then connected to Netscape's Store site.  Only got 40 bit
>encryption.  I checked the info box (or about box, I don't remember which)
>for the connection and it claimed to be running the "exportable" version.
>(The Win95 version connects properly to both sites with no tweaking needed.)
>
>I will double check, but neither site would connect with 128 bits straight
>out of the tar file.

My apologies to everyone involved!

I fucked up!

There was a period of time between when I downloaded and when I installed.
The version I installed was not the one I installed from the secure site.
(I had thought I had not downloaded the 3.0b5 version for Linux, except for
the secure version.  It seems that I had downloaded it when the first
version of 3.0b5 came out, not the 3.0b5a version...)

Sorry again!

---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From shamrock at netcom.com  Fri Aug  2 05:58:27 1996
From: shamrock at netcom.com (Lucky Green)
Date: Fri, 2 Aug 1996 20:58:27 +0800
Subject: Internal Passports
Message-ID: <v02120d18ae2769138b69@[192.0.2.1]>


At 13:06 8/1/96, David M. Rose wrote:
>On 1 Aug 1996 (Timothy C. May) wrote:
>
>>I'm with Duncan and Lucky on this one. Nations with a "Privacy Ombudsman"
>>are almost always nations with extensive files on individuals, their
>>habits, and their political activities.
>>
>>Having a "Privacy Ombudsman" is a bone thrown to the proles. I suspect a
>>police state like Singapore has such a person.
>
>My understanding is that the acceptable term is "ombud", or possibly
>"ombuds".  Cf.: "chair", "anchor", "milk", "post", "g-", "colored",  "fire",
>"police", "China", "French", etc.

Ombudsman is a Swedish term. I suppose the modern day English
deconstruction/reconstruction would be ombudsperson.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From shamrock at netcom.com  Fri Aug  2 06:03:12 1996
From: shamrock at netcom.com (Lucky Green)
Date: Fri, 2 Aug 1996 21:03:12 +0800
Subject: Brian quit the feds! [was:Re: Photo IDs]
Message-ID: <v02120d13ae275d20bcd2@[192.0.2.1]>


At 11:51 8/1/96, Brian Davis wrote:

>No longer a federal prosecutor!

Congratulations, Brian. Though I will miss having a confessed 'real' Fed on
the list. Well, "former federal prosecutor" still sounds pretty good.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From shamrock at netcom.com  Fri Aug  2 06:38:35 1996
From: shamrock at netcom.com (Lucky Green)
Date: Fri, 2 Aug 1996 21:38:35 +0800
Subject: Tolerance
Message-ID: <v02120d1aae276b170492@[192.0.2.1]>


At 14:46 8/1/96, Chris Adams wrote:
>Just a comment to all of the 'true libertarians' out there, especially
>the "defend to the death" types:  How many of you defended Mr.
>Sternlight's recent membership?

There was nothing to defend. To the best of my knowledge, nobody suggested
that DS be thrown off the list. One joker unsubed Sternlight, but that was
hardly something that he couldn't fix himself. Did I want him on the list?
Hell no. Do I believe he has a right to join the list? Yes, with one
possible exception. The list owner can ban anybody, since the list is using
the owner's resources. In this case, from a libertarian standpoint, not
even an explanation of such an action would be required.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From ravage at EINSTEIN.ssz.com  Fri Aug  2 06:43:57 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Fri, 2 Aug 1996 21:43:57 +0800
Subject: Southern Cracker Beer Bombs in Trucks (fwd)
Message-ID: <199608021124.GAA09477@einstein>



Hi all,

I work with Hi Performance and Experimental rockets and I am somewhat
familiar with explosives and the handling thereof. I have a couple of
comments to add to the pipe bomb building thread...

Forwarded message:

> Date: Thu, 01 Aug 1996 23:06:14 -0800
> From: jim bell <jimbell at pacifier.com>
> Subject: Re: Southern Cracker Beer Bombs in Trucks
> 
> >Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
> >ends.  Buy two metal caps to fit.  These are standard items in hardware
> >stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
> >good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
> >on one end. Fill the pipe to within 1/2 inch of the top with black powder.
> >Do not pack
> >the powder. Don't even tap the bottom of the pipe to make it settle.  You want
> >the powder loose.  For maximum explosive effect, you need dry, fine powder
> >sitting loose in a very rigid container.
> 
> For "safety" purposes (at least for the builder!) I would add that the 
> threads on the pipe should be covered with a generous quantity of vaseline, 
> grease, wax, or other similar material.  Otherwise, the final tighten-up 
> might cause an explosion if granules of powder get stuck in the threads and 
> ignite due to friction.

Do this and you will get a reaction which can cause a spontaneous explosion.
In short keep all greases and other such products away from explosives. If
you must use threads on a pipe in such a situation make VERY shure they are
clean and dry. I would use water to first wash the water solubles away and
then would use alcholol to clean the threads of the remaining debree.
Also, always use a cotten rag otherwise you run the risk of building up a
static charge sufficient to set it off.

> When tightening the pipe/cap, shield the work with a thick layer of 
> folded-up paper towel or other material, so your Vice-Grips (or other such 
> wrench, or vice) don't leave "tool marks" on the pipe.  (Discard, by burning, such paper after use.)

If you must use metal tools in the constructio of your bomb make shure of
two things. First, there is another person to call the ambulance. Also be
shure to use a non-sparking tool (read that as expensive) do NOT use steel
or iron tools. You would just be asking to blow yourself up from sparks.
Most tool catalogs will have a small section of Beryllium based tools or
something similar.

                                              Jim Choate






From stewarts at ix.netcom.com  Fri Aug  2 06:48:45 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Fri, 2 Aug 1996 21:48:45 +0800
Subject: Is 1024-bit PGP key enough?
Message-ID: <199608020836.BAA05655@toad.com>


At 10:16 PM 8/1/96 -0400, "Geoffrey C. Grabow" <gcg at pb.net> wrote:
>Also, remember that although the PGP key is 1024 bits, it generates a much
>smaller IDEA key with 56 bits (I think... anyone?).  The 56 bit key is
>vunerable to that $1 mil mystery machine that the NSA may or may not have.

The PGP RSA keysize is user-selectable.
The IDEA key is not 56 bits (that's DES) - it's 128 bits,
and remember that you currently need to use brute force keysearch on it,
unlike RSA keys which have to be much longer because they 
have special forms and can be cracked by prime-number searching,
which is a much faster process that doesn't have to try
anything near to every 1024-bit number.

As somebody else pointed out, the 128-bit IDEA key is about as 
strong as a 3000-bit RSA key - though that was before the latest
factoring algorithm was demonstrated to work so well,
which means that it's probably about as strong as a 4-5000-bit RSA key.

> | That which does not kill us, makes us stranger.   - Trevor Goodchild |
:-)
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 
#			Dispel Authority!






From ravage at einstein.ssz.com  Fri Aug  2 06:53:52 1996
From: ravage at einstein.ssz.com (Jim Choate)
Date: Fri, 2 Aug 1996 21:53:52 +0800
Subject: Tolerance (fwd)
Message-ID: <199608021118.GAA09469@einstein>



Hi All,

Forwarded message:

> Date: Fri, 2 Aug 1996 01:35:00 -0700
> From: shamrock at netcom.com (Lucky Green)
> Subject: Re: Tolerance
> 
> Hell no. Do I believe he has a right to join the list? Yes, with one
> possible exception. The list owner can ban anybody, since the list is using
> the owner's resources. In this case, from a libertarian standpoint, not
> even an explanation of such an action would be required.

If the person joining the public list is warned that the list owner reserves
that right I would agree. It would require such a warning to be issued at
the time the person received their notification of successful joining. If
that warning is not present and the list is advertised as PUBLIC then NO,
not even the list operator can ethicaly refuse membership to anyone for
any reason other than criminal activity by a member. Otherwise it isn't
public.

Just because you provide a service does not give you unlimited or even
limited control if you make it clear it is public and therefore open to
anyone.

Libertarian views should be basicaly if it doesn't harm anothers person or
property without their prior consent then it should be legal and
permissible. A public list means that the owner does not reserve any rights
of moderation or cencorship. This is the way public is applied to the
government and it is the way it MUST be applied to private individuals.
This is a government of the people, by the people, and for the people. In
short the ethical situation is the same as if a city declares a park to be
public and then begins to bar people from sleeping there at night.


                                                  Jim Choate






From sparks at bah.com  Fri Aug  2 06:59:41 1996
From: sparks at bah.com (Charley Sparks)
Date: Fri, 2 Aug 1996 21:59:41 +0800
Subject: Who the hell is ....
Message-ID: <2.2.32.19960802100835.0069d380@pop1.jmb.bah.com>


-----BEGIN PGP SIGNED MESSAGE-----

OK, I'v been on the list a bit now. I see a lot of the same
people posting to it, 
My question is " Who the Hell is Sternlight" At first I thought
it was a pen name ( the light on the end of a boat ?? )

Thanks
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCXAwUBMgHOEeJ+JZd/Y4yVAQEu4gQLB0BjGZB+ezonyMrzCEE4+FWA/l18CeLz
tIyRRuLiCKw/IO/sNAJeaCQP0D0IsFcMVnjs6rlQ5hiVX09+P4P8IlNfFjH6TdN0
HezEsU9yupltcNpje9PoxnGI38QgN3yQbjB06+xHf37KPxdIzBr+/7/pRyash5dl
z5StfU0SSZIhPg==
=cUAP
-----END PGP SIGNATURE-----






From ravage at EINSTEIN.ssz.com  Fri Aug  2 07:00:56 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Fri, 2 Aug 1996 22:00:56 +0800
Subject: Internal Passports (fwd)
Message-ID: <199608021138.GAA09504@einstein>



Forwarded message:

> Date: Thu, 1 Aug 1996 18:53:57 -0700 (MST)
> From: drose at AZStarNet.com (David M. Rose)
> Subject: Re: Internal Passports
> 
> OK.  But I sure would like to have an automatic weapon for
> self/home/"national" defense w/o going through a tremendous amount of B.S.
> (as Israelis are excused from).  I believe that you Texans and we Arizonans
> have the privilege; in "urban" states, where the need truly is, good luck.

We have to go through the same BS that you do to get automatic weapons.

> Also, I don't know what your experience in the Middle East is.  Me, I worked
> in Iran and exited just before the Jan. '79 "revolution".  Menace & murder.
> You *really* have no idea.  Hint:  I'm alive.
> 
> If you still (I don't know your age) think that humans are all the same, but
> we juss gots diffrunt colors 'n' cultures, I *strongly* recommend an
> extended period of travel to the third world.

I do and I have.


                                                     Jim Choate






From ravage at EINSTEIN.ssz.com  Fri Aug  2 07:05:32 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Fri, 2 Aug 1996 22:05:32 +0800
Subject: A Libertine Question (fwd)
Message-ID: <199608021135.GAA09497@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 01:13:26 -0400 (EDT)
> From: Alan Horowitz <alanh at infi.net>
> Subject: Re: A Libertine Question
> 
> We require people who have syphilis to divulge who their sex partners
> were. I don't know if it's a good idea or not, but I haven't heard of any
> activist movement against it in the past 80-odd years it's been in effect. 

Clear and present danger to possibly unknowing persons lives. People have a
right to know if their sex partners have communicable diseases. In the case
of a 'Typhoid Mary' type disease then everyone has a right to know that
person is infected.

> We require property owners who don't have city-sewage hookups, to install 
> their septic tanks and maintain them in certain defined configurations 
> which estop them from contaminating the neighbor's well. I don't know if 
> that's a good idea or not - but I haven't seen sentiment against sewage 
> regulation of property owners.

Clear and present danger. Once a well is contaminated that contamination can
spread through the whole local water table and infect hundreds if not
thousands of people with disease without warning.

> So why should we be terribly upset about an ordinance which makes it 
> illegal to operate a residential kitchen and a residential sewge-disposal 
> operation in a city park or a city sidewalk?

As long as they have a license to operate a food dispencing facility (in
other words they are certifying they are aware of the correct processes for
such operations) then nobody should have the right to interfere with their
operation unless with probable cause (ie proof of danger such as bad weenies
in their hot dogs). This would not apply to individuals or families making
such food in the same place for their own and NOT public consumption.

A person or group has a right to swing their fists all they want, just not
in my face. This also applies to the government which is nothing more than
our elected representatives. We also can not give them rights we ourselves
don't posses.

                                                    Jim Choate






From ravage at EINSTEIN.ssz.com  Fri Aug  2 07:11:51 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Fri, 2 Aug 1996 22:11:51 +0800
Subject: "adjust your attitude with their billy club" (fwd)
Message-ID: <199608021128.GAA09487@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 01:36:56 -0400 (EDT)
> From: Alan Horowitz <alanh at infi.net>
> Subject: Re: "adjust your attitude with their billy club"
> 
> "Given the loss of privacy tolerated by 99.9999% of American citizens in 
> the past twenty years, no one has a right to complain about the 
> government taking new powers for itself."
> 
> You cannot have it both ways. If you are free to define what is or is not 
> a public nuisance when you do it; likewise am I.

			AMENDMENTS TO THE CONSTITUTION 
 
	Articles in addition to, and Amendment of the Constitution of the 
United States of America, proposed by Congress, and ratified by the 
Legislatures of the several States, pursuant to the fifth Article of the 
original Constitution. 
 
 
				ARTICLE IX. 
 
	The enumeration of the Constitution, of certain rights, shall 
not be construed to deny or disparage others retained by the people. 
 
 
 
				ARTICLE X. 
 
	The powers not delegated to the United States by the Constitution, 
nor prohibited by it to the States, are reserved to the States respectively, 
or to the people. 
 
 
 
[The first ten amendments went into effect on 15 December 1791.] 
 





From ravage at EINSTEIN.ssz.com  Fri Aug  2 08:01:01 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Fri, 2 Aug 1996 23:01:01 +0800
Subject: "adjust your attitude with their billy club" (fwd)
Message-ID: <199608021218.HAA09568@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 01:36:56 -0400 (EDT)
> From: Alan Horowitz <alanh at infi.net>
> Subject: Re: "adjust your attitude with their billy club"
> 
> "Given the loss of privacy tolerated by 99.9999% of American citizens in 
> the past twenty years, no one has a right to complain about the 
> government taking new powers for itself."
> 
> You cannot have it both ways. If you are free to define what is or is not 
> a public nuisance when you do it; likewise am I.

To the first comment, numerical superiority is not sufficient reason in a
democracy to justify actions by that democracy. One of the basic ideas
behind  democracy is that certain aspects of individuals are inherent and
uncontrollable by that democracy (ie rights). To my mind democracy is the
only form of government which recognizes a priori that everyone is not alike
and therefore will want different things. This can be said of no other form
of government which treats persons as identical cogs in a government
machine. In short, democracy is not mob rule however much the majority might
like that idea. I would say that the first comment above can be said another
way,

"If you have been raped once then you should not complain any about
subsequent rapes." 

Clearly utter bullshit. This is pure and simple victim-speak.

As to the second, you are not free to define public nuisance, only nuisances
to yourself. The burden of proof rests on the individual to prove that such
actions by a third party are a public nuisance. For something to be a public
nuisance its effects MUST extend to property or persons other than the
instigator AND it must be shown that damage occurs without prior permission.
Simply because they do something that irks you does not make it public let
alone a nuisance.


                                               Jim Choate






From dlv at bwalk.dm.com  Fri Aug  2 08:07:16 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Fri, 2 Aug 1996 23:07:16 +0800
Subject: Internal Passports
In-Reply-To: <v02120d18ae2769138b69@[192.0.2.1]>
Message-ID: <XR71RD1w165w@bwalk.dm.com>


shamrock at netcom.com (Lucky Green) writes:
>
> Ombudsman is a Swedish term. I suppose the modern day English
> deconstruction/reconstruction would be ombudsperson.

Indeed, City University of New York has an ombudsperson.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From daw at cs.berkeley.edu  Fri Aug  2 08:38:33 1996
From: daw at cs.berkeley.edu (David Wagner)
Date: Fri, 2 Aug 1996 23:38:33 +0800
Subject: [off-topic] roving wiretaps
In-Reply-To: <01I7RM0CJM388Y4XIK@mbcl.rutgers.edu>
Message-ID: <4tsfjm$oi6@joseph.cs.berkeley.edu>


In article <01I7RM0CJM388Y4XIK at mbcl.rutgers.edu>,
E. ALLEN SMITH <EALLENSMITH at ocelot.Rutgers.EDU> wrote:
> 
> The Administration's proposal would also significantly expand current
> wiretapping authority to allow multi-point (or "roving") wiretaps. This
> would dramatically change surveillance authority to include wiretaps of
> INDIVIDUALS instead of LOCATIONS.
> 

I don't get it.  Help me out here-- how can this possibly be constitutional?

I'm reading the Fourth Amendment to our honored Constitution of the United
States, which proclaims

	[...]
	no warrants shall issue,
	but upon probable cause,
	supported by oath or affirmation,
	and *particularly describing the place to be searched*,
	and the persons or things to be seized.

Are we just to strike out that emphasized phrase?  What's going on here?
Someone tell me I'm not just having a bad nightmare.

Apologies if these are silly questions,
-- Dave Wagner

P.S.  Do police really need a search warrant to wiretap cellular phones?





From liberty at gate.net  Fri Aug  2 09:00:07 1996
From: liberty at gate.net (Jim Ray)
Date: Sat, 3 Aug 1996 00:00:07 +0800
Subject: Dole does Bush-speak [Was:Re: A Libertine Question]
Message-ID: <199608021242.IAA31580@osceola.gate.net>


-----BEGIN PGP SIGNED MESSAGE-----

Vinnie Moscaritolo <vinnie at webstuff.apple.com> wrote:

>I think Bob Dole understands the needs for privacy rights for animals..
>
>the following verbatim account of a segment of a Bob Dole appearance a week
>or so ago at a cotton cooperative in Bakersfield, California

[Verbatim Account elided.]

Is anyone else wondering if Dole's handlers are dosing him with that
"Halcyon" stuff that (partially) caused Bush to be such an easy mark
for David Letterman et al.? We have a *severe* drug problem in this
country...

P.S.
I tell you...one little mishap involving a little bit too much sugar,
and now I'll _never_ get to live it down...:) Those wishing to attend
my "Pennies For Perot" Party at Hooters in Cocowalk, at 6:00PM, on
Saturday, August 3rd please e-mail me.

P.P.S.
Idea: Wiretap citizen-unit Ray for 47 hours and 59 minutes, give him
one minute of non-surveilance (more than he deserves, actually) and
then repeat process, with no pesky judges. Citizen-unit Ray is known
to enjoy firearms, and has said "It's easier to make a bomb than it
is to make a lasagna" in the past. He's also a known cardcarrying
member of the Libertarian Party.
JMR  -- Who privately defends Mr. Sternlight's (or anyone's) right
to cypherpunks list _membership_, while alternately being offended
and amazed by the tone/number of his trolls. Try to imagine if _I_
posted that often...This kind of misunderstanding of Libertarians
is usually caused by a subscription to Time, etc. -- rather than a
careful listening to Libertarians themselves, but believe whatever
you want.

Regards, Jim Ray -- DNRC Minister of Encryption Advocacy
 [The Ministry is An equal opportunistic encryptor.]

"Big business never pays a nickel in taxes, according to Ralph
 Nader, who represents a big consumer organization that never
 pays a nickel in taxes." -- Dave Barry 

 Defeat the Duopoly! Vote "NOTA," not Slick/Dull in November.
 Harry Browne for President. Jo Jorgensen for Vice-president.
 http://www.HarryBrowne96.org/
___________________________________________________________________
PGP id.E9BD6D35 51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8
<mailto:liberty at gate.net> http://www.shopmiami.com/prs/jimray Coming
soon, the "Pennies For Perot" page. Keep billionaires off welfare!
___________________________________________________________________


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh.

iQCVAwUBMgH2k21lp8bpvW01AQHhnQQAlip0PV1m4Th0fJIlAog0TZOhyPghJ0qd
q0mJ9SFG2XInX8CcgWX18s3ZXJtna6nRRcyqZHZEczffMs0jbA6pdzmqDvZTm3HW
ToIcDgFb7MxV56chzLykGDwF4wdykGQNkLZH6xpk+2+1NjljjYObmsJO30S6XMp3
YQV1C3udlJY=
=MKCK
-----END PGP SIGNATURE-----






From pjb at ny.ubs.com  Fri Aug  2 09:04:51 1996
From: pjb at ny.ubs.com (Paul J. Bell)
Date: Sat, 3 Aug 1996 00:04:51 +0800
Subject: fbi, crypto, and defcon
Message-ID: <9608021250.AA06412@sherry.ny.ubs.com>


i, for one, and perhaps others on the list as well, would be interested in hearing
what you mean when you say, "At&t, Microsoft, etc) who are ripping people off on a 
daily basis". 

for example, in what way is AT&T ripping people off? and what about
microsoft? 

i have no use at all for microsoft, and, being a unix person i don't even
use their stuff, but, i wonder how many people use word, excel, powerpoint, etc
that they ripped-off from someone else, without paying microsoft what they are
due for having developed the products. 

in general, i suspect that the rip-off is going the other way. after all, 
no one forces anyone buy from microsoft, AT&T, etc., but people do steal from
them, whenever they have the opportunity. not everyone, of course, but certainly
some do.  

these companies provide products and/or services that you are free to 
purchase or not, as you see fit or can afford.

	-paul

> From cypherpunks-errors at toad.com Thu Aug  1 18:31:50 1996
> X-Sender: ceridwyn at gonzo.wolfenet.com
> X-Mailer: Windows Eudora Pro Version 2.2 (32)
> Mime-Version: 1.0
> Content-Type> : > text/plain> ; > charset="us-ascii"> 
> Date: Wed, 31 Jul 1996 22:13:56 -0700
> To: cypherpunks at toad.com
> From: Cerridwyn Llewyellyn <ceridwyn at wolfenet.com>
> Subject: Re: fbi, crypto, and defcon
> Sender: owner-cypherpunks at toad.com
> Content-Length: 1579
> 
> 
> >> Okay, so their boss is part of the law making process, subject to the checks
> >> and balances that exist between the three branches of US government. They
> >> are in a position to supply their boss with data and I am personally
> >> impressed with their grasp of some of that data (it sounds to me like they
> >> are telling their boss that hackers like the ones at Defcon are not the
> >> problem).
> 
> It was interesting how the Agent made the point that the FBI was there to 
> enforce laws, not make policy.  Then his Boss's role in the law making process
> was brought up, the Agent said "but any of you can do the same thing, you
> all have a voice" etc etc.  Then he refused to answer political questions 
> based on the fact that he was there as a representative of the FBI, failing
> to see that his Boss is also a representative of the FBI when recommending
> legislation.  (Again, I realize he was "under orders" not to discuss it, I 
> wish he wouldn't try to justify it with obviously faulty logic.)
> 
> >    I think what they are really saying is that they would love to
> >bust most hackers, but since they can't they might as well use some of
> >them to catch the bigger fish.  If they truly did believe in the laws they
> >are supposed to uphold they wouldn't associate with hackers (who commit
> >computer crimes) at all.
> 
> A more cynical view is that they are there to protect some of the biggest
> institutions of "organized crime" (ie: Congress, At&t, Microsoft, etc) who
> are ripping people off on a daily basis from the other organizations who
> refuse to play by their rules.
> 
> //cerridwyn//
> 
> 
> 





From m5 at vail.tivoli.com  Fri Aug  2 09:12:47 1996
From: m5 at vail.tivoli.com (Mike McNally)
Date: Sat, 3 Aug 1996 00:12:47 +0800
Subject: Pipe bombs
In-Reply-To: <ae26cc41120210042fbf@[205.199.118.202]>
Message-ID: <3201FE3A.2274@vail.tivoli.com>


Timothy C. May wrote:

> 
> Buy a section of metal water pipe ...

And be *real, real careful* when screwing the second cap on the pipe.
Brush any powder off the screw threads on the pipe with a fine-bristled
brush.  Also, watch out for static electricity.  Use a flash bulb as a
detonator.


[ Just doing my part. ]

______c_____________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX    * For the time being,
       m5 at tivoli.com * m101 at io.com          *    
      <URL:http://www.io.com/~m101>         *    three heads and eight arms.





From frissell at panix.com  Fri Aug  2 09:57:25 1996
From: frissell at panix.com (Duncan Frissell)
Date: Sat, 3 Aug 1996 00:57:25 +0800
Subject: Jim Bell, stay out of Georgia....
Message-ID: <2.2.32.19960802135437.0086dfc4@panix.com>


At 02:35 PM 8/1/96 EDT, E. ALLEN SMITH wrote:

>>Anarchist charged with advocating government overthrow
>
>>   JONESBORO, Ga. -- An 18-year-old self-styled anarchist who allegedly
>>   distributed a free, homemade pamphlet with anti-government rhetoric
>>   has been charged with advocating the overthrow of the U.S. government.


Boy some people have all the luck.  It is really rough to get the
authorities to arrest you in circumstances where you can make them look
absolutely ridiculous.  They usually refuse to play.  I suppose they busted
this guy because they thought they could in the current atmosphere and they
figured he's a schlubb who wouldn't give them any grief.

It would not be a pleasant experience for the geheime staats polizei to try
an arrest like this of someone who was capable of mounting a verbal and
legal defense.

"We Shall Overcome," "You copraphageous cretins," "Haven't you
<anglo-saxonism> idiots read Cohen vs. California,"  "I think if you mental
defectives read the Supremes in the Smith Act cases you'd find that I can
advocate blowing you <anglo-saxonism> up all I like as long as I am not part
of an immediate conspiracy to do so."  Do you *like* carrying 300-pound
people around?  Why should I assist in my own oppression by walking?  You
Nazis are always trying to get the Jews to *walk* into the gas chambers."
"You know you're going to have to let me loose sooner or later so why not
make it sooner.  It will be easier on everyone."  "You know the DA is going
to dismiss.  This dog don't hunt.  Won't you look like right fools."  "It's
going to be super fun to have you on the witness stand in the false arrest
suit.  It's going to be great to get the chance to cross-x you in public."
"Boy, finally a chance to build up some prison time for my memoirs."
"Great, I've really needed some quality time to catch up on my reading.
I've still got 13 Aubrey/Maturin novels to finish."

Repeat endlessly in a loud voice. 

Brian -- why do the cops do busts like this where they know they will be
thrown out?

DCF







From frissell at panix.com  Fri Aug  2 10:41:32 1996
From: frissell at panix.com (Duncan Frissell)
Date: Sat, 3 Aug 1996 01:41:32 +0800
Subject: fbi, crypto, and defcon
Message-ID: <2.2.32.19960802141356.00886864@panix.com>


At 08:50 AM 8/2/96 EDT, Paul J. Bell wrote:
>i, for one, and perhaps others on the list as well, would be interested in
hearing
>what you mean when you say, "At&t, Microsoft, etc) who are ripping people
off on a 
>daily basis". 

I don't know about Microsoft but certainly AT&T long benefitted from local
telephone monopolies that resulted in increased prices and slower innovation
than would otherwise have been delivered.  Even today, long distance
carriers are licensed and there are substantial regulatory barriers to
entry.  International calls still are made under the control of an
international cartel of governments that keep prices way above competitive
levels.  This benefits AT&T and the rest.  Since it costs 2 cents a minute
to *produce* a call to London from New York the 45 cents to $1 a minute
charged represent an excessive price protected by the government regulated
cartel status of telecoms even in the Age of Deregulation.

AT&T should get honest work as should the others.

Maybe when I get a 10 (25?) mbps cable connection to the nets, I'll start
offering my neighbors net connections and LD phone service.  I could make a
pretty penny even savagely cutting the telco's markup.  Lots of challenges
ther but doable.

DCF






From WlkngOwl at unix.asb.com  Fri Aug  2 10:41:43 1996
From: WlkngOwl at unix.asb.com (Deranged Mutant)
Date: Sat, 3 Aug 1996 01:41:43 +0800
Subject: More evidence that democracy is bunk
Message-ID: <199608021417.KAA27112@unix.asb.com>


On  1 Aug 96 at 15:34, E. ALLEN SMITH wrote:

> 	And some people think democracies secure civil liberties...
> 	-Allen

And some people think polls are an accurate representation of 
anything.  Chances are it's really a poll of people with telephones 
who just finished watching news reports about increased threats of 
terrorism.  Depends on the exact questions that were asked of them, 
too...

[..]
> >   As an antidote, 80 percent believe the federal government should have
> >   more power to investigate terrorists, but just 52 percent believe
> >   wiretaps should be expanded.

Note that 'more power to investigate terrorists' is vague.  Very 
vague, especially if the actual question was "should the federal 
government be given a greater ability to investigate terrorists?" 
(which is not the same as 'more power'... greater ability could be 
more funds or manpower, for instance.)

Often time pollsters will introduce the question with a short 
paragraph or statistics explaining the situation... often these will 
cue someone in to be more likely to answer a certain way.  If the 
pollster says "with the increase in terrorist activisties in the 
United States and new communications technologies, should the federal 
government..." a respondant will be more likely to agree that the 
gov't should have more power.

> >   Three out of five said they still favor giving the government more
> >   power even if that meant groups unrelated to terrorism were
> >   investigated, too.

That's vague too. What was the question: "...even if it meant a 
charity that was exploited by a terrorist group was investigated" or 
a "political group which a suspected terrorist belonged too" etc.?

> >   Even if it cost more, nearly nine out of 10 people surveyed want
> >   more security checkpoints, guards and metal detectors -- and
> >   they'd be willing to wait longer in lines -- at public events.

If they were asked if they minded random searches of their bags and 
belongings or required to carry photo-ID wherever they went, to be 
presented on demand, would they still be willing?

Rob

 
---
No-frills sig. Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl at unix.asb.com (root at magneto)
Send a message with the subject "send pgp-key" for a copy of my key.





From wb8foz at nrk.com  Fri Aug  2 10:41:46 1996
From: wb8foz at nrk.com (David Lesher)
Date: Sat, 3 Aug 1996 01:41:46 +0800
Subject: Tolerance
Message-ID: <199608021412.KAA02133@nrk.com>


At 14:46 8/1/96, Chris Adams wrote:
>Just a comment to all of the 'true libertarians' out there, especially
>the "defend to the death" types:  How many of you defended Mr.
>Sternlight's recent membership?


Why should I? Was his membership under attack by the body?

I merely predicted how he would act. In the words of Click&Clack,
that's not rocket science. Almost anyone who has spent anytime
on Usenet knows, for example, that SternFUD will keep dragging
sci.crypt back in, and he will engage in personal slams, while
claiming he is above same. 

In the words of a net attorney I respect, SternFud is an
intellectual fraud.

[BTW, if you caught my post on same, he seems to regarded as a
buffoon & joke even within the inner circles of the Intelligence
Community...]

But I AM glad he left. Now, I do not have to feel quezyness over
agreeing (even on but one issue...) with Perry.



-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From WlkngOwl at unix.asb.com  Fri Aug  2 10:41:51 1996
From: WlkngOwl at unix.asb.com (Deranged Mutant)
Date: Sat, 3 Aug 1996 01:41:51 +0800
Subject: Keeping America safe from Soy Milk
Message-ID: <199608021417.KAA27115@unix.asb.com>


On  1 Aug 96 at 14:35, E. ALLEN SMITH forwarded:

> >   JONESBORO, Ga. -- An 18-year-old self-styled anarchist who allegedly
> >   distributed a free, homemade pamphlet with anti-government rhetoric
> >   has been charged with advocating the overthrow of the U.S. government.
> [...]
> >   The pamphlet was laced with with anti-police cartoons, obscenities,
> >   and anarchist slogans. The one overt reference to violence was an
> >   illustration of a "Molotov cocktail" on the same sheet with a recipe
> >   for "soy milk" made from water-soaked soybeans, sugar and vanilla and
> >   strained through a T-shirt.

Nuff said.

Rob
 
---
No-frills sig. Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl at unix.asb.com (root at magneto)
Send a message with the subject "send pgp-key" for a copy of my key.





From rsalz at osf.org  Fri Aug  2 10:58:28 1996
From: rsalz at osf.org (Rich Salz)
Date: Sat, 3 Aug 1996 01:58:28 +0800
Subject: My crypto-export URL was in the wrong place
Message-ID: <9608021433.AA26186@sulphur.osf.org>


I typo'd on the URL.
	http://www.osf.org/~rsalz/crypto-export.html
Sorry for any confusion.





From sandfort at crl.com  Fri Aug  2 11:09:57 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 3 Aug 1996 02:09:57 +0800
Subject: SOUP KITCHENS
In-Reply-To: <Pine.SV4.3.91.960802005945.11780D-100000@larry.infi.net>
Message-ID: <Pine.SUN.3.91.960802071447.3551A-100000@crl3.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 2 Aug 1996, Alan Horowitz wrote:

> We require people who have syphilis to divulge who their sex
> partners were...
> 
> We require property owners...to install their septic tanks...
> [to] estop them from contaminating the neighbor's well...
> 
> So why should we be terribly upset about an ordinance which
> makes it illegal to operate a residential kitchen...in a city
> park or a city sidewalk?

Alan's analogies(?) are not parallel.  In his syphilis example,
the requirement exists so that sex partners can be warned that
they may have contracted the disease.  A parallel requirement
might be that feeding programs for street people would have to
divulge that the food was prepared in uninspected home kitchens.

In his second case, you are simply dealing with the property
rights of adjacent land owners.  The case for regulation of
septic tanks is that the contamination from absent or improperly
installed tanks does not reveal itself as would, say, burning
toxic waste in the back yard.  

I find it amusing that the law is supposedly so concerned with
food purity for the "homeless."  Hang out near a fast-food place
sometime and watch the street people dumpster dive for the
half-eaten remains of other people's Big Macs.  That is the true
alternative to volunteer feeding programs.  (That, or getting a
job.)

The truth is that local officials are perverting the health codes
to harass these operations, not to "protect the homeless."  At
it's core, it is a hypocritical abuse of power, not unlike the
invocation of the Four Horseman to keep strong crypto out of the
hands of average Americans.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~









From ceridwyn at wolfenet.com  Fri Aug  2 11:42:54 1996
From: ceridwyn at wolfenet.com (Cerridwyn Llewyellyn)
Date: Sat, 3 Aug 1996 02:42:54 +0800
Subject: A Libertine Question (fwd)
Message-ID: <2.2.32.19960802152315.0069de48@gonzo.wolfenet.com>


Jim Choate <ravage at EINSTEIN.ssz.com> argued:

>As long as they have a license to operate a food dispencing facility (in
>other words they are certifying they are aware of the correct processes for
>such operations) then nobody should have the right to interfere with their
>operation unless with probable cause (ie proof of danger such as bad weenies
>in their hot dogs). This would not apply to individuals or families making
>such food in the same place for their own and NOT public consumption.

I believe the issue with Food Not Bombs is they didn't get the appropriate
permits, etc, or were denied them, or something.  However, I disagree with
you on this point.  I think they shouldn't be required to obtain a license,
but everyone whom they serve food to should know that they don't have such a
license.  This would equal informed consent.  Also, with Food Not Bombs, many
of the people that the food is being served to is also involved in cooking,
distributing food, and cleaning up.  I've been told it's exactly like a big
picnic, except for anyone is invited to help and/or eat.







From sandfort at crl.com  Fri Aug  2 11:50:09 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 3 Aug 1996 02:50:09 +0800
Subject: Tolerance (fwd)
In-Reply-To: <199608021118.GAA09469@einstein>
Message-ID: <Pine.SUN.3.91.960802074847.3551B-100000@crl3.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 2 Aug 1996, Jim Choate wrote:

> If the person joining the public list is warned that the list
> owner reserves that right [to kick people off] I would agree.
> It would require such a warning to be issued at the time the
> person received their notification of successful joining. If
> that warning is not present and the list is advertised as
> PUBLIC then NO, not even the list operator can ethicaly refuse
> membership to anyone for any reason other than criminal
> activity by a member. Otherwise it isn't public.

Here I have to respectfully disagree, totally, with Jim.  One
does not have to "reserve" one's rights.  They are inherent and
my be exercised pretty much at will (I say "pretty much" because
there are situations where "implied contract" applies).

A restaurant or bookstore is a public place in that it is open
to the public.  Nevertheless, without first "reserving the right"
to do so, the owners may tell you to leave if they don't like 
the way you sound, look or smell.  Criminal activity is not
required legally nor ethically.  Your ejection may, in fact, be
totally arbitrary.  I don't see a privately maintained, "public"
list as being philosophically any different.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From brock at well.com  Fri Aug  2 12:07:07 1996
From: brock at well.com (Brock N. Meeks)
Date: Sat, 3 Aug 1996 03:07:07 +0800
Subject: Freeh slimes again: Digital Telephony costs $2 billion now ...
In-Reply-To: <199608012258.PAA29066@ohio.chromatic.com>
Message-ID: <Pine.3.89.9608020836.A15150-0100000@well>



On Thu, 1 Aug 1996, Ernest Hua wrote:

> Louis Freeh is now asking the Congress for $2 billion to fund
> Digital Telephony.  Yes, that is FOUR TIMES what he said it
> would cost the taxpayers to give up their own privacy.  Score
> one for the cynics who said $500 million was not enough.

I broke the story about how much Digital Telephony would *really* cost in 
CyberWire Dispatch more than two years ago.  The price tag in my piece:  
"... at least $2 billion..."  In that Dispatch I wrote that the Clinton 
White House had made the decision to support the bill based on a flawed 
cost/benefit analysis study the FBI had done.

--Brock





From gkuzmo at ix.netcom.com  Fri Aug  2 12:10:13 1996
From: gkuzmo at ix.netcom.com (George Kuzmowycz)
Date: Sat, 3 Aug 1996 03:10:13 +0800
Subject: Corporate e-mail policy
Message-ID: <199608021611.JAA13044@dfw-ix10.ix.netcom.com>


  The company I work for has set up a committee to draft a security 
policy involving, among other things, e-mail. Since I'm responsible 
for our networking and e-mail, I'm part of this group. Unfortunately, 
I'm outnumbered by legal, auditing and HR types who, basically, want 
to have access to everything.

  I am aware that there's a line of thinking which holds that what you
do or say on company time, using company equipment is the company's
business. I do not subscribe to this line of thinking, and believe
that employees expect a "zone of privacy" in which their telephone
calls will not be listened to and their e-mail will not be read or
monitored. I am also aware that recent court cases have not
supported this "zone of privacy" and have pretty much held that the
employer can do whatever it wants with e-mail. 

  What I want out of this process is to keep myself and my staff out 
of this business. As a practical matter, I'm sure the company could 
bring in a hired gun to do whatever they want; since our e-mail 
system does not easily support strong crypto, it's all there for the 
taking.

  In an ideal world, the rest of the group would agree with me and say
"Yup, we have no business reading e-mail." Since that's not likely,
I'm looking for examples of "privacy-friendly" corporate policies
that I can put on the table in our meetings, and end up with a
minority report.  

        -gk-






From ravage at EINSTEIN.ssz.com  Fri Aug  2 12:12:41 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 03:12:41 +0800
Subject: Tolerance (fwd)
Message-ID: <199608021614.LAA10026@einstein>



Forwarded message:

> From: jbugden at smtplink.alis.ca
> Date: Fri, 02 Aug 96 11:19:52 EST
> Subject: RE: Tolerance (fwd)
> 
> Jim Choate <ravage at einstein.ssz.com> wrote:
> >Libertarian views should be basicaly if it doesn't harm anothers person or
> >property without their prior consent then it should be legal and >permissible.
> 
> It is important to consider cultural factors when deciding how groups will react
> to differing standards of legal and permissible actions. For example, a brief
> summary of the basic tenets held by some different European cultures are given
> below:
> 
> British: Everything is permitted, unless it is forbidden.
> German: Everything is forbidden, unless it is permitted.
> France: Everything is permitted, especially if it is forbidden.
> 

Culture has nothing to do with inherent civil liberities, you have them
simply for being alive. People create social contracts to limit those
rights. You have the cart before the horse.

                                                    Jim Choate






From jbugden at smtplink.alis.ca  Fri Aug  2 12:14:22 1996
From: jbugden at smtplink.alis.ca (jbugden at smtplink.alis.ca)
Date: Sat, 3 Aug 1996 03:14:22 +0800
Subject: Tolerance (fwd)
Message-ID: <9607028390.AA839009975@smtplink.alis.ca>



Jim Choate <ravage at einstein.ssz.com> wrote:
>Libertarian views should be basicaly if it doesn't harm anothers person or
>property without their prior consent then it should be legal and >permissible.

It is important to consider cultural factors when deciding how groups will react
to differing standards of legal and permissible actions. For example, a brief
summary of the basic tenets held by some different European cultures are given
below:

British: Everything is permitted, unless it is forbidden.
German: Everything is forbidden, unless it is permitted.
France: Everything is permitted, especially if it is forbidden.

Au revoir,
James






From artichoke at null.dev.com  Fri Aug  2 12:16:23 1996
From: artichoke at null.dev.com (artichoke bill)
Date: Sat, 3 Aug 1996 03:16:23 +0800
Subject: privacy is a SMOKESCREEN.
Message-ID: <3202307A.1DF3@null.dev.com>


from eff:
----------------------------------------------------------------------


Subject: ALERT: Congress Rushing to Enact Anti-Privacy Bill - Call 
Congress NOW!
--------------------------------------------------------------------------------

 **** Last minute update ****

Just before ye editor was about to send this issue out, reports are
filtering in that negotiations on the bill that is the subject of the
alert below, have collapsed.

CNN reports: "Key members of the Senate blamed House conservatives for 
the
failure, saying they had insisted on linking proposed new
wiretapping authority for the FBI to an expansion of privacy laws."

CNN quotes Rep. Charles Schumer (D-NY) as saying that House Republican
leaders "have come up with this smokescreen called privacy".  You may
wish to let Rep. Schumer know how you feel about your right to privacy
being labelled "a smokescreen":

     9th Dist. NY   Schumer, Charles E. (D)
     1-202-225-6616 (voice), 1-202-225-4183 (fax)

The full text of the CNN article is available at:
http://www.cnn.com/US/9608/01/wh.terror.bill/index.html

The article also reports that "lawmakers said there is hope for
agreement after the month long" Congressional recess beginning at the 
end
of this week.

THIS MEANS THAT THE ALERT BELOW IS STILL URGENT, and still important.
We just have a short breathing space now.





From pjb at ny.ubs.com  Fri Aug  2 12:25:21 1996
From: pjb at ny.ubs.com (Paul J. Bell)
Date: Sat, 3 Aug 1996 03:25:21 +0800
Subject: Blurring the Chains of Causation
Message-ID: <9608021314.AA06420@sherry.ny.ubs.com>


in my view the ultimate foolishness of this sort was bringing Cessna Aircraft
to it's knees by sueing them on behalf of people who crashed because of
their inability to handle the airplane in the conditions into which
they put themselves.

	-paul

> From cypherpunks-errors at toad.com Thu Aug  1 18:32:44 1996
> Date: Thu, 1 Aug 1996 10:39:12 -0700
> X-Sender: tcmay at mail.got.net
> Mime-Version: 1.0
> Content-Type> : > text/plain> ; > charset="us-ascii"> 
> To: cypherpunks at toad.com
> From: tcmay at got.net (Timothy C. May)
> Subject: Blurring the Chains of Causation
> Sender: owner-cypherpunks at toad.com
> Content-Length: 4559
> 
> 
> An unusual thread name, "Blurring the Chains of Causation."
> 
> What I mean is this:
> 
> - the U.S. legal system has been blurring, or confusing, the chain of
> cause-and-effect in crimes
> 
> - Example: allowing suits by insurance companies and states against tobacco
> companies. A smoker gets cancer by his actions, and it used to be that this
> was his action, his responsibility. Now, we hold tobacco companies liable,
> and perhaps will someday hold executives of these companies criminally
> liable. (This for a product which is not illegal, mind you.)
> 
> (There are a bunch of related examples. "Civil liability" is a major way
> this blurring is happening. Gun manufacturers being sued for crimes
> committed with their guns, ladder makers sued by the families of criminals
> who leaned ladders up against electrified fences, and so on. How long
> before a bookstore is sued for "allowing" a book to be bought by someone
> who later is "inspired" to commit a crime--actually, John Grisham ("The
> Firm") is involved in a lawsuit against Oliver Stone for his film, "Natural
> Born Killers," which Grisham claims "inspired" a murder. This has got to
> stop, in my opinion.)
> 
> - "They made me do it" defenses. Hostess Twinkies are implicated in the
> brutal murder of San Francisco's mayor and a city councilman. Childhood
> abuse is exculpatory in other cases. Psychobabblers blather about what
> caused people to behave as they did. A mass murderer says pornography made
> him kill 25 women. A lawyer claims his client's son committed suicide after
> listening to heavy metal music. And so it goes.
> 
> This blurring has links to cryptography, bomb-making instructions on the
> Net, availability of porn on the Net, and many other things.
> 
> To cut to the chase:
> 
> - a librarian who "allows" a person to check out "The Anarchist Cookbook"
> is *not* causing a crime, though much of the rhetoric one hears is
> otherwise.
> 
> - the _author_ of that book (Powell, allegedly) is *also* not causing a crime.
> 
> - the _publishers_ of that book (Lyle Stuart, as I recall--my copy is not
> handy) also have not committed any crime
> 
> To make things clear, some of the language being proposed in the
> rush-to-law about anti-terrorism, wiretapping, anti-encryption, etc. As
> Sen. Feinstein puts it, "We hope we can wrap up the repeal of the Bill of
> Rights and have it on President Clinton's desk before the close of the
> Olympics on Sunday." :-(
> 
> - if I _advocate_ strong crytography, avoidance of taxes, undermining of
> government power, crypto anarchy, etc., I have not committed any crime
> (Caveat: advocating the violent overthrow of the U.S. government apparently
> is a crime, as are certain forms of conspiracy, a la RICO, tax evasion,
> etc.)
> 
> - if I _use_ strong cryptography, I have not committed any crime, ipso
> facto, nor am I necessarily conspiring to commit any crime
> 
> And so on.
> 
> Many of the proposed restrictions seek to further blur this chain of
> causation, by making someone who provides access to materials which _may_
> later be used in a crime, or which may "inspire" someone to crime, a kind
> of criminal.
> 
> The trend picked up steam with the "deep pockets" precedents in the 70s
> (*), was fed by the blame-passing psychobabble of the same decade, and has
> now reached its present state by a willingness of the courts to hear such
> cases.
> 
> People who actually commit real crimes are the criminals, not those who
> sold them Hostess Twinkies without first checking their blood sugar level.
> Not those who let a library patron look at a "dangerous" book. And not
> those who provided strong cryptographic tools which _might_ be used by
> terrorists, pedophiles, and money launderers.
> 
> --Tim May
> 
> (* "deep pockets" -- If there are N parties in a lawsuit, and one of them
> shares only 5% of the (putative) blame but has 95% of the overall assets,
> go after the party with the "deepest pockets." This forced Cessna and
> Piper, the leading light aircraft firms at one time, to stop selling light
> aircraft. The example with Oliver Stone being sued is a clear case of
> this.)
> 
> Boycott "Big Brother Inside" software!
> We got computers, we're tapping phone lines, we know that that ain't allowed.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
> Licensed Ontologist         | black markets, collapse of governments.
> "National borders aren't even speed bumps on the information superhighway."
> 
> 
> 
> 
> 





From pjb at ny.ubs.com  Fri Aug  2 12:37:42 1996
From: pjb at ny.ubs.com (Paul J. Bell)
Date: Sat, 3 Aug 1996 03:37:42 +0800
Subject: Is 1024-bit PGP key enough?
Message-ID: <9608021339.AA06431@sherry.ny.ubs.com>


actually, the IDEA key is 128 bits.
	-paul

> From cypherpunks-errors at toad.com Fri Aug  2 03:06:24 1996
> X-Sender: gcg at mail.pb.net
> X-Mailer: Windows Eudora Pro Version 2.2 (32)
> Mime-Version: 1.0
> Content-Type> : > text/plain> ; > charset="us-ascii"> 
> Date: Thu, 01 Aug 1996 22:16:06 -0400
> To: jim at ACM.ORG
> From: "Geoffrey C. Grabow" <gcg at pb.net>
> Subject: Re: Is 1024-bit PGP key enough? 
> Cc: cypherpunks at toad.com
> Sender: owner-cypherpunks at toad.com
> Content-Length: 1454
> 
> At 15:38 08/01/96 PDT, Jim Gillogly wrote:
> >
> >Somebody says:
> >>> Is security provided by 1024-bit PGP key sufficient against most powerful
> >>> computers that are available today? Say if smoe organization spent 10
> >>> billions of dollars on a cracking machine, would it be possible to crack 
> >>> the keys in reasonable time?
> >
> >Derek Atkins <warlord at MIT.EDU> responds with some useful and authoritative
> >information -- thanks.
> >
> Also, remember that although the PGP key is 1024 bits, it generates a much
> smaller IDEA key with 56 bits (I think... anyone?).  The 56 bit key is
> vunerable to that $1 mil mystery machine that the NSA may or may not have.
>  
>                                                      G.C.G.
> 
>  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>  | Geoffrey C. Grabow       |      Great people talk about ideas.       |
>  | Oyster Bay, New York     |     Average people talk about things.     |
>  | gcg at pb.net               |      Small people talk about people.      |
>  |----------------------------------------------------------------------|
>  |     PGP 2.6.2 public key available at http://www.pb.net/~wizard      | 
>  |          and on a plethora of key servers around the world.          |
>  |----------------------------------------------------------------------|
>  | That which does not kill us, makes us stranger.   - Trevor Goodchild |
>  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> 





From alanh at infi.net  Fri Aug  2 12:38:35 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 3 Aug 1996 03:38:35 +0800
Subject: "adjust your attitude with their billy club" (fwd)
In-Reply-To: <199608021128.GAA09487@einstein>
Message-ID: <Pine.SV4.3.91.960802112429.19637D-100000@larry.infi.net>


<<  9th & 10th AMendments to the Conmstitution >>

Cute, you left out the Third.

We are referring to the Sovereign power of the State of Washington to 
allocate to the municipality of Seattle, a general Police Power to 
maintain the Peace.  Every lawyer seems to think that Seattle has the 
power to forbid people from using sidewalks as latrines and kitchen sinks.

I am in bed with the government, so I have better knowledge than most of 
the people on this list, about how bad it is. Nonetheless, I recall the 
aphorism from the Talmud: "Pray for the health of the government, lest 
the people eat other alive".

If someone wants to dress shabbily, go ahead, I'm sure you're making a
powerful and meaningful statement of your devotion to liberty. I don't
recall saying otherwise.  I might secretly recall the TRUE and
OVERWHELMING poverty I've seen in the Third World, which didn't prevent
the barely-fed mothers from assuring that their kid's third-hand,
threadbare school uniforms were nevertheless clean and pressed.  Everyone
has different standards of pride. Some people don't EVER say "please", or
"thank you". Suit yourself. 

If you want to walk into the public library after a six-month moratorium 
on bathing - well, the courts are divided on this, but _I_ stand for the 
proposition that this is an assault on the other patrons and I will lobby 
_my_ city councilman for there to be rules against it.

If you want to blast your Walkman into your own ear through an earphone, 
go ahead, blow your hearing away, perhaps (insh'allah) it will somehow 
operate to prevent you from depositing your genes into the next 
generation.

But if you want to play your boombox loud near me, make damn sure you do
it behind soundproof walls. Where I live, the cops will respond to that 
kind of complaint and shut down the nuisance, with nightsticks if need be 
(in my little rural area, it's seldom necessary). Maybe you California or 
NYC folks don't have police forces that will mitigate nuisances. Enjoy 
your progressive radical-chic neighborhood, folks.





From alanh at infi.net  Fri Aug  2 12:45:19 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 3 Aug 1996 03:45:19 +0800
Subject: "adjust your attitude with their billy club" (fwd)
In-Reply-To: <199608021218.HAA09568@einstein>
Message-ID: <Pine.SV4.3.91.960802115406.23822A-100000@larry.infi.net>


On Fri, 2 Aug 1996, Jim Choate wrote:

> to yourself. The burden of proof rests on the individual to prove that such
> actions by a third party are a public nuisance.

   Bzzt, wrong anser. Thanks for playing.  A state and it's political 
subdivisions does have the power to enact an ordinance DEFINING what 
constitutes a public nuisance. They need merely protect 
constitutionally-protected rights.


The City of Seattle may not define the act of disseminating anonymous 
pamphlets as a nuisance. They may define the act of dissemination by 
throwing them out the window of a moving vehicle, as a nuisance.

YOu are disconnected from reality. I am not going to waste further 
keystrokes on this topic. My side already controls the electoral college 
on this one. It's not my problem.





From ses at tipper.oit.unc.edu  Fri Aug  2 12:48:54 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Sat, 3 Aug 1996 03:48:54 +0800
Subject: Bombs & bomb threats in LA
In-Reply-To: <32015CE7.3EF0@vail.tivoli.com>
Message-ID: <Pine.SUN.3.91.960802121035.25935C@tipper.oit.unc.edu>


On Thu, 1 Aug 1996, Mike McNally wrote:
> 
> 	Marijuana is the match,
> 		Heroin is the fuse,
> 			And LSD is the BOMB.

Wasn't that Radioactive Goldfish?

IP is the Flame, TCP is the Fuse, HTTP is the Bomb

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From adam at homeport.org  Fri Aug  2 13:01:04 1996
From: adam at homeport.org (Adam Shostack)
Date: Sat, 3 Aug 1996 04:01:04 +0800
Subject: FPGAs and Heat (Re: Paranoid Musings)
In-Reply-To: <199608011848.LAA11828@netcom13.netcom.com>
Message-ID: <199608021711.MAA01770@homeport.org>


Mike Duvos wrote:

| That's one of the things that killed Thinking Machines.  It turned out
[...]
| At the time Thinking Machines went under, Seymour Cray had a big contract

	Just a nit, but Thinking Machines is still in business, and has
had their first few profitable quarters. www.think.com

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From jseiger at cdt.org  Fri Aug  2 13:04:08 1996
From: jseiger at cdt.org (Jonah Seiger)
Date: Sat, 3 Aug 1996 04:04:08 +0800
Subject: More on the latest Surveillance Bill...
Message-ID: <v02140b07ae27da2f4dbb@[204.157.127.4]>


The outline below is from a document produced by the House Republican
Conference.  It is ONLY A SUMMARY of the proposed bill and is NOT actual
legislation.  No one I have spoken with has seen any specific legislative
language yet.

The outline is confusing on several points, particularly the "FBI DIGITAL
TELEPHONY" Section, which says:

 "The bill authorizes the FBI to use enhanced telephone technology to
  investigate suspected terrorist activity.  Funding for equipment purchase was
  provided in the 1996 omnibus appropriations measure enacted earlier this
  year."

The first sentence above is not at all clear, and probably won't be until
we can get our hands on the actual text of the bill. It could be additional
wiretap authority (ie, roving wiretaps), or it could be nothing.  As far as
the funding goes, the "1996 omnibus appropriations measure" DID NOT contain
funding for implementation of the law - but it did appropriate $37 million
to cover new equipment for the FBI.

The rest looks like it is a scaled back version of a measure the
Administration and members of Congress were pushing earlier this week, but
the scope of the new bill depends a lot on what the actual text says.

I will post additional information as soon as I get it.

Jonah

--


                Bipartisan Antiterrorism Initiative
                                HR__

                     Committee on the Judiciary
                          No Report Filed
                         To Be Introduced

Floor Situation:

The House is scheduled to consider HR__ on Friday August 2, 1996. On
Thursday August 1, the Rules Committee granted a rule to allow the bill to
be considered under suspension of the rules. It is debatable for 40
minutes, may not be amended, and requires a two-thirds vote for passage.

Summary:

HR__ includes several bipartisan initiatives intended to bolster federal
efforts to combat domestic terrorism in addition to those already enacted
earlier this year as part of the 1996 Antiterrorism and Effective Death
Penalty Act (P.L. 104-132).  The bill contains the following
counter-terrorism provisions:

Aviation SECURITY MEASURES: The bill enables domestic airports to
aggressively search for and prevent explosives from causing destruction and
harm to individuals or property through enhanced explosive detection
procedures, baggage and passenger screening, and FBI authority to improve
airport security training and standards to ensure that provisions of the
1990 Aviation Security Act (P.L 101-604) are implemented expeditiously.
Specifically, the bill (1) requires the FAA to implement increased
explosives section methods immediately, (2) strengthen the level of
training and expertise possessed by security personnel who are assigned to
domestic airports, (3) allows airports to use available funding to
reinforce such training for security personnel, and (4) extends criminal
background requirements to include a greater number of airport employees.

IMPLEMENTATION OF EXISTING ANTI-TERRORISM LAWS: The bill urges
implementation of provisions enacted in the 1996 Antiterrorism and
Effective Death Penalty Act (P.L. 104-132), such as designating and
freezing the assets of foreign terrorist organizations and implementing
expedited removal procedures for aliens convicted of a crime.

BIPARTISAN "BLUE RIBBON" COMMISSION: The bill establishes a special
commission to review all aspects of U.S. anti-terrorism policy and make
legislative recommendations about methods to most effectively establish a
long-term defense against terrorist threats, including enhancing the
nation's human intelligence capabilities.

PRIVACY ACT AMENDMENTS: The bill includes provisions which grant a cause of
action against the U.S. if in the course of a wiretap investigation
damaging information is willfully disclosed to the detriment of an innocent
party by the federal government.  The cause of action includes monetary
damages to the plaintiff if a favorable decision is rendered in federal
court.

EXPLOSIVES STUDY: The bill authorizes a study on black and smokeless powder
by an independent agency selected by the National Institute of Justice.

FEDERAL RACKETEERING STATUTE CRIMES: The bill permits federal prosecutors
to deem those acts determined to be terrorist in nature as substantial
enough to invoke criminal prosecution under existing criminal racketeering
(RICO) statutes.

FBI DIGITAL TELEPHONY: The bill authorizes the FBI to use enhanced
telephone technology to investigate suspected terrorist activity.  Funding
for equipment purchase was provided in the 1996 omnibus appropriations
measure enacted earlier this year.

--

  ** THE FIGHT FOR FREE SPEECH ONLINE CONTINUES TO THE SUPREME COURT **
      It's not too late to be a part of history -- Join the Lawsuit
         <http://www.cdt.org/ciec>   --    <ciec-info at cdt.org>

--
Jonah Seiger, Policy Analyst           Center for Democracy and Technology
<jseiger at cdt.org>                           1634 Eye Street NW, Suite 1100
                                                      Washington, DC 20006
PGP Key via finger                                     (v) +1.202.637.9800
http://www.cdt.org/                                    (f) +1.202.637.0968
http://www.cdt.org/homes/jseiger/









From svmcguir at syr.edu  Fri Aug  2 13:06:29 1996
From: svmcguir at syr.edu (Scott McGuire)
Date: Sat, 3 Aug 1996 04:06:29 +0800
Subject: Information gathering by news servers
Message-ID: <ML-2.2.839003612.7349.scott@homebox>


How much information about what someone reads can be gathered
by a news server?  Is there an anonymous way to read a public
news server, or would a server have to be set up intentionally
to allow anonymous reading?

Scott






From JeanPaul.Kroepfli at ns.fnet.fr  Fri Aug  2 13:12:20 1996
From: JeanPaul.Kroepfli at ns.fnet.fr (Jean-Paul Kroepfli)
Date: Sat, 3 Aug 1996 04:12:20 +0800
Subject: Tao Renji Public Key system
Message-ID: <01BB80A1.2447DD00@JPKroepsli.S-IP.EUnet.fr>


Dear Bruce,
I was testing the Raike's Public Key software, when I remembered a section of your excellent book.
In Applied Cryptography, second edition, section 19.10 (page 482) you present the Renji's work about a public key algorithme based on finite automata.
Where could we found the FAPKC1 and FAPKC2 algorithms, their implementations, and executable versions (you mention an Intel486 test).
Many thanks,
With kindest regards
Jean-Paul
~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-
Jean-Paul et Micheline Kroepfli      (our son: Nicolas and daughter: Celine)
eMail: JeanPaul.Kroepfli at utopia.fnet.fr    Also Compuserve and MSNetwork
Phone: +33  81 55 52 59  (F)          PostMail: F-25640 Breconchaux (France)
   or: +41  21 843 27 36 (CH)               or: CP 138, CH-1337 Vallorbe
  Fax: +33  81 55 52 62                                        (Switzerland)
Zephyr(r) : InterNet Communication and Commerce, Security and Cryptography consulting
PGP Fingerprint : 19 FB 67 EA 20 70 53 89  AF B2 5C 7F 02 1F CA 8F
"The InterNet is the most open standard since air for breathing"







From conrad at walton.com  Fri Aug  2 13:43:04 1996
From: conrad at walton.com (Conrad Walton)
Date: Sat, 3 Aug 1996 04:43:04 +0800
Subject: Bombs & bomb threats in LA
Message-ID: <1373144101-347077@industrial-artworks.com>


>
>and everyplace else all the news.answers FAQs are stored. What, precisely, is
>an acid bomb? Also note the standard blame-the-Internet (not, say, increased
>irritation with government after the Republicans failed to reduce it) 
>rhetoric.

i'm not exactly sure what an acid bomb is, but according to my book, The 
Anarchist Cookbook, that I bought in 1972 (was the internet around back 
then?), there is a compound called "picric acid" that is "more powerful 
than TNT, but has some disadvantages". 

if you'd like the recipe, I'll be more than happy to mail you it through 
the US Postal system. Wouldn't want to give the Internet any more of a 
bad name for distributing subversive materials.

There is also instructions on using an inverted vial of sulpheric acid, 
that will then eat thu the stopper at the top (bottom) of the vial. when 
the acid makes it thru, then is mixes with Potassium Chloride and causes 
a small explosion which sets off the larger explosion in the dynomite 
packed around it. 

just thot you'd like to know.



thanks,
conrad



__________I_N_D_U_S_T_R_I_A_L___A_R_T_W_O_R_K_S__________
Conrad Walton         http://www.industrial-artworks.com/
POB 2815, El Segundo, CA 90245             1-310-640-3365
---------------------------------------------------------







From jseiger at cdt.org  Fri Aug  2 14:00:22 1996
From: jseiger at cdt.org (Jonah Seiger)
Date: Sat, 3 Aug 1996 05:00:22 +0800
Subject: URGENT: Surveillance Bill Gets New Life - House Vote lLikely TODAY!
Message-ID: <v02140b02ae27c94754e5@[204.157.127.4]>


(please forward where appropriate)

It's not over yet....

The House has scheduled a vote on "suspension" for a 'counter-terrorism'
bill TODAY (Friday).

Despite media reports that the negotiations had stalled out, house
Republicans have apparently worked out their differences and are set to
vote on the bill today.  The Senate may or may not vote on the measure on
Saturday.

No one I've talked to knows for sure what's in the bill, though I have
heard that there are no encryption provisions and that some of the wiretap
proposals have been scaled back.

I will post details as I get them. In the mean time, keep those calls
coming into Congress.

Jonah

  ** THE FIGHT FOR FREE SPEECH ONLINE CONTINUES TO THE SUPREME COURT **
      It's not too late to be a part of history -- Join the Lawsuit
         <http://www.cdt.org/ciec>   --    <ciec-info at cdt.org>

--
Jonah Seiger, Policy Analyst           Center for Democracy and Technology
<jseiger at cdt.org>                           1634 Eye Street NW, Suite 1100
                                                      Washington, DC 20006
PGP Key via finger                                     (v) +1.202.637.9800
http://www.cdt.org/                                    (f) +1.202.637.0968
http://www.cdt.org/homes/jseiger/









From mpd at netcom.com  Fri Aug  2 14:00:23 1996
From: mpd at netcom.com (Mike Duvos)
Date: Sat, 3 Aug 1996 05:00:23 +0800
Subject: FPGAs and Heat (Re: Paranoid Musings)
In-Reply-To: <199608021711.MAA01770@homeport.org>
Message-ID: <199608021708.KAA21925@netcom6.netcom.com>


Adam Shostack wrote:

> | That's one of the things that killed Thinking Machines.  It turned out
> [...]
> | At the time Thinking Machines went under, Seymour Cray had a big contract
> 
> 	Just a nit, but Thinking Machines is still in business, and has
> had their first few profitable quarters. www.think.com

The current Thinking Machines is a software firm, and Daniel Hillis is no
longer amongst the top management.  The name lives on, but the business
of designing, building, and selling exotic supercomputers is kaput.

Not an uncommon story in the computer business.  Even Control Data 
Corporation still exists in a transmogrified form, although their
mainframe business went up in smoke ages ago. 

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $






From tcmay at got.net  Fri Aug  2 14:07:05 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 3 Aug 1996 05:07:05 +0800
Subject: Licensing, Permits, and Freedom
Message-ID: <ae27837a000210043380@[205.199.118.202]>


At 3:23 PM 8/2/96, Cerridwyn Llewyellyn wrote:
>Jim Choate <ravage at EINSTEIN.ssz.com> argued:
>
>>As long as they have a license to operate a food dispencing facility (in
>>other words they are certifying they are aware of the correct processes for
>>such operations) then nobody should have the right to interfere with their
>>operation unless with probable cause (ie proof of danger such as bad weenies
>>in their hot dogs). This would not apply to individuals or families making
>>such food in the same place for their own and NOT public consumption.
>
>I believe the issue with Food Not Bombs is they didn't get the appropriate
>permits, etc, or were denied them, or something.  However, I disagree with
>you on this point.  I think they shouldn't be required to obtain a license,
>but everyone whom they serve food to should know that they don't have such a
>license.  This would equal informed consent.  Also, with Food Not Bombs, many
>of the people that the food is being served to is also involved in cooking,
>distributing food, and cleaning up.  I've been told it's exactly like a big
>picnic, except for anyone is invited to help and/or eat.

It was in fact "Food Not Bombs" which I was referring to in my post a few
days ago.

My point to the City Council was one of inconsistency (picnic groups not
similarly hassled). Also, the use of "permits" to harass/muzzle a group.

"Permits" are often used to stop speech and acts which are not considered
acceptable. Drawing on my own community for an example, Santa Cruz tried to
regulate palm readers, astrologers, mystics, and seers. This eventually
fell apart, possibly when the implications became clear to the bureaucrats
(the future was already clear to the Cassandras, but nobody believed them).

My "Licensed Ontologist" line in my .sig was added during one of the
debates about the claimed need to license and regulate persons in various
professions.

(There are of course the usual other examples, where job unions and cartels
stop "outsiders" from participating. Often for ostensibly good reasons, but
"guilds" nonetheless. The implications of crypto anarchy for these guilds
are left as exercises for the student.)


--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From farber at central.cis.upenn.edu  Fri Aug  2 14:12:55 1996
From: farber at central.cis.upenn.edu (Dave Farber)
Date: Sat, 3 Aug 1996 05:12:55 +0800
Subject: Freeh slimes again: Digital Telephony costs $2 billion now ...
Message-ID: <2.2.32.19960802172157.0072be14@linc.cis.upenn.edu>


And I testified in front of the House that their estimate was grossly
understated. I think it is more like 4-5 Billion . I called it the Software
Full Employment Act of 94. (copy of testimony available). djf

At 08:52 AM 8/2/96 -0700, Brock N. Meeks wrote:
>
>On Thu, 1 Aug 1996, Ernest Hua wrote:
>
>> Louis Freeh is now asking the Congress for $2 billion to fund
>> Digital Telephony.  Yes, that is FOUR TIMES what he said it
>> would cost the taxpayers to give up their own privacy.  Score
>> one for the cynics who said $500 million was not enough.
>
>I broke the story about how much Digital Telephony would *really* cost in 
>CyberWire Dispatch more than two years ago.  The price tag in my piece:  
>"... at least $2 billion..."  In that Dispatch I wrote that the Clinton 
>White House had made the decision to support the bill based on a flawed 
>cost/benefit analysis study the FBI had done.
>
>--Brock
>
>






From stewarts at ix.netcom.com  Fri Aug  2 14:34:18 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 3 Aug 1996 05:34:18 +0800
Subject: Let's Say "No!" to Single, World Versions of Software
Message-ID: <199608021800.LAA10722@toad.com>


At 02:16 PM 7/31/96 -0700, Tom Weinstein <tomw at netscape.com> wrote:

>The only thing they can revoke is their permission to provide it for
>download over the internet.  They can't revoke our permission to sell
>it in stores or via snail mail.

They _could_ refuse to give export permission for new RC4/40 versions,
and threaten prosecution if it's placed on the Internet.
It would be highly bogus, of course, but that's one of the "benefits"
of using selective enforcement and having the export strength limitations
be an individual-case-basis rather than a defined law they can be held to.

Tim wrote:
> Actually approving of disapproving a piece of software for sale 
> to U.S. citizens is not currently possible.

Sure.  The Commerce Klaus of the Constitution lets them do it
if they want to, though that required Congressional cooperation.


	TRUST NO ONE!






From stewarts at ix.netcom.com  Fri Aug  2 14:36:45 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 3 Aug 1996 05:36:45 +0800
Subject: "And who shall guard the guardians?"
Message-ID: <199608021800.LAA10727@toad.com>



>On Cyperpunks recently, Tim May wrote:
>
>>The Latin maxim "And who shall guard the guardians?" has some relevance to
>>the headlong rush into converting the U.S. into even more of a security
>>state than it is now.

The English-Only bill just passed in the House bans the use of
non-English languages by government officials.  Does Tim's sudden 
avoidance of the Latin mean that _he_'s the Fed??  

At 02:57 PM 7/31/96 -0700, Martin Minow <minow at apple.com> wrote:

>I would suspect that a Baysian analysis
>would indicate that the risk of holding (and losing) a key is
>greater than the risk of not holding (and needing) a key.

Cui bono?  Or, in this case, risk to _whom_?
The damage from losing a key is done to the key's owner,
who's a mere Subject, while the dangers of needing a key
that one doesn't have are interference with the Custodians
doing the jobs they want to do.  Sounds like a no-brainer,
from the Government's viewpoint.

	TRUST NO ONE!






From briant at atlantic.net  Fri Aug  2 14:40:15 1996
From: briant at atlantic.net (Brian T Hancher)
Date: Sat, 3 Aug 1996 05:40:15 +0800
Subject: [off-topic] roving wiretaps
Message-ID: <199608021149.LAA24441@rio.atlantic.net>


>P.S.  Do police really need a search warrant to wiretap cellular phones?

It is my understanding that police need a warrant to tap *cellular* 
phones, but not *wireless* phones.

One should understand that monitoring cellular traffic is *much* more 
difficult than tapping a conventional phone, because as the user 
moves around in the service area the phone switches to different 
repeaters, often several times during a conversation.

I am curious as to the language of the proposed law, as it is also my 
understanding that the government already has the (technical) means to monitor 
cellular traffic (but it requires a warrant, just like tapping a 
regular phone).

              Brian T. Hancher

       http://rio.atlantic.net/~briant

              briant at ocala.com
             briant at atlantic.net
      Brian.Hancher at lmi.fdles.state.fl.us





From stewarts at ix.netcom.com  Fri Aug  2 14:55:39 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 3 Aug 1996 05:55:39 +0800
Subject: SECURITY WARNING - D0 N0T D0WN0AD "New Clinton Administration Ping Policy"
Message-ID: <199608021800.LAA10715@toad.com>


WARNING!  DO NOT DOWNLOAD THE E-MAIL MESSAGE LABELED
         "New Clinton Administration Ping Policy"

IT C0NTAINS EVIDENCE 0F SECURITY VI0LATIONS IN THE HEADERS AND 
D0WNLOADING IT RISKS C0NTAMINATION 0F Y0UR MACHINE:
> X-Authentication-Warning: server1.chromatic.com: hua owned process doing -bs
> X-Authentication-Warning: server1.chromatic.com: Host hua at localhost didn't
use HELO protocol

> Return-Path: <cypherpunks-errors at toad.com>

FURTHERMORE, IT IS DISTRIBUTED BY THE THE CYPHERPUNKS-ERRORS LIST, 
AN 0RGANIZATION KN0WN T0 HAVE BR0KEN US EXP0RT-GRADE SECURITY 
AND APPARENTLY LED BY THE KN0WN FEL0N ``KLAUS'' AND AN ANARCHIST
W00DW0RKER BRIEFLY SUSPECTED IN THE UNAB0MBER CASE.




	TRUST NO ONE!






From umwalber at cc.UManitoba.CA  Fri Aug  2 14:55:41 1996
From: umwalber at cc.UManitoba.CA (Sean Walberg)
Date: Sat, 3 Aug 1996 05:55:41 +0800
Subject: Bombs & bomb threats in LA
In-Reply-To: <1373144101-347077@industrial-artworks.com>
Message-ID: <Pine.SOL.3.91.960802130921.10502D-100000@merak.cc.umanitoba.ca>


I remember seeing an item on TV that had mentioned an acid bomb (it was a
news report about a public access TV show that was showing people how to 
make bombs).  In this example, some common chemicals were mixed together, 
tightly closed, and moments later an explosion occured.  They never said 
the chemicals, for all I know it could have been lemon juice and baking 
soda in a sealed container, a la Dry Ice bomb...  It didn't look like a 
bomb of mass destruction, more of a loud bang and a smallish explosion...

Sean


On Fri, 2 Aug 1996, Conrad Walton wrote:

> >and everyplace else all the news.answers FAQs are stored. What, precisely, is
> >an acid bomb? Also note the standard blame-the-Internet (not, say, increased
> >irritation with government after the Republicans failed to reduce it) 
> >rhetoric.
> 
> i'm not exactly sure what an acid bomb is, but according to my book, The 
> Anarchist Cookbook, that I bought in 1972 (was the internet around back 
> then?), there is a compound called "picric acid" that is "more powerful 
> than TNT, but has some disadvantages". 

------------------------------------------------------------------
Sean Walberg                              umwalber at cc.umanitoba.ca
The Web Guy                  http://home.cc.umanitoba.ca/~umwalber 
UNIX Group, U. of Manitoba          PGP Key Available from Servers






From markm at voicenet.com  Fri Aug  2 15:00:47 1996
From: markm at voicenet.com (Mark M.)
Date: Sat, 3 Aug 1996 06:00:47 +0800
Subject: Information gathering by news servers
In-Reply-To: <ML-2.2.839003612.7349.scott@homebox>
Message-ID: <Pine.LNX.3.95.960802141613.1319A-100000@gak>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 2 Aug 1996, Scott McGuire wrote:

> How much information about what someone reads can be gathered
> by a news server?  Is there an anonymous way to read a public
> news server, or would a server have to be set up intentionally
> to allow anonymous reading?

It depends on how much logging the news server software does.  For INN, it
logs the hostname of every client that invokes the "group" command.  This
means that if you are on a machine that uses identd or on a SLIP/PPP account,
it is possible to also find out the complete email address.  I suppose hacking
the news software could allow a news admin to find out every article you read,
but the log would be very large.  The best way to read news anonymously is
to either get an anonymous shell account that has a full news feed, or get an
account on a trusted NNTP server.  An NNTP server could be setup to not log
at all by commenting out all the calls to syslog().

- -- Mark

PGP encrypted mail prefered
Key fingerprint = d61734f2800486ae6f79bfeb70f95348
http://www.voicenet.com/~markm/  


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQCVAwUBMgJHT7Zc+sv5siulAQHZ8gP+NywhqrmlOls1ibbpdXac0qp7/LacT+2j
UXiBare4Lk0qOJAM9UUAc+xbyzxAugdWwLAyo2NW8Bi5ZK1QojFvCKvHcQzWYNA6
baz7Qmy9x7Beup6HG+7M/bOmGonjml+ZSXbWAFMuSmItd5V2vZRmqBGdu8oglY7m
MiGmXLaLkFw=
=To5D
-----END PGP SIGNATURE-----





From jbugden at smtplink.alis.ca  Fri Aug  2 15:23:25 1996
From: jbugden at smtplink.alis.ca (jbugden at smtplink.alis.ca)
Date: Sat, 3 Aug 1996 06:23:25 +0800
Subject: Courtesy, Clubs and Clinton
Message-ID: <9607028390.AA839024095@smtplink.alis.ca>


Excerpt from http://www.msnbc.com/news/21324.asp
Clinton's golf war 
Teed-off clubbers grumble president plays too slow, disrupts things

Congressional Country Club Secretary Tim May confirms that 
some members have complained about the president, but insists that 
"more members are delighted the president is playing at our club."
_________

Is there something that Tim isn't telling us? ;-)






From pjb at ny.ubs.com  Fri Aug  2 15:27:22 1996
From: pjb at ny.ubs.com (Paul J. Bell)
Date: Sat, 3 Aug 1996 06:27:22 +0800
Subject: fbi, crypto, and defcon
Message-ID: <9608021922.AA06774@sherry.ny.ubs.com>


> From grafolog at netcom.com Fri Aug  2 11:48:53 1996
> Date: Fri, 2 Aug 1996 15:48:47 +0000 (GMT)
> From: jonathon <grafolog at netcom.com>
> X-Sender: grafolog at netcom10
> To: "Paul J. Bell" <pjb at ny.ubs.com>
> Subject: Re: fbi, crypto, and defcon
> X-No-Archive: yes
> Mime-Version: 1.0
> Content-Type> : > TEXT/PLAIN> ; > charset=US-ASCII> 
> Content-Length: 772
> 
> 	Paul:
> 
> On Fri, 2 Aug 1996, Paul J. Bell wrote:
> 
> > in general, i suspect that the rip-off is going the other way. after all, 
> > no one forces anyone buy from microsoft, AT&T, etc., but people do steal from
> 
> 	When I purchased my computers, I had to pay $150 to not have
> 	Windows and Dos installed on them.  That $150 went to Microsoft.
> 	It seemed to me that I was being ripped off, by Microsoft.
> 
> 	As far as AT&T goes, do you know how to determine what their
> 	lowest residential rate is?   Secondly, do you know how to
> 	sign up for it?  
> 	
> 
>         xan
> 
>         jonathon
>         grafolog at netcom.com
> 
> 
> 
> 	Illiterate: adj.  Inability to read write or speak five 
> 	or fewer languages.
> 	Funksioneel Ongeleerd:  a.  Die wat kon nee elf or meer tale 
> 	lees, skryf and gesprek. 
> 
> 
> 

as i said, i have no use for microsoft, whats more, i don't use microsoft. 
that said, if a person really must pay to not have their products installed, 
i agree that that is intorelable, and at the least calls for finding a new vendor
for computers. if you really don't plan to use dos or windows, there is 
no reason why you should pay for them. frankly, this sounds like a real stupid
move on the part of your hardware vendor. maybe you need to shop around.

as for at&t, no, i don't know the lowest residential rate, but i'm sure that
the rate varies depending on your long distance calling pattern. i'm sure that
the rate is less for someone who rarely makes an ld call but wants to have the 
ability to do so when and if the need/desire arises then for someone who makes 
a few call per month and for another user who makes a lot of call each month. 
at any rate, all you need to do is to ask them for the lowest rate for your 
calling pattern, and if you don't like the answer, hang up and call mci, s
print, etc. at least thats better than microsoft, where you don't have a lot 
of choice.

take a quick look around the world, paying particular attention to those many 
countries where the telephone company was directly controlled by the government. 
was the service they provided really great? was it cheap? did they every provide 
anything new or improved?  as one who has spent a lot of time in some of these
countries i can answer from experience, hell no.  a one time, in the late 50's 
i lived and worked in a certain west african country. th erule was, taht the first
person in the office in the morning would take the phone off the hook, and maybe 
by 10:30 or 11:00 we would get a dial tone. of course, you would never hang the 
thing up again taht day, just pass it along to anyone else that needed to make a 
call.  egypt and all of france was not a lot better. as late as 1983 it was a real 
challenge to get a phone installed or make a long distance call in france.  
no matter what the french say, telecommunications services still suck in france.

i agree with you that a lot of companies do gouge the customer for all that they
can get, and maybe AT&T is one of them, but maybe not.  

i have spent my entire working life providing for myself, asking and taking nothing 
from anyone, other than what i earned for myself. i payed for my education and for 
everything else that i ever had.  however, once i had the money to invest, i did 
so, in, among others, AT&T, and since i take a chance with the money that i worked 
for by investing in them, i, by god, expect a return on my investment, and if AT&T 
can't provide it, i will dump them and take my chances elsewhere.  however, 
whether its AT&T or someone else, if i risk my money, i expect something in 
return, and i can only expect that if the company (AT&T or who ever) makes a
profit.  profit is not a dirty word, it is what makes it all possible. AT&T did 
not build the worldwide network that serves us all for fun, not did they invent 
the transistor or UNIX, or all the other thinks that we take for granted just for 
the fun of it, or without risk.  if you take the risk, you deserve a return on 
your investment.  i have yet to meet a stockholder who said that they were satisfied with any given profit level and wished the company to give away goods or services 
rather then increase the dividends to the stockholders.  the name of the game is 
PROFIT, its what keeps us all alive and employed. the real saving grace is in having a choice.

i am not suggesting that as long as a company makes a profit that anything goes.  
what i am suggesting is that a company, or an individual for that matter is
only obliged to see to there own well being.  if an individual so chooses, they
may spend their life, or any portion thereof, working for the good of someone
else, or giving the results of all their labors to others, as they choose.  in 
many ways this is a good thing and is what makes civilized life.  however, i
do not believe that it is ever permissable to dictate to an individual or to 
a company which is, after all, only the sum of it's employees and stockholders,
the requirement or terms of how they will dispense the profits of their labors.

if AT&T or any other company doesn't give you what you want, tell them to fuck-off,
and take your business elsewhere.

oh that we could so easily deal with a government that provides so little of what
the people want.  i think that it is rare for a company to forget who is really
calling the shots, but our very own government seems to be completly unaware
that they exist to serve us, not the other way around. they seem to have forgotten
that the purpose of the constitution is not to define what rights are given to the 
people, but rather to define what powers the people give to the government.


cheers,
	-paul







From tcmay at got.net  Fri Aug  2 15:37:46 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 3 Aug 1996 06:37:46 +0800
Subject: Bombs & bomb threats in LA
Message-ID: <ae27a13f03021004323f@[205.199.118.202]>


At 9:33 AM 8/2/96, Conrad Walton wrote:

>i'm not exactly sure what an acid bomb is, but according to my book, The
>Anarchist Cookbook, that I bought in 1972 (was the internet around back
>then?), there is a compound called "picric acid" that is "more powerful
>than TNT, but has some disadvantages".

The ARPANET (or ARPANet, or Arpanet...) was around then. (I had an account
on it, circa 1973...not very useful for me.)

I also got my copy of "The Anarchist Cookbook" back around then. It was in
the news locally when the Santa Barbara County Sheriff's office attempted
to have it removed from the local bookstores....this removed it all right,
as the stacks of copies sold out as quickly as they could be received and
unpacked.

(As others have noted over the years, much of the advice is probably bogus
and even dangerous. Not being an explosives dabbler, I wouldn't know.)

If Feinswine gets her ban on bomb-making information passed, and this is
upheld by the courts (doubtful), the sites will be swamped with information
queries, and fooling around with bombs will become more popular amongst the
teenage set that has not expressed much interest in such things the past
couple of decades.

The more things change, the more they remain the same.

--Tim May, an I-bomb-throwing crypto anarchist

Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack
the powder. Don't even tap the bottom of the pipe to make it settle.  You want
the powder loose.  For maximum explosive effect, you need dry, fine powder
sitting loose in a very rigid container.







From tcmay at got.net  Fri Aug  2 15:40:49 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 3 Aug 1996 06:40:49 +0800
Subject: [off-topic] roving wiretaps
Message-ID: <ae27864d01021004dd81@[205.199.118.202]>


At 8:52 AM 8/2/96, David Wagner wrote:

>I don't get it.  Help me out here-- how can this possibly be constitutional?
>
>I'm reading the Fourth Amendment to our honored Constitution of the United
>States, which proclaims
>
>        [...]
>        no warrants shall issue,
>        but upon probable cause,
>        supported by oath or affirmation,
>        and *particularly describing the place to be searched*,
>        and the persons or things to be seized.
>
>Are we just to strike out that emphasized phrase?  What's going on here?
>Someone tell me I'm not just having a bad nightmare.


The same way the Second Amendment has been turned into a shadow of itself
by creative lawyering.

("The Founders did not mean to include AR-15s and .45 Automatics as "guns,"
as these did not even exist in 1791. Likewise, cellular phones did not
exist in 1791, so the Fourth Amendment could not possibly apply to them.
Have a nice day.")

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From frissell at panix.com  Fri Aug  2 15:41:44 1996
From: frissell at panix.com (Duncan Frissell)
Date: Sat, 3 Aug 1996 06:41:44 +0800
Subject: privacy is a SMOKESCREEN.
Message-ID: <2.2.32.19960802193411.0087b680@panix.com>


See.  Right-wing nuts are good for something.

>from eff:
>
>CNN reports: "Key members of the Senate blamed House conservatives for 
>the failure, saying they had insisted on linking proposed new
>wiretapping authority for the FBI to an expansion of privacy laws."
>
>CNN quotes Rep. Charles Schumer (D-NY) as saying that House Republican
>leaders "have come up with this smokescreen called privacy".






From perry at piermont.com  Fri Aug  2 15:42:34 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 3 Aug 1996 06:42:34 +0800
Subject: Tolerance
In-Reply-To: <199608012148.OAA21170@cygnus.com>
Message-ID: <199608021936.PAA10161@jekyll.piermont.com>



"Chris Adams" writes:
> Just a comment to all of the 'true libertarians' out there, especially
> the "defend to the death" types:  How many of you defended Mr.
> Sternlight's recent membership?

Libertarianism means that you oppose *government* censorship -- not
that you feel obligated to listen to every idiot who comes down the
street.

In other words -- I defend to the death the right of David Sternlight
to say anything he likes. However, thats very different from feeling
that anyone is required to listen, or saying that a privately run
forum must tolerate him.

Perry





From jimbell at pacifier.com  Fri Aug  2 15:44:16 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 3 Aug 1996 06:44:16 +0800
Subject: Bombs & bomb threats in LA
Message-ID: <199608021942.MAA17510@mail.pacifier.com>


At 09:33 AM 8/2/96 -0000, Conrad Walton wrote:

>i'm not exactly sure what an acid bomb is, but according to my book, The 
>Anarchist Cookbook, that I bought in 1972 (was the internet around back 
>then?), there is a compound called "picric acid" that is "more powerful 
>than TNT, but has some disadvantages". 

Picric acid is 2,4,6 trinitrophenol, easily produced by the nitric/sulfuric 
acid nitration of phenol.

If picric acid contains about 15% of water or more, it is rather stable and 
innocuous.  If it is allowed to completely dry out, it then becomes 
sensitive to detonation with a blasting cap.

One disadvantage of picric acid is that it reads with heavy metals (copper, 
lead, etc) to form unstable picrate salts.


>There is also instructions on using an inverted vial of sulpheric acid, 
>that will then eat thu the stopper at the top (bottom) of the vial. when 
>the acid makes it thru, then is mixes with Potassium Chloride 

Potassium _Chlorate_

and causes 
>a small explosion which sets off the larger explosion in the dynomite 
>packed around it. 

It would probably require a booster...

Jim Bell
jimbell at pacifier.com





From pjb at ny.ubs.com  Fri Aug  2 15:54:50 1996
From: pjb at ny.ubs.com (Paul J. Bell)
Date: Sat, 3 Aug 1996 06:54:50 +0800
Subject: my message Re: fbi, crypto, and defcon
Message-ID: <9608021947.AA06865@sherry.ny.ubs.com>


in my earlier message of this date, i said:

>"i have spent my entire working life providing for myself, asking and taking nothing
>from anyone, other than what i earned for myself. i payed for my education and for
>everything else that i ever had."

maybe i should have taken something, then i would have learned to spell. yes, i
know that the correct spelling is 'paid', not 'payed', but sometimes, (often?),
my fingers outrun my brain. does this, you ask, also account for the lack of
uppercase characters? no, it's just my style, maybe its really laziness.

cheers,
	-paul


ps. you will undoubtly also find a few tath, thta, teh, and the like.
 maybe if i used that microsoft stuff with the spell checker rather than the 
sun mailtool i could present myself without the plethora of typos. sigh. 





From omega at bigeasy.com  Fri Aug  2 15:58:46 1996
From: omega at bigeasy.com (Omegaman)
Date: Sat, 3 Aug 1996 06:58:46 +0800
Subject: Silliness on cypherpunks
Message-ID: <199608021958.OAA02684@betty.bigeasy.com>


-----BEGIN PGP SIGNED MESSAGE-----

> The first issue is the seemingly sincere attempts at answering questions
> that are obviously irrelevant.  IMO cypherpunks are not "Mr. Answer Man"
> for every question someone has regarding computers or electrical
> engineering.  Sure, most of us are pretty capable of answering these
> questions - that doesn't mean that we should.  

At most, they might be privately directed to the appropriate URL or 
other reference.  Some take the time to answer such questions by 
providing an exercise which should lead the individual to the answer.  

Chances are, though, that they're perfectly aware of Schneir's book 
and numerous other FAQ's of relevance.  That means most likely we're 
dealing with laziness - which does not deserve a response

> Whenever I asked a silly
> question at home, my dad used to tell me - "look it up".  The process of
> finding the answer was actually far more important than the answer itself. 
> We should attempt to ignore these kinds of questions.  Maybe eventually
> they will go away.

I believe that's called "learning."  Unfortunately, far too many 
people engage in what I call "willful ignroance."   

I'm not an engineer.  I'm not a mathmetician.  I don't fully 
understand everything I've read here.  If I'm interested, however, I 
look further and read up on the subject so I can make informed 
queries if needed.

Some seem to think that this list is cruel to newcomers by posting 
sarcastic responses to newbie inquiries.  This list assumes some 
amount of prior knowledge on the part of it's members.  It is not the 
place for "what does PGP stand for?" questions.

> My other "peeve of the day" is the wonderful introduction of the "mee too"
> postings to cypherpunks. 

me too.

 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgJSYab3EfJTqNC9AQHXqwP/YUx5mtuDZTV4G6T//DsOZHtWqKo19+sN
mUEWKFa0DkErukEXnNIhSXgQjtkknp/AJEP2UQ04JE5cIoVB8ti2tpeB+qLFJUvi
pd149EYzQC+da0l0rSDWARtciWv642ZX5fdrCn7388tpxnCsTlnSLziaQVM7E9+S
ZZ2etwMCQd8=
=796N
-----END PGP SIGNATURE-----
-----------------------------------------------------------------------------------------
 Omegaman <omega at bigeasy.com>
 PGP Key fingerprint =  6D 31 C3 00 77 8C D1 C2  
                            59 0A 01 E3 AF 81 94 63 
send a message with the text "get key" in the "Subject:"
field to get a copy of my public key.
-------------------------------------------------------------------------------------





From shamrock at netcom.com  Fri Aug  2 16:00:43 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sat, 3 Aug 1996 07:00:43 +0800
Subject: Freeh slimes again: Digital Telephony costs $2 billion now ...
Message-ID: <v02120d00ae280f477ab7@[192.0.2.1]>


At 18:29 8/1/96, Timothy C. May wrote:

>(With the Internet Phone deals--even Intel is entering the market--why are
>there no widespread uses of PGP or S/MIME? Yes, I know about about PGPhone,
>and also the Nautilus product, but none seem to be used by anyone I know.
>Maybe we should spend some time talking about the practical realities of
>these tools.)

The sound quality really isn't there, unless you have a fast machine or a
fat pipe. In addition, the vast majority of Intel based computers lack the
crucial (for user acceptance) full-duplex soundcard. Add to that the
physical impossibility of getting decent real time services over a
non-isochronous network, such as the Internet, I'net phones just don't
provide suffcient speech quality for business/serious personal use even
without the added overhead of crypto.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From wwoelbel at midwest.net  Fri Aug  2 16:24:50 1996
From: wwoelbel at midwest.net (W.K. Woelbeling)
Date: Sat, 3 Aug 1996 07:24:50 +0800
Subject: List for crypto minus political rubbish
Message-ID: <199608022025.PAA02349@cdale1.midwest.net>


I am looking for a source of info on crypto.  While this list is of interest
to (many) people, I find that the amount of political ranting outweighs any
nuggets of information concerning cryptography.  Pointers?

Bill






From tcmay at got.net  Fri Aug  2 16:48:33 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 3 Aug 1996 07:48:33 +0800
Subject: URGENT: Surveillance Bill Gets New Life - House Vote lLikely TODAY!
Message-ID: <ae27bf7d050210044d20@[205.199.118.202]>


At 3:06 PM 8/2/96, Jonah Seiger wrote:

>It's not over yet....
>
>The House has scheduled a vote on "suspension" for a 'counter-terrorism'
>bill TODAY (Friday).
>
>Despite media reports that the negotiations had stalled out, house
>Republicans have apparently worked out their differences and are set to
>vote on the bill today.  The Senate may or may not vote on the measure on
>Saturday.
>
>No one I've talked to knows for sure what's in the bill, though I have
>heard that there are no encryption provisions and that some of the wiretap
>proposals have been scaled back.

I doubt any of the Congressjerks know what's in the thing they've voting
on, either. This is the American way: wait 'til the last minute, pull a
couple of "all nighters," go on vacation, and then claim ignorance. It
worked when we were in school, so, hey, why not run the government the same
way?

("I had no idea of what was in the Communications Decency Act...it just
sounded like the "decent" thing to vote for."....."You mean the
Anti-Terrorism Bill suspends habeus corpus? What's that? I'll ask my
staffers to look into it.")

Fuck 'em all. Fawkes had it wrong...they're not worth the powder to blow
'em to hell.

All we can do is work on technological workarounds. Making their $2 billion
Wiretap Boondoggle a worthless exercise is a start.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From frissell at panix.com  Fri Aug  2 17:03:58 1996
From: frissell at panix.com (Duncan Frissell)
Date: Sat, 3 Aug 1996 08:03:58 +0800
Subject: Bombs & bomb threats in LA
Message-ID: <2.2.32.19960802192913.0087dccc@panix.com>


At 12:13 PM 8/2/96 -0400, Simon Spero wrote:

>IP is the Flame, TCP is the Fuse, HTTP is the Bomb

That'd be HTTPS wouldn't it.
              ^
DCF






From shamrock at netcom.com  Fri Aug  2 17:05:32 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sat, 3 Aug 1996 08:05:32 +0800
Subject: Pipe bombs
Message-ID: <v02120d02ae281b5c5141@[192.0.2.1]>


At 21:02 8/1/96, Timothy C. May wrote:

>Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
>ends.  Buy two metal caps to fit.  These are standard items in hardware
>stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
>good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
>on one end. Fill the pipe to within 1/2 inch of the top with black powder.
>Do not pack
>the powder. Don't even tap the bottom of the pipe to make it settle.  You want
>the powder loose.  For maximum explosive effect, you need dry, fine powder
>sitting loose in a very rigid container.

I do believe you forgot the fuse... Electrical ignition elements, such as
the ones used to launch model rockets should work just fine.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From tcmay at got.net  Fri Aug  2 17:09:34 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 3 Aug 1996 08:09:34 +0800
Subject: SOUP KITCHENS
Message-ID: <ae27b98904021004e701@[205.199.118.202]>


At 2:39 PM 8/2/96, Sandy Sandfort wrote:

>I find it amusing that the law is supposedly so concerned with
>food purity for the "homeless."  Hang out near a fast-food place
>sometime and watch the street people dumpster dive for the
>half-eaten remains of other people's Big Macs.  That is the true
>alternative to volunteer feeding programs.  (That, or getting a
>job.)

I thought the point you were about to make when you said "Hang out near a
fast-food place..." is that a _lot_ of "roach coaches" are much filthier
than any "Food Not Bombs" soup kettle I've ever seen.

(Fortunately, people survive all kinds of dirt and germs. If dogs and cats
can eat stuff off the floor, and our ancestors did before hot water, soap,
and autoclaves, then so can we. Not to mention children. But I digress.)

The use of zoning and health code ordnances to harass certain classes of
people is nothing new. Like I said, the Boy Scout Cookout and similar
"good" events are not bothered by City Inspectors descending on them to
shut them down.

>The truth is that local officials are perverting the health codes
>to harass these operations, not to "protect the homeless."  At
>it's core, it is a hypocritical abuse of power, not unlike the
>invocation of the Four Horseman to keep strong crypto out of the
>hands of average Americans.

Further, in time past the operation of a "street food" service (hot dogs,
ice cream, various knoshing items, etc.) was a way for otherwise poor
persons to start a business. My own city, Santa Cruz, has no pushcart
vendors, and only one officially-approved sidewalk hotdog vendor. A loss
for us, a loss for would-be vendors, and with no gain in "food safety" that
I can plausible see.

I actually think this shows another side of the harassment of food
giveaways and low-cost vendors: it cuts down on competition with the
established food entities. While I tend to dismiss "corporate conspiracy"
theories about how Giant Corporations are repressing and suppressing the
Little Guys, there is little doubt that licensing, zoning, and other
governmental restrictions are often used by established entities to keep
out competition. Licenses get used for what economists call "rent-seeking"
behavior.

(Examples abound in other areas, too, such as where large chip companies
like Intel actually relish the vast amounts of paperwork they are required
to fill out, becuase this overhead and legal burden can be handled by their
buildings full of paper pushers, but helps to keep small companies from
entering the market. Intel has actually insisted that small companies file
the same environmental impact reports, labor reports, etc., that they have
to fill out. Understandable at one level, but also an example of using "the
system" to put pressure on upstarts. Or, the rent-seeking of professional
guilds, well-known to all of us.)

As to Alan Horowitz's bizarre notion that "public streets" are not to be
used for giving away food, does he believe the same to be true of giving
away speech, giving away ideas, passing books to other people, etc.? "There
are bookstores for selling or buying books, and anyone who engages in this
sort of action on a public street will have his attitude adjusted with my
billy club."

"Public" areas cause problems for analysis of rights, I will grant. The
"commons problem" is well known. But I think that the specific cases we've
been discussing, of whacking bums with nightsticks for the crime of not
maintaining "proper decorum," and of Food Not Bombs being shut down while
the Boy Scouts are not, are clear cases where the law is being misapplied.

(Were I a lawyer, and had the Food Not Bombs case come to trial, I would've
collected evidence that a large number of other groups were not sanctioned
for not having food preparation permits, and I would've argued it was a
case of "selective enforcement" for political reasons.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From root at charley.clark.net  Fri Aug  2 17:50:30 1996
From: root at charley.clark.net (root)
Date: Sat, 3 Aug 1996 08:50:30 +0800
Subject: No Subject
Message-ID: <199608022200.SAA02309@charley.clark.net>


reply to: sparks at bah.com
Subject: an endorsement ( sort of )
In-Reply-To: <Pine.SUN.3.91.960802100643.24257A-100000 at psyche.the-wire.com>
X-Mailer: Ishmail-demo 1.2.2-960711-linux <http://www.ishmail.com>
MIME-Version: 1.0
Content-Type: text/plain

-----BEGIN PGP SIGNED MESSAGE-----

I just downloaded a copy of Ishmail ( http://www.ishmail.com) and I'm
really impressed. I have a few things to tweek ( I installed it in the
wrong directory so I have to be root for the moment ) but the interface
to PGP is transparent.. smooth as a baby's a** !! I had a couple of
questions, and they were answered very quickly.  I found something I
really like !! well worth the price for the UNIX / LINUX weenies (IMHO)

Charley Sparks


  Charles E. Sparks <sparks at bah.com>
In God We Trust, All Others we Encrypt
Public Key at:
http://www.clark.net/pub/charley/pc_1.htm
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCXAwUBMgJ6ZOJ+JZd/Y4yVAQFWXgQMD5LMIBHPa0lKJAT0zPXA4ykYSNTf5a0o
rpnoDFLlby5m+VdyJWLAwaQ1o3JiFP6q20u/lVh+Ixsgg2Yf27GGzur36jYjxNv8
Ist7uiDug3UHdmDZy6SYG6TM1MG6MARaixCE4HfV0DCZYt9ZAIWYAQWgRAOh7+fp
3QLUKATFJyeGTg==
=+Pyo
-----END PGP SIGNATURE-----





From koontz at netapp.com  Fri Aug  2 17:53:41 1996
From: koontz at netapp.com (Dave Koontz)
Date: Sat, 3 Aug 1996 08:53:41 +0800
Subject: FPGAs and Heat (Re: Paranoid Musings)
Message-ID: <9608022229.AA07237@lada>


>The current Thinking Machines is a software firm, and Daniel Hillis is no
>longer amongst the top management.  The name lives on, but the business
>of designing, building, and selling exotic supercomputers is kaput.

>Not an uncommon story in the computer business.  Even Control Data
>Corporation still exists in a transmogrified form, although their
>mainframe business went up in smoke ages ago. 

MasPar still exists as a software company, they changed the name
however.





From smith at sctc.com  Fri Aug  2 17:53:52 1996
From: smith at sctc.com (Rick Smith)
Date: Sat, 3 Aug 1996 08:53:52 +0800
Subject: Corporate e-mail policy
Message-ID: <199608022151.QAA02114@shade.sctc.com>


George Kuzmowycz wrote:

:   The company I work for has set up a committee to draft a security 
: policy involving, among other things, e-mail. Since I'm responsible 
: for our networking and e-mail, I'm part of this group. Unfortunately, 
: I'm outnumbered by legal, auditing and HR types who, basically, want 
: to have access to everything.

First, figure out what *your* objective is. You can't achieve e-mail
privacy by implementing some idealized policy that says "Our company
won't snoop into e-mail."  It is the obligation of corporate
functionaries to act in the corporation's best interest, and if that
includes violating the privacy policy (as opposed to civil or criminal
statutes) then it's going to happen. If you write it into one policy,
they'll just find a different one that they can apply to override it.

As you pointed out, the courts agree with this interpretation.  Let us
focus on what we *can* fix.

You can make things better if you write the policy to reduce the risk
of abuse. Nip this nonsense about "access to everything" in the bud.
For example, the policy could provide oversight by requiring approvals
from affected people (the victim's manager if not the actual victim).
Then, access is granted to the victim's files and not to all the
files. Even if auditors want to do "random audit" of e-mail, they
don't really need "access to everything" to achieve it.  They can
randomly select messages somehow and only get readable copies after
the messages are selected.

You'd probably find lots of support for a more measured policy like
this. For example, mail from the CEO or the head of the Audit
department shouldn't be an open book just because Joe Blow from Audit
is "auditing e-mail today."

Also, your policymakers might think about the issues raised by the
recent skit, "FBI Files on Republicans Stored in the Democratic White
House." If they demand unlimited access to e-mail files, they might be
held responsible for making use of information contained therein
simply because they *could* have read them.

Rick.
smith at sctc.com         secure computing corporation





From wb8foz at nrk.com  Fri Aug  2 17:58:25 1996
From: wb8foz at nrk.com (David Lesher)
Date: Sat, 3 Aug 1996 08:58:25 +0800
Subject: "And who shall guard the guardians?"
In-Reply-To: <199608021800.LAA10727@toad.com>
Message-ID: <199608022215.SAA04249@nrk.com>


> The English-Only bill just passed in the House bans the use of
> non-English languages by government officials.  Does Tim's sudden 
> avoidance of the Latin mean that _he_'s the Fed??  

What about Navajo?


-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433






From wb8foz at nrk.com  Fri Aug  2 18:04:30 1996
From: wb8foz at nrk.com (David Lesher)
Date: Sat, 3 Aug 1996 09:04:30 +0800
Subject: "And who shall guard the guardians?"
In-Reply-To: <199608021800.LAA10727@toad.com>
Message-ID: <199608022211.SAA04204@nrk.com>


> The English-Only bill just passed in the House bans the use of
> non-English languages by government officials.  Does Tim's sudden 
> avoidance of the Latin mean that _he_'s the Fed??  

What about Navajo?


-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From shamrock at netcom.com  Fri Aug  2 18:14:41 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sat, 3 Aug 1996 09:14:41 +0800
Subject: [off-topic] roving wiretaps
Message-ID: <v02120d03ae2823f85701@[192.0.2.1]>


At 1:52 8/2/96, David Wagner wrote:

>I don't get it.  Help me out here-- how can this possibly be constitutional?
>
>I'm reading the Fourth Amendment to our honored Constitution of the United
>States, which proclaims
>
>        [...]
>        no warrants shall issue,
>        but upon probable cause,
>        supported by oath or affirmation,
>        and *particularly describing the place to be searched*,
>        and the persons or things to be seized.
>
>Are we just to strike out that emphasized phrase?  What's going on here?
>Someone tell me I'm not just having a bad nightmare.

The Fourth Amendment has been abolished by the Supreme Court for all
intends and purposes. It remains listed in the Constitution for historic
reasons only.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From snow at smoke.suba.com  Fri Aug  2 18:15:09 1996
From: snow at smoke.suba.com (snow)
Date: Sat, 3 Aug 1996 09:15:09 +0800
Subject: A Libertine Question
In-Reply-To: <Pine.SV4.3.91.960802005945.11780D-100000@larry.infi.net>
Message-ID: <Pine.LNX.3.93.960802164703.1649B-100000@smoke.suba.com>


On Fri, 2 Aug 1996, Alan Horowitz wrote:
> We require property owners who don't have city-sewage hookups, to install 
> their septic tanks and maintain them in certain defined configurations 
> which estop them from contaminating the neighbor's well. I don't know if 
> that's a good idea or not - but I haven't seen sentiment against sewage 
> regulation of property owners.
> So why should we be terribly upset about an ordinance which makes it 
> illegal to operate a residential kitchen and a residential sewge-disposal 
> operation in a city park or a city sidewalk?

     As long as you are enforcing it on everyone, I don't think you'd have a 
problem, but to force some one from cooking food for homeless people, and 
allow a family barbeque, is IMO wrong. If it is unsafe/unsanitary to cook 
food in a certain way, it is unsafe/unsanitary. Selective enforcement is 
wrong. 

     Force the yuppies on a sunday afternoon barbeque to get a permit and 
see how long the law lasts.

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From sandfort at crl.com  Fri Aug  2 18:15:13 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 3 Aug 1996 09:15:13 +0800
Subject: SOUP KITCHENS
In-Reply-To: <ae27b98904021004e701@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.960802153051.29996C-100000@crl14.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 2 Aug 1996, Timothy C. May wrote:

> I actually think this shows another side of the harassment of
> food giveaways and low-cost vendors: it cuts down on competition
> with the established food entities...there is little doubt that
> licensing, zoning, and other governmental restrictions are often
> used by established entities to keep out competition.

A most distastful example is the complicit silence of gun stores
when the gun grabbers regulate "kitchen table" gun dealers out of
economic existance.

	"When they came for the communists, I said nothing
	 because I wasn't a communist..."


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From snow at smoke.suba.com  Fri Aug  2 18:16:55 1996
From: snow at smoke.suba.com (snow)
Date: Sat, 3 Aug 1996 09:16:55 +0800
Subject: Pipe bombs
In-Reply-To: <ae26cc41120210042fbf@[205.199.118.202]>
Message-ID: <Pine.LNX.3.93.960802111806.1649A-100000@smoke.suba.com>


On Thu, 1 Aug 1996, Timothy C. May wrote:
> Fuck them. Fuck Swinestein, Klinton, Gingrich, and all the rest. And fuck
> Dole. (On second thought, don't--it might not be a survivable experience.)

    Unsurvivable for which party?

> 
> I say they've all earned only our contempt.

     A long time ago. 
 
> It's time to accelerate our efforts to undermine this foolish experiment in
> pandering to the masses.

    Tell us how o' wise one. 
  
> --Tim May
 
> Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
> ends.  Buy two metal caps to fit.  These are standard items in hardware
> stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
> good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
> on one end. Fill the pipe to within 1/2 inch of the top with black powder.
> Do not pack
> the powder. Don't even tap the bottom of the pipe to make it settle.  You want
> the powder loose.  For maximum explosive effect, you need dry, fine powder
> sitting loose in a very rigid container.

     What about fusing? Mechinical detonation with a shotgun shell, or 
electrical with a model rocket engine?


Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From pjn at nworks.com  Fri Aug  2 18:17:08 1996
From: pjn at nworks.com (pjn at nworks.com)
Date: Sat, 3 Aug 1996 09:17:08 +0800
Subject: fbi, crypto, and defc
Message-ID: <TCPSMTP.16.8.2.15.11.18.2645935021.658751@.nworks.com>


 In> They said that every other time their comrades had come to defcon,
 In> they had tried to come incognito, and got caught every time.  This
 In> time, they wore FBI t-shirts, and the only response was "Hey! Where'd
 In> ya get the T-Shirt?!?". They said "We hacked 'em from the FBI" and that
 In> was it, noone suspected... =) 

 I would love to get my hands on "I spotted the Fed" and "I am a Fed"
 (or whatever they say) T-Shirts...


 P.J.
 pjn at nworks.com




... A man without a religion is like a fish without a bicycle.

___ Blue Wave/QWK v2.20 [NR]







From alano at teleport.com  Fri Aug  2 18:20:25 1996
From: alano at teleport.com (Alan Olsen)
Date: Sat, 3 Aug 1996 09:20:25 +0800
Subject: Bombs & bomb threats in LA
Message-ID: <2.2.32.19960802202248.00b23440@mail.teleport.com>


At 12:13 PM 8/2/96 -0700, Timothy C. May wrote:

>I also got my copy of "The Anarchist Cookbook" back around then. It was in
>the news locally when the Santa Barbara County Sheriff's office attempted
>to have it removed from the local bookstores....this removed it all right,
>as the stacks of copies sold out as quickly as they could be received and
>unpacked.
>
>(As others have noted over the years, much of the advice is probably bogus
>and even dangerous. Not being an explosives dabbler, I wouldn't know.)

There are a great number of errors in the book.  (Details of many can be
found at http://www.wam.umd.edu/~ctmunson/aol_cookbook_faq.html .)  

The one error I found in the book when I was in High School was the recipe
for Nitrogen Triodide. (sp?)  The Anarchist's Cookbook lists four steps for
making it.  The first two are correct.  The second two (running alchhol and
ether, if I remember correctly) dry the mixture out and probibly detonate it
in the process.  (The ether would make things much worse, as ether is pretty
volitile in and of itself.)

I found better formulas for simple explosives in "Lee's Priceless Recipes".
(Which was published in 1912.  Long before the Internet.)

Ah, memories of High School chemistry classes...
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From snow at smoke.suba.com  Fri Aug  2 18:37:50 1996
From: snow at smoke.suba.com (snow)
Date: Sat, 3 Aug 1996 09:37:50 +0800
Subject: [off-topic] roving wiretaps
In-Reply-To: <4tsfjm$oi6@joseph.cs.berkeley.edu>
Message-ID: <Pine.LNX.3.93.960802165418.1649C-100000@smoke.suba.com>


On 2 Aug 1996, David Wagner wrote:
> In article <01I7RM0CJM388Y4XIK at mbcl.rutgers.edu>,
> I don't get it.  Help me out here-- how can this possibly be constitutional?

     It isn't, since when has that stopped them?

> I'm reading the Fourth Amendment to our honored Constitution of the United
> States, which proclaims
> Are we just to strike out that emphasized phrase?  What's going on here?
> Someone tell me I'm not just having a bad nightmare.

     You're not having a nightmare, it's reality. 

> Apologies if these are silly questions,

     It isn't the questions that are stupid, it is answers.              

> P.S.  Do police really need a search warrant to wiretap cellular phones?

     No, not to tap the phone, just to use it as evidence.

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From rich at c2.org  Fri Aug  2 18:53:43 1996
From: rich at c2.org (Rich Graves)
Date: Sat, 3 Aug 1996 09:53:43 +0800
Subject: Let's Say "No!" to Single, World Versions of Software
In-Reply-To: <199608021800.LAA10722@toad.com>
Message-ID: <Pine.GUL.3.95.960802144216.790I-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 2 Aug 1996, some provocateur impersonating Bill Stewart wrote:

> Tim wrote:
> > Actually approving of disapproving a piece of software for sale 
> > to U.S. citizens is not currently possible.
> 
> Sure.  The Commerce Klaus of the Constitution lets them do it
> if they want to, though that required Congressional cooperation.

That would certainly be less of a stretch than some other commerce clause
cases. Crypto can be used interstate, and there's a compelling state
interest in form of The Four Horsemen. Heck, we should all thank our lucky
stars that our freedom-loving congresscritters let us use computers at all.
I believe it was Wickard who was told he couldn't grow food to feed his own
pigs because the government has a compelling state interest in keeping
interstate food prices high. Surely terrorism and kiddie porn, which is all
people ever use the net (let alone crypto) for, are even more important than
high food prices. 

> 	TRUST NO ONE!

Indeed.

- -rich
 fucking statist

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMgJ4j5NcNyVVy0jxAQE/yAH+O3HErmEi9TrEJaBbmb6u0K/1du34t4MQ
cByjhW5poJlrb5CLtPAt/5nOaWYlwvlEtvXSckbn1DJPN5ry4kXVvw==
=0sLc
-----END PGP SIGNATURE-----






From bdolan at use.usit.net  Fri Aug  2 18:54:40 1996
From: bdolan at use.usit.net (Brad Dolan)
Date: Sat, 3 Aug 1996 09:54:40 +0800
Subject: Bombs & bomb threats in LA
In-Reply-To: <ae27a13f03021004323f@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.960802170604.7666C-100000@use.usit.net>


Didn't (left-radical) Abbie Hoffman's anarchy bible _Steal This Book_ have 
some bombmaking instructions also?  I don't recall civilization falling in 
1968 or thereabouts when STB was published.

bd

On Fri, 2 Aug 1996, Timothy C. May wrote:

> At 9:33 AM 8/2/96, Conrad Walton wrote:
> 
> >i'm not exactly sure what an acid bomb is, but according to my book, The
> >Anarchist Cookbook, that I bought in 1972 (was the internet around back
> >then?), there is a compound called "picric acid" that is "more powerful
> >than TNT, but has some disadvantages".
> 
> The ARPANET (or ARPANet, or Arpanet...) was around then. (I had an account
> on it, circa 1973...not very useful for me.)
> 
> I also got my copy of "The Anarchist Cookbook" back around then. It was in
> the news locally when the Santa Barbara County Sheriff's office attempted
> to have it removed from the local bookstores....this removed it all right,
> as the stacks of copies sold out as quickly as they could be received and
> unpacked.
> 
> (As others have noted over the years, much of the advice is probably bogus
> and even dangerous. Not being an explosives dabbler, I wouldn't know.)
> 
> If Feinswine gets her ban on bomb-making information passed, and this is
> upheld by the courts (doubtful), the sites will be swamped with information
> queries, and fooling around with bombs will become more popular amongst the
> teenage set that has not expressed much interest in such things the past
> couple of decades.
> 
> The more things change, the more they remain the same.
> 
> --Tim May, an I-bomb-throwing crypto anarchist
> 
> Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
> ends.  Buy two metal caps to fit.  These are standard items in hardware
> stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
> good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
> on one end. Fill the pipe to within 1/2 inch of the top with black powder.
> Do not pack
> the powder. Don't even tap the bottom of the pipe to make it settle.  You want
> the powder loose.  For maximum explosive effect, you need dry, fine powder
> sitting loose in a very rigid container.
> 
> 
> 





From tcmay at got.net  Fri Aug  2 19:07:18 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 3 Aug 1996 10:07:18 +0800
Subject: Pipe bombs
Message-ID: <ae27c15006021004bae3@[205.199.118.202]>


At 9:26 PM 8/2/96, Lucky Green wrote:
>At 21:02 8/1/96, Timothy C. May wrote:
>
>>Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
...

>I do believe you forgot the fuse... Electrical ignition elements, such as
>the ones used to launch model rockets should work just fine.


Actually, all I did was copy the first couple of paragraphs from the very
first set of instructions I found, found by using Alta Vista to search the
Web on the string "pipe bomb". That's what turned up.

(I guess I should've put quote marks around it and given a URL, but I was
in a rush to generate my felonious alternate .sig. I'll correct it now.)


--Tim

HOW TO MAKE A PIPE BOMB:
"Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack the powder. Don't even tap the bottom of the pipe to make it
settle.  You want the powder loose.  For maximum explosive effect, you need
dry, fine powder sitting loose in a very rigid container." (more
information at http://sdcc13.ucsd.edu/~m1lopez/pipe.html, or by using
search engines)







From steve at miranova.com  Fri Aug  2 19:18:12 1996
From: steve at miranova.com (Steven L Baur)
Date: Sat, 3 Aug 1996 10:18:12 +0800
Subject: fbi, crypto, and defcon
In-Reply-To: <9608021922.AA06774@sherry.ny.ubs.com>
Message-ID: <m2lofxtlhl.fsf@deanna.miranova.com>


>>>>> "Paul" == Paul J Bell <pjb at ny.ubs.com> writes:

jonathon> When I purchased my computers, I had to pay $150 to not have
jonathon> Windows and Dos installed on them.  That $150 went to Microsoft.
jonathon> It seemed to me that I was being ripped off, by Microsoft.

Paul> as i said, i have no use for microsoft, whats more, i don't use
Paul> microsoft.  that said, if a person really must pay to not have
Paul> their products installed, i agree that that is intorelable, and
Paul> at the least calls for finding a new vendor for computers. if
Paul> you really don't plan to use dos or windows, there is no reason
Paul> why you should pay for them. frankly, this sounds like a real
Paul> stupid move on the part of your hardware vendor. maybe you need
Paul> to shop around.

This is exactly what a new lawsuit recently filed against Microsoft is
about.  See
	http://www.caldera.com/news/pr001.html
for details.

They've already had their hand slapped for the per-processor license
agreements they pushed in the early '90s.  The per-processor licenses
were where Microsoft forced hardware vendors to pay a certain fee
based on CPUs sold regardless of what system software was delivered on
them.
-- 
steve at miranova.com baur
Unsolicited commercial e-mail will be proofread for $250/hour.
Andrea Seastrand: For your vote on the Telecom bill, I will vote for anyone
except you in November.





From ceridwyn at wolfenet.com  Fri Aug  2 19:27:57 1996
From: ceridwyn at wolfenet.com (Cerridwyn Llewyellyn)
Date: Sat, 3 Aug 1996 10:27:57 +0800
Subject: [off-topic] roving wiretaps
Message-ID: <2.2.32.19960802234117.006acb90@gonzo.wolfenet.com>


At 11:58 AM 8/2/96 +0000, you wrote:
>>P.S.  Do police really need a search warrant to wiretap cellular phones?
>
>It is my understanding that police need a warrant to tap *cellular* 
>phones, but not *wireless* phones.
>
>One should understand that monitoring cellular traffic is *much* more 
>difficult than tapping a conventional phone, because as the user 
>moves around in the service area the phone switches to different 
>repeaters, often several times during a conversation.

I'd have to disagree on that point.  Monitoring cellular traffic requires
nothing more than a cellular phone, and some software which enables
you to follow calls through the cells, for a total cost of about $500. 
This is exceptionally trivial with an Oki 900 and a ctek cable (which 
interfaces the fone with the computer).  
With this software you can monitor individual cells, choosing to "lock
on" to a call made from a specific number, or to a specific number.  You
can follow calls, and record any dtmf digits.  Also the caller will never 
be made aware that he/she is being listened to.  
A sophisticated land line wiretap that will not be detectable by the 
average citizen will cost well over $500, plus you have to install it 
without the target knowing, etc.  
//cerridwyn//







From ichudov at algebra.com  Fri Aug  2 19:29:41 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Sat, 3 Aug 1996 10:29:41 +0800
Subject: Corporate e-mail policy
In-Reply-To: <199608021611.JAA13044@dfw-ix10.ix.netcom.com>
Message-ID: <199608022351.SAA14955@manifold.algebra.com>


George Kuzmowycz wrote:
>   In an ideal world, the rest of the group would agree with me and say
> "Yup, we have no business reading e-mail." Since that's not likely,
> I'm looking for examples of "privacy-friendly" corporate policies
> that I can put on the table in our meetings, and end up with a
> minority report.  
> 

Maybe it is only me, but I recommend "privacy-fascist" policy. This way
employees will at least know to keep their own business out of computers
that will be monitored by the company anyways.

This is ultimately to the betterment of employees themselves if they
fall prey to complaints of the likes of January KOTM The Right Reverend
Colin James III (puke). For the information of those who do not know
CJ3 made it a hobby to complain to the employers of people whom he did
not like -- with not much success though.

The employees would easily be able to say that the employer has nothing
to do with the alleged matters of complaints.

	- Igor.





From ravage at EINSTEIN.ssz.com  Fri Aug  2 19:29:53 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 10:29:53 +0800
Subject: [off-topic] roving wiretaps (fwd)
Message-ID: <199608030027.TAA11243@einstein>



Hi,

Forwarded message:

> Date: Fri, 02 Aug 1996 16:41:17 -0700
> From: Cerridwyn Llewyellyn <ceridwyn at wolfenet.com>
> Subject: Re: [off-topic] roving wiretaps

> A sophisticated land line wiretap that will not be detectable by the 
> average citizen will cost well over $500, plus you have to install it 
> without the target knowing, etc.  

It costs nothing, it is already built into the switch at part of the
standard diagnostics. I spent 5 years at the University of Texas at Austin
working in security and part of my job was support of the NT switch. You
go to the switch put a butt-set or recorder on the diag port and route
the call data over to that port.


                                                  Jim Choate








From jseiger at cdt.org  Fri Aug  2 19:30:08 1996
From: jseiger at cdt.org (Jonah Seiger)
Date: Sat, 3 Aug 1996 10:30:08 +0800
Subject: Latest info on the "counter-terrorism" bill
Message-ID: <v01520d01ae27fabe505a@[204.157.127.21]>



The House passed a revised counter-terrorism bill this afternoon by a
substantial majority.  The bill is expected to be considered by the Senate
on Saturday 8/3, and is likely to pass.

The House-passed bill DOES NOT contain ANY of the privacy threatening
provisions.  Provisions dealing with funding for the Communications
Assistance for Law Enforcement Act (Digital Telephony) were REMOVED from
the bill just before the vote after civil liberties groups AND the FBI
objected to the language. Provisions dealing with emergency wiretap
authority and "roving wiretaps" were also not included in the House-passed
bill.

In addition, the bill does not contain any encryption provisions. Earlier
in the week, the Administration had circulated an outline of their
anti-terrorism proposal which included new, unspecified restrictions on
encryption.  Senators Burns (R-MT), Leahy (D-VT), Pressler (R-SD), Lott
(R-MS), and others worked hard to prevent any encryption provisions from
being included in early versions of the bill, and deserve a lot of credit
for fighting for the Net. It's nice to finally have a number of powerful
allies joining the usual defenders of net.freedom on Capitol Hill.

The bill passed today contains provisions increasing airport security,
studies on ways to improve US anti terrorism policy and other terrorism
issues, and a controvertial provisions expanding federal racketeering laws
to cover terrorist activity.

The bill also contains a small but not insigificant privacy victory. The
bill doubles the punishment from 5 to 10 years for unlawful disclosure of
information obtained from a warrant and increases certain penalties for
violation of the Privacy Act.

This is not over yet -- many of these issues, particularly encryption and
Digital Telephony funding, are likely to be back before the Congress in
September, so stay tunned...

Thanks to everyone who called Congress today to object to the new sweeping
surveillance provisions that were dropped from the bill! It looks like we
mave had really made a difference in this debate.

More as it comes...

Jonah

--
Jonah Seiger, Policy Analyst               Center for Democracy and Technology
<jseiger at cdt.org>                          (v) +1.202.637.9800

http://www.cdt.org/







From declan at well.com  Fri Aug  2 19:32:00 1996
From: declan at well.com (Declan McCullagh)
Date: Sat, 3 Aug 1996 10:32:00 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <v01510107ae28511736d5@[204.62.128.229]>


Stop the presses -- the other shoe didn't drop. Despite a flurry of
last-minute hyperbole, the House passed an anti-terrorism bill this
afternoon without the ominous encryption or wiretap provisions. Now
the bill lies in the lap of the Senate, which probably will approve it
later today or tomorrow before they leave town for the August recess.

In the wake of the dual bombings, Congress wanted to be seen as taking
*some* action before they adjourned, and last weekend Clinton and the
Dems started lobbying hard for the heinous measures they wanted in an
anti-terrorism bill. Vastly expanded state-snooping capabilities:
multipoint wiretaps, warrantless short-term wiretaps, dialed-phone
number recorders, and black and smokeless powder taggants. Even
possible of anti-crypto language that Jamie Gorelick, deputy attorney
general, has been shopping around for months.

The Net owes its thanks to the House Republicans for stopping these
fool Dems in a fine backroom political maneuver late last night.

They did it through the House Rules Committee, which in the wee hours
of the morning reported a rule allowing the GOP leadership to introduce
the terrorism bill on the floor today -- without letting Democrats see
it, amend it, or even send it back to committee. It was a good plan --
coordinated by Rep. Chris Cox -- keeping the legislation away from the
hands of the Big Brother Dems.

The Democrats waxed pissy. Rep. David Bonior, the party's whip, called
the majority's maneuvering "extrordinary." John Conyers, the ranking
Democrat on the House Judiciary Committee, blasted Gingrich and the
Republican leadership for "bringing a meaningless bill to the House
floor."

Conyers said to reporters at 1 pm: "It's a hoax on the American
people. It is all bark and no bite... This bill is missing the
important wiretapping provisions that would allow law enforcement to
find and stop terrorists before they kill. The House Republicans and
the NRA say we should not have emergency authority for surveillance
even if we know terrorists are about to blow a plane out of the sky.
They also say that we should not have wiretap authority for terrorists who
use more than one telephone to make their deadly plans."

Of course, this is political grandstanding at its finest -- or worst.
Conyers conveniently neglected to add that law enforcement officers
already have the right to use roving wiretaps with court approval.

Also, there was a mixup over Digital Telephony funding, compounded by
the text of the legislation's being kept secret until the last minute.
Summaries distributed to reporters early this afternoon said: "The bill
authorizes the FBI to use enhanced telephone technology to investigate
suspected terrorist activity. Funding for equipment purchase was
provided in the 1996 omnibus appropriations measure enacted earlier
this year." But the DT provisions weren't in the final draft of the bill.

Silly Congressperns. The House had *already* approved the DT slushfund
on July 24 as part of the 1997 Commerce, Justice, State departments
appropriations bill.

Now the 1997 CJS appropriations bill goes to the Senate, which will
decide how much cash to give Digital Telephony when they return in early
September.

What's going to happen? Well, Sen. Patrick Leahy (D-Vermont), a former
prosecutor and longtime proponent of Digital Telephony, said yesterday
at the Intelligence Committee hearing on terrorism: "I was proud to
have worked with the FBI director to ensure passage of the
Communications Assisatance for Law Enforcement Act, sometimes called
the digital telephony law."

With Republicans like the ones in the House, who needs so-called "civil
libertarian" Democrats?

-Declan







From koontz at netapp.com  Fri Aug  2 19:33:00 1996
From: koontz at netapp.com (Dave Koontz)
Date: Sat, 3 Aug 1996 10:33:00 +0800
Subject: ITAR
Message-ID: <9608022350.AA01262@supernova.netapp.com>



How about exporting programs, that when executed generate source code for
encryption algorithms?

(xmas.c comes to mind, an obscurity winning c program that writes out the
 twelve days of Christmas.)





From jimbell at pacifier.com  Fri Aug  2 19:55:39 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 3 Aug 1996 10:55:39 +0800
Subject: URGENT: Surveillance Bill Gets New Life - House Vote lLikely TODAY!
Message-ID: <199608030013.RAA03026@mail.pacifier.com>


At 02:21 PM 8/2/96 -0700, Timothy C. May wrote:

>("I had no idea of what was in the Communications Decency Act...it just
>sounded like the "decent" thing to vote for."....."You mean the
>Anti-Terrorism Bill suspends habeus corpus? What's that? I'll ask my
>staffers to look into it.")
>
>Fuck 'em all. Fawkes had it wrong...they're not worth the powder to blow
>'em to hell.
>
>All we can do is work on technological workarounds. Making their $2 billion
>Wiretap Boondoggle a worthless exercise is a start.

I thought of what I consider to be an excellent "workaround."   The way I 
see it, a majority of us want to see a majority of them dead, or at least 
resigned.  If that's the case, why can't we get what we want?



Jim Bell
jimbell at pacifier.com





From minow at apple.com  Fri Aug  2 20:00:46 1996
From: minow at apple.com (Martin Minow)
Date: Sat, 3 Aug 1996 11:00:46 +0800
Subject: AP story: Police look for Olympic bombing Internet link.
Message-ID: <v03007803ae2846cb0c98@[17.202.12.102]>


Search Campus Where Jewell Worked;
 Check Internet Link

By Associated Press, 08/02/96

ATLANTA (AP) - Widening their investigation of Richard Jewell,
federal and state agents descended on a small Georgia college campus
Friday to hunt for evidence linking him to the Olympic park bombing.

Among other things, investigators were trying to determine whether the
former campus guard had tapped into the Internet via Piedmont College
computers, a campus source reported. Bomb-making instructions
available through the global computer network have contributed to an
increase in bombings in the United States, authorities say.

[From http://www.boston.com/globe/cgi-bin/globe.cgi?ap/apnat.htm ]

Martin Minow
minow at apple.com







From jya at pipeline.com  Fri Aug  2 20:01:06 1996
From: jya at pipeline.com (John Young)
Date: Sat, 3 Aug 1996 11:01:06 +0800
Subject: BOO_mer
Message-ID: <199608030028.AAA04054@pipe1.t1.usa.pipeline.com>


   8-2-96. WaJo: 
 
   "More Bombs Are Exploding Across the U.S." 
 
      What also worries law-enforcement officials are the 
      comparatively unspectacular bombs exploding at a rising 
      rate in neighborhoods across the country. Indeed, with 
      homicides declining, bombings may have become the 
      fastest-growing category of violent crime. "In the old 
      days, kids would break windows," says John O'Brien, an 
      agent in Washington with the federal Bureau of Alcohol, 
      Tobacco and Firearms. "Now, they're making pipe bombs." 
      Police say one of the most popular bombs among 
      youths -- one combining acid and other ingredients in a 
      bottle -- is called the "McGyver" because many learned 
      about it from the television show. David Estenson, head 
      of a bomb-crisis management firm and former head of the 
      Minneapolis police bomb squad, observes that many of the 
      pipe bombs in Israel contain only match heads. 
 
   "U.S. Studies Use of Chemical Tracers To Track Explosives 
   in Terrorist Blasts." 
 
      The Treasury Department is studying a family of trace 
      chemicals -- first developed by U.S. weapons scientists 
      to track the fallout of nuclear weapons -- as a way to 
      give terrorist explosives an identifiable trail. The 
      trace chemicals are newer and much smaller than plastic 
      "taggants," which have provoked resistance from the 
      explosives industry and gun lobbies. Desmonde Cowdery, 
      vice president of Isotag L.L.C., a small Houston company 
      that has obtained commercial rights to the process, 
      claims the chemical tracers are so small they can be 
      blended with all types of explosives, including 
      fertilizers and gunpowders, without interfering with 
      chemical reactions. 
 
   "Can America Stomach a War on Terror?" 
 
      The lessons from the world's battlefields of terror are 
      sobering. Not only have few countries been able to make 
      much of a dent in a determined terrorist campaign, but 
      their efforts also often incur a heavy price. 
      Due-process rights have been suspended, freedoms of 
      speech curtailed, police powers beefed up. 
 
      Tommy Sands, a Belfast folk singer, praises America's 
      caution. He says that in Northern Ireland and other hot 
      spots, authorities have often overreacted to the initial 
      threat. "It's like driving a car and seeing a red light 
      come on that means you're short on oil. If you take a 
      hammer to it, the red light will go out, but you're 
      still short on oil," Mr. Sands says. "Sometimes there 
      are answers other than the big hammer." 
 
   ----- 
 
   http://jya.com/boomer.txt  (19 kb for 3) 
 
   Lynx: http://pwp.usa.pipeline.com/~jya/boomer.txt 
 
   BOO_mer 
 
 
 
 
 





From ravage at EINSTEIN.ssz.com  Fri Aug  2 20:18:24 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 11:18:24 +0800
Subject: [off-topic] roving wiretaps (fwd)
Message-ID: <199608030135.UAA11317@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 15:23:23 -0700
> From: shamrock at netcom.com (Lucky Green)
> Subject: Re: [off-topic] roving wiretaps
> 
> The Fourth Amendment has been abolished by the Supreme Court for all
> intends and purposes. It remains listed in the Constitution for historic
> reasons only.

			       ARTICLE IV. 
 
	The right of the people to be secure in their persons, houses, 
papers, and effects, against unreasonable searches and seizures, shall 
not be violated, and no Warrants shall issue, but upon probable cause, 
supported by Oath or affirmation, and particularly describing the place 
to be searched, and the persons or things to be seized. 
 

I must agree with the above sentiment by Lucky. When Steve Jackson got
busted (I was peripheraly involved through Mentor and Bloodaxe) and the
warrant was not only sealed (ie Mentor and Bloodaxe didn't get to see it)
but it was unsigned as well when it was executed.

                                                     Jim Choate






From andrew_loewenstern at il.us.swissbank.com  Fri Aug  2 20:33:00 1996
From: andrew_loewenstern at il.us.swissbank.com (Andrew Loewenstern)
Date: Sat, 3 Aug 1996 11:33:00 +0800
Subject: AP story: Police look for Olympic bombing Internet link.
In-Reply-To: <v03007803ae2846cb0c98@[17.202.12.102]>
Message-ID: <9608030114.AA03672@ch1d157nwk>


Search Campus Where Jewell Worked;
 Check Internet Link

By Associated Press, 08/02/96

ATLANTA (AP) - Widening their investigation of Richard Jewell,
federal and state agents descended on a small Georgia college campus
Friday to hunt for evidence linking him to the Olympic park bombing.

Among other things, investigators were trying to determine whether the
former campus guard had tapped into the Piedmont College library, a
campus source reported. Bomb-making instructions available through the
national inter-library borrowing network have contributed to an increase
in bombings in the United States, authorities say.

[Not From <http://www.boston.com/globe/cgi-bin/globe.cgi?ap/apnat.htm ]



andrew





From sandfort at crl.com  Fri Aug  2 21:30:03 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 3 Aug 1996 12:30:03 +0800
Subject: A Libertine Question (fwd)
In-Reply-To: <199608030142.UAA11326@einstein>
Message-ID: <Pine.SUN.3.91.960802185527.26652A-100000@crl5.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 2 Aug 1996, Jim Choate asked:

> A reasonable person recognizes that such a business has two ways
> of fulfilling its responsiblities. They can either submit to
> regulation and quality control from the local municipality or
> else they can hang signs about their place of business declaring
> "Caveat Emptor: Our food may be tainted, eat at your own risk".
> Which do you think is the more reasonable?

It would be nice if businesses were offered that choice.  I would
choose the second, myself.  Only my sign would say, "Our food is
guaranteed not tainted by the Acme insurance company, not some
corrupt government."  The problem is, governments do not allow 
businesses nor consumers to make that sort of choice.  With them 
it's, "my way or the highway" (or harassment and jail actually).

> People and businesses are not the same.

Until Jim shows me a business that isn't owned and operated by
people, I'll have to respectfully disagree.  Businesses are just
people acting alone or in concert.  Actions are what count, not
whether the action is of a pecuniary nature or not.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From ravage at EINSTEIN.ssz.com  Fri Aug  2 21:49:52 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 12:49:52 +0800
Subject: "adjust your attitude with their billy club" (fwd)
Message-ID: <199608030251.VAA11455@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 11:48:45 -0400 (EDT)
> From: Alan Horowitz <alanh at infi.net>
> Subject: Re: "adjust your attitude with their billy club" (fwd)
> 
> <<  9th & 10th AMendments to the Conmstitution >>
> 
> Cute, you left out the Third.


			       ARTICLE III. 
 
	No Soldier shall, in time of peace be quartered in any home 
without the consent of the Owner, nor in time of war, but in a manner to 
be prescribed by law. 
 
I didn't include it because it isn't germane to the discussion at hand.
 
> We are referring to the Sovereign power of the State of Washington to 
> allocate to the municipality of Seattle, a general Police Power to 
> maintain the Peace.  Every lawyer seems to think that Seattle has the 
> power to forbid people from using sidewalks as latrines and kitchen sinks.

I agree with the municipality, if you want to eat your own shit and piss go
right ahead. You have no right to expose me to the deliterious health effects
of such material randomly sprayed around my city. Hell, even animals are smart
enough to know not to shit in their own bed. Pitty all these smart people seem
to have forgotten such a basic rule of nature. Such actions are clearly a
threat to my person and property.

> I am in bed with the government, so I have better knowledge than most of 
> the people on this list, about how bad it is. Nonetheless, I recall the 
> aphorism from the Talmud: "Pray for the health of the government, lest 
> the people eat other alive".

If these sayings indicate such insight how come the Jews have such a
terrible time getting along with anyone for any length of time? Why does
their current regime have such a hard time? Why is it that I get such a
rising in the hackles on my neck when I am reminded that it is illegal in
Isreal to carry a Palestinian flag in public. How come they begin to look
more and more like the new age nazi's? The Isrealis love of government and
structure has certainly not brought them great amounts of security, wealth,
or friends.

> If you want to walk into the public library after a six-month moratorium 
> on bathing - well, the courts are divided on this, but _I_ stand for the 
> proposition that this is an assault on the other patrons and I will lobby 
> _my_ city councilman for there to be rules against it.

I will oppose it. While I would oppose those self same persons from touching
me or my property without my prior permission (which I would not give) I
would not prohibit them from entering any public facility. I oppose Austin's
recent ruling prohibiting sleeping in public parks and other area because
the local businesses said it effected their profits. I oppose their recent
ruling that ALL persons who ride a bike MUST wear a helmet, ostensibly to
protect children even though the law doesn't mention minors at any point.
The mayor when queeried on this point simply ignored it. I assure you none
of them will get my vote, and from what I have seen not a lot of others
either.

> But if you want to play your boombox loud near me, make damn sure you do
> it behind soundproof walls. Where I live, the cops will respond to that 
> kind of complaint and shut down the nuisance, with nightsticks if need be 
> (in my little rural area, it's seldom necessary). Maybe you California or 
> NYC folks don't have police forces that will mitigate nuisances. Enjoy 
> your progressive radical-chic neighborhood, folks.

Unless you can demonstrate that your person or property are harmed by the
action I oppose such laws. Simply smelling bad is not a physical act. Austin
has a law which basicaly does the same thing. In general the people of the
city don't like it, the police don't enforce it, and the people drive around
town jammin' to their hearts content. If my apartment neighbor is playing
their radio too loud I am not going to call the cops I am going to call the
manager if my attempts at becoming some sort of aquaintence fail at mediation.
It is private property and short of violence to a person or property they
have no business in here without a warrant. I own 5 acres near Lockhart, just
outside Austin, and I have made it clear to several of the county mounties
that parking in my driveway is verbotten if they don't have a warrant for
searching my property, they liked to park there to eat food and fill out
reports. They seem to understand and respect my wishes. They now park down
at the intersection of my dirt road and 71 on public land.

The right to freedom of speech means you have a right to be offended and to
offend. If you haven't been offended at least once a day you need to get out
of your apartment and quit watching the roaches crawl the walls. If what is
on television offends you then start your own television station and play
family (or porno) material till your hearts content. Passing laws that tell
privately owned stations what to air is wrong because it is equivalent to
limiting the freedom of speech and press. This can be extended to all such
prior restraint laws. To regulate content based on the public airwaves model
is equivalent to the state telling me what station to listen to on my car
radio because I am on a public road.

When I was a small child I learned an important lesson the hard way. I was
smaller than the other kids so they would call me names and pick on me to no
end. Did I fight with them? No, I recognized even at that young age that
violence would not stop the actions, only change their nature. Violence as a
means of coersion is a signal of a small mind. On the other hand, I only lost
a single fight in the 1st grade. This taught me that if one is attacked in a
physical sense respond with all the force and violence you can muster, show
no mercy until the beggar is on the ground and in a sorry state. Don't stop
if they say they surrender, they may be saying it to gain a tactical
advantage. Stop only when you are certain they no longer have the will or
means to carry the fight further. It would be a great thing if our
government and society in general would learn this lesson regarding violence.
We would live in a much less violent world.

                                                      Jim Choate






From dlv at bwalk.dm.com  Fri Aug  2 21:53:18 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Sat, 3 Aug 1996 12:53:18 +0800
Subject: Corporate e-mail policy
In-Reply-To: <199608022351.SAA14955@manifold.algebra.com>
Message-ID: <q4B3RD7w165w@bwalk.dm.com>


ichudov at algebra.com (Igor Chudov @ home) writes:
> employees will at least know to keep their own business out of computers
> that will be monitored by the company anyways.

Igor learned it the hard way... He's no longer reachable @wiltel.com. :-)

> This is ultimately to the betterment of employees themselves if they
> fall prey to complaints of the likes of January KOTM The Right Reverend
> Colin James III (puke). For the information of those who do not know
> CJ3 made it a hobby to complain to the employers of people whom he did
> not like -- with not much success though.

Not true - Colin got several forgers in serious trouble for their net-abuse.
More power to him.  The Internet needs more people like TRRCJ3 (pbuh).

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From ravage at EINSTEIN.ssz.com  Fri Aug  2 21:59:07 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 12:59:07 +0800
Subject: A Libertine Question (fwd)
Message-ID: <199608030142.UAA11326@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 16:50:01 -0500 (CDT)
> From: snow <snow at smoke.suba.com>
> Subject: Re: A Libertine Question
> 
>      As long as you are enforcing it on everyone, I don't think you'd have a 
> problem, but to force some one from cooking food for homeless people, and 
> allow a family barbeque, is IMO wrong.

Not at all. Businesses have no rights, individuals do. Businesses have a
responsibility to protect their patrons (if you don't think so ask all the
folks in Japan or the people here in Austin sick from Strawberries and
Blueberries they bought at the local HEB). Individuals have a right to
privacy, that includes cooking themselves food without harrassment. Business
on the other hand are selling products of potentialy questionable quality. A
reasonable person recognizes that such a business has two ways of fulfilling
its responsiblities. They can either submit to regulation and quality control
from the local municipality or else they can hang signs about their place of
business declaring "Caveat Emptor: Our food may be tainted, eat at your own
risk". Which do you think is the more reasonable?

> If it is unsafe/unsanitary to cook 
> food in a certain way, it is unsafe/unsanitary. Selective enforcement is 
> wrong. 

Not at all. I have a right to kill myself with bad cooking if I choose. I do
not have the right to kill another, especialy a stranger, without their
prior consent. I guess it would be ok if a food vendor were to ask you if
you minded being killed by their product, but I doubt many of them would be
in business next week, let alone sell many hot dogs.

People and businesses are not the same.


                                                        Jim Choate






From JMKELSEY at delphi.com  Fri Aug  2 22:04:22 1996
From: JMKELSEY at delphi.com (JMKELSEY at delphi.com)
Date: Sat, 3 Aug 1996 13:04:22 +0800
Subject: Paranoid Musings
Message-ID: <01I7TCONUR6G8Y5AIP@delphi.com>


-----BEGIN PGP SIGNED MESSAGE-----

[ To: cypherpunks ## Date: 08/02/96 12:29 pm ##
  Subject: Paranoid Musings ]

>Date: Tue, 30 Jul 1996 11:13:59 -0700
>From: frantz at netcom.com (Bill Frantz)
>Subject: Paranoid Musings

>Sometimes paranoia strikes.  Since these musings are crypto related,
>I thought I would share them.

>Now expensive specialized cracking equipment can certainly speed up
>the process, but there may be a better way.  If cryptanalysis of RC4
>yields techniques which make the process much easier, then it is the
>ideal cypher to certify for export.

Actually, this makes sense for another reason.  Academic
cryptanalysis is often about finding any attack on a cipher that's
easier than keysearch, even if the requirements for that attack are
still completely impractical.  (Differential and linear attacks on
DES are a good example of this.)  However, if you're interested in
actually recovering data in your attacks with high probability and
low cost, then it makes sense to focus on protocol and
implementation weaknesses, and then on attacks like keysearch which
can be done with either ciphertext-only or known-plaintext.

I would guess that some of NSA's best people work on optimizing
keysearches.  This especially makes sense because of the widespread
use, first of DES, and more recently of exportable 40-bit ciphers
like RC2 and RC4.

>The paranoid conclusion is that there is a significant weakness in
>RC4.

The paranoid conclusion is that there is a significant weakness in
any cipher you're counting on.

>Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
>(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
>frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA

   --John Kelsey, jmkelsey at delphi.com / kelsey at counterpane.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgI7X0Hx57Ag8goBAQEsNAQAm6SbOnCkTh2EByH8Oa1GoTItx+JUE2hA
mtEDp//VW1qH5Lzem14ARGbcgIHbPQqVHN355p5pSrH7tI+RnPc45RRjmF6Ot96r
CjnOz3DWPOXx30pm4NGchKs3MmfMyeDKvL3GofMZee8qNm8IZsnMuLMhQABUIdBM
kU/oaYwfZdE=
=C9ip
-----END PGP SIGNATURE-----





From hallam at ai.mit.edu  Fri Aug  2 22:06:15 1996
From: hallam at ai.mit.edu (Hallam-Baker)
Date: Sat, 3 Aug 1996 13:06:15 +0800
Subject: VISA Travel Money
In-Reply-To: <4tmr8j$lrg@life.ai.mit.edu>
Message-ID: <3202AC0F.41C6@ai.mit.edu>


Timothy C. May wrote:

> I'm also skeptical of these "VISA Travel Money" cards. That is, they don't
> seem to be too useful for anything.

They are usefull for the one purpose for which they are designed. One
can go off to a foreign country and obtain cash as required without
having to pay often usurous fees from bureaux de change. Just because
you are supposed to be able to use travel cheques as cash does not mean
that you really can.

> After all, cash works well. (It's rarely stolen, in my experience, or at
> least this is not a major concern. Traveller's checks work well, and can be
> "cashed" into the local currency. ATM machines fill the same function these
> "VISA Travel Money" cards apparently do; at least when I was in Europe the
> last time this is what I used, and my French francs were as untraceable as
> could be.
>
> As I see it, yet another marketing solution looking for a problem.

Its not a major VISA product but it is reasonably usefull. Its more convenient
to carry a card than cash. If one gets mugged or looses the card there
is a way of recovering the cash (sometimes). I don't think that there would
be much use for such cards in the tourist belt but you might well want to
have one if you were going on a trip to the hinterlands of a country.

For most people VISA travel cheques or a cash advance is likely to be
more usefull. 
 
> A real step would be a true privacy card, a card issued in a jurisdiction
> unfriendly to U.S. investigators and offering various transaction-blinding
> options. I have to wonder what pressures have been put on the major credit
> card companies...

See the Stored Value Card work that VISA have been working on, or MONDEX.
MONDEX has almost every feature you would want from anonymous cash except 
you can't prove its anonymous. You can do purse to purse transfers 
however.

Its a different level of privacy to that of e-cash. e-cash provides
only purchaser unlinkability and its an online scheme. MONDEX makes
it possible to trace certain withdrawal and deposit patterns of a user
but little else. 


		Phill





From tcmay at got.net  Fri Aug  2 22:13:00 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 3 Aug 1996 13:13:00 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <ae27f97600021004ec6c@[205.199.118.202]>


At 12:48 AM 8/3/96, Declan McCullagh wrote:
>Stop the presses -- the other shoe didn't drop. Despite a flurry of
>last-minute hyperbole, the House passed an anti-terrorism bill this
>afternoon without the ominous encryption or wiretap provisions. Now
>the bill lies in the lap of the Senate, which probably will approve it
>later today or tomorrow before they leave town for the August recess.

I agree. And I think we should thank CDT, EFF, the ACLU, and (gasp) the NRA
for ensuring that martial law provisions did not get slipped in during the
rush to get out of Washington for the recess. (And maybe other groups...I
don't follow all the politics.)

I'm watching Rep. Bob Barr (R) on "Larry King Live," on CNN. He makes a lot
of sense, and keeps coming back to civil liberties, the alliance between
the ACLU and the NRA on this one, etc. His adversary, Rep. John Conyers (D)
is calling for stronger measures, for the need to "do something."

(I thought the Democrats nominally stood for certain types of civil
liberties? Not that I ever was fooled by them, but this is the public
personna they present.)


>The Net owes its thanks to the House Republicans for stopping these
>fool Dems in a fine backroom political maneuver late last night.

By the way, my blasting of Sen. Dianne Feinstein as "Fineswine,"
"Swinestein," etc. (names not original with me, of course) is heartfelt. I
don't mine dealing with opponents, even articulate enemies of freedom. But
Feinstein is a halfwit and a hypocrite. A San Francisco society lady
masquerading as a senator. She's proof that transmigration of souls is
real, being the incarnation of Marie Antoinette. "Let them eat cake."

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Fri Aug  2 22:17:39 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 3 Aug 1996 13:17:39 +0800
Subject: SOUP KITCHENS (fwd)
Message-ID: <ae28119a020210049840@[205.199.118.202]>


At 2:10 AM 8/3/96, Jim Choate wrote:

>True enough, but not the whole story. If a dog or cat is kept well and fed
>good quality food they live 10+ years. The average life of an animal on the
>street is between 2-5 years. As to people, we now live around 75-80 years,
>prior to all these rules and regulations on food and such the average was
>20-25. If we go back to what you propose you would be dead a long time ago.

Hardly a proved correlation. A lot of other factors come into play. But
never mind. No point arguing.

...
>I personaly find it reassuring that some bunch of knuckle-heads are unable
>to start a chip making facility like you support. The thought of finding
>flourine compounds in the local river (where I get my tap water) or simply
>dumped in the air is a little unsettling. Just because some group of bozo's
>want to start a business is not sufficient justification for that to be
>allowed.

A straw man. There is is no evidence that these startup companies are
dumping stuff in rivers. Jeesh. The point is that large companies learn how
to keep large staffs employed filling out paperwork, and they actually have
come to see it is a good way to keep small companies from forming.


>It seems to me that many of the folks who recognize downsized workers pleas
>for their 'right to a job' as so much bunk are at the same time supporting a
>businesses right to start up. A pretty humorous double standard.

Not at all comparable.


>I have never heard of anyone being arrested for giving away food, only
>selling it without a license. I bet the Salvation Army soup kitchen would be
>worried if this claim were true (they aren't and it ain't).

Then you weren't reading the thread, which in several posts described this
very situation. "Food Not Bombs" was giving away soup, chile, and other
such stuff at a park in Santa Cruz (and maybe elsewhere, e.g., San
Francisco). They were busted.

Now do you understand the situation?


--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From hallam at Etna.ai.mit.edu  Fri Aug  2 22:20:01 1996
From: hallam at Etna.ai.mit.edu (hallam at Etna.ai.mit.edu)
Date: Sat, 3 Aug 1996 13:20:01 +0800
Subject: VISA Travel Money
In-Reply-To: <Pine.SUN.3.91.960802191032.26652B-100000@crl5.crl.com>
Message-ID: <9608030331.AA07184@Etna.ai.mit.edu>



I don't think that VISA travel money will be a major product
for VISA. When I spoke with Azbo about it it was not a 
major strategic direction for them.  He described its use by 
First Bank of Internet (later first Branch of Internet).  I think that
VISA would LIKE to provide the Ability for travel money, to function 
as a debit card, but it would then be very close to their existing 
product of secured payment cards.There are good reasons why aproduct 
that allows you to draw a specific amount of cash out of ATM's is a good 
idea for VISA and useful for a small number of customers, but I think 
you're reading way to much into this.  Much more interesting are proposals
by the Federal reserve Board, to exempt from regulation E certain types of 
stored value card provided they store no more than $100.  While $500 would
seem to me to be a more serious and sensible level while still not having
particular money laundering advantage (5 $100 bills is smaller than 
one smart card) it is at least a start.

Phill

PS Be willing to bet donuts provided he can suggest a way of delivering them 
via internet.





From shamrock at netcom.com  Fri Aug  2 22:24:03 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sat, 3 Aug 1996 13:24:03 +0800
Subject: FAA to require transponders on all aircraft passengers
Message-ID: <v02120d0bae2873a00df4@[192.0.2.1]>


According to KCBS, a local radio station, the FAA has closed a long
anticipated deal with a manufacturer of transponder devices. The goal of
the system to be deployed nationwide is to match aircraft passengers to
their luggage and thereby identify unaccompanied luggage on board an
aircraft.

Transponders will be affixed to all items of luggage and all passengers. If
the system discovers a transponder on the luggage in the cargo hold without
the corresponding transponder on the passenger on board, an alarm will
sound. I am not making this up.

As many of you know, I have long predicted subcutaneous transponders to
become widely deployed in the near future. First for child identification
and monitoring of criminals, then, as the children grow up, as universal
ID, driver license, proof of eligibility for employment, PIN substitute,
etc.

Today, we moved a step closer to this future.

[Note that the transponders will have to be affixed to the passenger. An
example would be a hospital style bracelet that stops working when removed.
Why embedding the transponder in a hand carried item, such as a card, will
not work is left as an exercise to the reader. Even an affixed device does
not provide perfect security. You'd really have to embed the transponder in
the body at an early age to make removal nearly impossible.]



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From ravage at EINSTEIN.ssz.com  Fri Aug  2 22:25:52 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 13:25:52 +0800
Subject: SOUP KITCHENS (fwd)
Message-ID: <199608030132.UAA11308@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 15:36:02 -0700 (PDT)
> From: Sandy Sandfort <sandfort at crl.com>
> Subject: Re: SOUP KITCHENS
> 
> A most distastful example is the complicit silence of gun stores
> when the gun grabbers regulate "kitchen table" gun dealers out of
> economic existance.

Funny, one of my customers is involved in the Texas gun lobby and through
him I am aware of literaly hundreds of people who are within a few miles of
Austin who have FFL's and have no problem selling weapons off their kitchen
table completely legal. Their prices in general are much lower than local
stores such as McBrides (the best known in Austin).

                                                 Jim Choate






From shamrock at netcom.com  Fri Aug  2 22:27:33 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sat, 3 Aug 1996 13:27:33 +0800
Subject: More evidence that democracy is bunk
Message-ID: <v02120d09ae28692597a7@[192.0.2.1]>


At 3:11 8/2/96, Deranged Mutant wrote:

>If they were asked if they minded random searches of their bags and
>belongings or required to carry photo-ID wherever they went, to be
>presented on demand, would they still be willing?

You bet. I remember a war on drugs releated poll from a few years back in
which a majority supported warrantless searches of their homes.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From shamrock at netcom.com  Fri Aug  2 22:28:38 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sat, 3 Aug 1996 13:28:38 +0800
Subject: fbi, crypto, and defcon
Message-ID: <v02120d08ae2866db0ddc@[192.0.2.1]>


At 8:50 8/2/96, Paul J. Bell wrote:
>i, for one, and perhaps others on the list as well, would be interested in
>hearing
>what you mean when you say, "At&t, Microsoft, etc) who are ripping people
>off on a
>daily basis".
>
>for example, in what way is AT&T ripping people off? and what about
>microsoft?

Its up to you what you call it, but here is an interesting example:

An international phone call costs about 2 cents/min to produce. The average
rate paid for by the consumer is 62 cents. That's means the carriers mark
up this particular product by an amazing 3000%.

Can you name another business that has comparable mark-ups?



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From ravage at EINSTEIN.ssz.com  Fri Aug  2 22:53:12 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 13:53:12 +0800
Subject: Tolerance (fwd)
Message-ID: <199608030358.WAA11568@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 07:59:05 -0700 (PDT)
> From: Sandy Sandfort <sandfort at crl.com>
> Subject: Re: Tolerance (fwd)

> Here I have to respectfully disagree, totally, with Jim.  One
> does not have to "reserve" one's rights.  They are inherent and
> my be exercised pretty much at will (I say "pretty much" because
> there are situations where "implied contract" applies).

Exactly! Stating a list is 'public' is an inherent contract between the list
provider and the subscriber with certain expectations on both parties part.
The list provider expects no illegal activity to take place such that they
are placed in jeopardy and the subscriber expects to recieve access to a
public (ie not regulated by a third party other than themselves and the
members en toto) list. Claiming the right to throw somebody off for any
reason other than illegal activity nullifies the claim of 'public'.

> A restaurant or bookstore is a public place in that it is open
> to the public.

I know of no state in the union where a bookstore, restaurant, mall, etc. is
considered public. In Texas such places make it clear that they are private
places and that they reserve the right to refuse service and/or ask you to
leave the premises.

Legaly a public place is someplace which is operated using public monies.

> Nevertheless, without first "reserving the right"
> to do so, the owners may tell you to leave if they don't like 
> the way you sound, look or smell. 

Because they ain't any more public than my house is on Wednesday nites when
I have it open to folks. I assure you that if somebody were to show up
smelling or filthy they would be asked to leave and if they refused I would
call a police officer and press trespass charges.

> Criminal activity is not
> required legally nor ethically.  Your ejection may, in fact, be
> totally arbitrary.  I don't see a privately maintained, "public"
> list as being philosophically any different.

The only way a police officer can expell you from a public place other than
for criminal behaviour is if the municipality passes ordinances regarding
access (ie open from 7-10 for example in the case of city parks here in
Austin) which must apply to ALL citizens equaly not just the vagabonds (I
have been thrown out of parks on many occassions and I assure I don't look
like a street bum even when I was living on the street in the early 80's - 
for grins I might add).


                                                 Jim Choate






From llurch at networking.stanford.edu  Fri Aug  2 23:03:48 1996
From: llurch at networking.stanford.edu (Rich Graves)
Date: Sat, 3 Aug 1996 14:03:48 +0800
Subject: AP story: Police look for Olympic bombing Internet link.
In-Reply-To: <9608030114.AA03672@ch1d157nwk>
Message-ID: <Pine.GUL.3.95.960802205338.3360E-100000@Networking.Stanford.EDU>


On Fri, 2 Aug 1996, Andrew Loewenstern wrote:

> [Not From <http://www.boston.com/globe/cgi-bin/globe.cgi?ap/apnat.htm ]

"By CHARLES J. HANLEY, AP Special Correspondent"

You know, someone ought to put dossiers on these morons in a library
somewhere. 

-rich






From ravage at EINSTEIN.ssz.com  Fri Aug  2 23:07:04 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 14:07:04 +0800
Subject: A Libertine Question (fwd)
Message-ID: <199608030308.WAA11470@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 19:09:25 -0700 (PDT)
> From: Sandy Sandfort <sandfort at crl.com>
> Subject: Re: A Libertine Question (fwd)
> 
> > A reasonable person recognizes that such a business has two ways
> > of fulfilling its responsiblities. They can either submit to
> > regulation and quality control from the local municipality or
> > else they can hang signs about their place of business declaring
> > "Caveat Emptor: Our food may be tainted, eat at your own risk".
> > Which do you think is the more reasonable?
> 
> It would be nice if businesses were offered that choice.  I would
> choose the second, myself.  Only my sign would say, "Our food is
> guaranteed not tainted by the Acme insurance company, not some
> corrupt government."  The problem is, governments do not allow 
> businesses nor consumers to make that sort of choice.  With them 
> it's, "my way or the highway" (or harassment and jail actually).

And any insurance company with a whit of sense would charge you rates so
high that your much touted small vendors and many of the medium sized
vendors currently in business would not exist. You think governments are
bad? Wait till you see a bunch of bean counters racing a profit margin. In
such a situation we wouldn't even have the opportunity for input into the
system via constitutions, charters, and votes. Just imagine how much support
a Japanese insurance company would provide its clients in regards to the
current epidemic in Japan, absolutely none because it is better the little
vendor go out of business than the insurance company.

> Until Jim shows me a business that isn't owned and operated by
> people, I'll have to respectfully disagree.  Businesses are just
> people acting alone or in concert.  Actions are what count, not
> whether the action is of a pecuniary nature or not.

I own 2 businesses (CyberTects & Linux System Development Labs) and work for
another (Tivoli - IBM), none are equivalent to my person. Businesses are a
system of rules and procedures that one offers another person in exchange for
some other commodity. Saying a business has the same rights as a person is
equivalent to saying the Empire State Bldg. has civil rights because persons 
built it and occupy it. My dog has a better argument for civil rights than
any business, it breaths and shits. Would you seriously give my dog a vote?
I shure won't, and I won't support any business with rights.

                                                 Jim Choate






From ravage at EINSTEIN.ssz.com  Fri Aug  2 23:07:47 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 14:07:47 +0800
Subject: SOUP KITCHENS (fwd)
Message-ID: <199608030210.VAA11373@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 14:10:55 -0700
> From: tcmay at got.net (Timothy C. May)
> Subject: Re: SOUP KITCHENS
> 
> (Fortunately, people survive all kinds of dirt and germs. If dogs and cats
> can eat stuff off the floor, and our ancestors did before hot water, soap,
> and autoclaves, then so can we. Not to mention children. But I digress.)

True enough, but not the whole story. If a dog or cat is kept well and fed
good quality food they live 10+ years. The average life of an animal on the
street is between 2-5 years. As to people, we now live around 75-80 years,
prior to all these rules and regulations on food and such the average was
20-25. If we go back to what you propose you would be dead a long time ago.

> The use of zoning and health code ordnances to harass certain classes of
> people is nothing new. Like I said, the Boy Scout Cookout and similar
> "good" events are not bothered by City Inspectors descending on them to
> shut them down.

In my experience they don't get hassled because they get the requisite
permits and act in good faith. Many of these small businesses and street
vendors are 'hassled' because they are unwilling or unable to meet basic
commen sense standards of conduct and go out of there way to circumvent
regulations and in some cases commen sense. I have a friend who worked at a
local strip club on N. Lamar (Yellow something...) up until a few weeks ago.
Seems one of the workers there turned a freezer off and as a result some
meat was tainted. Did they throw it out? Hell no, they went ahead and served
it because to do othewise would effect their profit margin. My (and by
extension your) life is not worth a few measly bucks. My friend complained
bitterly and when they went ahead and did it he quit and filed a complaint
with the local health dept. (I am completely unaware of the result but the
club is still open). I once got food poisoning from a Vietnamese food vendor
on the West Mall at UT Austin and complained and called the Health Dept.
Last time I was down on The Drag (the popular name of the street) the same
vendor was still in business and this was over 10 years later. And for the
record I have bought food there, I have just become more careful about its
taste and quality.

> Further, in time past the operation of a "street food" service (hot dogs,
> ice cream, various knoshing items, etc.) was a way for otherwise poor
> persons to start a business. My own city, Santa Cruz, has no pushcart
> vendors, and only one officially-approved sidewalk hotdog vendor. A loss
> for us, a loss for would-be vendors, and with no gain in "food safety" that
> I can plausible see.

Why do they prohibit permits for these types of businesses?

> I actually think this shows another side of the harassment of food
> giveaways and low-cost vendors: it cuts down on competition with the
> established food entities. While I tend to dismiss "corporate conspiracy"
> theories about how Giant Corporations are repressing and suppressing the
> Little Guys, there is little doubt that licensing, zoning, and other
> governmental restrictions are often used by established entities to keep
> out competition. Licenses get used for what economists call "rent-seeking"
> behavior.

You should be more careful about who you pick to represent you then when you
vote. Here in Austin back in the 80's the big thing was to move the airport
out of town. So many of the public officials rushed out and bought land near
the little town outside Austin in the hopes that the airport would be moved
there. It was so bad we had many elections where the citizenry voted not to
move the airport and the city council went ahead with the actions anyway.
Finaly a few years ago the feds closed Bergston the local airbase and the
entire rationale for moving the airport fell through and now all those
people have retired from local political actions because they are all broke.

> (Examples abound in other areas, too, such as where large chip companies
> like Intel actually relish the vast amounts of paperwork they are required
> to fill out, becuase this overhead and legal burden can be handled by their
> buildings full of paper pushers, but helps to keep small companies from
> entering the market. Intel has actually insisted that small companies file
> the same environmental impact reports, labor reports, etc., that they have
> to fill out. Understandable at one level, but also an example of using "the
> system" to put pressure on upstarts. Or, the rent-seeking of professional
> guilds, well-known to all of us.)

I personaly find it reassuring that some bunch of knuckle-heads are unable
to start a chip making facility like you support. The thought of finding
flourine compounds in the local river (where I get my tap water) or simply
dumped in the air is a little unsettling. Just because some group of bozo's
want to start a business is not sufficient justification for that to be
allowed.

It seems to me that many of the folks who recognize downsized workers pleas
for their 'right to a job' as so much bunk are at the same time supporting a
businesses right to start up. A pretty humorous double standard.

Persons don't have a right to work and businesses do not have a right to
start up unless they can meet reasonable levels of responsibility for their
actions. People and by extension businesses do not have the right to harm
others without their prior consent. As an extension of this, people have a
right to limit the ways and means that a business may use in order to operate.

> As to Alan Horowitz's bizarre notion that "public streets" are not to be
> used for giving away food,

I have never heard of anyone being arrested for giving away food, only
selling it without a license. I bet the Salvation Army soup kitchen would be
worried if this claim were true (they aren't and it ain't).

> does he believe the same to be true of giving
> away speech, giving away ideas, passing books to other people, etc.? "There
> are bookstores for selling or buying books, and anyone who engages in this
> sort of action on a public street will have his attitude adjusted with my
> billy club."

I am unaware of any municipality which prohibits giving away books, they
regulate bookstores because they are a business and engaged in commerce.
If you are aware of a municipality (or any list reader for that matter) I
would appreciate being informed (ie mail me privately).

> "Public" areas cause problems for analysis of rights, I will grant. The
> "commons problem" is well known. But I think that the specific cases we've
> been discussing, of whacking bums with nightsticks for the crime of not
> maintaining "proper decorum," and of Food Not Bombs being shut down while
> the Boy Scouts are not, are clear cases where the law is being misapplied.

And your argument that a business should have the same rights and
considerations as a human being is bogus. If that were true then by extensio
governments would have rights, which they don't. Unless you breath and shit
you don't have rights, only duties and responsibilities assigned by the
persons who built the system. A structure is not equivalent by any stretch
of the imagination as the person(s) who built it.


                                                  Jim Choate






From mpd at netcom.com  Fri Aug  2 23:07:56 1996
From: mpd at netcom.com (Mike Duvos)
Date: Sat, 3 Aug 1996 14:07:56 +0800
Subject: More evidence that democracy is bunk
In-Reply-To: <v02120d09ae28692597a7@[192.0.2.1]>
Message-ID: <199608030410.VAA16970@netcom9.netcom.com>


Lucky Green wrote:

> At 3:11 8/2/96, Deranged Mutant wrote:
> 
> >If they were asked if they minded random searches of their bags and
> >belongings or required to carry photo-ID wherever they went, to be
> >presented on demand, would they still be willing?

> You bet. I remember a war on drugs releated poll from a few years 
> back in which a majority supported warrantless searches of their homes.

RAW was fond of pointing out that in spite of the current love of
democratic government, free societies are actually infrequent and
short-lived blips on the historical landscape.  

Something about basic human nature and "all you have to do is rock 
the boat a little and the people will beg the government to take their
rights away."

Since the government is usually in the best position to do any 
necessary cage-rattling, perpetual freedom is an illusory concept. 

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $






From sandfort at crl.com  Fri Aug  2 23:10:34 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 3 Aug 1996 14:10:34 +0800
Subject: VISA Travel Money
In-Reply-To: <3202AC0F.41C6@ai.mit.edu>
Message-ID: <Pine.SUN.3.91.960802191032.26652B-100000@crl5.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 2 Aug 1996, Hallam-Baker wrote:

> They [VISA Travel Money cards] are usefull for the one purpose
> for which they are designed. One can go off to a foreign
> country and obtain cash...

Agreed, but does anyone have any reason to believe that these
cards cannot now (or perhaps will) be used just like regular
VISA cards for purchases in stores, restaurants, etc.?

I have two VISA debit cards in my name which can be used anywhere
VISA credit cards are accepted.  The VISA Travel Money card 
appears to be nothing more than a debit card that is tied to a
special sub-account at the issuing bank rather that the account
of a named individual.  At least where the retail establishment
has an on-line credit card terminal, the risks and protections
should be equivalent to a regular debit card. 

I'd bet dollars to donuts that the VISA Travel Money cards will
be usable just like VISA credit and debit cards within the next
2-3 years.  My guess is that they are just going slow to see
what sort of reception the Money cards get.


 S a n d y

P.S.	Phil should realize that my offer to bet dollars
	against donuts was not a serious wager.  It will
	not be necessary, therefore, for him to come up
	with some elaborate rationale to weasle out of
	the bet.  :-)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From alano at teleport.com  Fri Aug  2 23:12:23 1996
From: alano at teleport.com (Alan Olsen)
Date: Sat, 3 Aug 1996 14:12:23 +0800
Subject: fbi, crypto, and defcon
Message-ID: <2.2.32.19960803040230.00ef56f4@mail.teleport.com>


At 08:28 PM 8/2/96 -0700, you wrote:

>Its up to you what you call it, but here is an interesting example:
>
>An international phone call costs about 2 cents/min to produce. The average
>rate paid for by the consumer is 62 cents. That's means the carriers mark
>up this particular product by an amazing 3000%.
>
>Can you name another business that has comparable mark-ups?

Verisign? 

InterNic Domain name registration?

Licence plates in Washington state?
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From alanh at infi.net  Fri Aug  2 23:17:10 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 3 Aug 1996 14:17:10 +0800
Subject: A Libertine Question
In-Reply-To: <Pine.LNX.3.93.960802164703.1649B-100000@smoke.suba.com>
Message-ID: <Pine.SV4.3.91.960803002218.1359A-100000@larry.infi.net>


> > illegal to operate a residential kitchen and a residential sewge-disposal 
> > operation in a city park or a city sidewalk?
>      As long as you are enforcing it on everyone, I don't think you'd have a 
> problem

    Let's clarify something here. I am not complaining about these
fruitcakes who want to help the homeless retain their drug & alcohol
stupors, by taking care of them the way one takes care of a child - buying
the food, cooking the food, putting the food on their plate, etc. 

I anm referring to the homeless people who stake out "their" peice of a 
publicly owned real estate, and set up a continuing residence - cardboard 
or better box, ersatz cooking facilities, etc, etc. And then start acting 
out their own particular psychoses. Which typically involves accosting 
passersby, or worse.

Ya know, if these homeless folks were even doing this stuff with decorum,
 and not making disturbances and assaulting people, I for one wouldn't
give a shit.  Some may recall, as I do, the report in the New York Times a
few years ago about a chap who set up household 30 feet up in a tree in
Central Park. He was living there for 2 years before the Park Rangers
noticed and then evicted him. The fellow had several rooms, and even
running water. Don't ask me how. 

I admire that dude.





From stewarts at ix.netcom.com  Fri Aug  2 23:27:26 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 3 Aug 1996 14:27:26 +0800
Subject: fbi, crypto, and defcon
Message-ID: <199608030426.VAA19121@toad.com>


At 09:20 AM 8/1/96 -0800, jim bell <jimbell at pacifier.com> reminded us:
>Also:  Clipper was fabbed by VLSI Technology.  A few pointed inquiries might 
>work wonders here.

It was made by Mykotronx, using tamperproof programmable gate 
array chips from VLSI, though I don't remember whether they were
entirely programmed at Mykotronx+NSA, or whether they were
mostly mask-programmed at VLSI first.

On the other hand, if you _want_ to make a DES-cracker,
at the time Clipper came out, VLSI was making a 192Mbps DES chip,
and they may have faster stuff now.
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Rescind Authority!






From jimbell at pacifier.com  Fri Aug  2 23:35:57 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 3 Aug 1996 14:35:57 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <199608030328.UAA11944@mail.pacifier.com>


At 07:48 PM 8/2/96 -0500, Declan McCullagh wrote:
> and black and smokeless powder taggants.

Such materials will be easy to defeat.  Find an indoor shooting range, 
vacuum up the powder residue that falls  in front of the shooting stalls, 
and you'll have a concentrated mixture of literally hundreds of types of 
taggants.  Add to bomb.  Laughing, at this point, is optional.

Jim Bell
jimbell at pacifier.com





From shamrock at netcom.com  Fri Aug  2 23:36:27 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sat, 3 Aug 1996 14:36:27 +0800
Subject: SOUP KITCHENS (fwd)
Message-ID: <v02120d0fae28834ebce8@[192.0.2.1]>


At 21:10 8/2/96, Jim Choate wrote:

>In my experience they don't get hassled because they get the requisite
>permits and act in good faith. Many of these small businesses and street
>vendors are 'hassled' because they are unwilling or unable to meet basic
>commen sense standards of conduct and go out of there way to circumvent
>regulations and in some cases commen sense.

Jim,
I was there when Food Not Bombs got busted in San Francisco. They tried to
get a permit from the Health Department, but the HD refused to even process
the application. FNB finally won the case. I guess next time the HD will be
smarter, process the application and deny it. At present, SF has a
hands-off policy in regards to Food Not Bombs.

The feeding was never the real issue. The heavy political indoctrination
that came with it was. Patrick McHenry handed out the food, screaming in a
mike, in front of the Federal Building (without interfering with
pedestrians in any way) as the Feds came out on their lunch hour, having to
listen to him complain about President Bush's CIA background, calling Bush
a drug dealer, and demanding to know why there was no money for food when
there was plenty of money for nukes.

Now can we please let this thread (at least on the list) die?



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From alanh at infi.net  Fri Aug  2 23:43:36 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 3 Aug 1996 14:43:36 +0800
Subject: VISA Travel Money
In-Reply-To: <3202AC0F.41C6@ai.mit.edu>
Message-ID: <Pine.SV4.3.91.960803004729.1359D-100000@larry.infi.net>


Where does one buy these Visa debit cards. Great idea for travel in the
Philippines, where ATM's are widespread but Travellors checks are not very
negotiable. 





From ravage at EINSTEIN.ssz.com  Fri Aug  2 23:51:21 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 14:51:21 +0800
Subject: "adjust your attitude with their billy club" (fwd)
Message-ID: <199608030343.WAA11512@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 12:01:41 -0400 (EDT)
> From: Alan Horowitz <alanh at infi.net>
> Subject: Re: "adjust your attitude with their billy club" (fwd)
> 
> > to yourself. The burden of proof rests on the individual to prove that such
> > actions by a third party are a public nuisance.
> 
>    Bzzt, wrong anser. Thanks for playing.  A state and it's political 
> subdivisions does have the power to enact an ordinance DEFINING what 
> constitutes a public nuisance. They need merely protect 
> constitutionally-protected rights.

States don't enact ordinances, they enact laws. An ordinance is a regulation
which applies in a local municipality regulated by a charter. Laws are
enacted by a state or federal government regulated by a constitution. A
trivial distinction I agree. I would be willing to accept the premise that
in practice such terms are equivalent.

They have the right to enact such ordinances if their charter permits. No
community, state, or federal government in the US is given carte blanche in
regards to the creation of laws, regulation, and ordinances.

If you live in a state which permits the state government to enact such laws
then you have my sympathy. At least here in Texas the state government is
not given that job. It is left to the individual municipalities to define
public nuisance. Here in Austin the homeless were allowed to sleep at the
capitol because it is public property. Sad to say, that day is dead.
I oppose those changes as well. I believe it would be a good thing if more of
our public representatives had to face the homeless and other unpleasantries
in modern life on a personal and daily basis. They might be motivated to get
off their asses and serve the people instead of their campaign contributors.

Which constitution? The Federal government is tasked with upholding the
Constitution, not the states. The states are tasked with upholding their
individual Constitution provided they don't conflict with federal laws.
Municipalities are tasked with upholding their charters unless at odds with
the state or federal constitutions. You make it sound like my local city
council person is responsible for the Constitution, they are not any more
than I am.


> The City of Seattle may not define the act of disseminating anonymous 
> pamphlets as a nuisance. They may define the act of dissemination by 
> throwing them out the window of a moving vehicle, as a nuisance.

I would call it littering. There is litte reason to expect people to pick up
pamphlets from the middle of the street. As to handing them out, that is
protected. If the person you hand it to throws it down on the ground then
they are littering. It is called personal responsibility and respect for
oneself. From this springs respect for others.

> YOu are disconnected from reality. I am not going to waste further 
> keystrokes on this topic. My side already controls the electoral college 
> on this one. It's not my problem.

I may be disconnected from your reality, but reality is observer dependant.

But it is your problem because 'your' side is aging and my generation is just
now coming into power (ie eligable to run for president and such). With a
little luck we might be able to make a difference. All those people out there
you look down upon living in the streets with mohawks and rings through
their clits listening to Pigface and Skinny Puppy get to make the decisions
now. My suggestion to those who support the status quo is to run, run very
fast. We are the ones your mother warned you about. Were pissed off enough
that we aren't going to use violence and such, we intend to use your own
system of rules against you.

                                               Ravage
                                                Black
                                                 Leather
                                                  Monster






From alanh at infi.net  Fri Aug  2 23:53:41 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 3 Aug 1996 14:53:41 +0800
Subject: A Libertine Question (fwd)
In-Reply-To: <199608030308.WAA11470@einstein>
Message-ID: <Pine.SV4.3.91.960803005947.1359E-100000@larry.infi.net>


Corporations are state-created persons [legal definition of "person", not
colloquial vernacular]. They have some privileges which have surface 
resmblence to the rights of natural people. For example, they can "have 
standing" in a court to initiate a legal proceeding - in their own name, 
not that of an agent or employee or trustee.





From ravage at EINSTEIN.ssz.com  Fri Aug  2 23:57:12 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 14:57:12 +0800
Subject: SOUP KITCHENS (fwd)
Message-ID: <199608030514.AAA11685@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 21:33:20 -0700
> From: shamrock at netcom.com (Lucky Green)
> Subject: Re: SOUP KITCHENS (fwd)
> 
> >In my experience they don't get hassled because they get the requisite
> >permits and act in good faith. Many of these small businesses and street
> >vendors are 'hassled' because they are unwilling or unable to meet basic
> >commen sense standards of conduct and go out of there way to circumvent
> >regulations and in some cases commen sense.
> 
> I was there when Food Not Bombs got busted in San Francisco. They tried to
> get a permit from the Health Department, but the HD refused to even process
> the application. FNB finally won the case. I guess next time the HD will be
> smarter, process the application and deny it. At present, SF has a
> hands-off policy in regards to Food Not Bombs.

What exactly was the reason for the refusal to process the form? At that
point the FNB folks should have started a suite against the city and not
gone to the park. If they did they should have been very careful about
advertising the HD's refusal and making it clear that their presence and
actions there were a form of political disobedience.

There are good ways to tweak a nose and there are bad ways. Sounds like
these folks chose a bad way to begin with. I am glad to hear that justice
won out in the end. I bet next time the HD just processes the form. Is the
person in charge of the HD elected or appointed? If appointed than start a
suite against them as well as the department.

> The feeding was never the real issue. The heavy political indoctrination
> that came with it was. Patrick McHenry handed out the food, screaming in a
> mike, in front of the Federal Building (without interfering with
> pedestrians in any way) as the Feds came out on their lunch hour, having to
> listen to him complain about President Bush's CIA background, calling Bush
> a drug dealer, and demanding to know why there was no money for food when
> there was plenty of money for nukes.

I would have gone back the next day w/ a larger amp.

> Now can we please let this thread (at least on the list) die?

Certainly.

                                                Jim Choate






From alanh at infi.net  Fri Aug  2 23:57:21 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 3 Aug 1996 14:57:21 +0800
Subject: SOUP KITCHENS (fwd)
In-Reply-To: <ae28119a020210049840@[205.199.118.202]>
Message-ID: <Pine.SV4.3.91.960803010515.1359F-100000@larry.infi.net>


We must always look at the legal definition of words. If I _give_ a 
joint, I can be charged with sale of a controlled substance. That no 
money changed hands is irrelevant.





From alanh at infi.net  Fri Aug  2 23:57:24 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 3 Aug 1996 14:57:24 +0800
Subject: "adjust your attitude with their billy club" (fwd)
In-Reply-To: <199608030343.WAA11512@einstein>
Message-ID: <Pine.SV4.3.91.960803010945.1359H-100000@larry.infi.net>


On Fri, 2 Aug 1996, Jim Choate wrote:

> But it is your problem because 'your' side is aging and my generation is just
> now coming into power (ie eligable to run for president and such). With a


Why am I having these flashbacks to the Clinton Campaign promises of 1992 
about there existing a young man who is a "New Democrat", a white house 
that will have the highest-ever level of ethics, etc, etc, etc.





From roger at coelacanth.com  Sat Aug  3 00:04:59 1996
From: roger at coelacanth.com (Roger Williams)
Date: Sat, 3 Aug 1996 15:04:59 +0800
Subject: [off-topic] roving wiretaps
In-Reply-To: <2.2.32.19960802234117.006acb90@gonzo.wolfenet.com>
Message-ID: <rogervif183vx.fsf@sturgeon.coelacanth.com>


>>>>> Cerridwyn Llewyellyn <ceridwyn at wolfenet.com> writes:

  >> One should understand that monitoring cellular traffic is *much*
  >> more difficult than tapping a conventional phone...

  > I'd have to disagree on that point.  Monitoring cellular traffic
  > requires nothing more than a cellular phone, and some software
  > which enables you to follow calls through the cells, for a total
  > cost of about $500...

Agreed.  I know that this capability was available to organisations at
the level of the State Police over ten years ago, and has long been
available to anyone with a credit card and the ability to read the
adverts in the back of _Police Chief_ magazine...

-- 
Roger Williams                         finger me for my PGP public key
Coelacanth Engineering        consulting & turnkey product development
Middleborough, MA           wireless * DSP-based instrumentation * ATE
tel +1 508 947-8049 * fax +1 508 947-9118 * http://www.coelacanth.com/






From ravage at EINSTEIN.ssz.com  Sat Aug  3 00:07:55 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 15:07:55 +0800
Subject: "adjust your attitude with their billy club" (fwd)
Message-ID: <199608030545.AAA11749@einstein>



Forwarded message:

> Date: Sat, 3 Aug 1996 01:13:14 -0400 (EDT)
> From: Alan Horowitz <alanh at infi.net>
> Subject: Re: "adjust your attitude with their billy club" (fwd)
> 
> > But it is your problem because 'your' side is aging and my generation is just
> > now coming into power (ie eligable to run for president and such). With a
> 
> Why am I having these flashbacks to the Clinton Campaign promises of 1992 
> about there existing a young man who is a "New Democrat", a white house 
> that will have the highest-ever level of ethics, etc, etc, etc.

My first guess is that you were taking LSD back then but then I wasn't
there. The second guess would be because you didn't read very carefuly. I
said nothing about highest-ethics or any other such promises of behaviour or
action. I think you are reading more into my statement than is there. I
simply said that some of my generation plan on using the rules against the
establishment.

I consider that a subtle but important difference.

                                             Jim Choate







From ravage at EINSTEIN.ssz.com  Sat Aug  3 00:09:23 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 15:09:23 +0800
Subject: A Libertine Question (fwd)
Message-ID: <199608030542.AAA11740@einstein>



Forwarded message:

> Date: Sat, 3 Aug 1996 01:03:43 -0400 (EDT)
> From: Alan Horowitz <alanh at infi.net>
> Subject: Re: A Libertine Question (fwd)
> 
> Corporations are state-created persons [legal definition of "person", not
> colloquial vernacular]. They have some privileges which have surface 
> resmblence to the rights of natural people. For example, they can "have 
> standing" in a court to initiate a legal proceeding - in their own name, 
> not that of an agent or employee or trustee.

Exactly, 'surface resemblance'. The Constitution at no point mentions
businesses in respect to the rights of the individual which is where all
discussions must start from in this government.

For example, some folks have claimed that corporations have rights that
prevent warantless searches and such. I have to strongly disagree. I see no
rational way to extend this to a corporation. If the police must use a
warrant to search a business located other than in a persons home or on
their property it is because the people who are present on that premisis
have rights and those rights would be infringed by such searches. I am not
even shure I accept the legal premise of corporations.

The amendment say:
 
	The right of the people to be secure in their persons, houses, 
papers, and effects, against unreasonable searches and seizures, shall 
not be violated, and no Warrants shall issue, but upon probable cause, 
supported by Oath or affirmation, and particularly describing the place 
to be searched, and the persons or things to be seized. 
 

                                                Jim Choate






From ravage at EINSTEIN.ssz.com  Sat Aug  3 00:12:17 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 15:12:17 +0800
Subject: SOUP KITCHENS (fwd)
Message-ID: <199608030546.AAA11760@einstein>



Forwarded message:

> From cypherpunks-errors at toad.com Sat Aug  3 00:38:30 1996
> Date: Sat, 3 Aug 1996 01:06:55 -0400 (EDT)
> From: Alan Horowitz <alanh at infi.net>
> To: "Timothy C. May" <tcmay at got.net>
> cc: cypherpunks at toad.com
> Subject: Re: SOUP KITCHENS (fwd)
> In-Reply-To: <ae28119a020210049840@[205.199.118.202]>
> Message-ID: <Pine.SV4.3.91.960803010515.1359F-100000 at larry.infi.net>
> MIME-Version: 1.0
> Content-Type: TEXT/PLAIN; charset=US-ASCII
> Sender: owner-cypherpunks at toad.com
> Precedence: bulk
> 
> We must always look at the legal definition of words. If I _give_ a 
> joint, I can be charged with sale of a controlled substance. That no 
> money changed hands is irrelevant.
> 

Wrong, you can be charged with distribution, not sales.

                                              Jim Choate






From pgut001 at cs.auckland.ac.nz  Sat Aug  3 00:24:51 1996
From: pgut001 at cs.auckland.ac.nz (pgut001 at cs.auckland.ac.nz)
Date: Sat, 3 Aug 1996 15:24:51 +0800
Subject: crypto CD source
Message-ID: <199608030547.RAA30464@cs26.cs.auckland.ac.nz>


>Some time ago on the list there was some discussion of putting together a CD
>full of cryptographic software and reference material. Nothing came of it, but
>I think several people expressed an interest
 
I have about 100MB (compressed) of crypto archives, papers, source code, etc
etc, reasonably well organised with descriptions of each file.  I've got a
friend to put it on CD, but only for my own use.  If there's someone who can
get them done in bulk outside the US you could probably use this as a crypto CD
(I don't think there's anyone in NZ who could do it, and I don't really want
the hassle of organising the whole thing).
 
Peter.
 





From sandfort at crl.com  Sat Aug  3 00:31:54 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 3 Aug 1996 15:31:54 +0800
Subject: Tolerance (fwd)
In-Reply-To: <199608030358.WAA11568@einstein>
Message-ID: <Pine.SUN.3.91.960802221348.29048B-100000@crl5.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 2 Aug 1996, Jim Choate wrote:

> Stating a list is 'public' is an inherent contract between the list
> provider and the subscriber with certain expectations on both parties part.
> The list provider expects no illegal activity to take place such that they
> are placed in jeopardy and the subscriber expects to recieve access to a
> public (ie not regulated by a third party other than themselves and the
> members en toto) list. Claiming the right to throw somebody off for any
> reason other than illegal activity nullifies the claim of 'public'.

A.  Where does Jim get the terms of the contract he implies from
    the simple word "public"?  As far as I can see, he simply made
    it up from whole cloth.  Interesting, but totally without any
    legal basis.
B.  I'm unaware that the Cypherpunks list has ever been advertised
    as "public" by the list owner.
C.  Combining A & B, I know of know instance where the owners of
    the Cypherpunks list ever made any indication that they were
    adhearing to the Byzantine interpretation of contract law as
    suggested by Jim.  (It sure doesn't comport to what I learned
    in my Contracts classes.)

> > A restaurant or bookstore is a public place in that it is open
> > to the public.
> 
> I know of no state in the union where a bookstore, restaurant,
> mall, etc. is considered public.

Actually, it's the law in ALL states in the union since the Public 
Accomidations Act was enacted some time in the '60s (with the
possible exception of Texas, I guess).

> Legaly a public place is someplace which is operated using
> public monies.

Like the Cypherpunks list?  Citation, please.

The problem with Jim is not that he doesn't know anything, but
rather that he knows so many things that aren't true.  (But I
would not favor enforcing the state granted monopoly on the
practice of law if Jim wants to hang out his shingle.  If he can
get someone to pay him for legal advice, more power to him, but 
/caveat emptor/.)


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From ppw3 at everett.com  Sat Aug  3 00:35:10 1996
From: ppw3 at everett.com (Paul Wittry)
Date: Sat, 3 Aug 1996 15:35:10 +0800
Subject: Why Fingerprints and Key-ID's
Message-ID: <199608030439.VAA00131@post.everett.net>


-----BEGIN PGP SIGNED MESSAGE-----

Cypherpunks,

I understand PGP Open-Signed messages and why they are used. I've 
read all the FAQ's. I can't seem to figure out why some of us put our 
Fingerprints and/or Key-ID's at the end of messages.

The answer to my question is probably in a FAQ somewhere and I'm 
missing it, I learn best by watching (visually) or by doing 
(experientially) so I'm having a little trouble learning from 
documentation.

In any case, if someone would spend a little time to explain, or 
point me in the right direction, I would be grateful.

Thanks,
Paul

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgLPl8498OZoTL5VAQFcrwP+JNK8K0cQFdU8+//GQQvj2Z3hn7gTgTeH
SRHosvwj5xNmR5pB9h8FlQillZ+OQEeEF+/z75+fqyK9AD68i+F0c0bymj1vJ6zR
zQnjUsIh/VBKLAvrmnmf08E4uWo2wdJrsjBtRkvShmMWHOBxsp5dReDrsVNPRHtK
Pp1zqTLUBpk=
=1kJ1
-----END PGP SIGNATURE-----
___________________________________________________________________________
Paul Wittry, Visual Artist, Philosopher, Poet|"A poet is a dethroned king
Internet:<ppw3 at everett.com> <bi065 at scn.org>  |sitting among the ashes of
Homepage:<http://www.everett.net/users/ppw3> |his palace trying to form an
PGP Public Key=Finger:<ppw3 at everett.com>     |image from out of the ashes."
Please, encrypt your messages!!!!            |_______________Kalil Gibran__

 


            
                                             






From sandfort at crl.com  Sat Aug  3 00:44:43 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 3 Aug 1996 15:44:43 +0800
Subject: A Libertine Question (fwd)
In-Reply-To: <199608030308.WAA11470@einstein>
Message-ID: <Pine.SUN.3.91.960802214751.29048A-100000@crl5.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 2 Aug 1996, Jim Choate wrote:

> And any insurance company with a whit of sense would charge you rates so
> high that your much touted small vendors and many of the medium sized
> vendors currently in business would not exist. You think governments are
> bad? Wait till you see a bunch of bean counters racing a profit margin. In
> such a situation we wouldn't even have the opportunity for input into the
> system via constitutions, charters, and votes. Just imagine how much support
> a Japanese insurance company would provide its clients in regards to the
> current epidemic in Japan, absolutely none because it is better the little
> vendor go out of business than the insurance company.

Apparently Jim does not understand that the "race for profit 
margin" is what LOWERS the prices of goods and services.  You 
might check out HUMAN ACTION by von Mises.  Anyway, as I said in 
my previous post.

> > It would be nice if businesses were offered that choice

I'm confident that the market solution would be far cheaper and
less violent they injecting the coercive state apparatus into a
volutary transactions between PEOPLE.

> I own 2 businesses...none are equivalent to my person. 

So?  They are owned and operated by people.

> Businesses are a system of rules and procedures...

Made and enforced by PEOPLE.  Jim is begging the question.

> Would you seriously give my dog a vote?

Gee, I don't know your dog.  His understanding of economics
couldn't be much more rudimentary.  (Okay, it was a cheap
shot, but it was a silly question.)


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~









From ravage at EINSTEIN.ssz.com  Sat Aug  3 00:52:27 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 15:52:27 +0800
Subject: A Libertine Question (fwd)
Message-ID: <199608030617.BAA11822@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 22:05:06 -0700 (PDT)
> From: Sandy Sandfort <sandfort at crl.com>
> Subject: Re: A Libertine Question (fwd)
> 
> > And any insurance company with a whit of sense would charge you rates so
> > high that your much touted small vendors and many of the medium sized
> > vendors currently in business would not exist. You think governments are
> > bad? Wait till you see a bunch of bean counters racing a profit margin. In
> > such a situation we wouldn't even have the opportunity for input into the
> > system via constitutions, charters, and votes. Just imagine how much support
> > a Japanese insurance company would provide its clients in regards to the
> > current epidemic in Japan, absolutely none because it is better the little
> > vendor go out of business than the insurance company.
> 
> Apparently Jim does not understand that the "race for profit 
> margin" is what LOWERS the prices of goods and services.  You 
> might check out HUMAN ACTION by von Mises.  Anyway, as I said in 
> my previous post.

Really? Then would you mind explaining why costs rise over time instead of
going down? Compare the cost of almost anything over time and what happens?
The price goes up. Insurance has become involved in the medical industry,
what happened? The cost has gone through the roof. The airplane industry was
deregulated in the late 70's, what happened? The price of a ticket went up
and more and more airlines went out of business because of lagging sales. In
many states (such as Texas) insurance was made mandatory, what happened? The
cost of automobile insurance went up.  The telephone companies were broken
up and 'privatized' in the 80's and what happened? The cost of phone service
has gone up and the rate of new service introduction has gone down. In
almost any case you care to mention where a monopoly or near-monopoly market
exists and is deregulated the cost of operation has gone up.

> > > It would be nice if businesses were offered that choice
> 
> I'm confident that the market solution would be far cheaper and
> less violent they injecting the coercive state apparatus into a
> volutary transactions between PEOPLE.

If this is so then by your own argument, business are operated by people
therefor they are people, the government should conform to this model since
it is operated by people also (by your argument). Therefore governments have
rights (clearly incorrect). Governments have duties and responsibilities,
under our Constitution the government is given no right. As a matter of fact
if there is a disagreement or unclear point the 10th says specificaly that
the government does not get to resolve it but rather the states or the
people. Clearly the founding fathers were drawing a distinction between the
people operating a system and the system itself.

> > I own 2 businesses...none are equivalent to my person. 
> 
> So?  They are owned and operated by people.

Yes, but they are not people any more than my ownership and operation of my
motor vehicle makes it a person. Is your contention that because I own and
operate a computer it should be given rights?

This is sorta funny, I can see it now...

"Your honor we would like to call Mr. Choate's 1985 Mustang to the stand to
give testimony."

"Mr. Choate's 1986 Mustang, you have been found guilty of speeding and
reckless driving."

Hey, come to think of it, this would make a great defence for many things.

"But your honor, my automobile has rights and is considered a person,
therefore you can't hold me responsible for running over those six nuns and
two infants. I was simply along for the ride. The only reason that I was in
the vehicle was that I was afraid to open the door and jump at 120 MPH."

Yup, I definately like where this is going...

I can see a cop reading my computer it's Miranda and waiting till Hell
freezes over for a positive responce.

Just think, all those dead cars...er persons...in the auto...er
people-crusher... We should bring those monsters up on charges for killing
people. Talk about mass murder.

> > Businesses are a system of rules and procedures...
> 
> Made and enforced by PEOPLE.  Jim is begging the question.

Which question would that be? "Should businesses be considered people with
the same rights and priviliges?" If so then it is clearly a negative answer.
The Constitution does not accept that premise and the law does not accept
that premise. If a business is found guilty of wrong doing do they put it in
jail? No, they put the persons involved in jail. Clearly the courts are
drawing a distinction between a system and those who operate it. Does the
constitution ever mention business or commercial enterprise in equality with
persons? Does this equality mean that I need to go the courthouse and get a
DBA in order to legaly exist in Texas as a business must?

Consider my dog, Reef, she is owned and operated by a person (I feed her,
walk her, clean up her messes, teach her tricks, even kill her if I choose -
though I can't be cruel to her) does this mean she is a person?

Sounds like the original proposition, that businesses should be awarded the
same rights as people because they are owned and operated by people, is a
reduction to absurtity.

> > Would you seriously give my dog a vote?
> 
> Gee, I don't know your dog.  His understanding of economics
> couldn't be much more rudimentary.  (Okay, it was a cheap
> shot, but it was a silly question.)

If I may, I would like to use a quote from the Transformers movie,

"You obviously don't understand the situation then."

Tata.

                                                Jim Choate






From jimbell at pacifier.com  Sat Aug  3 00:55:39 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 3 Aug 1996 15:55:39 +0800
Subject: Freeh slimes again: Digital Telephony costs $2 billion now ...
Message-ID: <199608030552.WAA18439@mail.pacifier.com>


At 01:11 PM 8/2/96 -0700, Lucky Green wrote:
>At 18:29 8/1/96, Timothy C. May wrote:
>
>>(With the Internet Phone deals--even Intel is entering the market--why are
>>there no widespread uses of PGP or S/MIME? Yes, I know about about PGPhone,
>>and also the Nautilus product, but none seem to be used by anyone I know.
>>Maybe we should spend some time talking about the practical realities of
>>these tools.)
>
>The sound quality really isn't there, unless you have a fast machine or a
>fat pipe. In addition, the vast majority of Intel based computers lack the
>crucial (for user acceptance) full-duplex soundcard. Add to that the
>physical impossibility of getting decent real time services over a
>non-isochronous network, such as the Internet, I'net phones just don't
>provide suffcient speech quality for business/serious personal use even
>without the added overhead of crypto.

Which reminds me...  If there is any function Cypherpunks (and/or 
cyberpunks) should perform, it's one of using a "bully pulpit" to influence 
technical developments.  Consider, for example,  your observation that "the 
vast majority of Intel based computers lack the crucual full-duplex 
soundcard."  When I first heard that this was true, I wondered what bunch 
of nincompoops were responsible for this outrage.

There are  many potential uses for soundcards which require full-duplex 
operation.  Only the most stupid and basic functions don't.  There was no 
good reason for this lack; Presumably if somebody had been at the 
right place at the right time, he could have reminded that shit-for-brains 
"engineer" of the obvious consequences of building a product with such an 
egregious bug designed into it.

Anyway, that's water under the bridge.  However, we're probably all in 
agreement that Internet telephone (non-encrypted as well as encrypted) is 
going to be a big product in just a few years. This will require (or desire) 
a few high-CPU-power functions:

1.  A modem, obviously.
2.  Good encryption, possibly.
3.  Audio A/D and D/A, and associated compression functions.

 I propose that the better way of implementing it, rather than going through 
a sound card, is for modem manufacturers to built an  new modem with an 
extra telephone connection (perhaps the same physical connector that's 
currently used for the telephone handset) which goes to an ordinary 
telephone and does the audio A/D and D/A conversion, as well as the data 
compression/data expansion function that will be necessary.  The latter 
function would be done by an extra DSP on this modem/Internet telephone card. 

 Briefly, you'd talk into an ordinary telephone on your desk, which would be 
connected to the modem/telephone card.  That card would digitize your speech 
to whatever level of resolution  is practical, and compress it into an 
appropriate data rate.  This data would either be encrypted by the same DSP, 
or possibly presented to the host CPU for encryption.  From there, it would 
be sent to the modem section and transmitted over the telephone line. 

I think this would be superior to the use of a sound card, for a number of 
reasons.  First, obviously, is the reduction in cards in simple and/or 
portable systems.  To require that you have both a modem and a sound card 
(as well as a cpu) to implement an Internet telephone is unreasonable.  
Secondly, using a sound card (which can't do any compression) requires that 
you implement both the compresssion and encryption function with the host 
processor, which might be impractical for a low-cost processor like a '486.  
Putting a substantial portion of this function into a dedicated DSP means 
that main-processor overhead becomes minimal.  

Third, implementing a "flow-through" telephone circuit allows you to 
interpose this encryptor into an existing telephone system, such as that of 
a house or office.  The existing handsets can be used with no modification, 
presumably.  This would also allow easy implementation of a 
computer-controlled answering machine-type, because the computer will be 
able to digitize/synthesize audio as well as record it.  It could also 
implement fax and modem/bbs functions.





Jim Bell
jimbell at pacifier.com





From alanh at infi.net  Sat Aug  3 01:15:33 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 3 Aug 1996 16:15:33 +0800
Subject: SOUP KITCHENS (fwd)
In-Reply-To: <v02120d0fae28834ebce8@[192.0.2.1]>
Message-ID: <Pine.SV4.3.91.960803011939.6572A-100000@larry.infi.net>


> The feeding was never the real issue. The heavy political indoctrination
> that came with it was. Patrick McHenry handed out the food, screaming in a
> mi[crophone of an amplified public address system]

If this isn't disturbing the peace, I don't know what is.

Patrick McHenry wasn't interested in the homeless, _for their sake_.  He 
was using them as a pawn to act out his own neurotic vision of "social 
activism".  If there hadn't been any homeless in the city, Patrick 
McHenry would have latched onto some other - any other - issue. It's the 
screaming into the microphone that he wants.

   





From alanh at infi.net  Sat Aug  3 01:31:37 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 3 Aug 1996 16:31:37 +0800
Subject: A Libertine Question (fwd)
In-Reply-To: <199608030542.AAA11740@einstein>
Message-ID: <Pine.SV4.3.91.960803023257.9798D-100000@larry.infi.net>


> I am not even shure I accept the legal premise of corporations.
 - Jim Choate


    This is NOT a drill. This is an actual pop quiz, in which Jim Choate 
is directed to tell us about the legal premise of incorporation. Jim, do 
you know anything about what you are talking about. Looking it up is not 
allowed.

P.S.  could you humor me on one tiny little thing?  Can we agree that 
that the word shall be spelled "sure", not "shure", on this list?  I 
don't want to trample on your artistic vision or anything like that, but 
could we just agree on this one tiny little thing





From sandfort at crl.com  Sat Aug  3 01:32:05 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 3 Aug 1996 16:32:05 +0800
Subject: A Libertine Question (fwd)
In-Reply-To: <199608030617.BAA11822@einstein>
Message-ID: <Pine.SUN.3.91.960802231226.25121A-100000@crl3.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Sat, 3 Aug 1996, Jim Choate's dog wrote:

> Really? Then would you mind explaining why costs rise over time
> instead of going down?

Gladly. Prices rise over time because of inflation of the money 
supply.  While it is possible for private actors to temporarily
inflate the money supply (e.g., extension of credit by banks),
only the government can increase the money supply indefinitely.  
Inflation is the most insidious form of "taxation."  It steals
silently and punishes the savings in favor of consumption.

> Insurance has become involved in the medical industry, what
> happened? The cost has gone through the roof. The airplane
> industry was deregulated in the late 70's, what happened? The
> price of a ticket went up...yada yada yada.

Technically, Jim's logical fallacy is called /post hoc, ergo 
propter hoc/, after this, therefore on account of this.

> If this is so then by your own argument, business are operated
> by people therefor they are people...

Nope, that's not what I said.  This fallacy is called a "straw
man."  It is a weak or mistated opposing argument set up by a 
politician or debator, etc., in order that he may attack it and
gain an easy, showy victory.

Since you have mistated my position, the balance of your argument
is irrelevant.  (But thanks for playing.)

> Is your contention that because I own and
> operate a computer it should be given rights?

Nope.  Whatever gave you that idea?

> > > Businesses are a system of rules and procedures...
> > 
> > Made and enforced by PEOPLE.  Jim is begging the question.
> 
> Which question would that be? "Should businesses be considered
> people with the same rights and priviliges?"

Nope.  You just don't get it, do you?

> Sounds like the original proposition, that businesses should be
> awarded the same rights as people because they are owned and
> operated by people, is a reduction to absurtity.

More straw men.  From what orfice was that proposition pulled?

> If I may, I would like to use a quote from the Transformers
> movie,

Could these be the source of Jim's legal and economic knowledge?
You be the judge.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From stewarts at ix.netcom.com  Sat Aug  3 01:32:54 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 3 Aug 1996 16:32:54 +0800
Subject: [off-topic] roving wiretaps
Message-ID: <199608030650.XAA21091@toad.com>


At 01:52 AM 8/2/96 -0700, daw at cs.berkeley.edu (David Wagner) wrote:
>> would dramatically change surveillance authority to include wiretaps of
>> INDIVIDUALS instead of LOCATIONS.
>I don't get it.  Help me out here-- how can this possibly be constitutional?
     [CENSORED MATERIAL DELETED]

You've been hanging out with those subversive Canadians again,
haven't you?  It's covered by the Terrorism Exception to the 4th Amendment.*

>P.S.  Do police really need a search warrant to wiretap cellular phones?

Do you mean legally?  :-)
Some combination of laws and court decisions has established that
cordless phones don't provide an expectation of privacy,
but cellular phones do, so eavesdropping on cellular phones
requires wiretapping authorization (whether a warrant, FISA permission,
or whatever other procedures constitute Due Process.)




-----------------------------------
* The Drug Exception to the 4th Amendment says ", except for drugs, of course."
  The Terrorism Exception says "Be afraid.  Be very afraid."
-----------------------------------
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From tcmay at got.net  Sat Aug  3 01:36:22 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 3 Aug 1996 16:36:22 +0800
Subject: Liberating Clipper Stuff from Mykotronx Dumpsters
Message-ID: <ae28445005021004823e@[205.199.118.202]>


At 4:24 AM 8/3/96, Bill Stewart wrote:
>At 09:20 AM 8/1/96 -0800, jim bell <jimbell at pacifier.com> reminded us:
>>Also:  Clipper was fabbed by VLSI Technology.  A few pointed inquiries might
>>work wonders here.
>
>It was made by Mykotronx, using tamperproof programmable gate
>array chips from VLSI, though I don't remember whether they were
>entirely programmed at Mykotronx+NSA, or whether they were
>mostly mask-programmed at VLSI first.

By the way, newcomers to the list (I'm not referring to Bill, of course)
may not know some of the background on this Mykotronx story. An interesting
use of remailers, too.

One of the early list subscribers went "Dumpster-diving" outside the
Torrance, CA headquarters of Mykotronx, a previously little-known defense
subcontractor.

Amongst the stuff in the Dumpster, unshredded, he found:

- payroll information

- copies of contracts with VLSI Technology, the NSA, AT&T, etc., showing
the work to have started back in the early 90s

- yield information on the chips, and some limited test information

- copies of various memoranda between AT&T, the NSA, the FBI, Mykotronx,
Sandia, and VLSI Technology

- a bunch of other goodies

He scanned or typed this stuff he found into a text file and sent it to one
of the earliest members of the Cypherpunks list, asking for it to be passed
on to someone who could do something with it. A few hours later, via
anonymous remailer posting, it went out to the several hundred subscribers
to the Cypherpunks list at that time. (It's somewhere in the archives, such
as they are. This would be around late April, 1993, possibly May-June.)

I later heard that Mykotronx was mightily embarrassed to have this kind of
stuff found in Dumpsters out where anyone could find it, and that "the
authorities" ordered a tightening up of security.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From stewarts at ix.netcom.com  Sat Aug  3 01:44:23 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 3 Aug 1996 16:44:23 +0800
Subject: Jim Bell, stay out of Georgia....
Message-ID: <199608030708.AAA21521@toad.com>


At 09:54 AM 8/2/96 -0400, Duncan Frissell <frissell at panix.com> wrote:
>>>   JONESBORO, Ga. -- An 18-year-old self-styled anarchist who allegedly
>>>   distributed a free, homemade pamphlet with anti-government rhetoric
>>>   has been charged with advocating the overthrow of the U.S. government.
.....
>Brian -- why do the cops do busts like this where they know they will be
>thrown out?

1) Because they can
2) Because they can get away with it
3) Because most of the public approves of this kind of <noun deleted>
4) Because they can put out press releases encouraging 2) and 3)
   and folks will believe them.
5) Because if the case gets dropped it _might_ make Page 43 of the 
   newspaper and will be covered in a way that makes it clear
   that they're the good guys.
6) Because the state/city/town will cover their legal costs
   and penalties if they somehow lose a lawsuit
7) Because the state/city/town _won't_ cover the costs of a real
   defense of the "self-styled anarchist", who'll have to put up
   with a lot of crap as well as the 47:59:59 hours they can
   keep him in jail for no good reason plus any more until he
   can make bail for the bogusly heavy charges they'll lay on him.
8) Because once you're a "self-styled" anything, you don't get no respect.
9) I've never met any cops who were bullies - have you?
10)It's covered by the Anarchists and Commies Exception to the First Amendment.
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From ceridwyn at wolfenet.com  Sat Aug  3 01:59:49 1996
From: ceridwyn at wolfenet.com (Cerridwyn Llewyellyn)
Date: Sat, 3 Aug 1996 16:59:49 +0800
Subject: A Libertine Question (fwd)
Message-ID: <2.2.32.19960803071838.006b0808@gonzo.wolfenet.com>


At 08:42 PM 8/2/96 -0500, you wrote:
>
>Forwarded message:
>
>> Date: Fri, 2 Aug 1996 16:50:01 -0500 (CDT)
>> From: snow <snow at smoke.suba.com>
>> Subject: Re: A Libertine Question
>> 
>>      As long as you are enforcing it on everyone, I don't think you'd have a 
>> problem, but to force some one from cooking food for homeless people, and 
>> allow a family barbeque, is IMO wrong.
>
>Not at all. Businesses have no rights, individuals do. Businesses have a
<snip>
>Blueberries they bought at the local HEB). Individuals have a right to
>privacy, that includes cooking themselves food without harrassment. Business
>on the other hand are selling products of potentialy questionable quality. A

I disagree with your sentiments about Business and rights, however, in this
instance, even that wasn't the issue. Food Not Bombs is NOT a business, it's
a not-for-profit organization that gives out (not sells) food.  They are the
same as, I think Tim May pointed out, a Boy Scout picnic, except for the 
homless, not the boy scouts.

//cerridwyn//







From ravage at EINSTEIN.ssz.com  Sat Aug  3 02:16:45 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 17:16:45 +0800
Subject: Tolerance (fwd)
Message-ID: <199608030750.CAA11930@einstein>



Hi all,

Because none of these issues have ever been tested in a court of law any
comments I or any other person makes (even if a lawyer) is simply personal
opinion. To find out what is 'really' going on we will have to simply wait
for that first case.

Forwarded message:

> Date: Fri, 2 Aug 1996 22:28:37 -0700 (PDT)
> From: Sandy Sandfort <sandfort at crl.com>
> Subject: Re: Tolerance (fwd)
> 
> A.  Where does Jim get the terms of the contract he implies from
>     the simple word "public"?  As far as I can see, he simply made
>     it up from whole cloth.  Interesting, but totally without any
>     legal basis.

Public - 

of or pertaining to the people; not private or secret; open to general use;
accessible to all; serving the people. Community or its members; a section
of community. Making known to the public; proclamation; printing in a book,
etc. for sale or distribution. To make widely known; to advertise. The state
of being generaly known; notoriety; advertisement.

I first learned about the cpunks list in Mondo 2000 several years ago not
long after I got PGP 1.0 off Adelante BBS in Co. Wasn't Eric's girlfriend
involved in Mondo 2000? (Hi Jude, I think we will have a RoboFest this year
in Austin, as always you are invited) Which would indicate a certain level of
premeditation regarding letting people know of the list. I think that qualifies
as public, I also think a court would accept that argument. The bottem line is
that the list operator crossed that line whether they were aware of it or not.
If they feel uncomfortable with this then they should consider very strongly
dropping the list or enacting some form of registration more preferential
than majordomo's subscribe system. This registration should clearly define
what is and is not allowed on this list.

> B.  I'm unaware that the Cypherpunks list has ever been advertised
>     as "public" by the list owner.

It has appeared in many publications which are intended for general or
'public' distribution in every one of those publications it was made clear
that anyone was welcome and the subscription address was provided. The list
operators ignorance of the consequences of their actions in no way alleviates
them of the consequences of those actions.

> C.  Combining A & B, I know of know instance where the owners of
>     the Cypherpunks list ever made any indication that they were
>     adhearing to the Byzantine interpretation of contract law as
>     suggested by Jim.  (It sure doesn't comport to what I learned
>     in my Contracts classes.)

It isn't my interpretation. Perhaps you should have paid better attention in
class. These issues have never been tested in a court of law in the US in
regards to computer networks and their special nature.

> > > A restaurant or bookstore is a public place in that it is open
> > > to the public.
> > 
> > I know of no state in the union where a bookstore, restaurant,
> > mall, etc. is considered public.
> 
> Actually, it's the law in ALL states in the union since the Public 
> Accomidations Act was enacted some time in the '60s (with the
> possible exception of Texas, I guess).

Not in Texas. We recently passed a law (Jan. 8) which permits citizens legaly
registered to carry concealed weapons. Because the way the law was worded it
was made clear in many newspapers and such that the ONLY way that business
could prohibit patrons from entering their premises with those weapons was
because they were PRIVATE property and therefore excluded from the
constraints of the law. [When I worked at UT the rationale that was used to
throw the dumpster divers off campus was that even though it was a publicly
funded school by taxes it was private property (didn't make sense to  me
then or now). I can also state unequivacly that if the UTPD catch you on
campus after 10pm or before 6AM w/o proof of either being a current student
or staff consider it a graceful and considerate officer if they only escort
you off campus.] Even now there is a big discussion here over whether
this is realy a strong enough distinction. It is only a matter of time
before a case comes up here to test even this limitation of private
ownership (which I happen to support, a person with a gun on my private
property is definately subject to my desires and wants, they represent a
clear and present danger. If they don't then why do they need to register
the weapons and why are they classed 'deadly weapons'?). The really sad part
is that it will probably be another one of those shoot outs at Wendy's in
Waco or some such nonesense as some loony toon goes postal. I wonder if that
was what Jeffeson meant about watering the tree of liberty with blood? If my
business property is really public simply because I am open to the public
then I feel the police have a responsibility to provide an officer on my
premises for whatever hours I am open for business to protect me, my property, and my
patrons just like they do at the courthouse, tax accessors office, etc. They
also have a responsibility to help assist in the operation and funding of my
business (something I oppose strongly) since they have now found my business
to be public; as a matter of fact they can help pay my damn taxes.

For the record Florida and every other state with 'Right To Carry' laws
looks at it this way. It is the only way under the current statutes to
allow businesses to control access by gun toting folks.

Now there is one caveat that most of you will have caught. That is the
definitions of public above. In short, we have a circular argument as the law
is worded now. Logicaly the courts have two recourses. They can first
declare that no agency has the right to regulate gun ownership and
possession (what I want to see) or else regardless of the 2nd, nobody has
the right to carry a weapon on their person in public, since police are not
awarded special consideration from constitutional law this would mean they
could not carry a weapon on their side in public. So the courts eventualy
must either refuse to review the case or else they must make some major
change in the current law which goes against the government either way.
Either everyone gets to wear weapons or nobody including the police get to
carry them. Either way with the last two the police are in a situation where
they are less likely to employ force for enforcement since they are no longer
the strong side in the 'discussion'.

> > Legaly a public place is someplace which is operated using
> > public monies.
> 
> Like the Cypherpunks list?  Citation, please.

The Cpunks list isn't a place. It is a steam of characters. Does the list
reside on my computer? It does at least to some degree since I obviously
have access to discuss these issues with you. It also resides on your
computer as well as the thousand or so subscribers. It resides at least in
part on the screen of my crt, the RAM in my computer, the network cable, the 
ISDN line, my providers router, my brain, the EM emission of the computer,
etc. ad nauseum. So there is no single 'place' where the list resides, any
more than a single place that an idea resides. This whole issue is the reason
that I contend that eventualy it will be seen clearly that postings on usenet,
public accessible mailing lists, irc channels, etc. are actualy automaticaly
public domain in regards to their content. At some point I feel that it will
turn out that unless you encrypt your data or place copyright symbols on it
with special, and likely convoluted, riders allowing various distributions
and storing via computer networks the author of computer text such as this
will grant all rights and privileges to the work to the public automaticaly.
This belief is the reason that I am interested in crypto, outside the simple
curiosity I have about nature.

I don't believe the cpunks list has ever been involved in a legal case. As a
matter of fact this issue has never been tested in a court of law. Perhaps
we should look at forcing a case. The best strategy would be for Eric to
throw somebody off the list sureptitously (sp? I put the dictionaries back and
I ain't walking over there again...sorry) and then for that person to bring
a civil suit alleging infringement of civil liberties (ie equal access under
the law). Eric would claim the list is private while the expunged user would
claim it was public. We would of course have to resolve the cost issue first.
I have two lawyers on retainer for my businesses but I don't believe either
would touch a non-commerical case like this would be and I don't have
anywhere near the personal capital to finance it myself. As a added bonus we
could pick a handicapped person and they could sue under the various laws
relating to those issues as well. This would get the whole issue of
handicapped access to computer technology to be explored. Currently the
handicapped (eg blind) find GUI interfaces nearly unusable. It would be
pretty weird (to me) to see court rule that every os and software
manufacturer must provide a CLI interface to their products because of the
new equal access laws regarding handicapped individuals.

> The problem with Jim is not that he doesn't know anything, but
> rather that he knows so many things that aren't true.  (But I
> would not favor enforcing the state granted monopoly on the
> practice of law if Jim wants to hang out his shingle.  If he can
> get someone to pay him for legal advice, more power to him, but 
> /caveat emptor/.)

That is a two edged sword. Where did you get your law degree? My lawyers
both got theirs at UT Austin Law School. Both are federal lawyers and both
have argued before the Supreme and are currently allowed to argue before the
Supremes.

The bottem line is that this whole issue is so full of circular arguments
and contrary views it may take quite a few years to work out something that
makes any kind of sense at all, if ever. Course by then we will have a whole
new generatio of technology to argue over.

Take care all, and watch your sixes.

                                                     Jim Choate








From TrustBuckFella at nowhere.com  Sat Aug  3 02:43:45 1996
From: TrustBuckFella at nowhere.com (TrustBuckFella)
Date: Sat, 3 Aug 1996 17:43:45 +0800
Subject: TrustBucks
Message-ID: <64gf4trmj9@nowhere.com>


-----BEGIN PGP SIGNED MESSAGE-----
 
An alternative model of electronic money.
 
Every model of electronic money I know of except one retains some degree
of centralization. There is always a central "mint", usually a bank. If
you can't find a bank that acts the way you want, you're SOL. And the
only thing that enforces non-abuse (inflation, etc) by the bank is the
equivalence of electronic money to some form of "real" money. The sole
exception is Digicash. Unfortunately, Digicash has no restraint on
infinite spending-into-debt.
 
I want to present an alternative model I call "TrustBucks". TrustBucks
is decentralized but zero-sum and needs no assistance from "real"
currency. Its central idea is a "web of trust": Local, trusted contacts
are linked in a web that at some remove can extend everywhere.
 
I'm not going to try to develop the cryptographic protocols for
TrustBucks. I haven't got the requisite paranoia and pickiness
(compliments both) for that. TrustBucks also has nothing in the way of
anonymity and restraint on double-spending right now. If you can see how
it could be anonymous or restrain double-spending and still work, please
feel free to add.
 
 
The basic rules of TrustBucks:
- -----------------------------------------------------------------
Each individual using TrustBucks has their own individual variety of
currency, notated here as TrustBucks( <name> ).
 
Each individual is considered to have an infinite supply of their
own TrustBucks.
 
Each individual accepts payment only in their own variety of TrustBucks.
 
There are only two fundamental operations with TrustBucks:
 
A and B swap TrustBucks, of any two varieties.
 
A pays B in TrustBucks( B ) for something external to the system.
 
 
- -----------------------------------------------------------------
 
Examples: Say Alice wants to pay Bob in TrustBucks, and Bob agreed to
accept payment in this form. Alice has several options for paying him.
 
*       Alice already has some TrustBucks( Bob ).
 
                Alice pays Bob.
 
*       The amount is small enough that Bob trusts Alice directly.
 
                Alice and Bob swap TrustBucks( Alice ) for TrustBucks( Bob )
                Alice pays Bob.
 
        I know this looks like an extra piece of complexity, but it's
        really not. By insisting that only TrustBucks( Bob ) are payment
        to Bob, we insure that Bob can't manipulate what currency he
        will accept to his advantage, which would otherwise be a
        problem. For instance, Bob cannot refuse to make good on his
        debts while accepting other people's money.
 
*       Alice doesn't have enough TrustBucks( Bob ), but does have
        TrustBucks( Carol ), and Bob trusts Carol directly for that
        amount.
 
                Alice and Bob swap TrustBucks( Carol ) for TrustBucks( Bob )
                Alice pays Bob.
 
*       Alice doesn't have enough TrustBucks( Bob ), but does have
        TrustBucks( Carol ), and Carol has some TrustBucks( Bob ).
 
                Alice and Carol swap TrustBucks( Carol ) for TrustBucks( Bob )
                Alice pays Bob.
 
*       Alice doesn't have enough TrustBucks( Bob ), and Carol has some
        TrustBucks( Bob ), and Carol trusts Alice directly.
 
                Alice and Carol swap TrustBucks( Alice ) for TrustBucks( Carol )
                Alice and Carol swap TrustBucks( Carol ) for TrustBucks( Bob )
                Alice pays Bob.
 
 
Using some combination of the above methods, Alice can pay Bob as long
as there are accessible parties in the system who, in total sum, trust
Alice for the amount of the payment, and there are accessible parties in
the system whom, in total sum, Bob is willing to trust for the amount of
his credit. Which gives the scheme its name: TrustBucks.
 
- -----------------------------------------------------------------------
 
Disadvantages:
 
        Lots of overhead.
 
        Third-party traders must be perpetually available.
 
        Not anonymous.
 
        Not clear how double-spending can be avoided.
 
Not a true disadvantage:
        It could "stall"; that is, there could be catch-22 situations
        where if only some people trusted to begin with, the system
        could continue, but not enough people trust each other to get it
        started. I say this is not a true disadvantage because the same
        thing happens in other currency-schemes, to an equal or larger
        degree. If it's merely more visible with TrustBucks, that should
        not be called a disadvantage. In practice, I think the
        threshhold of trust neccessary to start the system would be
        considerably with TrustBucks than with other systems.
 
Advantages:
        Decentralizable. It is not neccessarily decentraliz_ed_, but can
        become so as needed.
 
        Nobody controls the "mint".
 
        Few conceptual parts. When counting the parts in other schemes,
        don't forget to count the parts neccessary to fix or ameliorate
        problems that don't occur in TrustBucks, like deciding who
        "prints money", keeping them from abusing the role, stopping
        others (IE counterfeiters) from assuming the role, and so forth.
 
I don't claim that the above neccessarily adds up to a positive rating,
but it's worth hashing out, especially if it inspires more secure
protocols along the same decentralized lines.
 
 
- -----------------------------------------------------------------------
 
I'm not the first person to notice that decentralized ideas tend to take
off more abruptly and firmly. For instance, PGP vs. Kerberos, or the
internet vs. AOL, Prodigy, Compuserve. Especially Usenet and the WWW.
That's why I thought a long time about bringing this idea out. Once it's
out, it and its successors are beyond my control or anyone else's.
 
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
 
iQCVAwUBMgLz8pi7GCxryNrZAQEfAAQApDzHN9PSpARe/MUZgDDk8F+eFLlKNAHZ
5H6KaX3SlWxL9itM8aFMoudpnBU2gAO7Kn9YHV+dFS1l/tE+NJDhSpTRL1EMKVw9
rGrL8lypX9bLsuw0+thMl1djJjQhc3To6qaLhJvZVji7TRXlKYuVMFW5D6Sm988a
Zg8nRsCQrIo=
=EOKl
-----END PGP SIGNATURE-----





From ravage at EINSTEIN.ssz.com  Sat Aug  3 04:00:27 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 19:00:27 +0800
Subject: A Libertine Question (fwd)
Message-ID: <199608030921.EAA12012@einstein>



Forwarded message:

> Date: Sat, 03 Aug 1996 00:18:38 -0700
> From: Cerridwyn Llewyellyn <ceridwyn at wolfenet.com>
> Subject: Re: A Libertine Question (fwd)
> 
> I disagree with your sentiments about Business and rights, however, in this
> instance, even that wasn't the issue. Food Not Bombs is NOT a business, it's
> a not-for-profit organization that gives out (not sells) food.  They are the
> same as, I think Tim May pointed out, a Boy Scout picnic, except for the 
> homless, not the boy scouts.

Then we have a clear case of abuse of power and if the folks at FNB don't
pursue this then they deserve the ignominy they receive. What is the current
status? Have counter suites been filed? What was the ACLU and NAACP (I am
assuming that everyone at FNB is not anglo-saxon and named 'Fletcher')
responce to requests for aid? Have they begun a petition or whatever the
city charter allows demanding the ouster of those in charge? What is the
Libertarian Party there doing? Has anyone contacted the Justice Dept. and
begun the proceeding for a civil rights suit? If these folks seriously went
out there not prepared to fight then the issues must not be very important to
them, perhaps a simple publicity stunt to get their 15 minutes and not realy
to help the homeless/foodless? Has anyone made reference to the judges
comments in the CDA trial regarding speech and chaos?

While the city acted illegaly, nobody has stated if the city categoricaly
prohibits such activities which was the point I was originaly trying to
express. Was this a isolated incident originating with the poor decision of
a single individual in the HD or was it organized? Have similar responces
occured before?

Every year on Halloween a bunch of folks here in Texas go down to the State
Capital at about 10pm and sit around and smoke pot for about an hour. The
city police have no jurisdiction on the capital grounds and the DPS officers
pretty much stand around and make shure things don't get out of hand. I have
never known of anyone being arrested but then again the place is crawling
with video and lawyers ready to pounce. I would contend that one of the
reasons that no actions are taken is that the event is organized and the
folks come prepared to go to jail and fight if need be.


                                               Jim Choate






From stewarts at ix.netcom.com  Sat Aug  3 04:13:57 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 3 Aug 1996 19:13:57 +0800
Subject: "And who shall guard the guardians?"
Message-ID: <199608030923.CAA22990@toad.com>


At 06:11 PM 8/2/96 -0400, David Lesher wrote:
>> The English-Only bill just passed in the House bans the use of
>> non-English languages by government officials.  Does Tim's sudden 
>> avoidance of the Latin mean that _he_'s the Fed??  
>
>What about Navajo?

Foreign diplomacy was one of the exceptions.

Algol wasn't, since it's designed to describe algorithms to humans,
even though it's additionally useful for diplomatic relations with
our Mechanical Companions.  (Actually, they are allowed to use it
for teaching purposes, or if really necessary for National Security,
and the Bureau of the Census can use it to help count people.)

Section (I), however, is disappointing - means we can't sue them for
putting "E Pluribus Unum" on the coinage....

============================
`(2) OFFICIAL BUSINESS- The term `official business' means governmental actions,
          documents, or policies which are enforceable with the full weight
and authority of the Federal
          Government, and includes publications, income tax forms, and
informational materials, but
          does not include--
               `(A) teaching of languages;
               `(B) requirements under the Individuals with Disabilities
Education Act;
               `(C) actions, documents, or policies necessary for--
                    `(i) national security issues; or
                    `(ii) international relations, trade, or commerce;
               `(D) actions or documents that protect the public health and
safety;
               `(E) actions or documents that facilitate the activities of
the Bureau of the Census in
               compiling any census of population;
               `(F) actions, documents, or policies that are not enforceable
in the United States;
                (G) actions that protect the rights of victims of crimes or
criminal defendants;
               `(H) actions in which the United States has initiated a civil
lawsuit; or
               `(I) using terms of art or phrases from languages other than
English.
===================================================
"These aren't the droids you're looking for."
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From ravage at einstein.ssz.com  Sat Aug  3 04:16:44 1996
From: ravage at einstein.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 19:16:44 +0800
Subject: A Libertine Question (fwd)
Message-ID: <199608030957.EAA12053@einstein>



Forwarded message:

> Date: Sat, 3 Aug 1996 02:38:09 -0400 (EDT)
> From: Alan Horowitz <alanh at infi.net>
> Subject: Re: A Libertine Question (fwd)
> 
> > I am not even shure I accept the legal premise of corporations.
>  - Jim Choate
> 
>     This is NOT a drill.

Right, petty harrasment would better describe it.

> This is an actual pop quiz, in which Jim Choate 
> is directed to tell us about the legal premise of incorporation. Jim, do 
> you know anything about what you are talking about. Looking it up is not 
> allowed.

Why should I be prohibited from looking it up? You had to in order to grasp
the concept originaly? Doesn't really matter since I already have done it
with LSD Labs. The concept behind incorporation is to create a commercial
entity whereby the  persons & possessions of the principles can be
protected from most legal actions against the corporation. The fictional
rights given the corporation is intended to create a framework whereby the
existing legal structure can be applied fairly to the business that the
corporation carries out. In the case of a single proprietorship such as
CyberTects it is possible for me to loose everything I own if the right
conditions arise (eg I got sued and lose) in order to pay the judgement.
It is much harder for me to loose monies and physical property being
involved in a incorporated venture.

The reason that I oppose this is the same reason that I oppose the laws that
prevent suing the government without their permission. It creates an
atmosphere of isolation that gives petty non-elected government prols the
feeling of invincibility and isolation. It's just their job, never mind they
are fucking peoples lives over. It is the reason that big companies screw up
time and time again and still manage to survive and do it to us again.

So what do I win other than a hard time?

> P.S.  could you humor me on one tiny little thing?  Can we agree that 
> that the word shall be spelled "sure", not "shure", on this list?  I 
> don't want to trample on your artistic vision or anything like that, but 
> could we just agree on this one tiny little thing

So fucking sue me for learning to read/write phoneticaly. Geesh what a petty
attitude. Do you feel better now? Is your sense of superiority restored?
If the only criticism you have is my spelling then shut the fuck up. If it
makes you feel any better I am very hyper-active and dyslexic as well. But
that is ok, there are people that love me anyway.


                                                Jim Choate






From stewarts at ix.netcom.com  Sat Aug  3 04:35:35 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 3 Aug 1996 19:35:35 +0800
Subject: Why Fingerprints and Key-ID's
Message-ID: <199608030959.CAA23261@toad.com>


At 09:42 PM 8/2/96 -0700, Paul Wittry <ppw3 at everett.com> wrote:
>I understand PGP Open-Signed messages and why they are used. I've 
>read all the FAQ's. I can't seem to figure out why some of us put our 
>Fingerprints and/or Key-ID's at the end of messages.

Even with the PGP Web Of Trust, one of the difficult problems
in cryptography is how to do key distribution - if you want to
talk to Bob, how do you know you've really got _Bob's_ key
instead of a key some imposter Eve _said_ was Bob's key?
Similarly, if you receive a message saying "Bank X will pay
you $Y, signed Bank X Small-Transactions-Teller", 
how do you know it really came from them and wasn't signed
by some fake key that Carol genned up?  
One way is to get some well-known person to sign your key,
or a chain of people which get you to a sig for the key you want.

Another way is to give out your key, often.  That way someone
who gets email from "you", signed by "your" key, can compare
the key with previous keys you've stuck on your email and
business cards, and scream if there's a mismatch.
For this, remember to use the full key fingerprint, not just
the short KeyID which can be duplicated arbitrarily.
This is especially useful for pseudonymous people like
Black Unicorn.

Another reason is just to remind people you've got a PGP key
and make it easier to look up 0x12345678 correctly than
"Joe Anonymous" or "smith".
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From stewarts at ix.netcom.com  Sat Aug  3 05:02:53 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 3 Aug 1996 20:02:53 +0800
Subject: strength of 128-bit encryption?
Message-ID: <199608031017.DAA23426@toad.com>


At 11:38 AM 8/2/96 -0400, KDBriggs1 at aol.com wrote:
><< Current export standards allow export of 512-bit RSA for encrypting
> (including key exchange), 1024 bit for signing. >>
>1024-bit for signing?  Do you have a reference for this?  I was under the
>impression that digital signatures were not covered by export restrictions.

I've heard this also, but remember that the export standards are
"whatever specific products we decide you can export" rather than a
formal law you can design to and be sure they'll obey.

The ITAR doesn't cover pure authentication software, only software
capable of preserving privacy through encryption.  Some public-key
signature algorithms only do signature, some only do privacy,
RSA does both.  Thus, especially for software like Netscape which
_does_ have encryption capabilities, they can get away with limiting
the strength of the RSA signature portion because it's part of the
encryption package, and because RSA signing is just encrypting with
your private key instead of your public key.  Someone _could_ use
an RSA signature program to encrypt short data (like keys)
if they wanted to work at it, and while bugs in software are of course
entirely unheard of that would make this easier, there's still the
risk that those Crafty Furriners might disassemble the crypto code
from Netscape and reassemble it with the limits removed.
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From ravage at einstein.ssz.com  Sat Aug  3 05:42:40 1996
From: ravage at einstein.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 20:42:40 +0800
Subject: SOUP KITCHENS (fwd)
Message-ID: <199608031110.GAA12116@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 20:12:04 -0700
> From: tcmay at got.net (Timothy C. May)
> Subject: Re: SOUP KITCHENS (fwd)
> 
> >True enough, but not the whole story. If a dog or cat is kept well and fed
> >good quality food they live 10+ years. The average life of an animal on the
> >street is between 2-5 years. As to people, we now live around 75-80 years,
> >prior to all these rules and regulations on food and such the average was
> >20-25. If we go back to what you propose you would be dead a long time ago.
> 
> Hardly a proved correlation. A lot of other factors come into play. But
> never mind. No point arguing.

But it is. I suggest you take a look at any social health text and look at
the comparisons between diets of our ancestors, ourselves, and various
cultures around the planet now. In places like Africa the mean age in many
places is still in the early 20's. It is pretty remarkable that places that
at one time had poor or subsistance diets and now have more modern diets
have the average life span growing (even in places like Samoa and the Pima
Indians in Mexico and the S. US where the high-fat diets are causinga marked
increase in coronary problems, interesting article in this months Sci-Am) by
leaps and bounds. Look at the studies which have tracked the English
population over the centuries (they kept good records) and compaired
physical body characteristics with food intake. It has been clearly shown
that as the food got better and more plentiful the lifespan got longer and
the average height got larger. Pretty strong evidence of some correlation
there. I certainly feel strongly enough about it that I would not willingly
eat food except in emergency conditions that I was not shure of the quality
or purity.

Other factors such as what? Disease? If you have a good diet then diseases
like colds and Influenza (for example) are survivable. Without good diets
high in Vitamen C and such you get Rickets and can die from a simple cold in
as little as 3 days. Certainly if you kill off the local fauna you will
increse your lifespan simply because there isn't as much to eat you when you
aren't looking. But this particular threat was most present for the older
and more damaged individuals. During some recent studies (5-6 years) of
Cromagnon Man it was discovered that these folks were covered in broken
bones, arthritic joints, spongy bones, spinabifida, etc. because of the hard
life they lived having to manualy chase down the dinner and kill up close
with rocks and sticks. If you get a chance try to get a peek at some of the
pictures. I remember one of a girl around 16 whose knees and back looked
like they belonged to somebody 80 years old.

If you feel there is no point in arguing (which I don't feel we are doing
since it seems pretty civil, we have widely seperate views) why resond?
That is like asking somebody a person question and then when getting the
answer saying you don't care. Just for the record, I am enjoying the
discourse. But since you are not I won't continue this thread any longer.

> >I personaly find it reassuring that some bunch of knuckle-heads are unable
> >to start a chip making facility like you support. The thought of finding
> >flourine compounds in the local river (where I get my tap water) or simply
> >dumped in the air is a little unsettling. Just because some group of bozo's
> >want to start a business is not sufficient justification for that to be
> >allowed.
> 
> A straw man. There is is no evidence that these startup companies are
> dumping stuff in rivers. Jeesh. The point is that large companies learn how
> to keep large staffs employed filling out paperwork, and they actually have
> come to see it is a good way to keep small companies from forming.

A straw man is where one claims one situation is analgous to another
different situation. This is not a straw man because we are talking about
the same issue but discussing the effect of size on behaviour.

Motorola, AMD, Sematech, etc. have all been fined over the last years for
doing just this to the waters around Austin. When I was working at Austin
Community College over the last 2 1/2 years (prior to going to work for
Tivoli - IBM 4 months ago) my primary responsibility was building a wafer
fab training facility at the Riverside campus from donations from these
folks and many others localy (Applied Material, Varian, etc.) I got to spend
a lot of time in site in areas that normaly are not open to outsiders. If
these big plants have problems regulating their emissions with their budget
and reams of paper just image what a startup hard for cash would do if they
thought they could get away with it "just this one time". I think the way
Crystal Semiconductor (ie fabless) does their design is the way to go for
small startups, simply rent production facilities from these other
companies. I know that, for example, each of the companies here in Austin
are in the process of shutting down older fabs and don't have plans to
upgrade them for at least a couple of years. For somebody like Crystal that
is a god send. It means they can bring products to market for costs way
below what it would have originaly cost, and the larger company gets to
bring in income on equipment it had originaly written off. Sounds like a
win-win to me.

Sorry, but a simple reading of the Austin American Statesman (admittedly a
shitty paper very highly biased) will provide numerous instances of such
dumps over the last few years.

> >It seems to me that many of the folks who recognize downsized workers pleas
> >for their 'right to a job' as so much bunk are at the same time supporting a
> >businesses right to start up. A pretty humorous double standard.
> 
> Not at all comparable.

But they are for the simple reason that we are talking about two entities
which each claim a right to some behaviour. And in this case directly
comparable because a person working is comparable to a business working.
Each provides services and expects a return.

Now the argument goes with persons that a person does not have a inherent
right to income. In other words if a company shuts down and they are laid
off w/o any other work forthcoming it is their fault for not seeking the
appropriate training and such (ie resources) to get another job with a
better future.

Now with business the claim is that they should have some rights comparable
to persons, however they should also be given the right to open their doors
for business even if they can't demonstrate some level of competency and
ability to survive in the market. This is carried to the point that they
should be allowed to operate without regulation or other forms of checks and
balances on their actions.

Now if a real person does not have a right to income if they don't posses
the requisite skills why should a business be allowed to do it without
showing the same sort requisite skills? Why should the local community be
forced to take on the burden of such a venture simply because the business
is a 'virtual' person? It is becoming pretty clear with the change in
welfare (which I support) that our society does not feel an obligation to
support folks for more than 2-3 years on the social dole without some return
on investment. Why should the city be required to provide utilities and
other services without some assurance they will get the public funds (ie
your money and mine) back? We as citizens in Austin certainly don't recieve
stock or other benefit from this other than the jobs it creates for persons
with the requisite skill.

> >I have never heard of anyone being arrested for giving away food, only
> >selling it without a license. I bet the Salvation Army soup kitchen would be
> >worried if this claim were true (they aren't and it ain't).
> 
> Then you weren't reading the thread, which in several posts described this
> very situation. "Food Not Bombs" was giving away soup, chile, and other
> such stuff at a park in Santa Cruz (and maybe elsewhere, e.g., San
> Francisco). They were busted.
> Now do you understand the situation?

I understand that they were arrested for the noise and such and not for the
food. The reason that the permit was refused (wrongly I agree) was that the
HD did not want the people out on the street causing a disturbance.

What they did should be protected if it is in the right place and at the
right time. The right of the poeple to assemble has an important caveat.
If I may,

 
				ARTICLE I. 
 
	Congress shall make no law respecting an establishment of religion, 
or prohibiting the free exercise thereof; or abridging the freedom of 
speech, or of the press; or the right of the people peaceably to assemble, 
and to petition the Government for a redress of grievances. 
 
 
If you will notice it says 'peaceably', I do not believe this should include
standing on the corner with a bullhorn screaming at people. A more
appropriate strategy would have been to walk over and give the government
folks food also with little political pamphlets wrapped around their
weenies. They would have most likely eaten their food, looked at the
pamphlet, got a good chuckle and gone back to being good little prols.

As the situation was at fist described is not quite how it was. This bozo
apparently was on the corner with the direct intention of harrassing folks.
This is uncalled for behaviour in such a situation. I agree with the
conclusion that there was an alterior motive other than feeding the
homeless. It sounds more like a podium for a personal tirade.


                                                Jim Choate






From fallenangel at multipro.com  Sat Aug  3 06:01:49 1996
From: fallenangel at multipro.com (Fallen Angel)
Date: Sat, 3 Aug 1996 21:01:49 +0800
Subject: problem
Message-ID: <3203D296.2E30@multipro.com>


I unsubscribed from your mailing list so why am I still receiving 
email from it. I No longer wish to receive any more mail, so please stop 
it.

Fallen Angel
fallenangel at multipro.com





From wb8foz at nrk.com  Sat Aug  3 07:02:31 1996
From: wb8foz at nrk.com (David Lesher)
Date: Sat, 3 Aug 1996 22:02:31 +0800
Subject: FAA to require transponders on all aircraft passengers
In-Reply-To: <v02120d0bae2873a00df4@[192.0.2.1]>
Message-ID: <199608031156.HAA07017@nrk.com>


> 
> According to KCBS, a local radio station, the FAA has closed a long
> anticipated deal with a manufacturer of transponder devices. The goal of
> the system to be deployed nationwide is to match aircraft passengers to
> their luggage and thereby identify unaccompanied luggage on board an
> aircraft.

I thinks they have mixed their marbles....

The FAA is trialing (at the Olympics & Oshkosh) a GPS
rx/transponder; piped into a moving map.

The reason is their existing long-range radar (called ARSR --
Air Route surveillance Radar) is very long in the tooth, & they
have no hope of getting money to replace it. (Their recent 50
mile system procument, the ASR-9, looked like the worst of the
Sgt. York & the V-22...)

Note they spend $3-400E6 annually on radar maint. alone. [I
suspect they have to buy their vacuum tubes from St. Petersburgh,
the last source of them...]

The GPS scheme could replace:
	Primary Radar
	VOR [en route nav. -- lots of ground transmitters {?200?}
	scattered around country]
	ILS [instrument landing system]

It's the only rational thing I've seen the FAA pursue, vice be
forced into, in 20 years....

-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From ravage at einstein.ssz.com  Sat Aug  3 07:22:09 1996
From: ravage at einstein.ssz.com (Jim Choate)
Date: Sat, 3 Aug 1996 22:22:09 +0800
Subject: A Libertine Question (fwd)
Message-ID: <199608031145.GAA12155@einstein>



Forwarded message:

> Date: Fri, 2 Aug 1996 23:36:37 -0700 (PDT)
> From: Sandy Sandfort <sandfort at crl.com>
> Subject: Re: A Libertine Question (fwd)
> On Sat, 3 Aug 1996, Jim Choate's dog wrote:
> 
> > Really? Then would you mind explaining why costs rise over time
> > instead of going down?
> 
> Gladly. Prices rise over time because of inflation of the money 
> supply.  While it is possible for private actors to temporarily
> inflate the money supply (e.g., extension of credit by banks),
> only the government can increase the money supply indefinitely.  
> Inflation is the most insidious form of "taxation."  It steals
> silently and punishes the savings in favor of consumption.

Then why didn't the costs rise at the same rate as the general inflation
rate instead of tens of times faster? If the cost of airline tickets matched
the rise in milk then my gallon of milk would cost over $10 instead of the
$2 (this x5 factor I got from a news show the other nite, I have not
verified it) it costs now (and it has remained pretty constant over the last
10 years or so arguing that something has been balancing that inflation rate).
Since the inflation rate on a dollar is flat across the board in our economy
simple inflation does not account for this rise in prices in a niche market.
I guess it could be in the case of airlines because they have had to increase
the fairs to pay for the increase in aircraft loss due to crashes and fatigue
(airlines are not replacing their aircraft as fast now as they did in the
regulation days, one of the reasons Beoing and other commercial companies
are having such a hard time.) over the last few years as well as the rise in
the price of their insurance premiums since deregulation to compensate for
the increased payouts both due to increased frequency of crashes since
deregulation and the increase in the payouts to the victims and their families.
I would guess that insurance companies don't like paying for a multi-million
dollar plane unless they have to. They are in the business of not paying off
after all.

> > Insurance has become involved in the medical industry, what
> > happened? The cost has gone through the roof. The airplane
> > industry was deregulated in the late 70's, what happened? The
> > price of a ticket went up...yada yada yada.
> 
> Technically, Jim's logical fallacy is called /post hoc, ergo 
> propter hoc/, after this, therefore on account of this.

If it was a single case I would agree, the reason that I put several
unconnected fields which share one thing, the loss of government regulation.
What we are looking at is a inflation rate for unregulated commodities
like milk (for example) and compare them to the difference in operating
costs between a regulated versus a unregulated role. It is clear that with
a increase of x5 in this area and something like < x2 in the commodities
area that something is at play here other than pure inflation.

> > If this is so then by your own argument, business are operated
> > by people therefor they are people...
> 
> Nope, that's not what I said.  This fallacy is called a "straw
> man."  It is a weak or mistated opposing argument set up by a 
> politician or debator, etc., in order that he may attack it and
> gain an easy, showy victory.

A straw man is where I take one situation and compare it to another. I am
taking your supposition and applying it to a economic model that fits both
cases. Both businesses and individuals survive by trading their outgoing
products for incoming products. The issue is whether the rules that apply to
one should apply to another. If you look at the gross cash flow between a
business and a individual they are identical. Since we are talking about
gross cash flow in both cases it does not qualify for straw man status.

> > Is your contention that because I own and
> > operate a computer it should be given rights?
> 
> Nope.  Whatever gave you that idea?

Your contention was that a business should enjoy some of the same rights
that a person does because it was owned and operated by a person or persons.
Since I own and operate my computer and it is an inanimate object like the
system of rules and procedures used by a business they are comparable in
this case, as is comparison to any other inanimate object. The key points
here are that people have rights and your contention that because businesses
are owned and operated by people they should have rights as well. My goal is
to determine your litmus test (if you will) as to how you determine that a
business is eligible for such right but a automobile is not. Simply saying
they are different is not sufficient in this case.

> > > > Businesses are a system of rules and procedures...
> > > 
> > > Made and enforced by PEOPLE.  Jim is begging the question.
> > 
> > Which question would that be? "Should businesses be considered
> > people with the same rights and priviliges?"
> 
> Nope.  You just don't get it, do you?

I get it, it just doesn't make sense when looked at the way you are looking
at because you have still failed to elucidate your litmus test. Obviously it
is more complicated than simple ownership or else anything owned would
qualify. I am simply requesting clarification of the remainder of the test.
It is hard to evaluate a theory if you don't have access to the whole thing.
Sorta similar to analyzing a crypto algorithm via public peer revue.
Generaly considered a bad thing.


                                             Jim Choate








From matts at cyberpass.net  Sat Aug  3 07:34:58 1996
From: matts at cyberpass.net (Matts Kallioniemi)
Date: Sat, 3 Aug 1996 22:34:58 +0800
Subject: List for crypto minus political rubbish
Message-ID: <2.2.32.19960803123859.0034a45c@cyberpass.net>


At 15:25 1996-08-02 -0500, W.K. Woelbeling wrote:
>I am looking for a source of info on crypto.  While this list is of interest
>to (many) people, I find that the amount of political ranting outweighs any
>nuggets of information concerning cryptography.  Pointers?
>
>Bill

Just about everything on cryptography has already been said far too many
times. Just read Applied Cryptography and be done with it. What remains to
discuss is politics, psychology and marketing. How do you get people to use
the cryptography that already exists and how will the authorities react when
people do use it.

Matts






From jya at pipeline.com  Sat Aug  3 08:20:46 1996
From: jya at pipeline.com (John Young)
Date: Sat, 3 Aug 1996 23:20:46 +0800
Subject: List for crypto minus political rubbish
Message-ID: <199608031334.NAA10748@pipe3.t1.usa.pipeline.com>


On Aug 03, 1996 14:38:59, 'Matts Kallioniemi <matts at cyberpass.net>' wrote: 
 
>Just about everything on cryptography has already been said far too many
times.  
>Just read Applied Cryptography and be done with it. What remains to
discuss is  
>politics, psychology and marketing. How do you get people to use the  
>cryptography that already exists and how will the authorities react when
people  
>do use it. 
 
 
An exemplary air-clearing for a smoke-filled agenda; and two challenging
questions which may pose a High Noon amongst munitions-slingers. Bravo,
Matts, for cryptic concision. 
 
 
 





From dlv at bwalk.dm.com  Sat Aug  3 08:36:14 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Sat, 3 Aug 1996 23:36:14 +0800
Subject: A Libertine Question (fwd)
In-Reply-To: <Pine.SV4.3.91.960803005947.1359E-100000@larry.infi.net>
Message-ID: <qq43RD13w165w@bwalk.dm.com>


Alan Horowitz <alanh at infi.net> writes:
> Corporations are state-created persons [legal definition of "person", not
> colloquial vernacular]. They have some privileges which have surface
> resmblence to the rights of natural people. For example, they can "have
> standing" in a court to initiate a legal proceeding - in their own name,
> not that of an agent or employee or trustee.

Corporations could also own property at the time when many "real" persons
could not. Corporations could also be granted monopoly rights by the state,
like an exclusive right to trade with a certain region.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From declan at eff.org  Sat Aug  3 08:36:48 1996
From: declan at eff.org (Declan McCullagh)
Date: Sat, 3 Aug 1996 23:36:48 +0800
Subject: Tolerance (fwd)
In-Reply-To: <199608030750.CAA11930@einstein>
Message-ID: <Pine.SUN.3.91.960803063907.28773A-100000@eff.org>


On Sat, 3 Aug 1996, Jim Choate wrote:

> 
> It isn't my interpretation. Perhaps you should have paid better attention in
> class. These issues have never been tested in a court of law in the US in
> regards to computer networks and their special nature.

[...]

> That is a two edged sword. Where did you get your law degree? My lawyers
> both got theirs at UT Austin Law School. Both are federal lawyers and both
> have argued before the Supreme and are currently allowed to argue before the
> Supremes.


I've deleted most of Jim's meanderings above, mostly because I'm 
fascinated by the credentialism in the graf above.

He implies, without directly saying so, that "his lawyers" have weighed 
in on this dispute and agree with him. Of course this is hardly likely; 
he advances no coherent legal theory. (Except the "public forum" 
argument, which might apply to Usenet, but not cypherpunks.)

This is attempted proof by credentalism. I call him on it. 

Okay, Jim, what _do_ your lawyers say on this? Have you asked them? I,
too, have an attorney, a civil liberties specialist and a graduate from
Princeton law. So what? 

-Declan



// declan at eff.org // I do not represent the EFF // declan at well.com //






From corbet at stout.atd.ucar.edu  Sat Aug  3 09:12:44 1996
From: corbet at stout.atd.ucar.edu (Jonathan Corbet)
Date: Sun, 4 Aug 1996 00:12:44 +0800
Subject: AP story: Police look for Olympic bombing Internet link.
In-Reply-To: <v03007803ae2846cb0c98@[17.202.12.102]>
Message-ID: <199608031426.IAA25403@atd.atd.ucar.EDU>


> Bomb-making instructions
> available through the global computer network have contributed to an
> increase in bombings in the United States, authorities say.

My local paper (a Knight-Ridder rag) printed this story -- unquestioned --
as well.  Needless to say, I think a statement like this needs to be
responded to.  Letters to the editor, folks!  Wouldn't it be nice to have a
press that did a little more than print what the "authorities" have to say?

(This, of course, is the same paper that printed the recipe for a pipe bomb
on the front page after the explosion in Atlanta.  They included the
Elmer's glue and the all-important nails for best lethal effect -- you
might want to amend your sig again, Tim...:-)

Meanwhile, I have a question: as far as I know, no bombing has actually
been tied to the Internet in any way.  Does anybody know otherwise?  Even
though it's not really relevant to the principles of the debate here, it
seems worth pointing out.

jon





From declan at eff.org  Sat Aug  3 09:39:57 1996
From: declan at eff.org (Declan McCullagh)
Date: Sun, 4 Aug 1996 00:39:57 +0800
Subject: problem
In-Reply-To: <3203D296.2E30@multipro.com>
Message-ID: <Pine.SUN.3.91.960803064650.28773B-100000@eff.org>


I received a similar message in private email from the same person.

Obviously, he/she didn't know how to 'unsubscrive' properly. Hint: try 
email to majordomo at toad.com.

-Declan


On Sat, 3 Aug 1996, Fallen Angel wrote:

> I unsubscribed from your mailing list so why am I still receiving 
> email from it. I No longer wish to receive any more mail, so please stop 
> it.
> 
> Fallen Angel
> fallenangel at multipro.com
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From joelm at eskimo.com  Sat Aug  3 09:53:50 1996
From: joelm at eskimo.com (Joel McNamara)
Date: Sun, 4 Aug 1996 00:53:50 +0800
Subject: FAA to require transponders on all aircraft passengers
Message-ID: <199608031349.GAA18917@mail.eskimo.com>


This does seem to be real.  CNet has a few more details:

http://www.cnet.com/Content/News/Files/0,16,2031,00.html

At 08:28 PM 8/2/96 -0700, you wrote:
>According to KCBS, a local radio station, the FAA has closed a long
>anticipated deal with a manufacturer of transponder devices. The goal of
>the system to be deployed nationwide is to match aircraft passengers to
>their luggage and thereby identify unaccompanied luggage on board an
>aircraft.
>
>Transponders will be affixed to all items of luggage and all passengers. If
>the system discovers a transponder on the luggage in the cargo hold without
>the corresponding transponder on the passenger on board, an alarm will
>sound. I am not making this up.
>
>As many of you know, I have long predicted subcutaneous transponders to
>become widely deployed in the near future. First for child identification
>and monitoring of criminals, then, as the children grow up, as universal
>ID, driver license, proof of eligibility for employment, PIN substitute,
>etc.
>
>Today, we moved a step closer to this future.
>
>[Note that the transponders will have to be affixed to the passenger. An
>example would be a hospital style bracelet that stops working when removed.
>Why embedding the transponder in a hand carried item, such as a card, will
>not work is left as an exercise to the reader. Even an affixed device does
>not provide perfect security. You'd really have to embed the transponder in
>the body at an early age to make removal nearly impossible.]
>
>
>
>-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
>   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
>   Vote Harry Browne for President.
>
>
>
>






From wb8foz at nrk.com  Sat Aug  3 10:13:04 1996
From: wb8foz at nrk.com (David Lesher)
Date: Sun, 4 Aug 1996 01:13:04 +0800
Subject: FAA to require transponders on all aircraft passengers
In-Reply-To: <v02120d1cae291f445d20@[192.0.2.1]>
Message-ID: <199608031521.LAA07776@nrk.com>


> >I thinks they have mixed their marbles....

I get enlightened:
> 
>      Micron
>      Communications intends to utilize remote intelligent
>      communications (RIC) technology developed for its MicroStamp
{}
>      small-outline integrated circuit (SOIC) plastic package. Micron
>      Communications believes that the MicroStamp integrated circuit is
>      the first wireless communications technology to integrate a
>      single-chip CMOS solution, which includes a direct sequence spread
>      spectrum (DSSS) microwave-frequency radio operating at 2.45GHz, a
>      microcontroller, and low-power static random access memory (SRAM).
>      It also contains a synchronous serial port allowing additional
>      memory expansion.


They are going to hang one of these on EVERY bag?

At what per-unit cost? 

It's all the airlines can do to get barcode labels on each piece
that geos by, much less even a credit-card-sized gadget. And how
many will they lose???

THEN think of the RFI problems.....


-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From shamrock at netcom.com  Sat Aug  3 10:16:37 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sun, 4 Aug 1996 01:16:37 +0800
Subject: FAA to require transponders on all aircraft passengers
Message-ID: <v02120d1cae291f445d20@[192.0.2.1]>


At 7:56 8/3/96, David Lesher wrote:
[Quoting Lucky]
>> According to KCBS, a local radio station, the FAA has closed a long
>> anticipated deal with a manufacturer of transponder devices. The goal of
>> the system to be deployed nationwide is to match aircraft passengers to
>> their luggage and thereby identify unaccompanied luggage on board an
>> aircraft.
>
>I thinks they have mixed their marbles....

Nope. This from Micron's website:

Editorial Contact:

     Julie Nash, Micron Technology, (208) 368-4400
     Web Site URL http://www.micron.com
     Fax-on-demand: 800-239-0337

     FOR IMMEDIATE RELEASE

     MICRON COMMUNICATIONS, INC., ANNOUNCES AGREEMENT WITH THE FEDERAL
     AVIATION ADMINISTRATION

     Boise, Idaho, August 2, 1996 - Micron Communications, Inc., today
     announced a Cooperative Research and Development Agreement (CRDA)
     with the Federal Aviation Administration (FAA) to develop a model
     Positive Passenger Baggage Matching (PPBM) system. The objective
     of this PPBM system is to automatically recognize when baggage has
     been placed on an aircraft without an associated passenger. Micron
     Communications intends to utilize remote intelligent
     communications (RIC) technology developed for its MicroStamp�
     family of products to design a security system which will enhance
     current systems and provide efficient tracking of passengers and
     baggage.

     "Micron Communications is proud to be associated with products
     that are designed to help increase the safety of airline travel,
     while providing operational benefits to the industry and
     increasing the convenience to the traveler," said John R. Tuttle,
     Chairman and President of Micron Communications, Inc. "Our
     experience in microelectronics and systems design should enable us
     to develop systems that use tomorrow's technology in finding
     solutions to these important problems."

     "Once again, an Idaho company is breaking new ground," Senator
     Larry Craig said. "As chairman of the Congressional-White House
     Task Force on Terrorism, its exciting to see this kind of
     high-tech advancement in security being developed here at home by
     Micron Communications, Inc. The Positive Passenger Baggage
     Matching system is exactly the kind of common-sense answer we are
     looking for to improve airline safety and give us all greater
     comfort when we fly in the future, " Craig continued.

     Current MicroStamp-based products include the MicroStamp credit
     card-sized device and the MicroStamp Engine� in a 20-pin,
     small-outline integrated circuit (SOIC) plastic package. Micron
     Communications believes that the MicroStamp integrated circuit is
     the first wireless communications technology to integrate a
     single-chip CMOS solution, which includes a direct sequence spread
     spectrum (DSSS) microwave-frequency radio operating at 2.45GHz, a
     microcontroller, and low-power static random access memory (SRAM).
     It also contains a synchronous serial port allowing additional
     memory expansion.

     RIC units are different from RFID tags because they have a central
     processing unit (CPU), memory and microwave on board. This
     combination allows RIC units to perform more applications than
     low-performance RFID tags that use older technology at lower
     frequencies. MicroStamp RIC units are more powerful and more
     flexible than RFID units. They are also smaller and cost less than
     other RIC units of comparable performance.

     Systems integrators, original equipment manufacturers or end users
     interested in the MicroStamp family of products should contact
     Micron Communications Customer Service department, 1-888-MSTAMP1,
     (888-678-2671).

     Micron Communications, Inc., is a subsidiary of Micron Technology,
     Inc., whose common stock is traded on the New York Stock Exchange,
     Inc. (NYSE) under the symbol MU.

     MicroStamp and MicroStamp Engine are trademarks of Micron
     Communications, Inc.


-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From deviant at pooh-corner.com  Sat Aug  3 10:57:04 1996
From: deviant at pooh-corner.com (The Deviant)
Date: Sun, 4 Aug 1996 01:57:04 +0800
Subject: algorithms for verifying U.S. IP address ...
In-Reply-To: <199608011606.JAA23574@ohio.chromatic.com>
Message-ID: <Pine.LNX.3.94.960803160517.150A-100000@switch.sp.org>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 1 Aug 1996, Ernest Hua wrote:

> Date: Thu, 1 Aug 1996 09:06:40 -0700
> From: Ernest Hua <hua at chromatic.com>
> To: cypherpunks at toad.com
> Cc: hua at chromatic.com
> Subject: algorithms for verifying U.S. IP address ...
> 
> How does one verify that an IP address is coming from a U.S. site?
> How do most FTP site (e.g. those which carry crypto) determine the
> origins of a connection?
> 
> It seems to me that if the NSA/DoS is serious about keeping crypto
> strong for U.S. internal use, then they would help establish a
> method for U.S.-only interchange of this sort of software.  It is
> clear, however, that they do NOT have an interest in helping with
> this identification effort as it will thwart their own efforts at
> tapping U.S. (er ... oh gee ... they're NOT suppose to do that,
> right?  okay, they must not be doing it then ...)
> 
> Ern
> 

You might want to look around on www.internic.net/ftp.internic.net...
they have a set of rules that define this.

 --Deviant
Try `stty 0' -- it works much better.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgN48DAJap8fyDMVAQEZ0gf/S0waHw/HaXSM2J5l0gQ8DWkcueTTtfHz
yZb8827kUh9eX6eNOq4ZITc9H563WLW0+KBjM7Uxy6Bijz3Hyq/mS3APLaBMysHo
zzRjFhSfCoBO1Jx7e6XrOHUb3wZQWw6TbvyyCypB14WA08NcvDlXFGanGhBM0fZM
Y+HwGpWY+uaCtR16RaDh/oyY0YNu7I0gOOrh4KuyNRE6Y+if82ABzTfNmZcp93Ob
s8mPrZFPKhsc+Mzu3nbmCmnSYTWCOLlWy58DNRzRHt7RlqAPlSDBAscncyJ/VDYz
nfAGBYiAUXVFm1owaEO0zRFKeQXsWQgJJwlVqfqXtN+cQSlDVH4MWQ==
=9cEF
-----END PGP SIGNATURE-----






From ravage at EINSTEIN.ssz.com  Sat Aug  3 10:57:07 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Sun, 4 Aug 1996 01:57:07 +0800
Subject: Tolerance (fwd)
Message-ID: <199608031527.KAA12332@einstein>



Forwarded message:

> Date: Sat, 3 Aug 1996 06:44:54 -0700 (PDT)
> From: Declan McCullagh <declan at eff.org>
> Subject: Re: Tolerance (fwd)

> > 
> > It isn't my interpretation. Perhaps you should have paid better attention in
> > class. These issues have never been tested in a court of law in the US in
> > regards to computer networks and their special nature.

> 
> [...]
> 
> > That is a two edged sword. Where did you get your law degree? My lawyers
> > both got theirs at UT Austin Law School. Both are federal lawyers and both
> > have argued before the Supreme and are currently allowed to argue before the
> > Supremes.
> 
> 
> I've deleted most of Jim's meanderings above, mostly because I'm 
> fascinated by the credentialism in the graf above.

What credentials mine or the lawyers?

> He implies, without directly saying so, that "his lawyers" have weighed 
> in on this dispute and agree with him.

Hmmm, I looked back over this and I fail to see where this interpretation
can be taken. Perhaps you as well read more than is on the page. If you
would like to address specific issues then perhaps there would be some basis
for dialog.

> Of course this is hardly likely; 
> he advances no coherent legal theory. (Except the "public forum" 
> argument, which might apply to Usenet, but not cypherpunks.)

I have advanced several coherent theories. My primary one being that if the
9th and 10th are included in Constitutional interpretation many of the
issues, such as crypto and gun ownership, become trivial issues to resolve.
As to if it applies to cpunks and other similar 'private' resources, we will
just see how the court cases fall down the road.

> This is attempted proof by credentalism. I call him on it. 

Not any more than the original comments I was responding to. Anyway, what is
yoru credentials to 'call' me on it? While it may be true that you don't
agree with my views that hardly carries the weight to dismiss those views
out of hand. You sir, are not the legal benchmark in this country. I am
simply trying to change something I see as unjust.

> Okay, Jim, what _do_ your lawyers say on this? Have you asked them? I,
> too, have an attorney, a civil liberties specialist and a graduate from
> Princeton law. So what? 

Yes, I have asked them, both. They both agree that the issues that I raise
have NOT been tested in a court of law in this country (or any other) and
that it is possible that the inclusion of the 9th and 10th in a civil liberties case
could prove quite unsettling.  They have also warned me that quite a bit of
current legal precedence is in fact against my views. I accept this, just as
the folks who fought for womens suffrage or the end to slavery fought
against societies which enacted laws and policies that while accepted by the
vast majority as the status quo were never the less wrong. If my views were
the commen standard we wouldn't be having this discussion in the first
place.









From snow at smoke.suba.com  Sat Aug  3 10:58:26 1996
From: snow at smoke.suba.com (snow)
Date: Sun, 4 Aug 1996 01:58:26 +0800
Subject: fbi, crypto, and defcon
In-Reply-To: <v02120d08ae2866db0ddc@[192.0.2.1]>
Message-ID: <Pine.LNX.3.93.960803102345.928E-100000@smoke.suba.com>


On Fri, 2 Aug 1996, Lucky Green wrote:
> At 8:50 8/2/96, Paul J. Bell wrote:
> >i, for one, and perhaps others on the list as well, would be interested in
> >hearing
> >what you mean when you say, "At&t, Microsoft, etc) who are ripping people
> >off on a
> >daily basis".
> >for example, in what way is AT&T ripping people off? and what about
> >microsoft?
> Its up to you what you call it, but here is an interesting example:
> An international phone call costs about 2 cents/min to produce. The average
> rate paid for by the consumer is 62 cents. That's means the carriers mark
> up this particular product by an amazing 3000%.
> Can you name another business that has comparable mark-ups?

     Drug (LSD) dealers.

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From sparks at bah.com  Sat Aug  3 11:02:22 1996
From: sparks at bah.com (Charley Sparks)
Date: Sun, 4 Aug 1996 02:02:22 +0800
Subject: List for crypto minus political rubbish
Message-ID: <v02140b04ad1058e92338@[156.80.2.159]>


<rant>
Personally, I enjoy some of the rantings, although I would like a forum for
new users to get some help and guidance.. perhaps they can scan my ISP to
see if I have accessed some bomb making info ...
</rant>


>Status: U
>Date: Sat, 3 Aug 1996 13:34:10 GMT
>To: Matts Kallioniemi <matts at cyberpass.net>
>Subject: Re: List for crypto minus political rubbish
>From: jya at pipeline.com (John Young)
>Cc: cypherpunks at toad.com
>X-PipeUser: jya
>X-PipeHub: pipeline.com
>X-PipeGCOS: (John Young)
>Sender: owner-cypherpunks at toad.com
>Precedence: bulk
>
>On Aug 03, 1996 14:38:59, 'Matts Kallioniemi <matts at cyberpass.net>' wrote:
>
>>Just about everything on cryptography has already been said far too many
>times.
>>Just read Applied Cryptography and be done with it. What remains to
>discuss is
>>politics, psychology and marketing. How do you get people to use the
>>cryptography that already exists and how will the authorities react when
>people
>>do use it.
>
>
>An exemplary air-clearing for a smoke-filled agenda; and two challenging
>questions which may pose a High Noon amongst munitions-slingers. Bravo,
>Matts, for cryptic concision.
>
>
>
>







From snow at smoke.suba.com  Sat Aug  3 11:13:38 1996
From: snow at smoke.suba.com (snow)
Date: Sun, 4 Aug 1996 02:13:38 +0800
Subject: "adjust your attitude with their billy club" (fwd)
In-Reply-To: <199608030343.WAA11512@einstein>
Message-ID: <Pine.LNX.3.93.960803103512.928G-100000@smoke.suba.com>


On Fri, 2 Aug 1996, Jim Choate wrote:
> fast. We are the ones your mother warned you about. Were pissed off enough
> that we aren't going to use violence and such, we intend to use your own
> system of rules against you.

     As a member of the same genereation I would like to add that the use 
of violence is not completely ruled out either.  


Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From snow at smoke.suba.com  Sat Aug  3 11:13:42 1996
From: snow at smoke.suba.com (snow)
Date: Sun, 4 Aug 1996 02:13:42 +0800
Subject: A Libertine Question (fwd)
In-Reply-To: <199608030308.WAA11470@einstein>
Message-ID: <Pine.LNX.3.93.960803102059.928D-100000@smoke.suba.com>


On Fri, 2 Aug 1996, Jim Choate wrote:
> built it and occupy it. My dog has a better argument for civil rights than
> any business, it breaths and shits. Would you seriously give my dog a vote?
> I shure won't, and I won't support any business with rights.

     I bet your dog would vote better than a lot of people I know. 

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From clopez at nayar.uan.mx  Sat Aug  3 11:30:20 1996
From: clopez at nayar.uan.mx (Carlos L. Mariscal)
Date: Sun, 4 Aug 1996 02:30:20 +0800
Subject: [off-topic] roving wiretaps
In-Reply-To: <rogervif183vx.fsf@sturgeon.coelacanth.com>
Message-ID: <Pine.SUN.3.91.960803093240.20572A-100000@nayar.uan.mx>



> >>>>> Cerridwyn Llewyellyn <ceridwyn at wolfenet.com> writes:
> 
>   >> One should understand that monitoring cellular traffic is *much*
>   >> more difficult than tapping a conventional phone...
> 
>   > I'd have to disagree on that point.  Monitoring cellular traffic
>   > requires nothing more than a cellular phone, and some software
>   > which enables you to follow calls through the cells, for a total
>   > cost of about $500...
> 

	So, it is MUCH more difficult, or at least more expensive; anyone 
can get a beige box for less than US $10, right? And clipping it onto 
MaBell boxes takes less of a brain than programming or modifying a 
scanner or a cellular phone.   :)

    __       
    ||     
   ====         'If you can dream of it
   |  |__       then you can manage it'
   |  |-.\     
   |__|  \\         clopez at nayar.uan.mx
    ||   ||         
  ======__|     
 ________||__   
/____________\   Carlos L. Mariscal
	





From tcmay at got.net  Sat Aug  3 11:31:15 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 4 Aug 1996 02:31:15 +0800
Subject: AP story: Police look for Olympic bombing Internet link.
Message-ID: <ae28cf25000210049ea4@[205.199.118.202]>


At 2:26 PM 8/3/96, Jonathan Corbet wrote:

>My local paper (a Knight-Ridder rag) printed this story -- unquestioned --
>as well.  Needless to say, I think a statement like this needs to be
>responded to.  Letters to the editor, folks!  Wouldn't it be nice to have a
>press that did a little more than print what the "authorities" have to say?
...
>Meanwhile, I have a question: as far as I know, no bombing has actually
>been tied to the Internet in any way.  Does anybody know otherwise?  Even
>though it's not really relevant to the principles of the debate here, it
>seems worth pointing out.

But, as I keep saying, this is not a very useful argument. Given that
bomb-makers get their information somewhere (encyclopedia articles, books,
Loompanics catalogs, etc.) and given that the Web is beginning to seriously
compete with these traditional sources, I have no doubts that the Net will
sooner rather than later be implicated in a bombing.

If one makes the arguments the the Net should not be regulated because it
has not been used to supply information for a crime, then what happens when
the Net *is* implicated? That particular argument then crumbles.

I prefer to argue it this way: "Sure, the Net could be used for information
on bombs. So could encyclopedias, books, "Time" and "Newsweek," and CNN. So
what? We don't throw out the First Amendment and our belief that people can
read and write what they want just because a few bombers may gain
knowledge. We don't shut down chemistry departments because bombers learn
about chemistry. And so on."

This is, I think, a more lasting and persuasive argument.

--Tim May

HOW TO MAKE A PIPE BOMB:
"Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack the powder. Don't even tap the bottom of the pipe to make it
settle.  You want the powder loose.  For maximum explosive effect, you need
dry, fine powder sitting loose in a very rigid container." (more
information at http://sdcc13.ucsd.edu/~m1lopez/pipe.html, or by using
search engines)







From master at internexus.net  Sat Aug  3 11:46:33 1996
From: master at internexus.net (Laszlo Vecsey)
Date: Sun, 4 Aug 1996 02:46:33 +0800
Subject: Anonymous Message Broadcast
Message-ID: <Pine.LNX.3.92.960803125401.4269B-100000@micro.internexus.net>


Has anyone implemented a simple anonymous chat system (an anonymous irc)
using the technique described in Applied Cryptography 2nd edition? I'm
speaking of the Anonymous Message Broadcast documented in section 6.3, it
begins on page 137.

Can the same system be implemented using base256 (unsigned char, 8bit ASCII)
instead of the simple on/off binary method that is described in the
explanation? How would it differ.

Thanks.

(define(RSA m e n)(list->string(u(r(s(string->list m))e n))))(define(u a)(if(>
a 0)(cons(integer->char(modulo a 256))(u(quotient a 256)))'()))(define(s a)(if
(null? a)0(+(char->integer(car a))(* 256(s(cdr a))))))(define(r a x n)(cond((=
0 x)1)((even? x)(modulo(expt(r a(/ x 2)n)2)n))(#t(modulo(* a(r a(1- x)n))n))))






From tcmay at got.net  Sat Aug  3 11:52:24 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 4 Aug 1996 02:52:24 +0800
Subject: FAA to require transponders on all aircraft passengers
Message-ID: <ae28d1fd0102100449d6@[205.199.118.202]>


At 3:21 PM 8/3/96, David Lesher wrote:

>They are going to hang one of these on EVERY bag?
>
>At what per-unit cost?
>
>It's all the airlines can do to get barcode labels on each piece
>that geos by, much less even a credit-card-sized gadget. And how
>many will they lose???
>
>THEN think of the RFI problems.....

It turns out that I'm one of the early investors in a start-up company
developing a very similar product, albeit (we hope) with some technological
advantages. Lucky Green, for one, has met the principals in this company
and can confirm what I'm saying.

(I began working with them, and investing, several years ago. It was partly
the long-term implications of their ideas which triggered my proposal a few
years back: the "position escrow system." Under position escrow,
citizen-units would voluntarily escrow their positions for access by
authorized law enforcement officers, dietary compliance agents, social
workers, and other interested officials. The system is voluntary, as key
escrow is voluntary, in that it only applies when people leave their houses
and use the public streets; they are of course free not to leave their
houses, and hence not to voluntarily escrow their movements.)

I heard about the Micron-FAA deal on CNN, and went to the Micron Web site
for details. It's a spread-spectrum system, so it may well work in a
luggage environment (though perhaps not as well as the units planned by the
company I'm an investor in).

The "every bag" point is feasible, though I would assume conventional
luggage tags would work adequately. "Per-unit" costs could be low
enough....these units will be reused many times, after all.

The RFI problems are actually the least of the concerns, given the "code
space" technology which is possible. (That is, tens of thousands of
transponders can share the same RF spectrum in a local environment by
allocation of frequencies or, even better, by using code space
allocation...there are some close parallels with cryptography, of course,
as there are in communications technology and spread-spectrum technology in
general.)

Personally, I'm not convinced that the Micron-FAA deal with accomplish
much, but the authorities are rushing to "do something," so struggling
Micron may get some of the largesse.

(Besides, "bag escrow" will allow other agencies--such as DEA--to sniff
bags for traces of cocaine residue and then automatically issue arrest
orders for the citizen-unit associated with the bag. The surveillance state
needs technology like this.)

--Tim May

HOW TO MAKE A PIPE BOMB:
"Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack the powder. Don't even tap the bottom of the pipe to make it
settle.  You want the powder loose.  For maximum explosive effect, you need
dry, fine powder sitting loose in a very rigid container." (more
information at http://sdcc13.ucsd.edu/~m1lopez/pipe.html, or by using
search engines)







From drosoff at ARC.unm.EDU  Sat Aug  3 12:05:41 1996
From: drosoff at ARC.unm.EDU (David Rosoff)
Date: Sun, 4 Aug 1996 03:05:41 +0800
Subject: Information gathering by news servers
Message-ID: <1.5.4.16.19960803171637.3b574292@arc.unm.edu>


-----BEGIN PGP SIGNED MESSAGE-----

At 12.33 PM 8/2/96 -0400, Scott McGuire wrote:
>How much information about what someone reads can be gathered
>by a news server?  Is there an anonymous way to read a public
>news server, or would a server have to be set up intentionally
>to allow anonymous reading?

You could use the Anonymizer (http://www.anonymizer.com/) in
combination with a Web Usenet archive: Dejanews, for example.
(http://www.dejanews.com/).

===============================================================================
David Rosoff (nihongo ga sukoshi dekiru)  --------------->  drosoff at arc.unm.edu
PGP public key 0xD37692F9 -----> finger drosoff at acoma.arc.unm.edu or keyservers
0xD37692F9  Key fingerprint =  25 7D AA 01 85 41 43 89  50 5A 33 76 F1 F1 99 67
Do you know who's reading your email? ---> http://www.arc.unm.edu/~drosoff/pgp/
Is it a forgery? --- I have PGP signed all email and news posts since May 1996.
===============================================================================
"Relax. It's not a real alarm. They can't crack _Pentagon_ codes. Can they?" :p

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgOHcBguzHDTdpL5AQE2QAQArHuoLVA0dOJ+LddI2TumYvD/vaFrWBmI
LQ3pDNlDRHdyY7u1RouVKkJbYVTvxNZCKQyaWYMgcA38eZl52V65DFq+N11Jhwm4
egCBlOlezDjPOeTk/nK25Ojavdb8ABtqGXGRFf4GwfFBQPq2kApzi8MewYEYeCJG
HaofCy5FDWU=
=bG1v
-----END PGP SIGNATURE-----






From minow at apple.com  Sat Aug  3 12:09:27 1996
From: minow at apple.com (Martin Minow)
Date: Sun, 4 Aug 1996 03:09:27 +0800
Subject: fbi, crypto, and defcon
In-Reply-To: <v02120d08ae2866db0ddc@[192.0.2.1]>
Message-ID: <v03007801ae2933d82e72@[17.219.102.152]>


Lucky Green opines:
>
>An international phone call costs about 2 cents/min to produce. The average
>rate paid for by the consumer is 62 cents. That's means the carriers mark
>up this particular product by an amazing 3000%.
>
>Can you name another business that has comparable mark-ups?
>

Well, software comes to mind.

In the international telephone case, you are paying 2 cents for the
call, and 60 cents for being able to place the call when you want to.

It's time for a story:

Once upon a time, Westinghouse's chief turbine engineer was called
to a power plant to diagnose a problem. He walked around the turbine
for a while, listened to it, thought for a bit, then took out a piece
of chalk and drew an X on the housing. "There is a bad bearing here;
replace it."

Westinghouse sent a bill for $10,000 for the diagnosis.

The power plant objected to the sum and asked for an itemized invoice.

Westinghouse sent: $0.05 for the chalk, $9999.95 for knowing where
to put the chalk.

Martin.







From mclow at owl.csusm.edu  Sat Aug  3 12:20:05 1996
From: mclow at owl.csusm.edu (Marshall Clow)
Date: Sun, 4 Aug 1996 03:20:05 +0800
Subject: FYI: CTST Conference Proceedings
Message-ID: <v03007800ae2446adf096@[207.67.246.99]>


I received thei week an advertisment for the 1996 CardTech/SecureTech conference proceedings.
These people have a web site at <http://www.ctst.com>, but it's really lame. 
(It doesn't contain this table of contents, for example)


Since I am not building/using/designing smart card technology right now, I won't be buying it.
However, the some of the titles caught my eye:

Does anyone have access to this kind of stuff, and would they be willing to post a summary?

Here's a (partial) TOC:

Volume 1 - Technology

Changing the face of Money
    The Legislature's Perspective on the Future of Money
    Legal and Regulatory Challenges on the Development of Digital Money
    Privacy and American Business

Introduction to Card and Identification Technology
...

Advanced Identification Technology Workshop
    ...
    Advances in Signature Verification
    A Proposed Standard for Biometric Decidability
    New Imaging Technology Enables Non-intrusive Credit Card Fraud Prevention
    Secure Private Key Generation using a Finderprint
    Photo-ID Encryption and Pattern Recognition for Counterfeit Resistance
   The Voice Password(tm) Chip Low-Cost Biometric Security
   A Direct Fingerprint Reader

Smart Card Technology Seminar
...

Magnetic Stripe Card Technology Seminar
...

Biometric Technology Seminar
...

Optical Memory Card Technology Seminar
...

RFID Technology Seminar
...

PC Card Technology Seminar
...

2-D Bar Code Technology Seminar
...


Volume 2 -- Applications

Stored Value Card Applications Seminar
...

Telecommunications Applications Seminar
...

Government Applications Seminar
    Go Beyond Security -- Build in Privacy: One Does Not Equal The Other
    ...
    A Citizen Card for Europe
    The Spanish Social Security Card Project (TASS)
    Government Cards and the Information Age

Information Security Applications Seminar
...

Physical Security Applications Seminar
...

Financial Applications Seminar
...

Retail & Loyalty Applications Seminar
...

Large Scale Identifications Seminar
    What's New in Licensing and Department Motor Vehicles Applications
    Welfare ID at the Point of Transactions Using Fingerprints & 2D Bar Codes
    INS Card Production Strategies and Initiaitives
    Counterfeiting of Cards
    Korean IC Card Market and Trends of Development and Investment
    Campus-Wide CardIssuance at the State University of New York
    National ID Programs Around the World
    Trends in National ID Programs
    The Future of Large Scale Identification Applications


Health Care Applications Seminar
...

Transportation Applications Seminar
...

University Applications Seminar
...

-- Marshall

Marshall Clow     Aladdin Systems   <mailto:mclow at mailhost2.csusm.edu>

"We're not gonna take it/Never did and never will
We're not gonna take it/Gonna break it, gonna shake it,
let's forget it better still" -- The Who, "Tommy"







From tcmay at got.net  Sat Aug  3 12:20:16 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 4 Aug 1996 03:20:16 +0800
Subject: TrustBucks
Message-ID: <ae28d609020210043d2d@[205.199.118.202]>


At 6:11 AM 8/2/96, TrustBuckFella wrote:
>An alternative model of electronic money.
>
>Every model of electronic money I know of except one retains some degree
>of centralization. There is always a central "mint", usually a bank. If
>you can't find a bank that acts the way you want, you're SOL. And the
>only thing that enforces non-abuse (inflation, etc) by the bank is the
>equivalence of electronic money to some form of "real" money. The sole
>exception is Digicash. Unfortunately, Digicash has no restraint on
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>infinite spending-into-debt.
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

You want to elaborate on this contention?

If Alice transfers Digicash-type money to Bob, this is because Alice either
bought the DC-money someplace, or already had it, or otherwise arranged
with a bank to make the transaction. Maybe the bank "loaned" her money she
didn't already have, but this is a completely separable issue from the form
of DC-money.

So what is this "restraint on infinite spending-into-debt"? Gullible
lenders can always lend her vast amounts of money which she may never
repay, but this is fully separable from what transfer protocol she uses to
"spend" this loaned money.

If, on the other hand, your point is something about inflation, this is
also separable. Digicash and other forms of electronic money are generally
not currencies per se, but are a kind of transfer order, more like a check.
As such, not directly implicated in the issue of inflation.

>I'm not going to try to develop the cryptographic protocols for
>TrustBucks. I haven't got the requisite paranoia and pickiness
>(compliments both) for that. TrustBucks also has nothing in the way of
>anonymity and restraint on double-spending right now. If you can see how
>it could be anonymous or restrain double-spending and still work, please
>feel free to add.

No protocols. No anonymity. No protection against double-spending.

Looks promising. Keep us informed.

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From minow at apple.com  Sat Aug  3 12:27:19 1996
From: minow at apple.com (Martin Minow)
Date: Sun, 4 Aug 1996 03:27:19 +0800
Subject: More evidence that democracy is bunk
In-Reply-To: <v02120d09ae28692597a7@[192.0.2.1]>
Message-ID: <v03007802ae2935f4ad55@[17.219.102.152]>


Lucky Green writes:

>At 3:11 8/2/96, Deranged Mutant wrote:
>
>>If they were asked if they minded random searches of their bags and
>>belongings or required to carry photo-ID wherever they went, to be
>>presented on demand, would they still be willing?
>
>You bet. I remember a war on drugs releated poll from a few years back in
>which a majority supported warrantless searches of their homes.
>

At last month's SAFE (crypto policy) conference, one of the
legislators mentioned that someone snuck the text of the
Fourth Amendment into the crime bill, and it was voted down
in committee.

(It would be nice to dig this out of a transcript, so it doesn't
become an urban legand.)

Martin Minow
minow at apple.com







From minow at apple.com  Sat Aug  3 12:28:19 1996
From: minow at apple.com (Martin Minow)
Date: Sun, 4 Aug 1996 03:28:19 +0800
Subject: "And who shall guard the guardians?"
In-Reply-To: <199608030923.CAA22990@toad.com>
Message-ID: <v03007803ae2939e89b1f@[17.219.102.152]>


Does the English Only bill conflict with the UN Declaration of
Human Rights (Article 2):

Everyone is entitled to all the rights and freedoms set forth in this
Declaration, without distinction of any kind, such as race, colour, sex,
language, religion, political or other opinion, national or social origin,
property, birth or other status.

Note: "freedom of language"

For that matter, does the escrowed crypto legislation conflict with
Article 12:

No one shall be subjected to arbitrary interference with his privacy,
family, home or correspondence, nor to attacks upon his honour and
reputation. Everyone has the right to the protection of the law against
such interference or attacks.

My understanding is that the United States is (finally) a signatory
to the Declaration.

Martin Minow
minow at apple.com







From sandfort at crl.com  Sat Aug  3 12:36:53 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sun, 4 Aug 1996 03:36:53 +0800
Subject: Tolerance (fwd)
In-Reply-To: <199608030750.CAA11930@einstein>
Message-ID: <Pine.SUN.3.91.960803092648.29021A-100000@crl10.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Sat, 3 Aug 1996, Jim Choate's dog wrote:

> Because none of these issues have ever been tested in a court
> of law...

Wrong.  Most, if not all of them have.

> ...any comments I or any other person makes (even if a lawyer)
> is simply personal opinion.

In other words, Jim thinks his legal opinion is just as good as
anyone else's.  A nice eqalitarian sentiment, but obviously
unfounded.  There is such a thing as an educated opinion, as
there are also pig ignorant opinions.

> > A.  Where does Jim get the terms of the contract he implies from
> >     the simple word "public"?...

> Public - 
> 
> of or pertaining to the people; not private...yada yada yada.

Jim thinks a dictionary definition of "private" are terms of a
contract.  Interesting.

> I first learned about the cpunks list in Mondo 2000 several
> years ago not long after I got PGP 1.0...

But, Jude was not and is not an owner of the Cypherpunks list.
Whatever she wrote (and I don't have that issue before me) in
no way binds the owner even if there were some validity to Jim's
fanciful claims about the legal requirements on "public" lists.

> I also think a court would accept that argument.

That and US$1.25 will get you coffee at the Top of the Mark.

> > B.  I'm unaware that the Cypherpunks list has ever been advertised
> >     as "public" by the list owner.  (emphasis added)
>                   ^^^^^^^^^^^^^^^^^ 
> It has appeared in many publications which are intended for
> general or 'public' distribution in every one of those
> publications it was made clear that anyone was welcome and the
> subscription address was provided.

Jim apparently thinks a person can be bound by the opinions 
expressed in a "public" forum by a third party.  Okay, in this
public forum I publically state that people (such as Jim) who 
post really dumb, psuedo-legalistic posts have to pay each list
member a buck for spamming.

> The list operators ignorance of the consequences of their
> actions...

What actions?

> in no way alleviates them of the consequences of those actions.

Mock legalese in no way alleviates Jim from the consequences
of making uneducated legal pronouncements in front of God and
everybody.

> It isn't my interpretation.

Whose interpretation is it then.  Is Jim disavowing his own
pronouncement?

> ... These issues have never been tested in a court of law in
> the US in regards to computer networks and their special
> nature.

Maybe because the issues of "public" (which Jim tells us, below,
is" a public place is someplace which is operated using public 
monies") lists do not require resorting to any "special nature" 
of computer networks and can simply be addressed by pre-existing 
legal princples covering run-of-the-mill membership organizations.

> > > > A restaurant or bookstore is a public place in that it is open
> > > > to the public.
> > > 
> > > I know of no state in the union where a bookstore, restaurant,
> > > mall, etc. is considered public.
> > 
> > Actually, it's the law in ALL states in the union since the Public 
> > Accomidations Act was enacted...

> Not in Texas. We recently passed a law (Jan. 8) which permits citizens legaly
> registered to carry concealed weapons. Because the way the law was worded it
> was made clear in many newspapers and such that the ONLY way that business
> could prohibit patrons from entering their premises with those weapons was
> because they were PRIVATE property and therefore excluded from the
> constraints of the law.

Jim does not seem to understand that the Public Accomidation Act 
is applied PRIMARILY to private property.  It is his loony-toon
sea-lawyer concepts of "public," as in public list, that are the
cause of his total misunderstanding of the legal issues here.

> [Interesting but irrelevant gun law lore elided]
> 
> Now there is one caveat that most of you will have caught. That
> is the definitions of public above. In short, we have a circular
> argument as the law is worded now. 

Duh.

> > > Legaly a public place is someplace which is operated using
> > > public monies.
> > 
> > Like the Cypherpunks list?  Citation, please.
> 
> The Cpunks list isn't a place. It is a steam of characters.

First, where is Jim's citation with regard to the definition of
a public place?  I'd like to see him support just one of his
outrages legal claims with at least a scintilla of evidence.

Second, what legal evidence does Jim have that the sender of a
stream of characters (i.e., the provider of a service--free in
this case) is under any obligation to continue to provide a forum
for people he no longer wishes to provide said forum?  

This is the crux of the issue.  Jim can get into all the side
issues he wants about gun laws and whether his dog should vote.
The question before us is, may those who run the Cypherpunks list
have the right arbitrarily throw someone off the list, even though
it be advertised as "public"?  Clearly people have been thrown off
such public lists (including, I believe, Cypherpunks).  Nothing
happened.  If Jim believes the outcome should have been otherwise,
he has the burden of proof of explaining why.  He may, of course,
again offer his odd legal opinions, uncontaminated by actual
legal knowledge, but actual recourse to the law would be a lot
more convincing.

Of course, if Jim actually comes up with something better than
his opinions, I'll be ready to address such arguments.

> ...My lawyers both got theirs at UT Austin Law School. Both are
> federal lawyers and both have argued before the Supreme and are
> currently allowed to argue before the Supremes.

Cool.  Please have them post something on this thread.  I'd love
to see their analysis of "public" list liability.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From sandfort at crl.com  Sat Aug  3 13:07:06 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sun, 4 Aug 1996 04:07:06 +0800
Subject: A Libertine Question (fwd)
In-Reply-To: <199608031145.GAA12155@einstein>
Message-ID: <Pine.SUN.3.91.960803104000.29021C-100000@crl10.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Sat, 3 Aug 1996, Jim Choate's dog wrote:

> > ...Prices rise over time because of inflation of the money 
> > supply...

> Then why didn't the costs rise at the same rate as the general
> inflation rate instead of tens of times faster?

Simple.  In a market economy, with or without inflation, relative
prices are constantly changing in response to changes in supply 
and demand, and as capital is moved among investments to maximize
return.  In an inflationary environment the result is that while
all (or at least most) prices are rising, some will rise faster
than others in the short term.  Q.E.D.

> If the cost of airline tickets matched the rise in milk then my
> gallon of milk would cost over $10 instead of the $2...
> [Jim supported his /post hoc/ argument by saying it applied to
> a lot of things, i.e., he did not address the issue, but in
> essence said /post hoc/ does not apply when there's a whole
> bunch of it.]
>
> ...It is clear that with a increase of x5 in this area and
> something like < x2 in the commodities area that something is
> at play here other than pure inflation.

Only to someone who does not understand economics.  A counter
example is the unregulated computer industry.  Prices rise very
little, if at all, and even undergo price deflation at times. 

> A straw man is where I take one situation and compare it to
> another.

Sorry, this is incorrect.  (We call that an analogy.)  The 
definition of "straw man" I used came directly from the 
dictionary.  Now you may have a "personal" definition, but I
doubt it's widely shared.  (Ref., my Lewis Carrol quote in my
exchange with the pomey.)

If there are no other questions, class is dismissed.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From drosoff at ARC.unm.EDU  Sat Aug  3 13:22:29 1996
From: drosoff at ARC.unm.EDU (David Rosoff)
Date: Sun, 4 Aug 1996 04:22:29 +0800
Subject: fbi, crypto, and defcon
Message-ID: <1.5.4.16.19960803183603.3b57cd10@arc.unm.edu>


-----BEGIN PGP SIGNED MESSAGE-----

At 09.02 PM 8/2/96 -0700, Alan Olsen wrote:

>>Can you name another business that has comparable mark-ups?
>
>Verisign? 
>
>InterNic Domain name registration?
>
>Licence plates in Washington state?

All the money they could possibly make is peanuts compared
to the colossal rip-off of compact discs. :)

===============================================================================
David Rosoff (nihongo ga sukoshi dekiru)  --------------->  drosoff at arc.unm.edu
PGP public key 0xD37692F9 -----> finger drosoff at acoma.arc.unm.edu or keyservers
0xD37692F9  Key fingerprint =  25 7D AA 01 85 41 43 89  50 5A 33 76 F1 F1 99 67
Do you know who's reading your email? ---> http://www.arc.unm.edu/~drosoff/pgp/
Is it a forgery? --- I have PGP signed all email and news posts since May 1996.
===============================================================================
"Relax. It's not a real alarm. They can't crack _Pentagon_ codes. Can they?" :p

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgOXvxguzHDTdpL5AQGzyQP/cDvyqIPmlU1Gg6BE+4u4GQb/RNe6LPa8
AR8fqae+dnEMsqRBF5ChEXNwNDxXCMzxVF0xXhVytlLUonlPpKCTL5E3YZ7nrj5/
SkO0/QpnyqTH1wzb6dV9RBcSxF0+V6EWX1rbHEqfXna52qWOCjDsaH3Wno5FZGJF
O60tNSmcVcE=
=8vn1
-----END PGP SIGNATURE-----






From aba at dcs.ex.ac.uk  Sat Aug  3 13:24:57 1996
From: aba at dcs.ex.ac.uk (Adam Back)
Date: Sun, 4 Aug 1996 04:24:57 +0800
Subject: Let's Say "No!" to Single, World Versions of Software
In-Reply-To: <199607302110.OAA05638@netcom8.netcom.com>
Message-ID: <199608030749.IAA00194@server.test.net>



Bill Frantz <frantz at netcom.com> writes:
> [...]  many of them are taking public positions on the ProCODE
> bill. Another of the things they are doing is deploying strong
> crypto domestically.
>
> Here is a start at a list of such companies:
> 
> Community ConneXion - Too much to mention, Thanks Sameer
> IBM - The Anarchistic Key Authorization system (from U of Texas), 
>    see 6th Usenix Security Symposium proceedings
> Netscape - SSL
> PGP Inc - 'nuff said
> Sun Microsystems - SKIP implementation, PGP v3 implementation

Sun PGP v3?  Whats the story behind this item?  Are sun sponsoring PGP
v3 development?

Adam
--
#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)





From shamrock at netcom.com  Sat Aug  3 13:25:53 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sun, 4 Aug 1996 04:25:53 +0800
Subject: More evidence that democracy is bunk
Message-ID: <v02120d1fae294b043d69@[192.0.2.1]>


At 10:02 8/3/96, Martin Minow wrote:

>At last month's SAFE (crypto policy) conference, one of the
>legislators mentioned that someone snuck the text of the
>Fourth Amendment into the crime bill, and it was voted down
>in committee.
>
>(It would be nice to dig this out of a transcript, so it doesn't
>become an urban legand.)

I remember when this originally happened. It was on the news. But I thought
it happened in the full House. Should be in the Congressional Record.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From shamrock at netcom.com  Sat Aug  3 13:28:49 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sun, 4 Aug 1996 04:28:49 +0800
Subject: "And who shall guard the guardians?"
Message-ID: <v02120d20ae294d6dce36@[192.0.2.1]>


At 10:20 8/3/96, Martin Minow wrote:

>My understanding is that the United States is (finally) a signatory
>to the Declaration.

That doesn't matter. Violations would have to be tried by the World Court
in Den Haag. The US does not recognize decisions made there (unless it
suits their purpose).



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From markm at voicenet.com  Sat Aug  3 13:33:47 1996
From: markm at voicenet.com (Mark M.)
Date: Sun, 4 Aug 1996 04:33:47 +0800
Subject: Liberating Clipper Stuff from Mykotronx Dumpsters
In-Reply-To: <ae28445005021004823e@[205.199.118.202]>
Message-ID: <Pine.LNX.3.95.960803142858.207D-100000@gak>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 2 Aug 1996, Timothy C. May wrote:

> He scanned or typed this stuff he found into a text file and sent it to one
> of the earliest members of the Cypherpunks list, asking for it to be passed
> on to someone who could do something with it. A few hours later, via
> anonymous remailer posting, it went out to the several hundred subscribers
> to the Cypherpunks list at that time. (It's somewhere in the archives, such
> as they are. This would be around late April, 1993, possibly May-June.)

These files can also be found at ftp.funet.fi/mirrors/dsi/cypherpunks/clipper/
mykotronx*, as the archives are still down.

- -- Mark

PGP encrypted mail prefered
Key fingerprint = d61734f2800486ae6f79bfeb70f95348
http://www.voicenet.com/~markm/  


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQCVAwUBMgObhbZc+sv5siulAQEAiAQAoFJQ0vREu1gORRFIoTGvD7paTNppiIg5
OW5yL88NBUBAhR9Y6kpD53EPU1pCkkv1nVqYXIrvS5PdfIC7lCfsXRs/GG7NkZUf
BgBKzNFEHVRo4nIQA5HtSDfPL5AcH6cA5XIZiReo8VMPOmV/xQR7b2IPRxohlJCH
8ALe1MsysSs=
=LBhD
-----END PGP SIGNATURE-----





From alano at teleport.com  Sat Aug  3 13:37:10 1996
From: alano at teleport.com (Alan Olsen)
Date: Sun, 4 Aug 1996 04:37:10 +0800
Subject: A Libertine Question (fwd)
Message-ID: <2.2.32.19960803184244.00e284e4@mail.teleport.com>


At 12:18 AM 8/3/96 -0700, Cerridwyn Llewyellyn wrote:

>>>      As long as you are enforcing it on everyone, I don't think you'd
have a 
>>> problem, but to force some one from cooking food for homeless people, and 
>>> allow a family barbeque, is IMO wrong.
>>
>>Not at all. Businesses have no rights, individuals do. Businesses have a
><snip>
>>Blueberries they bought at the local HEB). Individuals have a right to
>>privacy, that includes cooking themselves food without harrassment. Business
>>on the other hand are selling products of potentialy questionable quality. A
>
>I disagree with your sentiments about Business and rights, however, in this
>instance, even that wasn't the issue. Food Not Bombs is NOT a business, it's
>a not-for-profit organization that gives out (not sells) food.  They are the
>same as, I think Tim May pointed out, a Boy Scout picnic, except for the 
>homless, not the boy scouts.

They are also Anarchists.  (They are referenced on various Anarchist web
pages, among other places.)

My personal belief is that they are being prosecuted because they bill
themselves as Anarchists and not for what they are doing.  If this has been
"Society Wives Against Hunger", there would have been no problems at all.
(And probibly commendations from the local paper and civic leaders.)

Locally, people who have billed themselves as Anarchists have been monitored
by the police, harased, and arrested.  (Remember: you only deserve the
protection of the state if you do not oppose the state.)

It seems that this country is quite willing to harrass fringe political
groups when the "powers that be" feel they can get away with it.  (Which is
quite often.)
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From anonymous-remailer at shell.portal.com  Sat Aug  3 14:38:06 1996
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 4 Aug 1996 05:38:06 +0800
Subject: The Hazards of Reading Naughty Newsgroups at Work
Message-ID: <199608031945.MAA22460@jobe.shell.portal.com>


The following interesting article appeared on page 6 of the
August 3, 1996 Seattle Times.

  County Accuses Four of Using the Internet to Access Child Porn
  --------------------------------------------------------------

By Ronald K. Fitten
Seattle Times Staff Reporter

Four men, including two former Microsoft employees, have been charged
with allegedly using computers to access child pornography on the
Internet, said King County Prosecutor Norm Maleng.

"Traditional law-enforcement efforts against child pornography have
focused on magazines, movies, and tangible materials," Maleng said
yesterday.  "But law enforcement faces new challenges with the
emergence of new technology.  The Internet, with its millions of
international web sites, has become the new underground highway for
illegal child pornography."

The two former Microsoft engineers, Michael Seaman, 37, of Kirkland,
and Ronald Rosul Jr., 31, of Seattle, allegedly used Microsoft
computers to access and copy child pornography from the Internet,
according to prosecutors.

Microsoft said both were fired after Microsoft discovered the alleged
crimes in October 1995.

Seaman is charged with possession of child pornography.  He allegedly
used his Microsoft computer to collect more than 2,500 files of
photographs of young children in sexual poses or being sexually
abused.

Rosul is also charged with possession of child pornography.  He
allegedly used Microsoft equipment to manufacture a CD-ROM disk
containing child pornography.

Both Seaman and Rosul will be arraigned next week in King County
Superior Court.  If convicted, both could receive up to one year in
jail.

Maleng, who said police and prosecutors worked cooperatively with
Microsoft throughout the investigation, said law-enforcement officers
had confiscated computer hard drives, CD-ROMs, and printed materials
as evidence.

Microsoft spokesman Mark Murray said the company found out about the
activities of its two former employees last year and alerted police.

"We provided the police with the computers to pull up the evidence,"
Murray said.

In an unrelated case, William D. Powell, 52, or Renton, and Dwight
Hunter, 48, of Bellevue, are charged with possession of and dealing in
child pornography.

Powell, an unemployed engineer, is accused of using his home computer
to exchange child pornography with Hunter.

If convicted of both offenses, Powell, who has a warrant out for his
arrest after failing to appear at his arraignment three weeks ago,
could be sentenced to between 21 and 27 months in prison.

Hunter, an unemployed salesman, is accused of using his home computer
to exchange child pornography with Powell and of having photographs in
his computer disks of children engaged in several types of sexual
activities with adults, other children, and a dog.

Hunter will be arraigned next week.  If convicted, he could receive
almost three years in prison.








From tcmay at got.net  Sat Aug  3 14:38:09 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 4 Aug 1996 05:38:09 +0800
Subject: Let's Say "No!" to Single, World Versions of Software
Message-ID: <ae28fe2d00021004abfc@[205.199.118.202]>


At 7:49 AM 8/3/96, Adam Back wrote:
>Bill Frantz <frantz at netcom.com> writes:

>> Sun Microsystems - SKIP implementation, PGP v3 implementation
>
>Sun PGP v3?  Whats the story behind this item?  Are sun sponsoring PGP
>v3 development?

Derek Atkins is being paid by Sun for his work on v3, last I heard.

--Tim

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From pjn at nworks.com  Sat Aug  3 15:39:06 1996
From: pjn at nworks.com (pjn at nworks.com)
Date: Sun, 4 Aug 1996 06:39:06 +0800
Subject: Who the hell is ....
Message-ID: <TCPSMTP.16.8.3.-16.30.12.2645935021.659124@.nworks.com>


 In> OK, I'v been on the list a bit now. I see a lot of the same
 In> people posting to it, 
 In> My question is " Who the Hell is Sternlight" At first I thought
 In> it was a pen name ( the light on the end of a boat ?? )

 Close... If you shone a light throught one ear, it would come out
 the other...


 P.J.
 pjn at nworks.com



... We are Hippies of Borg.  Make love.  War is irrelevant.

___ Blue Wave/QWK v2.20 [NR]







From hallam at ai.mit.edu  Sat Aug  3 16:57:53 1996
From: hallam at ai.mit.edu (Hallam-Baker)
Date: Sun, 4 Aug 1996 07:57:53 +0800
Subject: Jewell is the Militia Bomber!!!!
In-Reply-To: <4tqcv0$2b1@life.ai.mit.edu>
Message-ID: <3203CC50.167E@ai.mit.edu>


Hey folks, relax eh?

Its generally best when the police don't release every bit of
information on their investigations as they progress. Far from
criticising the police for having investigated Jewell on no or little
evidence you should criticise them for telling us about the evidence
they do have.

Although prosecuting a security guard in order to rob the terrorists of
publicity is a cute trick I don't think the US authorities are that
smart. In the past USGov has been less than sparkling in its ability to
keep a lid on secrets like that.


		Phill





From rah at shipwright.com  Sat Aug  3 17:47:25 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Sun, 4 Aug 1996 08:47:25 +0800
Subject: SOUP KITCHENS
In-Reply-To: <ae27b98904021004e701@[205.199.118.202]>
Message-ID: <v0300780cae297f34aa6d@[206.119.69.46]>


At 5:10 PM -0400 8/2/96, Timothy C. May wrote:
> (Examples abound in other areas, too, such as where large chip companies
> like Intel actually relish the vast amounts of paperwork they are required
> to fill out, becuase this overhead and legal burden can be handled by their
> buildings full of paper pushers, but helps to keep small companies from
> entering the market.

Milton Freedman observed this in "Free to Choose". He said something to the
effect that regulation only *helps* the existing players in any given
market by increasing barriers to entry, especially for smaller firms.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From wombat at mcfeely.bsfs.org  Sat Aug  3 17:57:19 1996
From: wombat at mcfeely.bsfs.org (Rabid Wombat)
Date: Sun, 4 Aug 1996 08:57:19 +0800
Subject: Corporate e-mail policy
In-Reply-To: <199608022351.SAA14955@manifold.algebra.com>
Message-ID: <Pine.BSF.3.91.960803230601.6988E-100000@mcfeely.bsfs.org>



On Fri, 2 Aug 1996 ichudov at algebra.com wrote:

> George Kuzmowycz wrote:
> >   In an ideal world, the rest of the group would agree with me and say
> > "Yup, we have no business reading e-mail." Since that's not likely,
> > I'm looking for examples of "privacy-friendly" corporate policies
> > that I can put on the table in our meetings, and end up with a
> > minority report.  
> > 
> 
> Maybe it is only me, but I recommend "privacy-fascist" policy. This way
> employees will at least know to keep their own business out of computers
> that will be monitored by the company anyways.
> 

I think you need to take the "fascist" approach, at least officially. I 
would hope that, unofficially, you don't monitor, eavesdrop, etc., unless 
a problem requires you to. (such as receiving email from another site 
that attacks have been detected, originating from your systems, etc.)

If you don't take the "fascist" approach, you are granting employees a
"reasonable expectation of privacy", which you cannot, in truth, provide 
(without spending a lot of additional money). Once you've put your 
company in this position, you've now set them up for an employee to have 
their "privacy" violated, so you've increased the company's risk. The 
benefits of running a "privacy friendly" corporate system just don't 
outweigh the costs and risks.

If somebody wants to read alt.sex.whatever-floats-their-boat, I really
don't care, but I don't want to be in the position of ensuring their
privacy while doing so on corporate equipment; they can get their own 'net
account and play at home. 

I prefer to put out an official "fascist sysadmin's system use policy", 
and then leave users to themselves, as long as I don't get any complaints 
of illegal activity that could land my company in hot water. What you 
publish as a use policy, and what you actively enforce do not have to be 
the same.

Just my $.02.





From TrustBuckFella at nowhere.com  Sat Aug  3 18:51:45 1996
From: TrustBuckFella at nowhere.com (TrustBuckFella)
Date: Sun, 4 Aug 1996 09:51:45 +0800
Subject: TrustBucks
Message-ID: <htrb56rmj9@nowhere.com>


-----BEGIN PGP SIGNED MESSAGE-----
 
tcmay at got.net (Timothy C. May):
> You want to elaborate on this contention?
>
> If Alice transfers Digicash-type money to Bob, this is because Alice either
> bought the DC-money someplace, or already had it, or otherwise arranged
> with a bank to make the transaction. Maybe the bank "loaned" her money she
 
Mistaken terminology, mea culpa. The scheme I was thinking of is
actually called Private Currency. Someone mistakenly labelled the
writeup Digicash and I cut and pasted without thinking. I do know the
difference when my brain is on.
 
s/Digicash/Private Currency. Apologies to Digicash.
 
I'll explain Private Currency and why it's good and bad. In Private
Currency you don't "buy the [money] someplace". You mint it when paying.
Alice and Bob check each other's public debt and if neither is scared
off by the other's high debt, they mint a debt for Alice and money for
Bob. They publish a record of the transaction, which is how they knew
each other's public debt in the first step. So in theory the amount of
currency in existance is exactly 0. In practice I wouldn't trust anyone
for a debt that I didn't trust directly for that amount. I believe the
scheme would stall.
 
I conceived TrustBucks as an alternative that would retain the
decentralization but work.
 
> No protocols. No anonymity. No protection against double-spending.
>
> Looks promising. Keep us informed.
 
Fine. I doubt my mechanisms will be optimal but here you go.
 
Restraint on double-spending: Each participant publishes a list of the
    ID and value all outstanding TrustBucks of their own variety. Value
    of the notes can be obscured so it can only be verified by someone
    who has seen the note itself.
 
    What if some participant doesn't publish a complete list? Well, who
    are they robbing? People who directly trusted them for that amount
    and now won't ever again.
 
Anonymity: Each participant identifies their currency by a randomly
    chosen ID-number instead of name and publishes their ID/value under
    that number.
 
    However, it's pretty pointless, since the chain of trust has a hard
    time extending beyond people who directly know each other anyways.
 
 
A better objection would have been that it's hard to identify a chain of
mutually trusting links between two strangers who want to make a
transaction.
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
 
iQCVAwUBMgPoDJi7GCxryNrZAQHeEgQAmHsJithWMhmRv4y3IjnCBFKAgmZLCQ+i
NVYGDBVJ19iwAOTTwqHgcYMGEYdKBLUaBMRAczJDfGRbsB6WbFLKyiESHT8gpV7R
6CVesb7XpRaVDBylgTvoE/NNXfNrLrTfWOeVWtivMSVkDRKJC6BbONR1J5juhQjv
A9s1wa/uwSw=
=hsSY
-----END PGP SIGNATURE-----





From jimbell at pacifier.com  Sat Aug  3 18:51:50 1996
From: jimbell at pacifier.com (jim bell)
Date: Sun, 4 Aug 1996 09:51:50 +0800
Subject: Digital Telephony costs $2
Message-ID: <199608040010.RAA21627@mail.pacifier.com>


At 02:52 AM 8/3/96 -0800, Chris Adams wrote:
>On 3 Aug 96 01:16:48 -0800, jimbell at pacifier.com wrote:
>
>> I propose that the better way of implementing it, rather than going through 
>>a sound card, is for modem manufacturers to built an  new modem with an 
>>extra telephone connection (perhaps the same physical connector that's 
>>currently used for the telephone handset) which goes to an ordinary 
>>telephone and does the audio A/D and D/A conversion, as well as the data 
>>compression/data expansion function that will be necessary.  The latter 
>>function would be done by an extra DSP on this modem/Internet telephone 
card. 
>
>If you were so inclined, you could implement the whole thing for MWave
>modems.  They are fast enough to handle 28.8k and sound card functions at
>the same time off of a single DSP. 

That seems a bit difficult to believe.  I get the impression that 
implementing a 28.8Kbps+ modem pretty much uses up the capability of a 
near-state-of-the-art DSP chip.  Further, recently an item appeared on CP 
concerning a new voice-compression standard that was claimed to put 
good-quality voice into a 2400 bps stream.   Each function, coding and 
decoding, was claimed to occupy about (don't recall the exact figures) a 
little over half the capability of a TI 32025 DSP chip, which admittedly is 
an older unit.  Assuming full-duplex is desired (and that's the purpose of 
this exercise) you'd need the full resources of something with greater 
'ooomph' than a 32025 just for the coding/decoding.

Sure,  it may not be necessary to compress voice audio all the way down to 
2400 bps, since the current modem standards allow 28.8kbps and beyond, but I 
suggest that decreasing net traffic by a factor of 12 (28.8k to 2.4k) is a 
desirable goal.  Remember, in the long term "everybody" will be using 
Internet telephone. (And no doubt you've noticed that high-volume hardware 
gets cheap, really fast.  Putting in a second DSP for compression/encryption 
won't increase the costs all that much.)  Leaving the encryption in hardware 
would improve exportability, at least from a legal/ITAR standpoint. 


 While eventually full-fiber-capacity Internet will be able to increase the 
capacity to "unlimited" levels, in the meantime the capacity is limited (by 
switches if nothing else) and going the extra mile to limit Internet 
telephone's impact on the national net would be better.


>With the right drivers you could use
>the telephone/speaker/mic jacks that are on most of the integrated cards.
>  Also, they have a standard realtime OS with most of the functions being
>portable across cards as well, so you'd have to do very little work to
>support other Mwave cards.

The reason I think a system I've described has a future is that modem 
manufacturers have a PROBLEM.  Their problem is that they've pretty much run 
out of room to improve the bit-pushing through a 3 KHz bandwidth.  Sure, 
they can focus their attention on cable modems or ISDN units or other toys, 
but the market for such beasts won't develop for a few years.  They'll 
pretty much be stuck doing an occasional upgrade, or selling into new 
computers, but that will slow down.  What they'd like to have is a new 
function that "everybody" wants to have, and allowing people to bypass LD 
telephone charges is a powerful motivating factor to get people to upgrade 
their modems.



Jim Bell
jimbell at pacifier.com





From alano at teleport.com  Sat Aug  3 19:04:17 1996
From: alano at teleport.com (Alan Olsen)
Date: Sun, 4 Aug 1996 10:04:17 +0800
Subject: Liberating Clipper Stuff from Mykotronx Dumpsters
Message-ID: <2.2.32.19960804002934.00f11750@mail.teleport.com>


At 02:33 PM 8/3/96 -0400, Mark M. wrote:

>
>These files can also be found at ftp.funet.fi/mirrors/dsi/cypherpunks/clipper/
>mykotronx*, as the archives are still down.

Actually the path is:

ftp://ftp.funet.fi/mirrors/ftp.dsi.unimi.it/cypherpunks/clipper/

---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From edgar at garg.campbell.ca.us  Sat Aug  3 19:34:22 1996
From: edgar at garg.campbell.ca.us (Edgar Swank)
Date: Sun, 4 Aug 1996 10:34:22 +0800
Subject: SecureDrive News
Message-ID: <3203ee7d.1399699@news.earthlink.net>


-----BEGIN PGP SIGNED MESSAGE-----

SecureDrive Users:

It's been brought to my attention that the detached signatures
for two executable files in SECDR14B.ZIP don't verify.

   COPYSECT.EXE
   FPART.EXE

These were supposed to be identical to the 1.4/1.4a files, so the
same signatures were used. It seems the files were inadvertantly
re-compiled with a different version compiler, hence the mismatch.
Anyone concerned, can use the files from SECDR14A.ZIP, which are
still available, and should match the signatures.

It's also been said by a couple of correspondents that the listing
of CRC values from PKZIP could be easily counterfeited. Accordingly,
here is a list of MD5 digest values for SECDR14B.ZIP and all contained
files.

  CHK-SAFE.EXE Ver 2.51 by Bill Lambdin Don Peters and Robert Bullock.
  MD5 Message Digest Algorithm by RSA Data Security, Inc.

    File name     Size     Date    Time        MD5 Hash
  ________________________________________________________________________
  SECDR14B.ZIP   132389  07-21-96  05:23  8de408deac3499a458764a50f691eca0
  SECDRV.DOC      54081  07-20-96  19:45  9807d8301ec46f4d3903fbd5fe5ac438
  LOGIN.EXE       43718  07-20-96  20:12  b0ab456fb143c37855000bd0a9650482
  CRYPTDSK.EXE    42564  07-20-96  20:12  025f07b300e398792c5ce2d309881cd0
  SECTSR.ASM      32595  08-06-95  00:00  4d0ee685a96ef26e574809dcf4b0b96e
  CRYPTDSK.C      20623  07-20-96  19:34  0a8d238492fd0b37090a7b7f527903e8
  CRYPT2.ASM      19664  11-19-93  21:42  d774eca62b4ba6552e1cda74f2b4f05d
  LOGIN.C         18598  07-20-96  19:41  c2850e1427e2eb7126df83b720b57ce5
  COPYING         18321  06-14-93  22:27  ad4652e2dcfd4a0ecf91a2c01a7defd5
  FPART.EXE       15466  07-20-96  20:12  bac8c6e72f99983e132fec7cf6ca9b48
  SDCOMMON.C      14998  06-12-96  18:06  18ec797c194c4c34b81c5185c861065a
  SETENV.ASM      13011  07-20-96  19:48  9b52beb40986d9df4bcce09bbf5d80e5
  COPYSECT.EXE    12606  07-20-96  20:12  dbe7ae98b6d187d9904ddff72515c72a
  MD5.C           11557  05-09-93  19:38  951169a660ad48449ab6c0cbe20f3d3b
  KEY.ASC          5278  11-14-95  20:52  3a9040d3863aaffd030b570173e38b5d
  FPART.C          4353  08-06-95  00:00  963aaaf429a6de80133aa0856ac8c424
  SECDRV.H         3656  08-06-95  00:00  2e29ce5abbd5085503aee10a2adda26b
  MD5.H            3407  05-11-93  12:49  3b254fd2c035f3081ca2ec96ea120f9a
  COPYSECT.C       2022  08-06-95  00:00  91f9b9da8addd893cf71e3fc6f8e7bf7
  SECTSR.COM       2000  07-20-96  20:12  7ab3ea1e58673bb81158ac20e663836d
  MAKEFILE         1554  08-06-95  00:00  6e58f4269326251b342d5d7971ddac54
  RLDBIOS.ASM      1355  01-21-94  08:44  dbfe21f1440f2021ce04738b95a5e3ec
  USUALS.H         1254  05-09-93  19:39  270fa89c0ff884ee10d1a02a1ff9040d
  FILE_ID.DIZ       278  12-06-95  20:33  343cf830a0975aaaef88327625c97396
  COPYSECT.SIG      152  08-06-95  00:00  7a208bb9c283ca3574578edb4215457d
  CRYPTDSK.SIG      152  06-01-96  01:10  d4eba61786e984d2b3e7576c5629abb8
  FPART.SIG         152  08-06-95  00:00  82462ce35887ebdc57fb603521e34263
  LOGIN.SIG         152  06-01-96  01:09  7fc1f6d8a3292c50b6b790603cf3fa2c
  SECTSR.SIG        152  08-06-95  00:00  a4cebfb7b0e69a0b678ed3382aeff9a2

The CHK-SAFE program can be obtained at

  ftp://ftp.simtel.net/pub/simtelnet/msdos/fileutil/cs-251.zip

Regards,

Edgar W. Swank   <edgar at Garg.Campbell.CA.US>
Edgar W. Swank   <Edgar_W._Swank at ilanet.org>
Home Page: http://members.tripod.com/~EdgarS/index.html
Author of SecureDrive Version 1.4b

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgPttN4nNf3ah8DHAQGCUAP/QMI92acYiyV4v739rvIDM/MVe08+6D+D
ZGGZ0dKgSxHLBV9iO+u754R+A3aUGXUM8PFHjGLRFjytFs+dLWo8w5XMqnOYZasJ
26hTSWzgzubNzV2jrnOlcHi4mw5+v5kOjnFycORXaJ/1pNjB2LIB+98DwujPdYDt
M+tD0ojh8vc=
=KkGX
-----END PGP SIGNATURE-----

Edgar W. Swank   <edgar at Garg.Campbell.CA.US>
Edgar W. Swank   <Edgar_W._Swank at ilanet.org>
Home Page: http://members.tripod.com/~EdgarS/index.html





From WlkngOwl at unix.asb.com  Sat Aug  3 22:31:54 1996
From: WlkngOwl at unix.asb.com (Deranged Mutant)
Date: Sun, 4 Aug 1996 13:31:54 +0800
Subject: Crypto added to anti-terror bill in US at last minute?!?!!
Message-ID: <199608040346.XAA24376@unix.asb.com>


>From ACLU's site: http://www.aclu.org/issues/cyber/terror.html 

     The latest understanding from ACLU's legislative representatives is
     that the
     "Anti Terrorism" bill that is expected to be acted on today and
     tomorrow will include government controls on encryption -- a
     scheme for key escrow of private keys for encryption. It is also
     likely to include expanded use of wiretapping without a Court
     order. 
---
No-frills sig. Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl at unix.asb.com (root at magneto)
Send a message with the subject "send pgp-key" for a copy of my key.





From jamesd at echeque.com  Sat Aug  3 22:33:10 1996
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 4 Aug 1996 13:33:10 +0800
Subject: Pipe bombs vs high explosives.
Message-ID: <199608040337.UAA17682@dns1.noc.best.net>


Does anyone have any experimental information comparing an 
untamped high explosive with a pipe bomb?

A pipe bomb is a device for getting a decent explosion
out of a low explosive, such as gunpowder.

A low explosive combusts relatively slowly.  The purpose
of the pipe is to hold it together for long enough to get
decent pressure.

Homemade low explosives tend to be even more feeble 
than manufactured low explosives, because it is inadvisable
for amateurs to recorn their powder, with the result that
home made powders burn slow, whereas homemade high
explosives are just as effective as manufactured high 
explosives.

My theoretical expectation is that pipe bombs would be 
very ineffectual when compared to high explosives, 
especially using home made powders.

Note that very large pipe bombs can be made by using 
propane cylinders or compressed gas cylinders in 
place of pipes.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jamesd at echeque.com  Sat Aug  3 22:34:07 1996
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 4 Aug 1996 13:34:07 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <199608040337.UAA17692@dns1.noc.best.net>


At 07:48 PM 8/2/96 -0500, Declan McCullagh wrote:
> John Conyers, the ranking
> Democrat on the House Judiciary Committee, blasted Gingrich and the
> Republican leadership for "bringing a meaningless bill to the House
> floor."
>
> Conyers said to reporters at 1 pm: "It's a hoax on the American
> people. It is all bark and no bite... This bill is missing the
> important wiretapping provisions that would allow law enforcement to
> find and stop terrorists before they kill.


I remember the old days when the conservatives were the Law'n Order
guys.

(pulling my long white beard and vigorously shaking my rocking
chair)

These days when somebody dies in police custody, you automatically
know that the caring progressive lovers of the poor and oppressed
are running the city where it happened.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From WlkngOwl at unix.asb.com  Sat Aug  3 22:35:55 1996
From: WlkngOwl at unix.asb.com (Deranged Mutant)
Date: Sun, 4 Aug 1996 13:35:55 +0800
Subject: ITAR
Message-ID: <199608040339.XAA24208@unix.asb.com>


On  2 Aug 96 at 16:50, Dave Koontz wrote:

> How about exporting programs, that when executed generate source code for
> encryption algorithms?

Nope.

There already are such things.  Make a .zip archive and convert it 
into a self-extracting program.

Rob
 
---
No-frills sig. Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl at unix.asb.com (root at magneto)
Send a message with the subject "send pgp-key" for a copy of my key.





From WlkngOwl at unix.asb.com  Sat Aug  3 22:44:35 1996
From: WlkngOwl at unix.asb.com (Deranged Mutant)
Date: Sun, 4 Aug 1996 13:44:35 +0800
Subject: Disregard that last bit of FUD...
Message-ID: <199608040350.XAA24481@unix.asb.com>


Nevermind. I realized the ACLU excerpt I sent out wasn't so up to 
date (or was it...?)

Rob
---
No-frills sig. Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl at unix.asb.com (root at magneto)
Send a message with the subject "send pgp-key" for a copy of my key.





From JonWienk at ix.netcom.com  Sat Aug  3 22:56:23 1996
From: JonWienk at ix.netcom.com (JonWienk at ix.netcom.com)
Date: Sun, 4 Aug 1996 13:56:23 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <199608040412.VAA06740@dfw-ix10.ix.netcom.com>


On Fri, 02 Aug 1996, jim bell <jimbell at pacifier.com> wrote:
>At 07:48 PM 8/2/96 -0500, Declan McCullagh wrote:
>> and black and smokeless powder taggants.
>
>Such materials will be easy to defeat.  Find an indoor shooting range, 
>vacuum up the powder residue that falls  in front of the shooting stalls, 
>and you'll have a concentrated mixture of literally hundreds of types of 
>taggants.  Add to bomb.  Laughing, at this point, is optional.
>
>Jim Bell
>jimbell at pacifier.com

In addition to powder residue, collect all the spent shell casings you can, 
especially ones that are of the same caliber as weapons you own. In addition to 
the possibility of reloading them (and saving a bundle on ammo costs) you can 
sprinkle them around liberally in the aftermath of an encounter (assuming you 
survive) and give the crime scene people a bunch of red herrings to deal with. 
Of course, you should never touch them, (the FBI got DNA samples from stamps the 
Unabomber licked on his mailbombs, so even tiny droplets of sweat can bust you) 
and you should collect the actual brass fired and sandblast it.

Incidentally, one of the interesting traits of a shotgun is that buckshot is not 
subject to the ballistics matching techniques used on rifle and pistol bullets. 
The plastic wads (which prevent the shot from touching the barrel) do not take 
the microscopically detailed impressions from the barrel that copper or lead 
bullets do. The heat from firing always melts the plastic slightly--enough to 
defeat this.  Of course, if you leave the fired shells lying around, the primer 
and ejector marks can bite you...

>     FOR IMMEDIATE RELEASE
>
>     MICRON COMMUNICATIONS, INC., ANNOUNCES AGREEMENT WITH THE FEDERAL
>     AVIATION ADMINISTRATION
>
>     Boise, Idaho, August 2, 1996 - Micron Communications, Inc., today
>     announced a Cooperative Research and Development Agreement (CRDA)
>     with the Federal Aviation Administration (FAA) to develop a model
>     Positive Passenger Baggage Matching (PPBM) system. The objective
>     of this PPBM system is to automatically recognize when baggage has
>     been placed on an aircraft without an associated passenger.

Of course, this means that every time they lose your luggage, you will be 
detained for "suspected terrorist activity", and the plane your luggage was 
wrongly sent to will be evacuated while the bomb squad takes it to a remote area 
and blows it up... (the luggage, not the plane)

Jonathan Wienke

"1935 will go down in history! For the first time a civilized nation has full 
gun registration! Our streets will be safer, our police more efficient, and the 
world will follow our lead in the future!"
--Adolf Hitler

"46.  The U.S. government declares a ban on the possession, sale, 
transportation, and transfer of all non-sporting firearms. ...Consider the 
following statement:  I would fire upon U.S. citizens who refuse or resist 
confiscation of firearms banned by the U.S. government."
--The 29 Palms Combat Arms Survey  
http://www.ksfo560.com/Personalities/Palms.htm

1935 Germany = 1996 U.S.?

Key fingerprint =  30 F9 85 7F D2 75 4B C6  BC 79 87 3D 99 21 50 CB






From grafolog at netcom.com  Sat Aug  3 23:12:54 1996
From: grafolog at netcom.com (jonathon)
Date: Sun, 4 Aug 1996 14:12:54 +0800
Subject: Future US Postal History -- Indicium to Replace Stamps (fwd)
Message-ID: <Pine.SUN.3.95.960804042839.469B-100000@netcom>



	Anybody else think this makes mail snooping a whole
	lot simpler?

---------- Forwarded message ----------
Date: Sat, 3 Aug 1996 11:28:54 -0500
From: "Philatelic.Com Email Service" <post at philatelic.com>
Subject: Future US Postal History -- Indicium to Replace Stamps

To: post at philatelic.com
Subject: Future US Postal History -- Indicium to Replace Stamps
from: dreggen at accessnv.com

Reference:  Federal Computing Week
		Volume 10, No.l 29; July 29, 1996

		Federal Computing Week (FCW) is a publication of
		FCW Government Technology Group
		3110 Fairview Park Drive  --  Suite 1040
		Falls Church, VA   22042-4599
		USA

		Tel:     703 - 876 - 5100
		Fax:    703 - 876 - 5126

		Page 19


USPS
Proposed specifications would improve mail security
	by Colleen O'Hara

The following is quote of one topic paragraph from the article:

"Defining a Postmark

	One specification defines what a postmark, or evidence of postage,
must look like.  USPS has proposed that the new postmark contain
a unique digital signature carried in a 2-D bar code.  A new indicium
substitutes for a postage stamp or postage meter impreint as evidence that
postage was paid.

	Because of the information the indicium will contain, the agency
will be better able to deter amil fraud as well as provide additional services,
such as mail tracking and tracing, according to Roy Gordon, program
manager for the agency's Information Based Indicia Program.

	'USPS' inidtial strategy is to sample [letters] in the mail stream
and scan on a random basis,' Gordon said.  'In the long term, it will
scan 100 percent of the mail to deter fraud.  The key is that it provides
the USPS [with] the ability to provide additional services to carry that
data with mail pieces.' "


	This whole article is probably a must read for anyone who is
following or who is interested in what the postal history of the
future will be like.

		Dale Eggen
		dreggen at accessnv.com

*****************************************************************
People who do not give specific references are cowards
who are trying to have an influence on peoples opinion
by the manipulation of information to suit their own will.
						William Shakespear
*****************************************************************



		
_____________________  PHILATELIC.COM-E-MAIL-SERVICE  ____________________

* To reply in PRIVATE to the sender, you MUST use their email address.
* Selecting REPLY will distribute a PUBLIC message.
* Currently reaching over 300 Dealers and Collectors with your email post!
__________________________________________________________________________

                 _/_/_/                           _/_/_/
                  _/_/_/ http://www.philatelic.com _/_/_/
                   _/_/_/                           _/_/_/






From schryver at radiks.net  Sat Aug  3 23:21:32 1996
From: schryver at radiks.net (Scott Schryvers)
Date: Sun, 4 Aug 1996 14:21:32 +0800
Subject: fbi, crypto, and defcon
Message-ID: <199608040258.VAA06801@sr.radiks.net>


>At 8:50 8/2/96, Paul J. Bell wrote:
>An international phone call costs about 2 cents/min to produce. The average
>rate paid for by the consumer is 62 cents. That's means the carriers mark
>up this particular product by an amazing 3000%.
>
>Can you name another business that has comparable mark-ups?
The Medical Industry.
PGP encrypted mail preferred.  
E-Mail me for my key.
Scott J. Schryvers <schryver at radiks.net>






From alanh at infi.net  Sat Aug  3 23:33:32 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sun, 4 Aug 1996 14:33:32 +0800
Subject: SOUP KITCHENS (fwd)
In-Reply-To: <199608031110.GAA12116@einstein>
Message-ID: <Pine.SV4.3.91.960804005129.3390I-100000@larry.infi.net>


Famine and inadequate nourishment does weaken the stamina and 
survivability of individuals in the Third World, but the main problem is 
non-access to (what we consider to be) simple, basic medical modalities. 
Untold numbers of African babies die of not-very-virulent diseases, 
because they becomes fatally dehydrated. In the West, these babies 
revieve IV fluids which carries them over the critical period. In a 
village that is three days walk to a bus which takes 16 hours to get to a 
clinic that has IV needles and sterile fluids, the baby WILL die.





From alanh at infi.net  Sat Aug  3 23:35:34 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sun, 4 Aug 1996 14:35:34 +0800
Subject: A Libertine Question (fwd)
In-Reply-To: <2.2.32.19960803071838.006b0808@gonzo.wolfenet.com>
Message-ID: <Pine.SV4.3.91.960804003919.3390F-100000@larry.infi.net>


I wouldn't lift a finger to _shut down_ "Food Not Bombs" , but they are 
not the same as a Boyscout Picnic.

A boyscout picnic is a private party. Some people got invited to eat the 
food, any others who do are stealing.

FoodNotBombs just gave away stuff to all comers.





From alanh at infi.net  Sat Aug  3 23:40:47 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sun, 4 Aug 1996 14:40:47 +0800
Subject: A Libertine Question (fwd)
In-Reply-To: <199608031145.GAA12155@einstein>
Message-ID: <Pine.SV4.3.91.960804005911.3390J-100000@larry.infi.net>


> Since the inflation rate on a dollar is flat across the board in our economy
> simple inflation does not account for this rise in prices in a niche market.


   No. The COnsumer Price Index (the Bureau of Labor Statistics also puts
out the Producer Price Index, but that is not as widely reported in the
cartoon-news mass media), _is_ a single number, but only because it is
_defined as_ a measure of central tendency of all the price rises. It is
an artificial number. Each individual price rise, does swing freely. 






From alano at teleport.com  Sat Aug  3 23:49:26 1996
From: alano at teleport.com (Alan Olsen)
Date: Sun, 4 Aug 1996 14:49:26 +0800
Subject: More to be paranoid about...
Message-ID: <2.2.32.19960804051419.00b3eaec@mail.teleport.com>


Take a look at:

     http://www.spiritone.com/cgi-bin/plates

Feed it an Oregon licence plate number and it will feed you back all sorts
of info about the person/victim.

The uses for such things are only limited by an evil imagination...


---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From alanh at infi.net  Sun Aug  4 00:26:20 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sun, 4 Aug 1996 15:26:20 +0800
Subject: A Libertine Question (fwd)
In-Reply-To: <199608030921.EAA12012@einstein>
Message-ID: <Pine.SV4.3.91.960804004443.3390G-100000@larry.infi.net>


> perhaps a simple publicity stunt to get their 15 minutes and not realy
> to help the homeless/foodless?

    How could such a thing be. O mon dieu. I am shocked, I tell you - 
shocked!





From anonymous-remailer at shell.portal.com  Sun Aug  4 00:47:58 1996
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 4 Aug 1996 15:47:58 +0800
Subject: fbi, crypto, and defcon
In-Reply-To: <199608040258.VAA06801@sr.radiks.net>
Message-ID: <199608040606.XAA20028@jobe.shell.portal.com>


> >At 8:50 8/2/96, Paul J. Bell wrote:
> >An international phone call costs about 2 cents/min to produce. The average
> >rate paid for by the consumer is 62 cents. That's means the carriers mark
> >up this particular product by an amazing 3000%.
> >
> >Can you name another business that has comparable mark-ups?
> The Medical Industry.
> PGP encrypted mail preferred.  
> E-Mail me for my key.
> Scott J. Schryvers <schryver at radiks.net>

You guys are confused.  The actual telephone call may cost only 2
cents/min, but the accounting and billing procedures are way more
expensive.  As long as they are doing any kind of usage-based
charging, that actual act of charging will continue to cost
considerably more than the data transmission.

Why do you think sending long-distance IP packets is basically free?

- Tom





From gcg at pb.net  Sun Aug  4 01:37:48 1996
From: gcg at pb.net (Geoffrey C. Grabow)
Date: Sun, 4 Aug 1996 16:37:48 +0800
Subject: WARNING: SecureDrive & PartitionMagic
Message-ID: <2.2.32.19960804064926.006b59d0@mail.pb.net>


It seems rather obvious now, but since I learned the hard way, I figured
that I'd save the rest of you from a painful experience.

I have one HD of 1.2gb.  I created a 50mb partition at the end of the drive
using PM and encrypted it with SD14b.  I ran out of room on the secured
partition and wanted to enlarge it.  I used PM to shrink the primary
partition a little, and to enlarge the secured partition.  When I shrank the
primary, the free space on the drive appeared between the two partitions.
To enlarge the secondary, I moved it to the free space, then enlarged it on
the right.  This was BAD!  PM did its thing, but no matter what I did after
that, I couldn't get the secured partition to a usable state.  I ended up
formatting the secured partition to recover.  

After some playing, it seems that PM tries to "re-align" the data on the 2nd
partition when you move left.  That's where things get screwed up.  I tested
a few combinations, and found that everything works fine if you decrypt the
partition before moving/resizing, then re-encrypt after.

Just some friendly info.  

 
                                                     G.C.G.

 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 | Geoffrey C. Grabow       |      Great people talk about ideas.       |
 | Oyster Bay, New York     |     Average people talk about things.     |
 | gcg at pb.net               |      Small people talk about people.      |
 |----------------------------------------------------------------------|
 |     PGP 2.6.2 public key available at http://www.pb.net/~wizard      | 
 |          and on a plethora of key servers around the world.          |
 |   Fingerprint =  A6 7B 67 D7 E9 96 37 7D  E7 16 BD 5E F4 5A B2 E4    |
 |----------------------------------------------------------------------|
 | That which does not kill us, makes us stranger.   - Trevor Goodchild |
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From dlv at bwalk.dm.com  Sun Aug  4 02:57:55 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Sun, 4 Aug 1996 17:57:55 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <199608040412.VAA06740@dfw-ix10.ix.netcom.com>
Message-ID: <FsF5RD17w165w@bwalk.dm.com>


JonWienk at ix.netcom.com writes:
> Incidentally, one of the interesting traits of a shotgun is that buckshot is
> subject to the ballistics matching techniques used on rifle and pistol bullet
> The plastic wads (which prevent the shot from touching the barrel) do not tak
> the microscopically detailed impressions from the barrel that copper or lead
> bullets do. The heat from firing always melts the plastic slightly--enough to
> defeat this.  Of course, if you leave the fired shells lying around, the prim
> and ejector marks can bite you...

Is there truth to the rumor that poking a file inside the barrel will
alter the marks on future test firings?

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From amehta at giasdl01.vsnl.net.in  Sun Aug  4 05:11:50 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Sun, 4 Aug 1996 20:11:50 +0800
Subject: "And who shall guard the guardians?"
Message-ID: <1.5.4.32.19960804094852.00304850@giasdl01.vsnl.net.in>


At 10:20 03/08/96 -0700, Martin Minow wrote:

>Does the English Only bill conflict with the UN Declaration of
>Human Rights (Article 2):
..
>For that matter, does the escrowed crypto legislation conflict with
>Article 12:
..
>My understanding is that the United States is (finally) a signatory
>to the Declaration.

A couple of points need clarification:

A Declaration isn't, in international law, binding. A covenant
is, provided you haven't just signed it but also ratified it
(i.e. made it a part of national law). So the Universal
Declaration of Human Rights is basically just a statement of good
intentions. Much more important, legally, is the International
Covenant on Civil and Political Rights(ICCPR),
http://www.pluggedin.org/amnesty/rights4.htm
 which the US *ratified* not so long ago.

Says the ICCPR 

Article 17 

1. No one shall be subjected to arbitrary or unlawful
interference with his privacy, family, home or correspondence,
nor to unlawful attacks on his honour and reputation.
2. Everyone has the right to the protection of the law
against such interference or attacks. 

Article 19 

1. Everyone shall have the right to hold opinions without
interference.
2. Everyone shall have the right to freedom of expression;
this right shall include freedom to seek, receive and impart
information and ideas of all kinds, regardless of frontiers,
either orally, in writing or in print, in the form of art, or
through any other media of his choice.
3. The exercise of the rights provided for in paragraph 2
of this article carries with it special duties and
responsibilities. It may therefore be subject to certain
restrictions, but these shall only be such as are provided by law
and are necessary:
(a) For respect of the rights or reputations of others;
(b) For the protection of national security or of public
order (ordre public), or of public health or morals. 
________

Key, in Article 17, is the term "unlawful." With this escape
clause, the US gov has no problems, long as they make appropriate laws.

Article 19 is more interesting, because restrictions must be
shown to be necessary...

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From declan at eff.org  Sun Aug  4 07:49:59 1996
From: declan at eff.org (Declan McCullagh)
Date: Sun, 4 Aug 1996 22:49:59 +0800
Subject: Crypto added to anti-terror bill in US at last minute?!?!!
In-Reply-To: <199608040346.XAA24376@unix.asb.com>
Message-ID: <Pine.SUN.3.91.960804055506.11179A-100000@eff.org>


Congress isn't in session. It would be a genuine trick for them to pass 
any legislation before September.

-Declan


On Sat, 3 Aug 1996, Deranged Mutant wrote:

> >From ACLU's site: http://www.aclu.org/issues/cyber/terror.html 
> 
>      The latest understanding from ACLU's legislative representatives is
>      that the
>      "Anti Terrorism" bill that is expected to be acted on today and
>      tomorrow will include government controls on encryption -- a
>      scheme for key escrow of private keys for encryption. It is also
>      likely to include expanded use of wiretapping without a Court
>      order. 
> ---
> No-frills sig. Befriend my mail filter by sending a message with the subject "send help"
> Key-ID: 5D3F2E99 1996/04/22 wlkngowl at unix.asb.com (root at magneto)
> Send a message with the subject "send pgp-key" for a copy of my key.
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From roger at coelacanth.com  Sun Aug  4 09:27:13 1996
From: roger at coelacanth.com (Roger Williams)
Date: Mon, 5 Aug 1996 00:27:13 +0800
Subject: [Noise] Future US Postal History...
In-Reply-To: <Pine.SUN.3.95.960804042839.469B-100000@netcom>
Message-ID: <rogeru3uj41ly.fsf@sturgeon.coelacanth.com>


>>>>> jonathon  <grafolog at netcom.com> writes:

  > 	'USPS' inidtial strategy is to sample [letters] in the mail stream
  > and scan on a random basis,' Gordon said.  'In the long term, it will
  > scan 100 percent of the mail to deter fraud...

Of course, there's little point in doing this as long as anonymous
post boxes still exist, so...

-- 
Roger Williams                         finger me for my PGP public key
Coelacanth Engineering        consulting & turnkey product development
Middleborough, MA           wireless * DSP-based instrumentation * ATE
tel +1 508 947-8049 * fax +1 508 947-9118 * http://www.coelacanth.com/






From rah at shipwright.com  Sun Aug  4 09:28:44 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Mon, 5 Aug 1996 00:28:44 +0800
Subject: SOUP KITCHENS (fwd)
In-Reply-To: <199608031110.GAA12116@einstein>
Message-ID: <v03007802ae2a59dc5ea5@[206.119.69.46]>


At 12:55 AM -0400 8/4/96, Alan Horowitz wrote:
> Famine and inadequate nourishment does weaken the stamina and
> survivability of individuals in the Third World, but the main problem is
> non-access to (what we consider to be) simple, basic medical modalities.
> Untold numbers of African babies die of not-very-virulent diseases,
> because they becomes fatally dehydrated. In the West, these babies
> revieve IV fluids which carries them over the critical period. In a
> village that is three days walk to a bus which takes 16 hours to get to a
> clinic that has IV needles and sterile fluids, the baby WILL die.

Actually, it's really a question more of information than transportation.
The, heh, solution to diaherrea-induced dehydration -- like the kind you
get from Cholera -- is a very simple mixture of sugar, salt, and water.
This (and, of course, the proper construction of the sanatation facilities
which caused the Cholera to begin with) is just the kind of information
which the internet can carry.

All we need is a few more cycles of Moore's law and a bunch of
microsattelite-based internet routers...

And, of course, the microcurrency system to pay for it all. :-).

It would certainly be cheaper than "Peace" Corps ecotourism...

Cheers,
Bob Hettinga



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From rah at shipwright.com  Sun Aug  4 09:56:50 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Mon, 5 Aug 1996 00:56:50 +0800
Subject: fbi, crypto, and defcon
In-Reply-To: <199608040258.VAA06801@sr.radiks.net>
Message-ID: <v03007805ae2a5c9f04e9@[206.119.69.46]>


At 2:06 AM -0400 8/4/96, anonymous-remailer at shell.portal.com wrote:
> You guys are confused.  The actual telephone call may cost only 2
> cents/min, but the accounting and billing procedures are way more
> expensive.  As long as they are doing any kind of usage-based
> charging, that actual act of charging will continue to cost
> considerably more than the data transmission.

Ah. So, why settle the transactions for digital cash and skip all that
overhead? Yet another application for micromoney.

It seems to me that I've been arguing -- for two years now -- that digital
bearer certificate settlement will prove to be *much* cheaper than
book-entry settlement, and here the answer's been looking at us, straight
in the face, all this time.

Anybody have any ideas how to go about measuring the savings between
accumulating, storing, and processing call-billing data and simply paying
for them  before/during/after the call with digital cash?

I hear this strange rumbling underground. Hey, isn't that "Dad" Joiner?

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From jya at pipeline.com  Sun Aug  4 10:56:37 1996
From: jya at pipeline.com (John Young)
Date: Mon, 5 Aug 1996 01:56:37 +0800
Subject: SAC_ard
Message-ID: <199608041611.QAA03240@pipe1.t1.usa.pipeline.com>


   August ScaAm has longish article on smart-cards by Carol 
   Fancher, a Motorola engineer and developer of the smart- 
   card market. 
 
   ----- 
 
   http://jya.com/sacard.txt  (26 kb) 
 
   Lynx: http://pwp.usa.pipeline.com/~jya/sacard.txt 
 
   Via www.anonymizer.com 
 
   SAC_ard 
 
 
 
 
 
 
 





From sandfort at crl.com  Sun Aug  4 11:28:14 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Mon, 5 Aug 1996 02:28:14 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <FsF5RD17w165w@bwalk.dm.com>
Message-ID: <Pine.SUN.3.91.960804082928.19776B-100000@crl3.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Sun, 4 Aug 1996, Dr.Dimitri Vulis KOTM asked:

> Is there truth to the rumor that poking a file inside the barrel
> will alter the marks on future test firings?

I don't know the answer to this one, but my best guess is,
A) yes, but not enough to alter the test firing, and
B) whether or not it did, it would be strong evidence of an
attempt to screw up such a test.  There are few (no?) legitimate
reasons to harm one's gun thusly.

I have heard, but have not evidence for, is that with use, these
characteristic markings change.  As a result, putting 200-300
rounds through a gun at the range is enough to alter its
identifiable barrel markings sufficiently to defeat forensic
matching.  Don't know, just heard, but it sounds reasonable.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From moroni at scranton.com  Sun Aug  4 12:02:39 1996
From: moroni at scranton.com (Moroni)
Date: Mon, 5 Aug 1996 03:02:39 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <FsF5RD17w165w@bwalk.dm.com>
Message-ID: <Pine.LNX.3.95.960804121342.4158A-100000@user1.scranton.com>


    Nitric Acid wii change barrelling.


On Sun, 4 Aug 1996, Dr.Dimitri Vulis KOTM wrote:

> JonWienk at ix.netcom.com writes:
> > Incidentally, one of the interesting traits of a shotgun is that buckshot is
> > subject to the ballistics matching techniques used on rifle and pistol bullet
> > The plastic wads (which prevent the shot from touching the barrel) do not tak
> > the microscopically detailed impressions from the barrel that copper or lead
> > bullets do. The heat from firing always melts the plastic slightly--enough to
> > defeat this.  Of course, if you leave the fired shells lying around, the prim
> > and ejector marks can bite you...
> 
> Is there truth to the rumor that poking a file inside the barrel will
> alter the marks on future test firings?
> 
> ---
> 
> Dr.Dimitri Vulis KOTM
> Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps
> 






From jimbell at pacifier.com  Sun Aug  4 12:12:20 1996
From: jimbell at pacifier.com (jim bell)
Date: Mon, 5 Aug 1996 03:12:20 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <199608041735.KAA21449@mail.pacifier.com>


At 08:37 AM 8/4/96 -0700, Sandy Sandfort wrote:

>
>On Sun, 4 Aug 1996, Dr.Dimitri Vulis KOTM asked:
>
>> Is there truth to the rumor that poking a file inside the barrel
>> will alter the marks on future test firings?

>I have heard, but have not evidence for, is that with use, these
>characteristic markings change.  As a result, putting 200-300
>rounds through a gun at the range is enough to alter its
>identifiable barrel markings sufficiently to defeat forensic
>matching.  Don't know, just heard, but it sounds reasonable.

Heard same thing here; it's almost certainly true.  It would help if the gun 
got a thorough cleaning as well:  You can "de-copper" a barrel by plugging 
one end, and filling the barrel with an ammonia solution. (this is available 
as a commercial product for guns, at wildly-inflated prices.  Ordinary 
ammonia solution works just as well, cheap.)   This dissolves the copper 
left from the passage of copper/brass-jacketed bullets.  You can tell it's 
working:  The copper forms the distinctive blue cupramine ion in solution.


BTW, all this changes is the microstructure of the markings:  The number of 
riflings and the twist of the riflings are, obviously, unchanged.



Jim Bell
jimbell at pacifier.com





From David.K.Merriman.-.webmaster at toad.com  Sun Aug  4 12:52:21 1996
From: David.K.Merriman.-.webmaster at toad.com (David.K.Merriman.-.webmaster at toad.com)
Date: Mon, 5 Aug 1996 03:52:21 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <199608041807.LAA11271@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com, sandfort at crl.com
Date: Sun Aug 04 13:07:42 1996
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                           SANDY SANDFORT
>  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
> 
> C'punks,
> 
> On Sun, 4 Aug 1996, Dr.Dimitri Vulis KOTM asked:
> 
> > Is there truth to the rumor that poking a file inside the barrel
> > will alter the marks on future test firings?
> 
> I don't know the answer to this one, but my best guess is,
> A) yes, but not enough to alter the test firing, and
> B) whether or not it did, it would be strong evidence of an
> attempt to screw up such a test.  There are few (no?) legitimate
> reasons to harm one's gun thusly.
> 
> I have heard, but have not evidence for, is that with use, these
> characteristic markings change.  As a result, putting 200-300
> rounds through a gun at the range is enough to alter its
> identifiable barrel markings sufficiently to defeat forensic
> matching.  Don't know, just heard, but it sounds reasonable.
> 
> 

Considering the relative strengths/hardnesses of the metals involved 
(high-grade steel for barrel, lead and/or copper for projectile), I'd 
suspect that it would take more than 200-300 rounds to have any significant 
impact on the barrel rifling. This, of course, is for 'normal' weapons and 
ammo; using diamond projectiles in a saturday night special voids all 
warranties, express or implied :-)

my ha'penny's worth.

Dave Merriman

PS - Been using Pronto Secure beta software the last couple of days for 
email. It's not Eudora, but *very* convenient for signing/encrypting. A 
couple of bugs/gotchas, but nothing I'd expect to see in for-sale version.
I'm actually mildly impressed with how smoothly and transparently it works 
with PGP on a DOS/Win95 system.
PGP Email welcome and encouraged. Visit my web site at
http://www.shellback.com/p/merriman
for my PGP key and fingerprint
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgQwKsVrTvyYOzAZAQGacAP+L8CfV6aFmuAsJYTM5ttHqWu6B49vL2cx
Ejnxwp2bRcM7winGALg+LQwwqjx1eNd1gKLsjrIRdh4oQgCBobfdEMU2poJvceTD
shfPhvZqDWQQgZf0B1OkqzporGprdKM6V/rEbguzDMGt1SaUX585dZaYq5/CtyOO
b+NFH+WSemc=
=VWgA
-----END PGP SIGNATURE-----






From amehta at giasdl01.vsnl.net.in  Sun Aug  4 12:58:44 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Mon, 5 Aug 1996 03:58:44 +0800
Subject: Internet telephony (was Freeh slimes again)
Message-ID: <1.5.4.32.19960804173946.003173d8@giasdl01.vsnl.net.in>


At 13:11 02/08/96 -0700, Lucky Green wrote:
>The sound quality really isn't there, unless you have a fast machine or a
>fat pipe. In addition, the vast majority of Intel based computers lack the
>crucial (for user acceptance) full-duplex soundcard. Add to that the
>physical impossibility of getting decent real time services over a
>non-isochronous network, such as the Internet, I'net phones just don't
>provide suffcient speech quality for business/serious personal use even
>without the added overhead of crypto.

What I'd like to see -- for which technology is all in place, and
none of the shortcomings you mention apply -- is voice mail that
functions seamlessly between people who only have a phone, and
those with Internet connections on computers with a sound card.
Many companies practically use voice mail as an alternative to
long phone conversations. This might also help the Internet
spread, because with a connection you would be able to save  on
long-distance charges -- and strong crypto could be used.

I'm sure the software for this exists too -- the ISPs only have
to run it on their servers. It would be nice, though, if the ISPs
had a facility that when there is a voice message for you, it
either phones or pages you...
Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From sebago at earthlink.net  Sun Aug  4 13:42:54 1996
From: sebago at earthlink.net (Allen Robinson)
Date: Mon, 5 Aug 1996 04:42:54 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <199608041900.MAA04859@serbia.it.earthlink.net>


Rather than resorting to such extreme measures as attacking the interior 
of the existing barrel with a file or nitric acid, simply replace the 
barrel with a new one (normally not prohibitively expensive), then put a 
few hundred rounds through the new barrel at the range so that it appears
used when/if examined.

Naturally this does not address the possibility of unique marks made on 
the primer by the firing pin, on the cartridge by the ejector, etc.

AR

#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%
"In the end, more than they wanted freedom, they wanted
security.  When the Athenians finally wanted not to give to
society but for society to give to them, when the freedom
they wished for was freedom from responsibility, then Athens
ceased to be free."  - Edward Gibbon
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Allen Robinson.........................sebago at earthlink.net
PGP public key FE4A0A75
fingerprint 170FBC1F7609B76F 967F1CC8FCA7A41F





From hfinney at shell.portal.com  Sun Aug  4 14:29:56 1996
From: hfinney at shell.portal.com (Hal)
Date: Mon, 5 Aug 1996 05:29:56 +0800
Subject: TrustBucks
In-Reply-To: <htrb56rmj9@nowhere.com>
Message-ID: <199608041939.MAA03317@jobe.shell.portal.com>


An interesting idea.  It reminds me of a barter system, with the similar
problem of trying to put together a complex trade which is mutually
acceptable.  I wonder whether it could be automated if people posted
their holdings and what they would accept.  Then software could go into
this database and try to put together a set of trades that will let
someone make a purchase.  However it would seem to be very harmful to
privacy to have to post all this information.

There are some "lightweight payment" schemes out there which have the
property that people only accept cash that is "for them".  Sometimes
there is a broker involved who actually issues the cash on behalf of the
merchant (the merchant trusts the broker to do this) so that customers
need only go to a smaller number of brokers.  Then these systems can be
based on heavier payment systems like digicash or credit cards which
people use to open accounts with the brokers.

I do like the decentralization idea, but these lightweight schemes have
some of the same advantages.

Hal





From rsaeuro at sourcery.demon.co.uk  Sun Aug  4 14:31:16 1996
From: rsaeuro at sourcery.demon.co.uk (RSAEURO General)
Date: Mon, 5 Aug 1996 05:31:16 +0800
Subject: ANNOUNCE:- RSAEURO Version 1.03
Message-ID: <3204fbd0.27628667@post.demon.co.uk>


ANNOUNCE:- RSAEURO Version 1.03
===============================

What is RSAEURO?
----------------

RSAEURO is a cryptographic toolkit providing various functions
for the use of digital signatures, data encryption and supporting
areas (PEM encoding, random number generation etc).  To aid
compatibility with existing software, RSAEURO is call-compatible
with RSADSI's "RSAREF(tm)" toolkit. RSAEURO allows non-US
residents to make use of much of the cryptographic software
previously only (legally) available in the US.

RSAEURO contains support for the following:

*    RSA encryption, decryption and key generation.  Compatible
     with 'RSA Laboratories' Public-Key Cryptography Standard
     (PKCS) #1.

*    Generation and verification of message digests using MD2,
     MD4, MD5 and SHS (SHS currently not implemented in
     higher-level functions to maintain compatibility with
     PKCS).

*    DES encryption and decryption using CBC (1, 2 or 3 keys
     using Encrypt-Decrypt-Encrypt) and DESX(tm), RSADSI's
     secure DES enhancement.

*    Diffie-Hellman key agreement as defined in PKCS #3.

*    PEM support support for RFC 1421 encoded ASCII data with
     all main functions.

*    Key routines implemented in assembler for speed (80386 and
     680x0 currently supported).

International Use
-----------------

IMPORTANT NOTICE:  Please do not distribute or use this software
in the US it is 'illegal' to use this toolkit in the US, as RSADSI and
Cylink hold patents relating to public-key cryptography.  If you are a
US resident, please use the RSAREF toolkit instead.


On The Web
----------

RSAEURO can now be found at

http://www.sourcery.demon.co.uk/rsaann.html

Ftp Sites
---------

RSAEURO can be found at

ftp://ftp.ox.ac.uk/pub/crypto/misc

Author Details
--------------

With comments and suggestions, please address them to Stephen
Kapp, at 'rsaeuro at sourcery.demon.co.uk'

----------------------------------------------------------------------------
RSAEURO:      rsaeuro at sourcery.demon.co.uk
RSAEURO Bugs: rsaeuro-bugs at sourcery.demon.co.uk
Tel:          +44 (0) 468 286034
Http:         http://www.sourcery.demon.co.uk/rsaann.html

RSAEURO - Copyright (c) J.S.A.Kapp 1994-1996.
----------------------------------------------------------------------------





From stewarts at ix.netcom.com  Sun Aug  4 15:32:18 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Mon, 5 Aug 1996 06:32:18 +0800
Subject: FAA to require transponders on all aircraft passengers
Message-ID: <199608042050.NAA12512@toad.com>


>At 3:21 PM 8/3/96, David Lesher wrote:
>>They are going to hang one of these on EVERY bag?
>>At what per-unit cost?
Probably low enough, at least if they can reuse the tags
(should be easy to find them, since they're transponder-equipped.)

My guess about how they'll be used is to replace the bar-code
stickers used by many baggage-handling systems - they'll stick
one on at checkin, corresponding to the number on your ticket,
track them when they load them on the plane (so they know
that all the bags correspond to people expected to get on the plane,
as well as knowing the bags are getting on the correct plane),
and track the tickets to make sure that all the people expected 
to get on the plane actually do get on (I think they use bar-code
readers or OCR today, and that'll probably continue.)

Tim> "bag escrow" will allow other agencies--such as DEA--to sniff

Also useful for the baggage checkers at the baggage claim, 
who'll be able to check that your baggage tag belongs to your
ticket, and that nobody sneaks baggage out unchecked,
either stealing it or trying to pick up the contraband.
Of course they'll _have_ to check all the bags to collect
the transponders.

David>>THEN think of the RFI problems.....

Tim> The RFI problems are actually the least of the concerns, 
Tim> given the "code space" technology which is possible.

The RFI issue isn't just telling one transponder from another,
it's interference with the airplane's electronics.  The devices
will be a bit quieter than your laptop, since they presumably
only broadcast in response to polls - probably quieter than
pagers but noisier than digital watches.


                                Bill


#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From stewarts at ix.netcom.com  Sun Aug  4 15:34:49 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Mon, 5 Aug 1996 06:34:49 +0800
Subject: Digital Telephony costs $2
Message-ID: <199608042050.NAA12518@toad.com>


At 05:09 PM 8/3/96 -0800, Jim Bell talked about mixing telephony,
voice compression, and modem functions on future modems,
and how doing a 28.8 modem uses up most of a DSP chip,
while 2400bps voice coding and decoding also each use up about half,
making full duplex tough.

One advantage of higher-speed modems is that you can get away with
16kbps ADPCM coding, which is dirt-simple computationally;
your 386 probably has enough horsepower to do it, though a PC's
interrupt structure may make it tough to shove all the data in and
out in real time.  You still need a sound card that'll do the
A/D and D/A conversion simultaneously if you want full-duplex;
that wasn't part of the original market vision of Soundblaster,
so vanilla sound cards don't all do it.  It also has the advantage
that the data is being moved through your CPU, so encryption is
an easy add-on, rather than having one combined modem/voiceblaster
card which doesn't have any hooks for crypto or other processing.

>Sure,  it may not be necessary to compress voice audio all the way down to 
>2400 bps, since the current modem standards allow 28.8kbps and beyond, but I 
>suggest that decreasing net traffic by a factor of 12 (28.8k to 2.4k) is a 
>desirable goal.  

One problem is that tighter compression methods are far more sensitive
to network latency than crude ones, and need to process more milliseconds
of speech before putting out a packet on the net (e.g. a 64-byte tinygram
is 200ms of speech at 2400bps, vs. 32ms at 16kbps.)  For modem-to-modem
communications, this is no problem; for Internet random delays it is.

Also, another big difficulty with full-duplex transmission is that you
need echo-cancelling, especially with high-latency circuits.
Half-duplex is annoying, but it doesn't echo, and it's more tolerant
of delay because you're not expecting it to have natural timing...

>The reason I think a system I've described has a future is that modem 
>manufacturers have a PROBLEM.  Their problem is that they've pretty much run 
>out of room to improve the bit-pushing through a 3 KHz bandwidth.  

Given that the "3KHz" is almost universally transmitted over 64kbps
digital channels, there's really no point in pushing past 33.6 with
analog-based coding; better to just do ISDN.  (You can still do analog-only
calls if you're on an analog central office talking to someone else
at the same exchange, but it'd be a flat-rate local call anyway.
If there's anybody still using analog trunks between offices, 
it's some mom&pop rural telco, and you can't get 28.8 on barbed-wire...)

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From stewarts at ix.netcom.com  Sun Aug  4 15:36:29 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Mon, 5 Aug 1996 06:36:29 +0800
Subject: More to be paranoid about...
Message-ID: <199608042050.NAA12505@toad.com>


At 10:14 PM 8/3/96 -0700, you wrote:
>Take a look at:
>     http://www.spiritone.com/cgi-bin/plates
>Feed it an Oregon licence plate number and it will feed you back all sorts
>of info about the person/victim.

It's interesting to know that Senator Hatfield's wife's birthday
is 1/17/29, and that the title to the car is held with a 
security interest by the US SENATE EMPLOYEES FEDERAL CREDIT,
and that (at least) Social Security Numbers weren't listed
for the plates I checked.  Also that, unlike many states,
the Governor doesn't have License Plate #1.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From alanh at widomaker.com  Sun Aug  4 15:36:53 1996
From: alanh at widomaker.com (Alan Horowitz)
Date: Mon, 5 Aug 1996 06:36:53 +0800
Subject: New Agers feeding at the porkbarrel trough
Message-ID: <Pine.UW2.3.93.960804161931.11658A-100000@wilma>


Looking at page 98 of the August-September _Home Power_ magazine, I see the
publisher, Richard Perez, saying about vendors of non-solar-generated
electricity: "None of this money is billed via your electric meter, but
instead concealed in taxes or paid out everywhere from supermarkets to
hospitals." 

On page 76 of the same edition, in an article titled "The New Utility", we see
the following statement: "If all goes well in November, voters in Davis,
California will vote on implementing the first US rate based incentive (RBI)
program. As discussed in previous issues of _Home Power_, RBI programs are are
locally adopted programs in which communities assess utility bills a 1%
surcharge. The surcharge is used to purchase PV [viz., photovoltaic
solar-generated] power from participating homeowners at a premium rate. The
incentive plus the benefits of net metering [a plan in which electric
utilities are required to pay home-based electricity vendors, the full cost of
a kilowatt-hour of power, notwithstanding that the homeowner didn't pay for
the distribution losses, plant costs of the transmission grid,
untimed-to-load-demand supply, etc] should allow recovery of 90% of system
investment in 10 years."

Now, call me politically incorrect, but I say that utility bills don't get
assessed surcharges - *people* get assessed *taxes*.  I say that if it's
good for the non-solar vendors to be denounced for wanting to offload some
of their costs onto taxpayers, then the sauce is good for the solarpower
gander, too. 

I say that Richard Perez makes his living by encouraging the distribution of
solarpower hardware and services. I say that Richard Perez has a circle of
friends and business associates who are in that industry.

I say that Richard Perez has a conflict of interest. I say that Richard Perez
is a hypocrite.

I will renew my subscription to the magazine.... the non-political
articles are high quality and unmatched elsewhere. I will continue to
purchase selected items from _Home Power_'s advertisers - they fill my
needs.

I will agitate strongly against the "establishment" of solarpower (and
its lesser analogues, such as microhydro, windturbine, biomass) in the
pantheon of pork barrel empires.






From llurch at networking.stanford.edu  Sun Aug  4 15:41:36 1996
From: llurch at networking.stanford.edu (Rich Graves)
Date: Mon, 5 Aug 1996 06:41:36 +0800
Subject: The Hazards of Reading Naughty Newsgroups at Work
In-Reply-To: <199608031945.MAA22460@jobe.shell.portal.com>
Message-ID: <Pine.GUL.3.95.960804135637.9417B-100000@Networking.Stanford.EDU>


On Sat, 3 Aug 1996 anonymous-remailer at shell.portal.com wrote:

> The following interesting article appeared on page 6 of the
> August 3, 1996 Seattle Times.
[...]
> Rosul is also charged with possession of child pornography.  He
> allegedly used Microsoft equipment to manufacture a CD-ROM disk
> containing child pornography.
> 
> Both Seaman and Rosul will be arraigned next week in King County
> Superior Court.  If convicted, both could receive up to one year in
> jail.

"Where do you want to go today?"

> Microsoft spokesman Mark Murray said the company found out about the
> activities of its two former employees last year and alerted police.
> 
> "We provided the police with the computers to pull up the evidence,"
> Murray said.

I couldn't help thinking of the poor technical schmucks whose job it was
to spy on their co-workers.

-rich






From stewarts at ix.netcom.com  Sun Aug  4 15:48:46 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Mon, 5 Aug 1996 06:48:46 +0800
Subject: "And who shall guard the guardians?" [NOISE]
Message-ID: <199608042050.NAA12499@toad.com>


Arun and Marin have been quoting from UN docs and the
>International Covenant on Civil and Political Rights(ICCPR),
>http://www.pluggedin.org/amnesty/rights4.htm
> which the US *ratified* not so long ago.

>2. Everyone shall have the right to freedom of expression;
>this right shall include freedom to seek, receive and impart
>information and ideas of all kinds, regardless of frontiers,
>either orally, in writing or in print, in the form of art, or
>through any other media of his choice.
>3. The exercise of the rights provided for in paragraph 2
>of this article carries with it special duties and
>responsibilities. It may therefore be subject to certain
>restrictions, but these shall only be such as are provided by law
>and are necessary:
>(a) For respect of the rights or reputations of others;
>(b) For the protection of national security or of 
>public order (ordre public), or of public health or morals. 
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^        ^^^^^^           ^^^^^^^

Lots of UN declarations of rights have this sort of exception;
"protection of public morals" is something so blatantly vague
and broad that if a government contends that such a concept exists, 
as the covenant does, it could probably force the World Court
to conclude that it permits them to declare as "necessary"
just about anything short of burning witches and heretics,
and humanely beheading heretics, drug dealers, and anonymous remailer
operators is probably ok by this standard.

The UN Declaration (or was it Convention) on the Rights of the Child
is even worse - it strongly states the right to believe in and
practice religion, except when the government needs to interfere
to protect public morals or public order...  On the other hand,
it provides no such exception for the right to mandatory public
education or identity registration.
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From stewarts at ix.netcom.com  Sun Aug  4 16:28:17 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Mon, 5 Aug 1996 07:28:17 +0800
Subject: Anonymous Message Broadcast
Message-ID: <199608042120.OAA12926@toad.com>


At 12:58 PM 8/3/96 -0400, Laszlo Vecsey <master at internexus.net> wrote:
>Has anyone implemented a simple anonymous chat system (an anonymous irc)
>using the technique described in Applied Cryptography 2nd edition? I'm
>speaking of the Anonymous Message Broadcast documented in section 6.3, it
>begins on page 137.

A lot of people talk about Dining Cryptographers networks, but I'm not
aware of more than an occasional test implementation - the concept is
simple, but getting all the details right is a lot of work,
including things like collision detection, and there aren't a lot of
good uses for the things to motivate development, even though they
are basically cool.  

One design approach is to use IRC; another is email.
IRC probably requires that all the participants be on simultaneously,
or requires a coordination system to handle whoever's on right now.


>Can the same system be implemented using base256 (unsigned char, 8bit ASCII)
>instead of the simple on/off binary method that is described in the
>explanation? How would it differ.

Rather than doing Base256, just XOR the bytes; you get the speed of
doing things a byte or word at a time, while still getting bitwise changes.
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From gcg at pb.net  Sun Aug  4 17:05:56 1996
From: gcg at pb.net (Geoffrey C. Grabow)
Date: Mon, 5 Aug 1996 08:05:56 +0800
Subject: WARNING: SecureDrive & PartitionMagic
Message-ID: <2.2.32.19960804220146.0068d1b8@mail.pb.net>


-----BEGIN PGP SIGNED MESSAGE-----

At 15:47 08/04/96 -0400, Charley Sparks wrote:
>
>
>where can I get a copy of SD and does it work with NT ??
>
Check out: http://www.serve.com/ruccia/securedr.html for the SD.  As 
for working on NT... I haven't the foggiest.  I've got a kludgey way 
of using it under win95, but it mostly works.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgUdrsr4ljoOgY7BAQGTpQP+IZXlrMJh3snU27ydLDcdzCOeDC813GYW
ujHcDpHiItY7Uq4hgBW6qoHIhmrb8DRHgVJDWyfa/OAmwJzs6sAOEzQCP1ktPM7b
LLn1oPphtoPCXN1RXB+s38jHZmzzY32sLidmAqgpMDRboUwDvKfczHs9Tik1PzgQ
X3k3S43k0pc=
=+lgv
-----END PGP SIGNATURE-----
 
                                                     G.C.G.

 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 | Geoffrey C. Grabow       |      Great people talk about ideas.       |
 | Oyster Bay, New York     |     Average people talk about things.     |
 | gcg at pb.net               |      Small people talk about people.      |
 |----------------------------------------------------------------------|
 |     PGP 2.6.2 public key available at http://www.pb.net/~wizard      | 
 |          and on a plethora of key servers around the world.          |
 |   Fingerprint =  A6 7B 67 D7 E9 96 37 7D  E7 16 BD 5E F4 5A B2 E4    |
 |----------------------------------------------------------------------|
 | That which does not kill us, makes us stranger.   - Trevor Goodchild |
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From stewarts at ix.netcom.com  Sun Aug  4 17:52:41 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Mon, 5 Aug 1996 08:52:41 +0800
Subject: Internal Passports
Message-ID: <199608042250.PAA13719@toad.com>


At 10:02 AM 8/1/96 -0700, tcmay at got.net (Timothy C. May) wrote:

>Question (a la "Wired"): "When will the United States introduce an internal
>passport?"
>May: "2005, but they won't call it that."

Stewart: "Last week, but they didn't call it that."

According to Alaska Airlines, the FAA's policy as of last week
has switched to a mandatory policy that if you don't produce
government-issued photo-id, you can't get on the plane;
the previous policy had been more flexible.  

The folks stamped my ticket "Documents Verified" - looks
suspiciously similar to "Papers In Order".

       (Which they actually weren't, on my return trip;
        I handed her my work ID in the same plastic carrier
        as my train pass, and handed her the credit card
        I'd bought the tickets with explaining that I wasn't
        on government business and asking when had
        the policy changed and commenting.  And the nice
        Rent-A-Xray-Technician who asked if I minded if
        he searched my computer bag was totally confused
        when I said "Yes, of course I mind.")

You can still travel in a car if someone else is driving,
and you can still get on a train without identification,
but without papers you can't fly or drive, and you can't
ride a horse on the freeway except in the back of a horse trailer.
Driver's licenses were the beginning of a long downhill trend.

I wonder if they'll still accept an American passport; the country
has obviously been taken over by Pod People while we weren't looking....
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From hallam at ai.mit.edu  Sun Aug  4 19:13:18 1996
From: hallam at ai.mit.edu (Hallam-Baker)
Date: Mon, 5 Aug 1996 10:13:18 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <4u3255$si2@life.ai.mit.edu>
Message-ID: <32053E44.2781@ai.mit.edu>


Oh dear oh dear....

First off people on cypherpunks seem to have the idea that the type
of people who go blasting peoples heads off have brains. Without
wanting to inflate people's egos too much the average reader of
cypherpunks is an awful lot smarter than your average criminal. 

Fancy plans to disolve gun barrels etc are way too complex for 
your average criminal and in any case it is substantially easier
to drop a gun in a lake or the sea and less likely to result in
incrimination than to try disolving it, run 200 rounds through
it or whatever.


Vacuming up powder left over from a rifle range would not help
very much. One of the problems of building a bomb is to make 
sure that all the explosive goes off. A gas chromatograph is 
able to differentiate spent and unspent explosive. It would be 
easier to go off and buy the stuff from multiple sources or
to make ones own explosive from nitrates with oxidants.

I would expect that anyone vacuming up the residue from a gun
club is likely to have difficulty explaining what he is doing.
After all one does not usually go off to play Rambo, then stick
an apron on and start doing the housework.


I personally think that tagants is an insuffieicent approach to
the problem. Given the number of gun related homicides in the
US it is not unreasonable to require each individual cartridge
to be stamped with a serial number and for gun dealers to be 
required to record each individual purchase. That at least 
was my advice to the UK govt after Dunblane. 

If people go arround claiming that ownership of guns is necessary
so that people can commit acts of treason against the US govt
then it is inevitable that there will be pressure for greater
regulation. The NRA has been playing a bad hand stupidly. By
raising the militia argument they have played into the hands
of abolitionists. It would be entirely foolish for the crypto
lobby to allow themselves to be tied to the NRA. The NRA has
no choice but to support civil liberties, there is no reason
why the wider civil liberties movement needs to support the
NRA.


More significant for crypto  policy is the recent revelations 
about US spying on the European Union by spoofing CISCO routers
via SNMP. That act should be exploited to drive a wedge between
US attempts to bar use of cryptographic security systems and
the members of the EU.


		Phill





From rvincent at cnmnet.com  Sun Aug  4 19:36:11 1996
From: rvincent at cnmnet.com (RICHARD VINCENT)
Date: Mon, 5 Aug 1996 10:36:11 +0800
Subject: CDT Policy Post 2.25 - Senate Encrypti
Message-ID: <199608050021.TAA14904@future.cnmnet.com>


-- [ From: RICHARD VINCENT * EMC.Ver #2.5.02 ] --


-------- REPLY, Original message follows --------

Date: Monday, 24-Jun-96 01:57 AM

From: Shabbir J. Safdar        \ Internet:    (shabbir at vtw.org)
To:   cypherpunks at toad.com     \ Internet:    (cypherpunks at toad.com)

Subject: Re: CDT Policy Post 2.25 - Senate Encrypti 

Damn, we've been found out.

I don't suppose anyone will notice the fact that although I've helped with
the preparation for the SAFE day, I won't actually be attending the event.

Clearly, I don't want to get caught.

-Shabbir J. Safdar * Online Representative * Voters Telecomm. Watch (VTW)
 http://www.vtw.org/ * Defending Your Rights In Cyberspace

PS On a more serious note, I can't get testimony into the record for this
hearing if you don't send it to me.  Sooo...please either fill out the form
at http://www.crypto.com/submit/ or if you find that format too constraining
, just send it to me in email.  I'll see what I can do to make sure PGP
signatures are reproduced intact in the Congressional Record.

Most everyone I know cannot simply jaunt off to D.C. for a day.  Why not at
least make your voice heard?

anonymous-remailer at shell.portal.com writes:
>WHY IS NO ONE TALKING ABOUT THIS VIOLATION OF OUR RIGHTS? EVER HERE THAT
>IN THE US VOTES ARE supposed to be *****SECRET*****??? NO MORE!
>
>Why does the vtw cdt etc want to hand over your name to the us gov? Notice
>how there's two events one on the east cost and the other on the west coast





From drose at AZStarNet.com  Sun Aug  4 19:46:37 1996
From: drose at AZStarNet.com (David M. Rose)
Date: Mon, 5 Aug 1996 10:46:37 +0800
Subject: Internal Passports
Message-ID: <199608050034.RAA15919@web.azstarnet.com>


Bill Stewart wrote:

>I wonder if they'll still accept an American passport; the country
>has obviously been taken over by Pod People while we weren't looking....

I don't know if this was an isolated incident, but I recently attempted to
pick up a package at the Post Office using my passport as I.D.  NO, I was
told, this is not acceptable identification, and as a union worker, you
can't tell me what to do.  Appeals to chicken-hearted management were
brushed off; I finally identified the highest ranking union official (shop
steward?), who reluctantly ordered the recalcitrant worker to fetch my parcel.

Your guess is as good as mine...

Dave Rose






From unicorn at schloss.li  Sun Aug  4 20:06:47 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Mon, 5 Aug 1996 11:06:47 +0800
Subject: Pipe bombs vs high explosives.
In-Reply-To: <199608040337.UAA17682@dns1.noc.best.net>
Message-ID: <Pine.SUN.3.94.960804210041.9632F-100000@polaris>


On Sat, 3 Aug 1996, James A. Donald wrote:

> Does anyone have any experimental information comparing an 
> untamped high explosive with a pipe bomb?

> Homemade low explosives tend to be even more feeble 
> than manufactured low explosives, because it is inadvisable
> for amateurs to recorn their powder, with the result that
> home made powders burn slow, whereas homemade high
> explosives are just as effective as manufactured high 
> explosives.
> 
> My theoretical expectation is that pipe bombs would be 
> very ineffectual when compared to high explosives, 
> especially using home made powders.

Flash powders are quite easy to make and deflagrate quickly enough to
cause quite a nice bang without any containment what so ever when set off
in amounts over about two tablespoons worth.

Start off with fine enough mesh Al powder and grind your oxidizer down
fine enough and all you need for proper mixing is a (static treated)
zip-lock bag.

Not that I would ever suggest that anyone try to manufacture such
mixtures, but they are plenty potent enough to match and exceed most
manufactured deflagrating powders.

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From drose at AZStarNet.com  Sun Aug  4 20:40:22 1996
From: drose at AZStarNet.com (David M. Rose)
Date: Mon, 5 Aug 1996 11:40:22 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <199608050134.SAA05951@web.azstarnet.com>


Phil  H-B writes:

>Oh dear oh dear....

(Mucho B.S. elided)

Dear Doc:

Trollmeister supreme Sternlight has left the building.  Hint...hint...






From shamrock at netcom.com  Sun Aug  4 20:50:33 1996
From: shamrock at netcom.com (Lucky Green)
Date: Mon, 5 Aug 1996 11:50:33 +0800
Subject: Internal Passports
Message-ID: <v02120d27ae2b05587a10@[192.0.2.1]>


At 15:48 8/4/96, Bill Stewart wrote:

>I wonder if they'll still accept an American passport; the country
>has obviously been taken over by Pod People while we weren't looking....

A US passport is not considered valid ID by the State of Oregon. If
somebody here doesn't belive this, send someone who looks like he might be
under 21 into any liquor store in Oregon with just an US passport.


-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From liberty at gate.net  Sun Aug  4 21:01:30 1996
From: liberty at gate.net (Jim Ray)
Date: Mon, 5 Aug 1996 12:01:30 +0800
Subject: Stop the presses -- Anti-terrorism bill...[Noise]
Message-ID: <199608050151.VAA72932@osceola.gate.net>


-----BEGIN PGP SIGNED MESSAGE-----

Phill Hallam-Baker <hallam at ai.mit.edu> wrote:

>Oh dear oh dear....
...

>I personally think that tagants is an insuffieicent approach to
>the problem. Given the number of gun related homicides in the
>US it is not unreasonable to require each individual cartridge
>to be stamped with a serial number and for gun dealers to be 
>required to record each individual purchase. That at least 
>was my advice to the UK govt after Dunblane. 

So _THAT'S_ how they could have prevented the atrocity.  ;>

Weakening caused by the stress of stamping, the immensity of the
number of cartidges fired every day in the U.S., and the fact that
revolvers *exist* aside, we have these strange people called
"reloaders" in this country, Phill, and right now they have LOTS of
unstamped brass on hand. Criminals who wanted it would have an
unlimited supply into the foreseeable future. I agree with you that
criminals are, on the whole, dumber than cypherpunks, but it is easy
for them to pick up ideas like shooting a few hundred rounds or filing
a barrel etc. whether or not they are as likely as we are to have them
first. They already use all-fabric bleach to get any blood/DNA out of
clothing used in crimes, and even if they ARE stupid, they sit around
jail cells an awful lot talking about how to get away with their
crimes next time. JMR

Regards, Jim Ray -- DNRC Minister of Encryption Advocacy

"Big business never pays a nickel in taxes, according to Ralph
Nader, who represents a big consumer organization that never
pays a nickel in taxes." -- Dave Barry 

 Defeat the Duopoly! Vote "NOTA," not Slick/Dull in November.
 Harry Browne for President. Jo Jorgensen for Vice-president.
 http://www.HarryBrowne96.org/
___________________________________________________________________
PGP id.E9BD6D35 51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8
<mailto:liberty at gate.net> http://www.shopmiami.com/prs/jimray Coming
soon, the "Pennies For Perot" page. Keep billionaires off welfare!
___________________________________________________________________


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh.

iQCVAwUBMgVRim1lp8bpvW01AQFwxAP7B4AugPSgmbnhFE3J7d8un1CMzYTznJkq
4Pf8zjH9iOo3pn+LoY7QgOFjUZo5tcuGRfyiEWJozfoeykhQ7Ds3tpiAUtfx2smN
1O9LGHuzv6WDOKuqK4bKAS20S0W2lWRgcDDBc8PEcXdSgekCDCgBFKRPr+IKY/jP
j2TIIVt0aLE=
=dOud
-----END PGP SIGNATURE-----





From shamrock at netcom.com  Sun Aug  4 21:10:11 1996
From: shamrock at netcom.com (Lucky Green)
Date: Mon, 5 Aug 1996 12:10:11 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <v02120d28ae2b079d02b4@[192.0.2.1]>


At 20:20 8/4/96, Hallam-Baker wrote:

>If people go arround claiming that ownership of guns is necessary
>so that people can commit acts of treason against the US govt
>then it is inevitable that there will be pressure for greater
>regulation. The NRA has been playing a bad hand stupidly. By
>raising the militia argument they have played into the hands
>of abolitionists.

Appeasement never works. See the following two quotes.

"1935 will go down in history. For the first time, a civilized nation has
full gun registration. Our streets will be safer, our police more efficient,
and the world will follow our lead into the future." - Adolf Hitler

* > What country can preserve its liberties if its rulers are not  <*
* > warned from time to time that their people preserve the spirit <*
* > of resistance?  Let them take arms!" - Thomas Jefferson, 1787  <*

NRA Life Member and proud of it,


-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From alano at teleport.com  Sun Aug  4 21:23:14 1996
From: alano at teleport.com (Alan Olsen)
Date: Mon, 5 Aug 1996 12:23:14 +0800
Subject: Internal Passports
Message-ID: <2.2.32.19960805022246.00d7c568@mail.teleport.com>


At 07:01 PM 8/4/96 -0700, Lucky Green wrote:
>At 15:48 8/4/96, Bill Stewart wrote:
>
>>I wonder if they'll still accept an American passport; the country
>>has obviously been taken over by Pod People while we weren't looking....
>
>A US passport is not considered valid ID by the State of Oregon. If
>somebody here doesn't belive this, send someone who looks like he might be
>under 21 into any liquor store in Oregon with just an US passport.

This is because Oregon has been taken over by The Pod People.  (Or at least,
the Oregon Liqueur Control Commission has.) 

Getting such foolishness reversed is difficult when you have as many control
freaks in the State Legislature (and elsewhere).
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From stewarts at ix.netcom.com  Sun Aug  4 23:15:07 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Mon, 5 Aug 1996 14:15:07 +0800
Subject: A Libertine Question
Message-ID: <199608050420.VAA16738@toad.com>


At 08:18 PM 7/31/96 -0400, DCF wrote:
>Since there are no "public places" in a free society, 

If it _were_ a free society, there would be places that
nobody had conquered yet, common and usable by anyone
(as opposed to today's "public" spaces that had been conquered
by a government which claims the right to exclude others,
and places owned by individuals or groups which the government
has said are none-the-less public.)

There would probably also be places that were owned by
people who had somehow acquired the right to kick other people out;
you can argue about whether a free society should treat land
this way.  (Most land ownership in the US derives from
land grants given by kings who were put in place by
watery tarts handing out swords or equally authoritative processes,
or from land that the Yankees stole from the Mexicans
and then re-stole from the Indians and granted to the railroads.)

In a human-created environment like cyberspace the existence
of ownable spaces is obviously true, unlike found spaces like land.  
There are also found spaces in cyberspace where there's no particular
rightness to assigning ownership, and places that even if
you decide ownership through first use is a good thing,
people can decide to leave unowned or shared.
IP address space and domain name space are good examples -
property ownership is a useful analogy, preventing conflicts
by multiple people who want the name foo.com, but once you've
suggested naming things *.com, it's fair game.
On the other hand, since the Internet is a cooperative shared fiction,
if you want people to be able to find and connect to you,
getting the popular nameservers and routers to point the name
joesgarage.microsoft.com and IP address 127.0.0.2 in your direction
may not be highly productive.
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From harmon at tenet.edu  Sun Aug  4 23:20:46 1996
From: harmon at tenet.edu (Dan Harmon)
Date: Mon, 5 Aug 1996 14:20:46 +0800
Subject: problem
In-Reply-To: <3203D296.2E30@multipro.com>
Message-ID: <Pine.OSF.3.91.960804231307.8066A-100000@alpha.tenet.edu>


First go read the original documents that were sent to you. A novel idea.


On Sat, 3 Aug 1996, Fallen Angel wrote:

> I unsubscribed from your mailing list so why am I still receiving 
> email from it. I No longer wish to receive any more mail, so please stop 
> it.
> 
> Fallen Angel
> fallenangel at multipro.com
> 





From take at barrier-free.co.jp  Sun Aug  4 23:27:09 1996
From: take at barrier-free.co.jp (Hayashi_Tsuyoshi)
Date: Mon, 5 Aug 1996 14:27:09 +0800
Subject: key escrow article on the Asahi Shinbun
Message-ID: <199608050420.NAA28069@ns.barrier-free.co.jp>


I found key escrow article on the Asahi Shinbun.  Asahi
Shinbun is one of the most famous Japanese newspaper.  I
can't write more info because I am busy now.

BTW, Asahi Shinbun has their own server:

  URL: http://www.asahi.com/.

# English version is also available.

- Tsuyoshi Hayashi <take at barrier-free.co.jp>
- PGP public key: http://www.barrier-free.co.jp/take/pgpkey
- (CF 27 34 5B 46 FA 2A 12  D2 4C E3 F7 2A 45 E0 22)
- Barrier Free, Inc. (established on 25 Jan 1996)





From alanh at infi.net  Sun Aug  4 23:39:26 1996
From: alanh at infi.net (Alan Horowitz)
Date: Mon, 5 Aug 1996 14:39:26 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <32053E44.2781@ai.mit.edu>
Message-ID: <Pine.SV4.3.91.960805002648.13067C-100000@larry.infi.net>


On Sun, 4 Aug 1996, Hallam-Baker wrote:

> in any case it is substantially easier
> to drop a gun in a lake or the sea and less likely to result in
> incrimination than to try disolving it, run 200 rounds through
> it or whatever.
 
   Police divers pull murder weapons out of the water all the time. It's
very, very common.

Phil, is there ANY freedom that you would fight for?





From dlv at bwalk.dm.com  Mon Aug  5 00:28:04 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 5 Aug 1996 15:28:04 +0800
Subject: Internal Passports
In-Reply-To: <v02120d27ae2b05587a10@[192.0.2.1]>
Message-ID: <NBa7RD31w165w@bwalk.dm.com>


shamrock at netcom.com (Lucky Green) writes:

> At 15:48 8/4/96, Bill Stewart wrote:
>
> >I wonder if they'll still accept an American passport; the country
> >has obviously been taken over by Pod People while we weren't looking....
>
> A US passport is not considered valid ID by the State of Oregon. If
> somebody here doesn't belive this, send someone who looks like he might be
> under 21 into any liquor store in Oregon with just an US passport.

This reminds me how many years ago (I think this was under Reagan, or maybe
even Carter) I went to U.S.V.I without any papers at all, not realizing that
it's "abroad". When the time came for me to get back, I was shocked to see
some security people checking the papers of the people getting on the plane
to N.Y. I explained the situation and they let me in with no papers.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From lharrison at csbh.mhv.net  Mon Aug  5 01:19:32 1996
From: lharrison at csbh.mhv.net (Lynne L. Harrison)
Date: Mon, 5 Aug 1996 16:19:32 +0800
Subject: More to be paranoid about...
Message-ID: <1.5.4.16.19960805061137.2aef92e0@pop.mhv.net>


At 10:14 PM 8/3/96 -0700, Alan Olsen wrote:
>Take a look at:
>
>     http://www.spiritone.com/cgi-bin/plates
>
>Feed it an Oregon licence plate number and it will feed you back all sorts
>of info about the person/victim.



  Not surprising at all.  Unbeknownst to most of the general populace, DMV
records (for the most part) are public records and are subject to Freedom of
Information requests.  AAMOF, I have an account with NYS/DMV which I use to
pull my clients' records when they are charged with DWI and/or other traffic
offenses.  I simply dial into DMV's [outdated] computer and pull the record.
It also came in handy on a personal level when I did not get my registration
card after buying my car and discovered that the dealer had not registered
my car.







************************************************************
Lynne L. Harrison, Esq.       |    "The key to life:
Poughkeepsie, New York        |     - Get up;
lharrison at mhv.net             |     - Survive;
http://www.dueprocess.com     |     - Go to bed."
************************************************************

DISCLAIMER:  I am not your attorney; you are not my client.
             Accordingly, the above is *NOT* legal advice.






From cts at deltanet.com  Mon Aug  5 01:46:04 1996
From: cts at deltanet.com (Kevin Stephenson)
Date: Mon, 5 Aug 1996 16:46:04 +0800
Subject: 119_816
In-Reply-To: <2.2.32.19960718235050.006c0f38@gonzo.wolfenet.com>
Message-ID: <320595D0.7D52@deltanet.com>


Cerridwyn Llewyellyn wrote:
> 
> At 11:29 AM 7/17/96 GMT, you wrote:
> >   6-17-96. NYP:
> >
> >   "11 Officers Are Accused of Failure to pay Taxes. Claims of
> >   Sovereignty and 98 Dependents."
> >
> >      At least 11 New York City police officers have been
> >      accused of failing to pay any Federal taxes for several
> >      years by declaring they each had 98 dependents and by
> >      insisting that the Government had no right to tax them.
> >      The officers relied on a package of instructions that
> >      described how to avoid paying taxes by declaring that
> >      they were sovereign citizens who did not have to pay
> >      taxes.
> 
> Anyone know which "package of instructions" they were using,
> and where they can be obtained online?
> //cerridwyn//

I've heard of this before. Check altavista for soveriegn(sp?) citizens
of the united states. A lot of complicated rambling about birth 
certificates, duress and the federal government.





From rp at rpini.com  Mon Aug  5 02:13:59 1996
From: rp at rpini.com (Remo Pini)
Date: Mon, 5 Aug 1996 17:13:59 +0800
Subject: crypto CD source
Message-ID: <9608050710.AA29333@srzts100.alcatel.ch>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: cypherpunks at toad.com
Date: Mon Aug 05 09:07:49 1996
Addendum: If I have more than 1000 buyers, the price drops to around 9 USD 
per CDROM.

>Estimated prices (USD) - If I have at least 300 "certain" buyers:

>CDROM with 2-color label and jewel-case: USD 13.-
>Shipment US:                             USD  3.- (swiss mail sucks!)   
>Shipment Europe:                         USD  2.-
>Since the origin of those CD's is Switzerland, no ITAR would apply.
- --------< fate favors the prepared mind >--------
Remo Pini                            rp at rpini.com
PGP:  http://www.rpini.com/remopini/rpcrypto.html
- ------< words are what reality is made of >------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMgWdxhFhy5sz+bTpAQEsmQf9GwGi2Mz3e6/HlTA0Ry5FpI14uPxk7qzS
id7GJ50dL88q8M0JcLEOEWu3SZuhvgInV7aG3YzhjyaOs8tmCW1WKilUzgDXyIMQ
mnvlqfWilquKRQN2LW+5DjBaECeuDTHSYH/EJofsU7v6ivLBCe39yM51h+5SFG0c
mZRQebJFBge6udvhFfdtoDWMP7D1pZE+6ZtOCFeeZUmntNQtGH7KLD/rijfiuFWN
uwl1d2779QDhu4FtEOm363f9HO4r2fU7K5B7g0dSeBF2uhZCgcJd7TzhwkmSupxO
rT0VyJtYy6YcTs9YFbvxNABQ6RtRvKVbSxzLGAdPkAKXFDFodjTw6w==
=2Z4p
-----END PGP SIGNATURE-----




From problem at webchat.wbs.net  Mon Aug  5 02:14:49 1996
From: problem at webchat.wbs.net (WebChat Broadcasting System)
Date: Mon, 5 Aug 1996 17:14:49 +0800
Subject: Validation Code for WBS Access
Message-ID: <9608050701.AA02391@webchat.wbs.net>


Thank you for joining the WebChat Broadcast System!  We eagerly await 
seeing you online.  

Your handle is:   e3f0f5eeeb
Your password is: toad

Your validation# is: 90582293  (you only need to use this once)

To get full access to the system, go to 
http://wbs.net and enter any room.  When prompted, enter your handle,
password. and validation#.

Then you're done!  You'll have full privileges on WBS.

By validating you acknowledge having read the WBS system rules
(at http://wbs.net/wbs/rules.html) and promise to abide by them.  
Thank you.


If you have any difficulties please write us at problem at wbs.net.  Thanks, 
and enjoy!

Sincerely,

The staff at WebChat Broadcasting System





From Ben.Samman at EdelWeb.fr  Mon Aug  5 02:44:11 1996
From: Ben.Samman at EdelWeb.fr (Ben)
Date: Mon, 5 Aug 1996 17:44:11 +0800
Subject: Who the hell is ....
In-Reply-To: <2.2.32.19960802100835.0069d380@pop1.jmb.bah.com>
Message-ID: <Pine.SUN.3.95.960805093641.279F-100000@mercier.gctech.edelweb.fr>


> OK, I'v been on the list a bit now. I see a lot of the same
> people posting to it, 
> My question is " Who the Hell is Sternlight" At first I thought
> it was a pen name ( the light on the end of a boat ?? )

He claims he was some ranking official during the Carter administration.

To get more information do an AltaVista search for him--I seem to remember
some FAQ on this exact question.


Ben.
____
Ben Samman.................................................ben at edelweb.fr
Paris, France                 		Weather has improved. Stay tuned.






From rp at rpini.com  Mon Aug  5 02:49:27 1996
From: rp at rpini.com (Remo Pini)
Date: Mon, 5 Aug 1996 17:49:27 +0800
Subject: crypto CD source
Message-ID: <9608050705.AA29297@srzts100.alcatel.ch>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: cypherpunks at toad.com
Date: Mon Aug 05 09:03:30 1996
Well,

I could.

Estimated prices (USD) - If I have at least 300 "certain" buyers:

CDROM with 2-color label and jewel-case: USD 13.-
Shipment US:                             USD  3.- (swiss mail sucks!)   
Shipment Europe:                         USD  2.-

Since the origin of those CD's is Switzerland, no ITAR would apply.

If you're interested (at least 300 of you), mail me. 
Subject line: CryptoCD
Anonymous guys ignored (but data handled confidentially and encrypted on my 
machine).
If you want more than one, send more than one mail (but with a different 
body, so I can kill duplicated mails).
Once I get more than 300 requests, I'll start putting it together and have 
it mastered. At that point I will request a written order (fax or so). If 
anyone has a better idea on how to handle the stuff, mail me...

> I have about 100MB (compressed) of crypto archives, papers, source code,
> etc etc, reasonably well organised with descriptions of each file.  I've
> got a friend to put it on CD, but only for my own use.  If there's
> someone who can get them done in bulk outside the US you could probably
> use this as a crypto CD (I don't think there's anyone in NZ who could do
> it, and I don't really want the hassle of organising the whole thing).
- --------< fate favors the prepared mind >--------
Remo Pini                            rp at rpini.com
PGP:  http://www.rpini.com/remopini/rpcrypto.html
- ------< words are what reality is made of >------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMgWcxBFhy5sz+bTpAQE1/gf/eJI+dt1guw0joLKoBpm0ShpvK3/fHFwb
SUlMJSaLgEODR9DRCC+uYc3+mRTNLrup8w1XIcQO1OAZO/GQumL97y8TtLp8fBpY
FcNTYxtXY/UflHE5OySLWIz4jfNArIpZBxXb/zuUqrAqCj5NsWWHUsb45CM/j8cy
1dYT5wcoGELbJiZy1jVZV6eEmqliZIZAtD+fU+bq4oJIgDRCEDWt6RTJPhoHfx5F
wxEuOkpeBQi8uJD9gL85lk5S7Exa1n/0u8+UgE1sm9UMIRA8IOzRK3lIlRvT+0VI
0r2lK4wnKdhmILkPcxGq+82bUZ7HUepS4oZGAduzhW73ANtMEzVPxw==
=5+88
-----END PGP SIGNATURE-----




From strix at rust.net  Mon Aug  5 03:25:30 1996
From: strix at rust.net (Jennifer Mansfield-Jones)
Date: Mon, 5 Aug 1996 18:25:30 +0800
Subject: SOUP KITCHENS -- lifespans
In-Reply-To: <199608031110.GAA12116@einstein>
Message-ID: <Pine.LNX.3.91.960804180050.3830E-100000@neophron.rust.net>


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 3 Aug 1996, Jim Choate wrote:

> > Date: Fri, 2 Aug 1996 20:12:04 -0700
> > From: tcmay at got.net (Timothy C. May)
> > Subject: Re: SOUP KITCHENS (fwd)
> > 
> > Hardly a proved correlation. A lot of other factors come into play. But
> > never mind. No point arguing.
> 
> But it is. I suggest you take a look at any social health text and look at
> the comparisons between diets of our ancestors, ourselves, and various
> 

In case Alan's post didn't make it clear, _average_ lifespan values are
averages from birth.  Maximum lifespans haven't changed.  However, between
the effects of vaccination and municipal sewage treatment, any infant born
in a developed country has a good chance of living a long time.  A society
with very high birth rates and high infant mortality will have a low
average lifespan even if every child who makes it to the age of ten lives
to be a hundred. 

regards,
`=-`=-`=-`=-                                          -='-='-='-='
 Jennifer Mansfield-Jones   http://www.rust.net/~strix/strix.html
 strix at rust.net                            PGP key ------^
          Never try to outstubborn a cat.  (R.A.H.)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgUoOUxVmNNM34OxAQG59AQAropfEClWviL0TZaLqlos5p/gP5cnQGYL
uMVAgtBb5smfD3GF5xs4LBtvW5987H4oFI5AOXCUcOuKePWXhtXwMbA5g9JfbKpa
v8sm9v1uG9ci9TwiArD5ePu1xBE4974IBo+23dEfq0LD/QhioO4J2QFMaKkiqoBe
tu9z5eccjqY=
=Ya3s
-----END PGP SIGNATURE-----





From rp at rpini.com  Mon Aug  5 03:28:19 1996
From: rp at rpini.com (Remo Pini)
Date: Mon, 5 Aug 1996 18:28:19 +0800
Subject: crypto CD source
Message-ID: <9608050810.AA04146@srzts100.alcatel.ch>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: cypherpunks at toad.com
Date: Mon Aug 05 10:08:19 1996
I'm looking for contents for the crypto CD.

Since this CD will (might) be mastered in Switzerland, no ITAR applies to 
the CD, but if anyone wants to include some restricted stuff, send it to me 
(dat, disk or encrypted email)

Address: Pini Computer Trading
         "Crypto CD"
         Hofwiesenstr. 234
         8057 Zuerich
         Switzerland

My wish list:

- - PGP
- - A lot of algorithms in C, Pascal, ASM (for diverse processors)
- - Private Idaho
- - Pronto Secure
- - a suite of html pages describing all files (I'll probably have to do that
  myself)
- - Netscape (the secure versions, if its legally feasable -> Netscape?)
- - Crypto papers
- - Crypto analysis papers
- - Lawtexts concerning crypto (ITAR, France, ...)

Anything else?


- --------< fate favors the prepared mind >--------
Remo Pini                            rp at rpini.com
PGP:  http://www.rpini.com/remopini/rpcrypto.html
- ------< words are what reality is made of >------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMgWr9BFhy5sz+bTpAQEOuQf+PAfJrxDLo4mEDsC8QelbBE5WHqNecmcq
soPN0ZDSDzSEdbofALHBEiAW8SHVT4h1XWPNG1QjNvuCsluLN4HX1IQSfCjjCNzO
/T9jqNqKbwDL5ssluD9nc/tbjaTN2zdXIVRE2/1QZmyrysT5MK5tiHzbbkrFjSy2
tVwUmEk9W+gTAzNBxLE5ni2Q6oLLuf+jnzw0jBn15nA3S7USN+G+dMsNG2ROR7ZI
Lp1a9XvqtjZ41Ju1C0QVR6u53a7mB8unrxxALewF2TjJUXxJOA0W1QbxM8/aI6cb
jjePr0NoohyCORLNh+pGaBQ+DXYY28JL5keCyGCr8k/INXHIksbEIQ==
=aTqo
-----END PGP SIGNATURE-----




From rp at rpini.com  Mon Aug  5 04:14:10 1996
From: rp at rpini.com (Remo Pini)
Date: Mon, 5 Aug 1996 19:14:10 +0800
Subject: Getting serious: Crypto CD
Message-ID: <9608050845.AA06404@srzts100.alcatel.ch>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: secure at commtouch.com, cypherpunks at toad.com
Date: Mon Aug 05 10:43:16 1996
Dear Sirs

I want to put together a CDROM containing "everything" a cryptographically 
interested person needs. I would like to include your cryptographically 
relevant products.

The CD will be organized the following way:

- - the user interface consists of HTML-pages
- - one of these pages will include a directory of files
- - one directory entry will be your product (whatever you prefer as a name)
  and leads to a page/pages of your design.
- - you can use a directory named after your company (but in compliance with
  CDROM restrictions -> 8 letters, no special chars, i.e. "mycompny" or so)
  and any subdirectories you want.
- - binary program space is restricted to 25 MB
- - html space is restricted to 1 MB

Dos and Donts:

- - program limitations (stuff you only get when you register/buy the full
  product) must be declared.
- - export/usage restrictions must be declared (US/nonUS)

Further info:

The CD will be sold at around USD 15 (including shipment)

Advertisement:

Seperate advertisment (html pages and graphics) can be made for USD 50.- 
per page (<200K). A link on the index page will be included.

Legalese:

- - This CD will be mastered and shipped outside US, so whatever you send us
  (if you send it from outside US) will not be affected by ITAR.
- - The copyright will remain in your hands, you only grant Pini Computer
  Trading (PCT) the permission to duplicate and distribute the content on
  a CDROM and, should we choose to do so, on the internet.
- - The legality of your content is your responsiblity. 


If you are interested, mail me...

Sincerely yours,

Remo Pini
Pini Computer Trading

PS: This message may have been forwarded by anyone. If you receive it 
several times, ignore the redundant mails.

PSS: This message may be forwarded to anyone offering a cryptographically 
relevant product. (-> forward ahead, cypherpunks)

- --------< fate favors the prepared mind >--------
Remo Pini                            rp at rpini.com
PGP:  http://www.rpini.com/remopini/rpcrypto.html
- ------< words are what reality is made of >------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMgW0JRFhy5sz+bTpAQFdsQgAsxz04ridQ+urdvMVQzpBVkjonuc0ek4Q
GihsyATZi2U0Fi73UleJsOz9rsnmodvcJYvkQ2Omtp7mQOFHYWBi7nihELMb06OQ
YXduCr/0BQWRX+ORrJtQtehMdctzHnQcTV1AEcCR400YQlBu2YLiB7MLWsEtvqoK
15q0q3Hu7TMOVvplgSMjAT2yAevI5iKEn1AJ5q+kqjQ81fT3KTtuJh2U06TLtSQp
2PecOIk8rPq6fy+wyQN6/PssLrbKkPIKDzMwpupDUb4rEMGNJYP/wykF4BN+vBBE
8pvpD+qd5iODCZplsQ1lY95t48xqBsZ4AQHl8W5WKha5LMBuIFVmIQ==
=RdAm
-----END PGP SIGNATURE-----




From master at internexus.net  Mon Aug  5 05:48:44 1996
From: master at internexus.net (Laszlo Vecsey)
Date: Mon, 5 Aug 1996 20:48:44 +0800
Subject: The Dining Cryptographers in the Disco
Message-ID: <Pine.LNX.3.92.960805062336.6658B-100000@micro.internexus.net>


There is a protocol for anonymous message broadcast which supposedly
detects disruption, can someone tell me how it works? Applied Cryptography
lists a reference to "Advances in Cryptology, Crypto '89 Preceedings"
(page 690) but I dont have a copy of it, I'd appreciate it if someone
could fill me in on what it says.

Thanks!

- Lester






From dlv at bwalk.dm.com  Mon Aug  5 06:46:28 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 5 Aug 1996 21:46:28 +0800
Subject: Who the hell is ....
In-Reply-To: <Pine.SUN.3.95.960805093641.279F-100000@mercier.gctech.edelweb.fr>
Message-ID: <F7P7RD34w165w@bwalk.dm.com>


Ben <Ben.Samman at EdelWeb.fr> writes:
> > OK, I'v been on the list a bit now. I see a lot of the same
> > people posting to it,
> > My question is " Who the Hell is Sternlight" At first I thought
> > it was a pen name ( the light on the end of a boat ?? )
>
> He claims he was some ranking official during the Carter administration.

No, no, it's euphemism for a flashlight stuck up someone's rectum,
where "flashlight" is in turn euphemism for "gerbil". :-)

Anyway, whoever had bet that he'd keave this list by now, has won.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From declan at eff.org  Mon Aug  5 07:03:36 1996
From: declan at eff.org (Declan McCullagh)
Date: Mon, 5 Aug 1996 22:03:36 +0800
Subject: Internal Passports
In-Reply-To: <v02120d27ae2b05587a10@[192.0.2.1]>
Message-ID: <Pine.SUN.3.91.960805040046.21970A-100000@eff.org>


I had the same problems when I was working at Xerox in Webster, NY. 
Supermarkets just plain didn't want to accept my passport as valid ID.

More recently, I attended an IEEE conference at MITRE in Virginia. To 
enter the building, they required you to fill out a form listing your 
SSN. The forms were taped to the guard's desk, in full view of anyone who 
was curious.

I was horrified and gave a random number.

A friend who was with me (who in fact is on cypherpunks) dutifully gave
her correct SSN. Oh, and they wanted photo ID. I offered press
credentials. Unfortunately for the lackey, it didn't have any sort of
serial or ID number on it he could record.

-Declan



On Sun, 4 Aug 1996, Lucky Green wrote:

> At 15:48 8/4/96, Bill Stewart wrote:
> 
> >I wonder if they'll still accept an American passport; the country
> >has obviously been taken over by Pod People while we weren't looking....
> 
> A US passport is not considered valid ID by the State of Oregon. If
> somebody here doesn't belive this, send someone who looks like he might be
> under 21 into any liquor store in Oregon with just an US passport.
> 
> 
> -- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
>    Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
>    Vote Harry Browne for President.
> 
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From nobody at zifi.genetics.utah.edu  Mon Aug  5 07:19:01 1996
From: nobody at zifi.genetics.utah.edu (Anonymous)
Date: Mon, 5 Aug 1996 22:19:01 +0800
Subject: FUCK YOU, SHITOPUNKS
Message-ID: <199608051211.GAA26432@zifi.genetics.utah.edu>


FUCK YOU, SHITOPUNKS
DAVID STERNLIGHT






From rah at shipwright.com  Mon Aug  5 07:35:04 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Mon, 5 Aug 1996 22:35:04 +0800
Subject: International Conference on Electronic Markets !
Message-ID: <v03007806ae2b8facd6a0@[206.119.69.46]>



--- begin forwarded text


From: Ram Chellappa <ram at yama.bus.utexas.edu>
Subject: International Conference on Electronic Markets !
To: www-buyinfo at allegra.att.com
Date: Mon, 5 Aug 96 2:54:04 CDT
Reply-To: ram at cism.bus.utexas.edu

X-Hpvue$Revision: 1.8 $
Mime-Version: 1.0
Content-Type: Message/rfc822
X-Vue-Mime-Level: 4
Mailer: Elm [revision: 70.85]

                            Seventh Conference on
          Organizational Computing, Coordination and Collaboration

               International Conference on Electronic Markets

----------------------------------------------------------------------------
  FOR MORE INFORMATION: http://ecworld.utexas.edu/others/flyer.html
----------------------------------------------------------------------------

 Theme : Electronic Markets
 Date : November 6-8, 1996
 Location : IC2 Institute, 2815 San Gabriel, Austin, Texas 78705
 Questions

 About program: contact Dr. Andrew Whinston at 512-471-8879
 About registration/logistics: contact the RGK Foundation at
 512-474-9298 or jhampton at zilker.net

Sponsors :

    * IC2 Institute
    * Center for Information Systems Management
    * College and Graduate School of Business Administration at The
      University of Texas at Austin;
    * RGK Foundation
    * National Science Foundation
 Who should attend

   * Software developers and managers in the electronic commerce area
   * Executives concerned with developments in banking and finance
   * Executives concerned with developing on-line customer service and
     logistics support
   * Executives who make investments in next generation technology
   * Executives who develop internal operations support
   * Academics in information systems, marketing, finance,
     organizational behavior, and service management concerned with the
     emerging research topics in the electronic commerce domain.




--
RAMNATH K CHELLAPPA                       Ph: 512-467-7813 (home)
Doctoral Candidate			      512-471-7962 (office)
Center for Information Systems Management
Department of MSIS
University of Texas, Austin.       Web: http://cism.bus.utexas.edu/ram
			  	 email: ram at cism.bus.utexas.edu
--Some people have 10 years of experience,
while some have one year of experience,
10 times over !!!

--- end forwarded text



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From dlv at bwalk.dm.com  Mon Aug  5 08:56:06 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 5 Aug 1996 23:56:06 +0800
Subject: More to be paranoid about...
In-Reply-To: <1.5.4.16.19960805061137.2aef92e0@pop.mhv.net>
Message-ID: <BwP7RD33w165w@bwalk.dm.com>


"Lynne L. Harrison" <lharrison at csbh.mhv.net> writes:
>
>   Not surprising at all.  Unbeknownst to most of the general populace, DMV
> records (for the most part) are public records and are subject to Freedom of
> Information requests.  AAMOF, I have an account with NYS/DMV which I use to
> pull my clients' records when they are charged with DWI and/or other traffic
> offenses.  I simply dial into DMV's [outdated] computer and pull the record.
> It also came in handy on a personal level when I did not get my registration
> card after buying my car and discovered that the dealer had not registered
> my car.

If I remember correctly, it costs $4 for one search (via modem), and one has
to pre-pay $200 to open the account. One can do a free sarch if one's friendly
with the LEO's. :-)

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From amehta at giasdl01.vsnl.net.in  Mon Aug  5 09:39:17 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Tue, 6 Aug 1996 00:39:17 +0800
Subject: "And who shall guard the guardians?" [NOISE]
Message-ID: <1.5.4.32.19960805124248.002f27d4@giasdl01.vsnl.net.in>


At 13:50 04/08/96 -0700, Bill Stewart wrote:
>>restrictions, but these shall only be such as are provided by law
>>and are necessary:
>>(a) For respect of the rights or reputations of others;
>>(b) For the protection of national security or of 
>>public order (ordre public), or of public health or morals. 
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^        ^^^^^^           ^^^^^^^
>
>Lots of UN declarations of rights have this sort of exception;
>"protection of public morals" is something so blatantly vague
>and broad that if a government contends that such a concept exists, 
>as the covenant does, it could probably force the World Court
>to conclude that it permits them to declare as "necessary"
>just about anything short of burning witches and heretics,
>and humanely beheading heretics, drug dealers, and anonymous remailer
>operators is probably ok by this standard.

Heretics it depends, drug dealers no problem, but anonymous
remailer operators haven't been beheaded yet. Their persecution
will probably take much more subtle forms -- denial of government
jobs or contracts (lawbreakers and anarchists, after all),
whatever hurts most. There are many ways of manipulation in an
advanced, information based society that are no less cruel than
the torture of more overtly authoritarian ones.

International covenants aren't entirely useless: governments have
to report to the UN how much success they are having in
implementation, and are questioned closely. If indeed the fears
of many of you come true, cypherpunks will have far greater
awareness of human rights instruments and their usefulness (or
lack thereof) before the century is done.

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From m5 at vail.tivoli.com  Mon Aug  5 09:40:32 1996
From: m5 at vail.tivoli.com (Mike McNally)
Date: Tue, 6 Aug 1996 00:40:32 +0800
Subject: FUCK YOU, SHITOPUNKS
In-Reply-To: <199608051211.GAA26432@zifi.genetics.utah.edu>
Message-ID: <3205FA65.7716@vail.tivoli.com>


Anonymous wrote:
> 
> FUCK YOU, SHITOPUNKS
> DAVID STERNLIGHT

Why can't we get trolls of this caliber more often?





[ E-mail me today to sign up for your official "I'm a Shitopunk" shirt! ]

______c_____________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX    * For the time being,
       m5 at tivoli.com * m101 at io.com          *    
      <URL:http://www.io.com/~m101>         *    three heads and eight arms.





From master at internexus.net  Mon Aug  5 10:19:28 1996
From: master at internexus.net (Laszlo Vecsey)
Date: Tue, 6 Aug 1996 01:19:28 +0800
Subject: Destroying client/server model, anonymous broadcasting.
Message-ID: <Pine.LNX.3.92.960805083049.9867A-100000@micro.internexus.net>


Getting back to the Dining Crypto Problem, is it possible to complete a
round by passing information around the circle of participants (each
individual communicates and maintains a connection with the person on the
left and right) rather than sending the round results to everyone via a
central server that everyone is connected to? In effect no one would be a
server, or everyone would be a server depending on the way you look at it.
A circular linked list would be maintained and kept in sync by every
client so that error recovery could come into play if someone mysteriously
disconnects. Could it work? How would the protocol differ.

Also I need info on the Disco problem, detecting if someone is tampering.

Thanks.

- Lester






From raph at CS.Berkeley.EDU  Mon Aug  5 10:25:28 1996
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Tue, 6 Aug 1996 01:25:28 +0800
Subject: List of reliable remailers
Message-ID: <199608051350.GAA16087@kiwi.cs.berkeley.edu>


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list at kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail. For more information, see:
http://www.c2.org/~raph/premail.html

   For the PGP public keys of the remailers, finger
pgpkeys at kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list at kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail at miron.vip.best.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney at shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal at alumni.caltech.edu> cpunk pgp hash";
$remailer{"c2"} = "<remail at c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon at anon.penet.fi> penet post";
$remailer{"flame"} = "<remailer at flame.alias.net> cpunk mix pgp. hash latent cut post reord";
$remailer{"mix"} = "<mixmaster at remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"replay"} = "<remailer at replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"ecafe"} = "<cpunk at remail.ecafe.org> cpunk mix";
$remailer{"amnesia"} = "<amnesia at chardos.connix.com> cpunk mix pgp hash latent cut ksub";
$remailer{'alpha'} = '<alias at alpha.c2.org> alpha pgp';
$remailer{'nymrod'} = '<nymrod at nym.jpunix.com> alpha pgp';
$remailer{"lead"} = "<mix at zifi.genetics.utah.edu> cpunk pgp hash latent cut ek";
$remailer{"treehole"} = "<remailer at mockingbird.alias.net> cpunk pgp hash latent cut ek";
$remailer{"nemesis"} = "<remailer at meaning.com> cpunk pgp hash latent cut";
$remailer{"exon"} = "<remailer at remailer.nl.com> cpunk pgp hash latent cut ek";
$remailer{"vegas"} = "<remailer at vegas.gateway.com> cpunk pgp hash latent cut";
$remailer{"haystack"} = "<haystack at holy.cow.net> cpunk mix pgp hash latent cut ek";
$remailer{"ncognito"} = "<ncognito at rigel.cyberpass.net> mix cpunk pgp hash latent";
$remailer{"lucifer"} = "<lucifer at dhp.com> cpunk mix pgp hash latent cut ek";
$remailer{"jam"} = "<remailer at cypherpunks.ca> cpunk mix pgp hash latent cut ek";
$remailer{"winsock"} = "<winsock at c2.org> cpunk pgp hash cut ksub reord";
$remailer{'nym'} = '<config at nym.alias.net> newnym pgp';
catalyst at netcom.com is _not_ a remailer.
lmccarth at ducie.cs.umass.edu is _not_ a remailer.
usura at replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(c2 alpha)
(flame replay)
(alumni portal)

Use "premail -getkeys pgpkeys at kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

Note: The remailer list now includes information for the alpha
nymserver.

Last update: Mon 5 Aug 96 6:48:42 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
alumni   hal at alumni.caltech.edu           *##+-*+++###     3:25  99.99%
alpha    alias at alpha.c2.org               *+++++++-+*+  1:18:11  99.98%
mix      mixmaster at remail.obscura.com     -+--+++-++-   1:28:16  99.96%
treehole remailer at mockingbird.alias.net   -+---++++-++  1:35:49  99.93%
lead     mix at zifi.genetics.utah.edu       +++ ++++++++    38:48  99.87%
haystack haystack at holy.cow.net            ###++***+*##     3:13  99.85%
winsock  winsock at c2.org                   -..--------   4:26:36  99.85%
penet    anon at anon.penet.fi               -----------   8:31:00  99.83%
replay   remailer at replay.com              ********** *     5:01  99.67%
nymrod   nymrod at nym.jpunix.com            -**-+###+**      7:24  99.56%
lucifer  lucifer at dhp.com                  ++++-+++--+   1:12:03  99.53%
c2       remail at c2.org                    +++++++--+-   1:36:27  99.34%
portal   hfinney at shell.portal.com         ###+*+-*## #     2:55  99.28%
ncognito ncognito at rigel.cyberpass.net     --.._-_-.. * 17:16:16  98.94%
nemesis  remailer at meaning.com             +********+      29:19  98.24%
extropia remail at miron.vip.best.com        ---.---__    26:57:48  97.25%
amnesia  amnesia at chardos.connix.com       -- --- ---    2:58:14  96.19%
jam      remailer at cypherpunks.ca            **********    16:40  95.51%
vegas    remailer at vegas.gateway.com       -*#-**#*        13:17  57.14%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien





From pjb at ny.ubs.com  Mon Aug  5 10:29:20 1996
From: pjb at ny.ubs.com (Paul J. Bell)
Date: Tue, 6 Aug 1996 01:29:20 +0800
Subject: Bombs & bomb threats in LA
Message-ID: <9608051411.AA07503@sherry.ny.ubs.com>


"picric acid is indeed more powerful than TNT.  it was the primary explosive
used in WW-I. it was also the primary cargo on a ship, i think it was the
"Montblac", that exploded in Halifax harbor and nearly wiped-out the city. this
was in the 1917 - 1919 timeframe.

	-paul


> From cypherpunks-errors at toad.com Fri Aug  2 19:04:53 1996
> Date: Fri, 2 Aug 1996 13:12:30 -0500 (CDT)
> From: Sean Walberg <umwalber at cc.UManitoba.CA>
> To: Conrad Walton <conrad at walton.com>
> Cc: cypherpunks at toad.com
> Subject: Re: Bombs & bomb threats in LA
> Mime-Version: 1.0
> Content-Type> : > TEXT/PLAIN> ; > charset=US-ASCII> 
> Sender: owner-cypherpunks at toad.com
> Content-Length: 1357
> 
> I remember seeing an item on TV that had mentioned an acid bomb (it was a
> news report about a public access TV show that was showing people how to 
> make bombs).  In this example, some common chemicals were mixed together, 
> tightly closed, and moments later an explosion occured.  They never said 
> the chemicals, for all I know it could have been lemon juice and baking 
> soda in a sealed container, a la Dry Ice bomb...  It didn't look like a 
> bomb of mass destruction, more of a loud bang and a smallish explosion...
> 
> Sean
> 
> 
> On Fri, 2 Aug 1996, Conrad Walton wrote:
> 
> > >and everyplace else all the news.answers FAQs are stored. What, precisely, is
> > >an acid bomb? Also note the standard blame-the-Internet (not, say, increased
> > >irritation with government after the Republicans failed to reduce it) 
> > >rhetoric.
> > 
> > i'm not exactly sure what an acid bomb is, but according to my book, The 
> > Anarchist Cookbook, that I bought in 1972 (was the internet around back 
> > then?), there is a compound called "picric acid" that is "more powerful 
> > than TNT, but has some disadvantages". 
> 
> ------------------------------------------------------------------
> Sean Walberg                              umwalber at cc.umanitoba.ca
> The Web Guy                  http://home.cc.umanitoba.ca/~umwalber 
> UNIX Group, U. of Manitoba          PGP Key Available from Servers
> 
> 





From amehta at giasdl01.vsnl.net.in  Mon Aug  5 11:17:09 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Tue, 6 Aug 1996 02:17:09 +0800
Subject: fbi, crypto, and defcon
Message-ID: <1.5.4.32.19960805124321.003064b0@giasdl01.vsnl.net.in>


At 10:10 04/08/96 -0400, Robert Hettinga wrote:
>At 2:06 AM -0400 8/4/96, anonymous-remailer at shell.portal.com wrote:
>> As long as they are doing any kind of usage-based
>> charging, that actual act of charging will continue to cost
>> considerably more than the data transmission.
>
>Ah. So, why settle the transactions for digital cash and skip all that
>overhead? Yet another application for micromoney.

True, though even better would be simply to charge you a flat
rate. If billing is that expensive, why bother? 

What happened to the proposals asking for flat-rate pricing before the FCC?

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From netsurf at pixi.com  Mon Aug  5 11:59:10 1996
From: netsurf at pixi.com (NetSurfer)
Date: Tue, 6 Aug 1996 02:59:10 +0800
Subject: ****Tacoma, Washington Starts Taxing Internet Access 07/30/96
In-Reply-To: <199607311533.LAA05116@mccannerick-bh.mccann.com>
Message-ID: <Pine.SV4.3.91.960805054010.6678B-100000@netsurfer>



On Wed, 31 Jul 1996, Joseph M. Reagle Jr. wrote:

>   	  				 
> >WASHINGTON, DC, U.S.A., 1996 JUL 30 (NB) -- By Bill Pietrucha.  
> >Tacoma, Washington, has just gained the distinction of being the 
> >only municipality in the United States to tax Internet Access 
> >providers (IAPs) like telephone service providers. 
> >

Hawaii has been taxing this (and everything else incl. collected 
taxes, food & medical) for years :-( calling it a "general excise tax"

#include <standard.disclaimer>
                    _   __     __  _____            ____
                   / | / /__  / /_/ ___/__  _______/ __/__  _____
                  /  |/ / _ \/ __/\__ \/ / / / ___/ /_/ _ \/ ___/
                 / /|  /  __/ /_ ___/ / /_/ / /  / __/  __/ /
================/_/=|_/\___/\__//____/\__,_/_/==/_/==\___/_/===============







From honey at citi.umich.edu  Mon Aug  5 11:59:34 1996
From: honey at citi.umich.edu (peter honeyman)
Date: Tue, 6 Aug 1996 02:59:34 +0800
Subject: Tolerance (fwd)
Message-ID: <199608051349.GAA22092@toad.com>


Declan McCullagh writes:

> This is attempted proof by credentalism. I call him on it. 
> 
> Okay, Jim, what _do_ your lawyers say on this? Have you asked them? I,
> too, have an attorney, a civil liberties specialist and a graduate from
> Princeton law. So what? 

declan, you are a fucking liar, and i am calling you on it.  princeton does
not have a law school.

	peter





From janke at unixg.ubc.ca  Mon Aug  5 12:02:31 1996
From: janke at unixg.ubc.ca (janke at unixg.ubc.ca)
Date: Tue, 6 Aug 1996 03:02:31 +0800
Subject: The Dining Cryptographers in the Disco
In-Reply-To: <Pine.LNX.3.92.960805062336.6658B-100000@micro.internexus.net>
Message-ID: <m2ivaxlu0t.fsf@clouds.heaven.org>



The paper you want is at 

http://www.zurich.ibm.ch/Technology/Security/sirene/publ/WaPf1_89DiscoEngl.ps.gz





From jimbell at pacifier.com  Mon Aug  5 12:08:25 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 6 Aug 1996 03:08:25 +0800
Subject: Freeh slimes again: Digital Telephony costs $2 billion now ...
Message-ID: <199608051546.IAA09508@mail.pacifier.com>


At 08:52 AM 8/2/96 -0700, Brock N. Meeks wrote:
>
>On Thu, 1 Aug 1996, Ernest Hua wrote:
>
>> Louis Freeh is now asking the Congress for $2 billion to fund
>> Digital Telephony.  Yes, that is FOUR TIMES what he said it
>> would cost the taxpayers to give up their own privacy.  Score
>> one for the cynics who said $500 million was not enough.
>
>I broke the story about how much Digital Telephony would *really* cost in 
>CyberWire Dispatch more than two years ago.  The price tag in my piece:  
>"... at least $2 billion..."  In that Dispatch I wrote that the Clinton 
>White House had made the decision to support the bill based on a flawed 
>cost/benefit analysis study the FBI had done.

Which should remind us...  While the costs are going up, so far undetermined 
is the "benefits" that are supposed to accrue from this bugging ability.   
How many crimes, approximately, are going to be solved or prevented by the 
expenditure of this $2 billion dollars?  One hundred?  A thousand?  Even if 
it were 10,000, that would still be $200,000 per crime.  Is there no cheaper 
way to prevent those crimes?

And, moreover, do we REALLY want to prevent those "crimes"?   If they are 
attacks on an illegitimate government that is violating our rights, as far 
as I can see we want to see those "crimes" succeed, not fail.

Let's put their feet to the fire:  They should be required to show a 
reasonable estimate of the benefits as well as an apparently phony initial 
estimate of the costs.  If they respond that they can't estimate the 
benefits, then why do they want us to incur the costs.

However, the real answer is even simpler.


Jim Bell
jimbell at pacifier.com





From camcc at abraxis.com  Mon Aug  5 12:15:49 1996
From: camcc at abraxis.com (camcc at abraxis.com)
Date: Tue, 6 Aug 1996 03:15:49 +0800
Subject: Again, disappointed in Gingrich
Message-ID: <2.2.32.19960805154557.0073b034@smtp1.abraxis.com>


At 03:17 PM 8/1/96 EDT, you wrote:
:	Again, I'm disappointed in Gingrich. This amplifies the earlier
:comments.
:	-Allen

I have never been disappointed in Gingrich; he has always been what he
seems--just another politician, albeit a front for the "religious" right.
Why expect anything different?

Alec (from Ga.)






From camcc at abraxis.com  Mon Aug  5 12:16:50 1996
From: camcc at abraxis.com (camcc at abraxis.com)
Date: Tue, 6 Aug 1996 03:16:50 +0800
Subject: Tolerance
Message-ID: <2.2.32.19960805154837.006b4d98@smtp1.abraxis.com>


At 02:46 PM 8/1/96 -0800, you wrote:
:Just a comment to all of the 'true libertarians' out there, especially
:the "defend to the death" types:  How many of you defended Mr.
:Sternlight's recent membership?
:
Beautiful.

Alec






From minow at apple.com  Mon Aug  5 13:02:05 1996
From: minow at apple.com (Martin Minow)
Date: Tue, 6 Aug 1996 04:02:05 +0800
Subject: fbi, crypto, and defcon
In-Reply-To: <1.5.4.32.19960805124321.003064b0@giasdl01.vsnl.net.in>
Message-ID: <v03007804ae2bd3eda69b@[17.202.12.102]>


Arun Mehta <amehta at giasdl01.vsnl.net.in> writes:

>
>True, though even better would be simply to charge you a flat
>rate. If billing is that expensive, why bother?
>

Tragedy of the Commons.

Flat rate works only if no single user can use more than
a tiny fraction of the total bandwidth.

Martin Minow
minow at apple.com









From frissell at panix.com  Mon Aug  5 13:08:34 1996
From: frissell at panix.com (Duncan Frissell)
Date: Tue, 6 Aug 1996 04:08:34 +0800
Subject: The Halifax Explosion
Message-ID: <2.2.32.19960805165110.006766dc@panix.com>


At 10:11 AM 8/5/96 EDT, Paul J. Bell wrote:
>"picric acid is indeed more powerful than TNT.  it was the primary explosive
>used in WW-I. it was also the primary cargo on a ship, i think it was the
>"Montblac", that exploded in Halifax harbor and nearly wiped-out the city. this
>was in the 1917 - 1919 timeframe.
>
>	-paul
>

The Mont Blanc carried quite a lot of fun stuff.  "Stored in the holds, or
simply stacked on deck, were 35 tons of benzol, 300 rounds of ammunition, 10
tons of gun cotton, 2,300 tons of picric acid (used in explosives), and
400,000 pounds of TNT."  Thursday December 6, 1917.  The greatest
conventional explosion produced by mankind.

See:

http://ttg.sba.dal.ca/nstour/halifax/explode.htm

Governments shouldn't be trusted with high explosives.  They can't be
counted upon to handle them properly.

>From 1889-1989 the governments of the world murdered 160 million people.
>From 1889-1989 the private individuals of the world murdered fewer than 20
million people.

See Death by Government by R. J. Rummel
http://www.amazon.com/exec/obidos/ISBN=1560001453/1372-7724803-532789

DCF






From unicorn at schloss.li  Mon Aug  5 13:12:03 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Tue, 6 Aug 1996 04:12:03 +0800
Subject: Internal Passports
In-Reply-To: <Pine.SUN.3.91.960805040046.21970A-100000@eff.org>
Message-ID: <Pine.SUN.3.94.960805130022.25646B-100000@polaris>


On Mon, 5 Aug 1996, Declan McCullagh wrote:

> I had the same problems when I was working at Xerox in Webster, NY. 
> Supermarkets just plain didn't want to accept my passport as valid ID.
> 
> More recently, I attended an IEEE conference at MITRE in Virginia. To 
> enter the building, they required you to fill out a form listing your 
> SSN. The forms were taped to the guard's desk, in full view of anyone who 
> was curious.
> 
> I was horrified and gave a random number.

You should always be horrified, and always give a random number.

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From m5 at vail.tivoli.com  Mon Aug  5 13:24:01 1996
From: m5 at vail.tivoli.com (Mike McNally)
Date: Tue, 6 Aug 1996 04:24:01 +0800
Subject: gathering bandwidth through spam
Message-ID: <320629E6.247A@vail.tivoli.com>


Maybe I'm dense, but it didn't really "click" until the other day that
the Netscape mail reader, which renders html pages mailed as attachments
right there in the mail reader window, would also run any Java applets
(and, I guess, Javascript code) referenced by the page.

If you're using Netscape as a mail reader, and this isn't old news to
you, you can try it: point the browser at a page with an applet, and
then use the "File->Mail Document" menu command to mail it to yourself.

Thus:  if you want to gather some free compute cycles, just spam a
document out to a few thousand hapless victims.  Those using Netscape
for mail (and you can find them pretty easily by looking at the
"X-Mailer" field when creating your mailing list) will click on your
message, pull your applet, and give you some cycles without realizing
it.  Of course, your applet will be free to connect back to home base
and relay any results it gets.

Cool, huh?

______c_____________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX    * For the time being,
       m5 at tivoli.com * m101 at io.com          *    
      <URL:http://www.io.com/~m101>         *    three heads and eight
arms.





From jimbell at pacifier.com  Mon Aug  5 13:27:36 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 6 Aug 1996 04:27:36 +0800
Subject: Bombs & bomb threats in LA
Message-ID: <199608051717.KAA14678@mail.pacifier.com>


At 10:11 AM 8/5/96 EDT, Paul J. Bell wrote:
>"picric acid is indeed more powerful than TNT.  it was the primary explosive
>used in WW-I. it was also the primary cargo on a ship, i think it was the
>"Montblac", that exploded in Halifax harbor and nearly wiped-out the city. this
>was in the 1917 - 1919 timeframe.
>
>	-paul


The molecular difference between TNT and picric acid is a methyl group, 
weight 15 (on TNT) substituted for a hydroxyl, weight 17 (on 
picric acid.)   If there is a difference, it is a very small one.

Jim Bell
jimbell at pacifier.com





From unicorn at schloss.li  Mon Aug  5 13:29:25 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Tue, 6 Aug 1996 04:29:25 +0800
Subject: Internal Passports
In-Reply-To: <199608042250.PAA13719@toad.com>
Message-ID: <Pine.SUN.3.94.960805124757.25001A-100000@polaris>


On Sun, 4 Aug 1996, Bill Stewart wrote:

[...]

> You can still travel in a car if someone else is driving,
> and you can still get on a train without identification,
> but without papers you can't fly or drive, and you can't
> ride a horse on the freeway except in the back of a horse trailer.
> Driver's licenses were the beginning of a long downhill trend.
> 
> I wonder if they'll still accept an American passport; the country
> has obviously been taken over by Pod People while we weren't looking....

I often have trouble with foreign passports and one of my associates often
has extensive problems trying to use an american passport for anything in
the United States.

Comments uttered in my presence on the subject have included:

"We don't accept THOSE."

"Sorry, we need to see OFFICIAL identification."

"Don't you have something state issued?"

"Uh, we need a driver's license number."


> #			Thanks;  Bill
> # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
> # <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From rah at shipwright.com  Mon Aug  5 13:48:02 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Tue, 6 Aug 1996 04:48:02 +0800
Subject: Email Confidentiality and Malpractice?
Message-ID: <v0300780aae2bd8ca6cc2@[206.119.69.46]>



--- begin forwarded text


X-Sender: oldbear at pop.tiac.net
Mime-Version: 1.0
Date: Mon, 05 Aug 1996 12:48:12 -0300
To: Bob Hettinga <rah at shipwright.com>
From: The Old Bear <oldbear at arctos.com>
Subject: Email Confidentiality and Malpractice?

Bob:

I always feel funny passing along items like this from usenet.

This was posted to nine of the alt.business newsgroups dealing with
law and insurance investigation.  It seemed reasonably interesting,
contains some useful information, and is not overly offensive for a
self-promotional spam.  (And, at least it was posted in appropriate
places.)

If you see any merit in all or part of this being reposted to dcsb
or elsewhere, feel free to do so.

Cheers,
Will

--- Forwarded message follows ---
Newsgroups:alt.business.insurance
From: syr at netroplis.net (Bill Fason)
Subject: Email and confidentiality: Are you committing malpractice?
Organization: Serves You Right Civil Process & Investigations
Date: Sat, 03 Aug 96 17:57:54 GMT
Lines: 74

If you're discussing cases through email and you're not encrypting your
correspondence, then you could be committing malpractice.  See:

        http://www.gsu.edu/%7Elawppw/lawand.papers/bjones.html

                        Client Confidentiality:
            A Lawyer's Duties with Regard to Internet E-Mail
                                  by
                            Robert L. Jones

                            August 16, 1995

    Contents:
       1. E-Mail v. Snail Mail
       2. Hacker, Cracker, Phracker - Sniffer, Spoofer, Spy
       3. Encryption to the Rescue?
       4. Bad Things That Happen to Good Lawyers
       5. Ethical Considerations
       6. The Attorney-Client Privilege
       7. Negligence Anyone?
       8. Conclusion
       9. Endnotes

Bob's homepage is  http://www.mindspring.com/~bobjones/my1sthom.html


And here is the website for Georgia State Univ. Law School.  It has one
of the best collections of cyberlaw resources I've seen.  GSULaw is at
the cutting edge of the field.

            http://www.gsu.edu/~lawadmn/gsulaw.html

While Bob's brilliant article specifically addresses attorney-client
confidentiality, his insights apply to any professional using email.
In fact, anyone who uses email for internet or intranet communications
faces the same fact of life: unencrypted email carries no expectation
of privacy.  It's like dropping a postcard through the mail.  In fact,
it's even worse.  Important discussions of cases, clients, patients,
bids, negotiations, strategies or anything requiring confidentiality
needs to be securely encrypted.  Sending unencrypted sensitive email
invites nightmare scenarios.

        Viacrypt is the answer. It combines the essentially unbreakable
strength of Phil Zimmerman's PGP (Pretty Good Privacy) with the
user-friendly interface of Windows.  Easy to install and use, Viacrypt
allows the user to quickly encrypt and decrypt email.  It also allows
the user to sign messages, and to check the signature of other electronic
messages.
        Viacrypt also allows the user to encrypt files on one's own hard
drive.  A user of PGP can leave the office knowing that sensitive files
will remain confidential regardless of who is on the evening cleanup
crew.
        Regular PGP for DOS is free. If you want to find out more about
where and how to get your free copy, then visit the Encryption Policy
Resource Page:

                     http://www.crypto.com/

        And if you need help getting it up and running, feel free to
contact me.

        Viacrypt, on the other hand, costs money.  I offer it
        for $125 plus shipping.

        I suggest that you get your copy fast while it is still legally
available.  Both FBI Director Louis Freeh and Vice President Al Gore
have both spoken out against allowing US citizens to use encryption this
strong.  They want everyone to register their private encryption software
keys with the federal government, thus allowing the feds to read anyone's
email.  It is reminiscent of the old communist governments' laws
requiring citizens to register their typewriters with the police.
Widespread use of PGP will hamper government efforts to ban it.  PGP is
so strong that the federal government has declared it a weapon and
banned its export.

Bill Fason
Serves You Right
Civil Process & Investigations          * Skiptraces
1436 W. Gray #272                       * Background Checks
Houston TX 77019                        * Asset Searches
713/524-4767                            * PGP Encryption Consulting
713/942-8165 fax                        * Financial Fraud Detection
SLN A-8111

--- end forwarded text



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From tcmay at got.net  Mon Aug  5 13:51:05 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 6 Aug 1996 04:51:05 +0800
Subject: The Myth of Flat Rates and Infinite Bandwidth
Message-ID: <ae2b842502021004a399@[205.199.118.202]>


At 4:40 PM 8/5/96, Martin Minow wrote:
>Arun Mehta <amehta at giasdl01.vsnl.net.in> writes:
>
>>
>>True, though even better would be simply to charge you a flat
>>rate. If billing is that expensive, why bother?
>>
>
>Tragedy of the Commons.
>
>Flat rate works only if no single user can use more than
>a tiny fraction of the total bandwidth.
>

This was also the fallacy of the "dark fiber" vision of George Gilder, who,
as an economist of sorts, should've known better.

--Tim may

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jims at MPGN.COM  Mon Aug  5 14:26:39 1996
From: jims at MPGN.COM (James C. Sewell)
Date: Tue, 6 Aug 1996 05:26:39 +0800
Subject: Corporate e-mail policy
Message-ID: <2.2.32.19960805173421.0075df00@tansoft.com>


At 11:22 PM 8/3/96 -0400, Rabid Wombat wrote:

> What you 
>publish as a use policy, and what you actively enforce do not have to be 
>the same.
>

  Unfortunately this is a problem in many companies.  There are policies
which are enforced to the letter, guidelines which are just suggestions,
and fake-rules which are not even attempted to be enforced.

  The problem comes when the employee and employer can't distinguish
them from each other.  

  Personally I think I would approach it as the privacy we have with the
eontents of our car's trunk.  If an officer has probable cause to search
the trunk then he can, otherwise he can't.  It's not a perfect system but
it does work better than other alternatives I can think of.

  Write into your policy:
    "Electronic mail may be monitored if there is sufficient reason to
     believe that it is being improperly used which includes, but is not
     limited to: mail to competitors, more than 20 recipients (spam), and
     incoming mail from questionable sources.  If such monitored mail is
     encrypted the employee must provide a clear text version of the mail
     which is to be unencrypted under supervision to avoid substitutions.
     Any employee refusing to make available such mail will be ...."

  Just remember, as was said, once you make a policy it becomes precedence
and will stick with you forever... longer if it's a bad one.

Best Wishes
   Jim
Jim Sewell - jims at tansoft.com    Tantalus Incorporated - Key West, FL






From hua at chromatic.com  Mon Aug  5 14:32:50 1996
From: hua at chromatic.com (Ernest Hua)
Date: Tue, 6 Aug 1996 05:32:50 +0800
Subject: Confirmation Needed: American(s) hack into Euro systems ...
Message-ID: <199608051717.KAA21733@server1.chromatic.com>



Anyone knows the details behind this?

Ern

------- Forwarded Message

			    CDA96-L Digest 48

Topics covered in this issue include:

  1) Who's infringing whose privacy?
	by MichaelP <papadop at peak.org>

- ----------------------------------------------------------------------

Topic No. 1

Date: Sun, 4 Aug 1996 01:31:45 -0700 (PDT)
From: MichaelP <papadop at peak.org>
Subject: Who's infringing whose privacy?
Message-ID: <Pine.SUN.3.91.960804010241.24125B-100000 at kira>

London Sunday Times August 4 1996 

American spies hack into Euro computers to steal trade secrets

AMERICAN intelligence agents have hacked into the computers of the
European parliament and European commission as part of an
international espionage campaign aimed at stealing economic and
political secrets, according to investigators.

The European parliament has called in British communications experts
to improve its security and to block further attempts by American
govern ment agents to spy on its workings.

Security officials at the parliament's Luxembourg offices say they
have discovered several recent instances in which its communications
system was compromised by American hacking. They have also found
evidence that the Americans used information obtained from hacking to
help them in negotiations last year on the General Agreement on
Tariffs and Trade (GATT).

Lord Plumb, leader of the British Tory MEPs in the European
parliament, said he was shocked by the disclosure. "I will be taking
this up directly with the American ambassador [to the European
Union]," he said.

The CIA has already been accused by the Japanese and French
governments of hacking into their communications networks in an
attempt to obtain confidential trade secrets.

The European parliament's computer network links more than 5,000 MEPs,
officials, researchers and other staff to each other, and to the
European commission headquarters in Brussels and the council of
ministers.

Traffic across the network by telephone and computers includes details
of the private medical and financial records of many MEPs and
officials, and discussion documents on confidential issues, including
trade, tariff and quota agreements. The records of closed committees
of inquiry into BSE and fraud are also stored on the system.

European parliament sources say the Americans accessed the network by
compromising the information exchanges that link the parliament's
internal networks with the Internet and external users.

The devices, called "routers", filter entry to the European
parliament's network. It is understood the Americans were able to
obtain access to what is called the simple network management protocol
(SNMP), the language that enables the networks to talk to each other.
They were able to exploit the fact that parts of the system were
manufactured by two American firms.

The breach came to light when officials believed that American
negotiators had been given advance warning of confidential European
Union positions in last year's trade negotiations. "It was established
that the system had been penetrated just days before the talks," an EU
source said. "Our principal concern is not to establish what has
already been copied but to ensure that it does not happen again. This
is an on-going problem."

A spokeswoman for Antonio Cavaco, director of data processing at the
commission, confirmed that allegations of hacking had been
investigated. However, she said she was unable to provide any details.

- ------------------------------

End of CDA96-L Digest 48
************************







From ichudov at galaxy.galstar.com  Mon Aug  5 14:46:10 1996
From: ichudov at galaxy.galstar.com (Igor Chudov)
Date: Tue, 6 Aug 1996 05:46:10 +0800
Subject: Integrating PGP 3.0 Library with INN
Message-ID: <199608051829.NAA19030@galaxy.galstar.com>


Hi,

Has anyone thought of integrating PGP 3.0 library with INN? 

I was thinking along the lines of having PGPMoose support built
right into INN: if an arriving article is posted to a moderated
newsgroup for which a PGP key is available in the INN's keyring,
INN verifies existence and correctness of a PGP signature.

An article that fails this verification will be dropped. 

Same thing can be used for authenticating newgroup and rmgroup
messages, in the spirit of true freedom on usenet -- anyone would
be sent _their own_ newgroups and rmgroups but no one will
be impersonated.

For those not familar with PGP Moose, it is a program that was written
by Greg Rose. It is used for signing approvals on usenet articles. It
takes message body, several important header fields, signs them with
PGP and places the signatures in the headers, in order not to clobber the
text.

If moderators choose short enough keys (512 bits for example), this
verification will not take any significant amount of CPU time.


igor





From rvincent at cnmnet.com  Mon Aug  5 14:58:31 1996
From: rvincent at cnmnet.com (Zero Cool)
Date: Tue, 6 Aug 1996 05:58:31 +0800
Subject: FUCK YOU, SHITOPUNKS
In-Reply-To: <199608051211.GAA26432@zifi.genetics.utah.edu>
Message-ID: <3205B283.183B@cnmnet.com>


Anonymous wrote:
> 
> FUCK YOU, SHITOPUNKS
> DAVID STERNLIGHTSuch language,
???????????????





From remailer at cypherpunks.ca  Mon Aug  5 14:59:02 1996
From: remailer at cypherpunks.ca (John Anonymous MacDonald)
Date: Tue, 6 Aug 1996 05:59:02 +0800
Subject: Implementing DSS Fortezza KEA
Message-ID: <199608051812.LAA32671@abraham.cs.berkeley.edu>



Adam Shostack wrote:
> 	There ws a paper presented at the rump session of Crypto '95
> entitled the k1 Key Exchange Algorithim.  The origin of the algorithim
> is not clear, however, if you're getting bitstreams from a Fortezza,
> you might want to find a copy of the paper.

The web says the paper was presented by one Carl Ellison.  How about it
Carl, is it online somewhere??






From rvincent at cnmnet.com  Mon Aug  5 15:05:35 1996
From: rvincent at cnmnet.com (Zero Cool)
Date: Tue, 6 Aug 1996 06:05:35 +0800
Subject: viruss'
Message-ID: <3205B2F7.7E74@cnmnet.com>


Does anyone know where thre is  good virus page????
I know that there is one out there, but dont have the add.
Zero Cool





From hallam at Etna.ai.mit.edu  Mon Aug  5 15:24:53 1996
From: hallam at Etna.ai.mit.edu (hallam at Etna.ai.mit.edu)
Date: Tue, 6 Aug 1996 06:24:53 +0800
Subject: Public report of the EU crack.
Message-ID: <9608051858.AA08707@Etna.ai.mit.edu>



>From the Sunday times:- 

http://www.sunday-times.co.uk/news/pages/Sunday-Times/stifgnnws01015.html?youra-c


AMERICAN intelligence agents have hacked into
the computers of the European parliament and
European commission as part of an international
espionage campaign aimed at stealing economic and
political secrets, according to investigators, write
Tim Kelsey and David Leppard. 

The European parliament has called in British
communications experts to improve its security and
to block further attempts by American govern ment
agents to spy on its workings. 

Security officials at the parliament's Luxembourg
offices say they have discovered several recent
instances in which its communications system was
compromised by American hacking. They have also
found evidence that the Americans used information
obtained from hacking to help them in negotiations
last year on the General Agreement on Tariffs and
Trade (Gatt). 

Lord Plumb, leader of the British Tory MEPs in the
European parliament, said he was shocked by the
disclosure. "I will be taking this up directly with the
American ambassador [to the European Union]," he
said. 

The CIA has already been accused by the Japanese
and French governments of hacking into their
communications networks in an attempt to obtain
confidential trade secrets. 

The European parliament's computer network links
more than 5,000 MEPs, officials, researchers and
other staff to each other, and to the European
commission headquarters in Brussels and the council
of ministers. 

Traffic across the network by telephone and
computers includes details of the private medical
and financial records of many MEPs and officials,
and discussion documents on confidential issues,
including trade, tariff and quota agreements. The
records of closed committees of inquiry into BSE
and fraud are also stored on the system. 

European parliament sources say the Americans
accessed the network by compromising the
information exchanges that link the parliament's
internal networks with the Internet and external
users. 

The devices, called "routers", filter entry to the
European parliament's network. It is understood the
Americans were able to obtain access to what is
called the simple network management protocol
(SNMP), the language that enables the networks to
talk to each other. They were able to exploit the fact
that parts of the system were manufactured by two
American firms. 

The breach came to light when officials believed
that American negotiators had been given advance
warning of confidential European Union positions
in last year's trade negotiations. "It was established
that the system had been penetrated just days before
the talks," an EU source said. "Our principal
concern is not to establish what has already been
copied but to ensure that it does not happen again.
This is an on-going problem." 

A spokeswoman for Antonio Cavaco, director of
data processing at the commission, confirmed that
allegations of hacking had been investigated.
However, she said she was unable to provide any
details. 
[end]

I consider the political dimension of this affair to 
be more significant that the technical. This brings the
US and the French into the same category of anti-crypto
government with a habit of poking its nose into other
people business and getting caught.

		Phill












From sandfort at crl.com  Mon Aug  5 16:19:59 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Tue, 6 Aug 1996 07:19:59 +0800
Subject: A SPANIARD IN THE WORKS? (non-crypto)
Message-ID: <Pine.SUN.3.91.960805122848.22701A-100000@crl2.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Is there anyone on the list who lives in Spain?  If so, please
reply by private e-mail.

Thanks,


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From adam at homeport.org  Mon Aug  5 16:22:42 1996
From: adam at homeport.org (Adam Shostack)
Date: Tue, 6 Aug 1996 07:22:42 +0800
Subject: Integrating PGP 3.0 Library with INN
In-Reply-To: <199608051829.NAA19030@galaxy.galstar.com>
Message-ID: <199608052017.PAA09340@homeport.org>


Igor Chudov wrote:

| Has anyone thought of integrating PGP 3.0 library with INN? 
| 
| I was thinking along the lines of having PGPMoose support built
| right into INN: if an arriving article is posted to a moderated
| newsgroup for which a PGP key is available in the INN's keyring,
| INN verifies existence and correctness of a PGP signature.


| If moderators choose short enough keys (512 bits for example), this
| verification will not take any significant amount of CPU time.

Its my experience that at full feed sites, there isn't enough cpu to
do this.  A p-90 can get ovewhelmed pretty easily trying to keep up
with the load.  Trying to look into the body of an article means at
least a few hundred more ops per article.  You could do this on a leaf
node.  However, you cut the reliability of the system by adding things
to go wrong.  Better to have a scanner that checks specific moderated
groups after INN has deposited the articles.

Adam





-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From aeisenb at duke.poly.edu  Mon Aug  5 16:25:06 1996
From: aeisenb at duke.poly.edu (Anne Eisenberg)
Date: Tue, 6 Aug 1996 07:25:06 +0800
Subject: Cookies on Microsoft Explorer?
Message-ID: <Pine.SUN.3.93.960805154442.12332B-100000@duke.poly.edu>



Does anyone know what the equivalent technology is on Microsoft to
Netscape's cookie technology?  Does Microsoft have support for cookies or 
not?  

All of the discussion on the list to do with
cookies is related to Netscape.  Does this mean that if one switches to
Microsoft Explorer one can avoid the problem?  Many thanks.

Anne Eisenberg
aeisenb at duke.poly.edu






From Frank_Schroth at zd.com  Mon Aug  5 16:39:58 1996
From: Frank_Schroth at zd.com (Frank Schroth)
Date: Tue, 6 Aug 1996 07:39:58 +0800
Subject: Personal View @2.0 Released
Message-ID: <9608052256.AA4175@mail.zd.com>



Dear ZD Net Member:

We're pleased to announce that the all-new ZD Net Personal View, 
the Web's premier source for personalized computing news, is now 
available at no charge, exclusively to registered members of ZD 
Net. 

With computing news and information -- now from over 650 respected 
sources -- ZD Net's Personal View allows you to create your own 
computing information service on the Web, tailored to track only 
the information that matters most to you.  

Save time searching and surfing.  Use Personal View to get a wide 
spectrum of coverage on the computing information you need to stay 
ahead.  And remember, it's all available in one place, it's updated 
24 hours day and it's FREE for our registered users!

We'd like to invite all of our ZD Net members to put the new 
Personal View to work for you. Click on the Personal View link on 
ZD Net's home page or go direct to www.pview.com to check out our 
brand-new look and, more importantly, all of our new features:

     -- More news from a wider range of sources (over 650!), 
     -- Expanded search capabilities (including 2 months of archived 
        information)
     -- More flexibility in creating your personal Profile
     -- Plus links to the very latest ZD Net news and features 
        related to your unique interests.

If you've already come to rely on Personal View, we know you'll be 
impressed with the improvements we've made. And if you haven't had 
the chance to visit Personal View, now is the perfect time. Just 
point your browser to www.pview.com, take a minute to set up your 
Custom profile and you'll have you're own personal information 
service on the WWW.

Thank you for your continued use of ZD Net!    We look forward to 
serving your computing information needs for a long time to come.

Sincerely,
ZD Net Personal View Team 





From m5 at vail.tivoli.com  Mon Aug  5 16:49:18 1996
From: m5 at vail.tivoli.com (Mike McNally)
Date: Tue, 6 Aug 1996 07:49:18 +0800
Subject: Stealth cookies
Message-ID: <32065A8C.39FA@vail.tivoli.com>


There's been a thread here about some outfit that, by being referenced
from web documents here and there, would insert its cookie in your
browser even though you've never directly visited that site.  I've
nuked any & all messages about that; if anybody recalls any details,
I'd be thankful for the information.

______c_____________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX    * For the time being,
       m5 at tivoli.com * m101 at io.com          *    
      <URL:http://www.io.com/~m101>         *    three heads and eight
arms.





From dfloyd at IO.COM  Mon Aug  5 16:58:49 1996
From: dfloyd at IO.COM (Douglas R. Floyd)
Date: Tue, 6 Aug 1996 07:58:49 +0800
Subject: Corporate e-mail policy
In-Reply-To: <2.2.32.19960805173421.0075df00@tansoft.com>
Message-ID: <199608052008.PAA19323@pentagon.io.com>


> 
> At 11:22 PM 8/3/96 -0400, Rabid Wombat wrote:
> 
> > What you 
> >publish as a use policy, and what you actively enforce do not have to be 
> >the same.
> >
> 
>   Unfortunately this is a problem in many companies.  There are policies
> which are enforced to the letter, guidelines which are just suggestions,
> and fake-rules which are not even attempted to be enforced.
> 
>   The problem comes when the employee and employer can't distinguish
> them from each other.  
> 
>   Personally I think I would approach it as the privacy we have with the
> eontents of our car's trunk.  If an officer has probable cause to search
> the trunk then he can, otherwise he can't.  It's not a perfect system but
> it does work better than other alternatives I can think of.
> 
>   Write into your policy:
>     "Electronic mail may be monitored if there is sufficient reason to
>      believe that it is being improperly used which includes, but is not
>      limited to: mail to competitors, more than 20 recipients (spam), and
>      incoming mail from questionable sources.  If such monitored mail is
>      encrypted the employee must provide a clear text version of the mail
>      which is to be unencrypted under supervision to avoid substitutions.
>      Any employee refusing to make available such mail will be ...."

Personally, a policy may save or cause lots of money in losses.  My
recommendation:  Have an attorney look your policy over, or have him/her
write it for you.

It may cost some money, but may possibly save your company.






From alano at teleport.com  Mon Aug  5 16:59:00 1996
From: alano at teleport.com (Alan Olsen)
Date: Tue, 6 Aug 1996 07:59:00 +0800
Subject: ****Tacoma, Washington Starts Taxing Internet Access 07/30/96
Message-ID: <2.2.32.19960805181729.00e8c4a0@mail.teleport.com>


At 05:42 AM 8/5/96 -1000, NetSurfer wrote:
>
>On Wed, 31 Jul 1996, Joseph M. Reagle Jr. wrote:
>
>>   	  				 
>> >WASHINGTON, DC, U.S.A., 1996 JUL 30 (NB) -- By Bill Pietrucha.  
>> >Tacoma, Washington, has just gained the distinction of being the 
>> >only municipality in the United States to tax Internet Access 
>> >providers (IAPs) like telephone service providers. 
>> >
>
>Hawaii has been taxing this (and everything else incl. collected 
>taxes, food & medical) for years :-( calling it a "general excise tax"

I believe the reason the Tacoma ordinance is getting so much flack is that
they are wanting to charge sales tax on all transactions that take place
from ISPs in Tacoma.

This type of taxation is not new.  Various jurisdictions have tried to use
the same thing on mail order houses.  Having worked for a service bureau
that dealt with mail order, I know what a hassle it is to try to keep track
of such taxation.  There is a company that will sell you the data of all of
the sales tax rates throughout the country.  This includes every little
podunk city, county, and fire district tax.  They are divided by zip code,
but that is no guarantees that you have the right place. The reality is that
trying to "be legal" under such regulations is next to impossible, even with
the proper data.  I know of few mail order firms that are willing to go to
that extreme.  (Unless, of course, they have gotten the proper threats from
some miffed tax baron.)

And they wonder why there is so much disrespect for the law...
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From jwz at netscape.com  Mon Aug  5 16:59:08 1996
From: jwz at netscape.com (Jamie Zawinski)
Date: Tue, 6 Aug 1996 07:59:08 +0800
Subject: SSNs (was Re: Internal Passports)
In-Reply-To: <Pine.SUN.3.91.960805040046.21970A-100000@eff.org>
Message-ID: <320652BC.31DF@netscape.com>


Black Unicorn wrote:
> 
[ ...random losers asking for your SSN... ]
> > I was horrified and gave a random number.
> 
> You should always be horrified, and always give a random number.

Well, it would be nice if it was that easy.  You (legally) need to give
the correct one to anyone who has to make a report about you to the IRS,
right?  Such as your employer.  But it's not always clear who else needs
it.  Is it needed to allow someone to do a credit check on you?  Is it
needed to get a driver's license?  (The fine print on the DMV forms says
"yes".)  Is it necessary to make use of employer-sponsored medical
insurance?  (I suspect that the answer to this one is "no", except for
the fact that when my employer set up my medical insurance they let the
insurance company use my SSN as my insurance-related-ID-number.  But in
any event, my dentist told me, "if you don't give it to us, they won't
pay.")

I don't like the idea of having a universal ID number, but neither do I
like the idea of having to go to extreme lengths to make the "right
thing" happen for something where my effort will have only moral impact,
not material.

If you already have a SSN, can you get a *new* one in any legal way?
(Sort of the same idea as changing your phone number to avoid
telemarketing scum...)

-- 
Jamie Zawinski    jwz at netscape.com   http://www.netscape.com/people/jwz/
``A signature isn't a return address, it is the ASCII equivalent of a
  black velvet clown painting; it's a rectangle of carets surrounding
  a quote from a literary giant of weeniedom like Heinlein or Dr. Who.''
                                                         -- Chris Maeda





From frissell at panix.com  Mon Aug  5 17:01:03 1996
From: frissell at panix.com (Duncan Frissell)
Date: Tue, 6 Aug 1996 08:01:03 +0800
Subject: Internal Passports
Message-ID: <2.2.32.19960805194823.0087b730@panix.com>


On Sun, 4 Aug 1996, Bill Stewart wrote:

>> You can still travel in a car if someone else is driving,
>> and you can still get on a train without identification,
>> but without papers you can't fly or drive, and you can't
>> ride a horse on the freeway except in the back of a horse trailer.
>> Driver's licenses were the beginning of a long downhill trend.

Don't forget the bus.  Of course you can still drive a car without a DL.
Just don't get stopped.  Additionally, driving without a license is a pretty
minor offense.  Stick with cheap cars so confiscation isn't a problem.  Most
also forget that the Driver's License can be issued by any nation on earth.
Some countries have easier standards for license issuance.

Strange facts about cars and drivers in the US:

1)  It is legal for an unlicensed driver to own or drive an unregistered car
as long as he stays off the public streets and roads (what for expansion of
the definition of public streets and roads).

2)  It is legal for a licensed driver to drive a car owned by some other
person or legal entity.  Ownership and control can be two different things.

3)  A car can be registered in other states or in other countries and still
be driven anywhere in the US.

4)  A licensed driver is one with a license from any jurisdiction on earth
(try to stick to ones most cops have heard of).

5)  A US court cannot suspend a foreign license (but they can bust you for
other stuff if you get caught in the same local jurisdiction twice.)

>> I wonder if they'll still accept an American passport; the country
>> has obviously been taken over by Pod People while we weren't looking....
>

At 12:52 PM 8/5/96 -0400, Black Unicorn wrote:

>I often have trouble with foreign passports and one of my associates often
>has extensive problems trying to use an american passport for anything in
>the United States.
>
>Comments uttered in my presence on the subject have included:
>
>"We don't accept THOSE."
>
>"Sorry, we need to see OFFICIAL identification."
>
>"Don't you have something state issued?"
>
>"Uh, we need a driver's license number."

At least the Passport doesn't have your address or much useful information
on it.  And if you've done things properly, it's not connected to your SS
number.  Should work for flight ID at the airport these days, however.

DCF






From maverick at ns.interconnect.net  Mon Aug  5 17:03:18 1996
From: maverick at ns.interconnect.net (Sean Sutherland)
Date: Tue, 6 Aug 1996 08:03:18 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <19960805204130906.AAB148@maverick>


-----BEGIN PGP SIGNED MESSAGE-----

Hallam-Baker Wrote -- 
> Date:          Sun, 04 Aug 1996 20:20:20 -0400

> I personally think that tagants is an insuffieicent approach to
> the problem. Given the number of gun related homicides in the
> US it is not unreasonable to require each individual cartridge
> to be stamped with a serial number and for gun dealers to be 
> required to record each individual purchase. That at least 
> was my advice to the UK govt after Dunblane. 

There's four major problems with this.  First off, a large number of 
guns used in homicides are revolvers or derringers (anyone got the 
numbers?).  These guns don't spit out the shells.  So, it would be 
utterly useless to do so.  The second problem is the number of shells 
expelled in the US every day.  I doubt there's enough room on the 
butt end of a shell to print that number (it couldn't be printed on 
the sides, as this would screw up the fit of the shell, and possibly 
weaken it).  And, it'd be almost impossible getting gun manufacturers to
pay for the equiptment that it would take to emprint serial numbers.  
The third number is that cartridges 
are recycled.  Aside from reloading your own, there's a large number 
of people that sweep up brass from gun ranges to reload themselves.  
The idea that someone swept up the brass could get almost anyone off. 
The final problem is the paperwork.  Cops today can barly keep up 
with the paperwork involved with the Brady Bill.  Could you imagine 
if they had to keep track of AMMO purchases?

> If people go arround claiming that ownership of guns is necessary
> so that people can commit acts of treason against the US govt
> then it is inevitable that there will be pressure for greater

The provision to give people the means to commit treason against the 
government are in the Constitution.  That's why the second amendment 
is there -- to empower the people to protect themselves against the 
government.  Then there's the first amendment, which is there 
partially so that the people can keep the government in check with 
speech and the press.

> regulation. The NRA has been playing a bad hand stupidly. By
> raising the militia argument they have played into the hands
> of abolitionists. It would be entirely foolish for the crypto

The NRA, I'm sorry to say, has screwed up royally.  It's about time 
that they regroup, or else they fall.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgUWzVZoKRrkPmSJAQGNPQf/TMJdVIPG+znJdWK3DlxmANXyLpz7qs8Z
ESHxWo5unmVuDMSGhLGNT15GabdlMozgmatM11iFXmtpzXSBDMwUQOGS29ScgF6l
PW3PBJ0AMscr16GFJu7EcaJStXXAKPCb3mIQmd/JEs51uwpPVgz65fMyRhq3LALF
2fSnNybWGpX60QefZfvtxd6ePx5FyO05v5BJD916N9rh5sRcyspO9Bn5gdvqZaEF
MjcYiDuV1qMl1oO7FAF41HDpw1x8hVp1BsUyN812aBl2YbYYxTaQwjE+BaEmExM7
wLgwUBLZ809fqBWeXpGw8CBmy4FmM7KwiI4fxGxdbcgnFBvRavTrdQ==
=SY5x
-----END PGP SIGNATURE-----
   Sean Sutherland    | mailto:maverick at interconnect.net
PGP Key ID - e43e6489 | http://www2.interconnect.net/maverick
-----BEGIN GEEK CODE BLOCK-----
GCS/C d- s+:+ a--- C+++ V--- P L E- W++ N++ K w o O-(++) M-- 
V PS+ PE++ Y PGP++ t--- 5+++ X++ R b++ DI+ D+ G e- h! !r y
-----END GEEK CODE BLOCK-----





From ses at tipper.oit.unc.edu  Mon Aug  5 17:03:34 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Tue, 6 Aug 1996 08:03:34 +0800
Subject: Internal Passports
In-Reply-To: <Pine.SUN.3.94.960805124757.25001A-100000@polaris>
Message-ID: <Pine.SUN.3.91.960805162736.4762C-100000@tipper.oit.unc.edu>


I've been using by british passport as photo-id for years, and I haven't 
had any major problems- you can get your checks printed with your 
passport number on them instead of a drivers licence, which will makes 
things much easier.

Simon

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From drose at AZStarNet.com  Mon Aug  5 17:07:58 1996
From: drose at AZStarNet.com (David M. Rose)
Date: Tue, 6 Aug 1996 08:07:58 +0800
Subject: Public report of the EU crack.
Message-ID: <199608052120.OAA06066@web.azstarnet.com>


Hallam-Baker wrote:

>I consider the political dimension of this affair to 
>be more significant that the technical. This brings the
>US and the French into the same category of anti-crypto
>government with a habit of poking its nose into other
>people business and getting caught.
>
>		Phill

Say what?  John Young I can understand; this blather?

Att: "Doc" Baker/Mr. Hyde, err, Hallam: any rudimentary text on
diction/grammer/syntax might be helpful to you.

Sheesh!  At least Sternlight seemed to be acquainted with the English language.






From stewarts at ix.netcom.com  Mon Aug  5 17:08:25 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Tue, 6 Aug 1996 08:08:25 +0800
Subject: Destroying client/server model, anonymous broadcasting.
Message-ID: <199608052126.OAA28317@toad.com>


At 08:42 AM 8/5/96 -0400, you wrote:
>Getting back to the Dining Crypto Problem, is it possible to complete a
>round by passing information around the circle of participants (each
>individual communicates and maintains a connection with the person on the
>left and right) rather than sending the round results to everyone via a
>central server that everyone is connected to? In effect no one would be a
>server, or everyone would be a server depending on the way you look at it.
>A circular linked list would be maintained and kept in sync by every
>client so that error recovery could come into play if someone mysteriously
>disconnects. Could it work? How would the protocol differ.

There's an obvious simple way to do this which appears to be slightly wrong.
Somebody (assume it's Alice) announces a round "This is round N, size S 
bytes, value vvvv....", everybody who receives it does their calculations, 
XORs them in with the data, and passes it on.  Once it gets all the way
around (and Alice xors in her real number xor the nonce she started with),
it goes around again so everybody can see the message.

The catch is that two players can collude to monitor the player between them.
Since Eve knows what data she passed (Dr.) Fred, and their random numbers,
and Gorby knows what Fred passed him, and their random numbers,
they can tell whether Fred added any data of his own.  With a server-based
system, on the other hand, collusion that Eve and Gorby also find out
Fred's output, either by eavesdropping or colluding with the server.
(Hmmm - I suppose this also happens with Chaum's NSA dinner?  The example
essentially used broadcast to exchange all the users' contributions.)

Also, to set up a DCnet, you almost need a server of some sort to coordinate
who talks to whom.
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From hallam at Etna.ai.mit.edu  Mon Aug  5 17:18:25 1996
From: hallam at Etna.ai.mit.edu (hallam at Etna.ai.mit.edu)
Date: Tue, 6 Aug 1996 08:18:25 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <19960805204130906.AAA148@maverick>
Message-ID: <9608052116.AA09050@Etna.ai.mit.edu>



> First off, a large number of 
>guns used in homicides are revolvers or derringers (anyone got the 
>numbers?).  These guns don't spit out the shells.  So, it would be 
>utterly useless to do so.  

The shells are removed sometime or other. Nothing is a 100% solution
but anything that gives the criminal an extra thing to worry about 
improves the chances that a mistake is made.

Many people go to jail because of fingerprints on shell cases.

>The second problem is the number of shells 
>expelled in the US every day.  I doubt there's enough room on the 
>butt end of a shell to print that number (it couldn't be printed on 
>the sides, as this would screw up the fit of the shell, and possibly 
>weaken it).  

I doubt that more than 32 bits of info will be required. Thats not 
that difficult to imprint.

>And, it'd be almost impossible getting gun manufacturers to
>pay for the equiptment that it would take to emprint serial numbers.  

Not a problem, that type of machinery is a standard type of 
industrial machine. Might be expensive to adapt the lines but 
I doubt it.


>The third number is that cartridges 
>are recycled.  Aside from reloading your own, there's a large number 
>of people that sweep up brass from gun ranges to reload themselves.  
>The idea that someone swept up the brass could get almost anyone off. 

Not an issue. A person may have an excuse that explains why
the blood is in his car or his fingerprints are on the knife but
a conviction depends on more than one piece of evidence. If 
there is information that gives the police a lead it is 
usefull.

At present the police are investigating the purchase of white 
powder - checking each purchaser out who fits the Olympic
bomber profile. That is a lot of work for a much weaker lead.

If a person says that they fired at a range then you have 
narrowed the search scope to the guys at the range.

>The final problem is the paperwork.  Cops today can barly keep up 
>with the paperwork involved with the Brady Bill.  Could you imagine 
>if they had to keep track of AMMO purchases?

Not a problem, thats an opportunity. I build very large, very
high reliability computer systems. I can build machines that
deal with several million transactions a day for less than a 
million and run them for less than a quarter million a year. That
is cheap when one considers the cost of investigation saved.

>The provision to give people the means to commit treason against the 
>government are in the Constitution.  That's why the second amendment 
>is there -- to empower the people to protect themselves against the 
>government. 

Making that argument defeats your case. Irespective of the framers
of the constitution nobody in Congress or the Administration believes
that you have a right to take up arms against the government. In
fact they are scared of the militia movement and the NRA. Every time
you make that argument you make it harder for people to accept your
case. 

Its like hearing a Marxist spout stuff from Capital to support a
civil liberties. Regardless of wether the content makes sense the
form of the argument is a complete turn off. 

I used to side with HCI before I started talking to the 
talk.politics.guns people. That convinced me that they were a threat
to the security of the country - even before McVeigh sent me a
mail defending his 2nd ammendment rights that looked very 
much like yours. Regardless of whether he is guilty or not I
still regard him and those that hold his views to be as 
serious a threat to the USA as the Red Army Faction were in
Germany, or the Red Brigades in Italy or the IRA in the UK.

If people carelessly justify terrorism they are fueling that
fire. Up until now the US has not had a serious terrorist 
problem. If terrorism becomes widespread then don't imagine
the constitution will be a protection. Thomas and Reinquist 
are not going to stop measures to "protect the nation" even
if like the WWII internement of Japaneese nationals they are in
gross violation of the constitution. 

If you think the wiretap bill is bad think on this, all guns
of all types banned except where held by special license.
Checkpoints at major road intersections. Stop and search
patrols in city centers and the army on the street. Its not
at all far fetched, the UKgovt took less than a year to 
introduce such measures in Northern Ireland. Constitution or
not, don't expect that the US Congress won't make a similar 
response.


	Phill









From tcmay at got.net  Mon Aug  5 17:21:12 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 6 Aug 1996 08:21:12 +0800
Subject: Corporate e-mail policy
Message-ID: <ae2ba0d5030210046128@[205.199.118.202]>


At 5:34 PM 8/5/96, James C. Sewell wrote:

>  Personally I think I would approach it as the privacy we have with the
>eontents of our car's trunk.  If an officer has probable cause to search
>the trunk then he can, otherwise he can't.  It's not a perfect system but
>it does work better than other alternatives I can think of.

This comparison breaks down completely. The police are not involved, so the
language of "probable cause" is inappropriate. We may differ in our
opinions on whether employers can search mail and car trunks, but the
language of "probable cause" suggests a legal/constitutional issue that is
probably not there.

Imagine Alice operates a courier service and owns and operates several
delievery vehicles . Bob, her employee, drives one of her cars. Is he to
imagine that the trunk may not be opened by Alice unless she has "probable
cause"? Nonsense. It it _her_ car, bought and paid for. To imagine
otherwise is to wander into a fever swamp in which owners of property may
not even use their own propery.

(If anyone suggests that landlords cannot barge into tenant's apartments,
this is a different situation. For one thing, there are usually terms and
conditions spelled out in a contract about when and under what
circumstances a landlord may enter the premises.)

Is corporate e-mail more like the courier service example or more like the
landlord-tenant example? I suggest the former, as the e-mail is used in the
everyday furtherance of business, and illegality/abuse may harm the owner,
as with drugs in the trunk of a courier car. (The owner of a property who
leases it out is generally not held liable for the misdeeds and crimes of
his tenants, except in some special circumstances. Hotel owners are not
guilty of the crimes of the residents, which are of course common.)

The original question asker, who asked how to help write his corporate
e-mail policy, is free to lobby for a different interpretation; this is,
after all, a matter of agreed-upon policy, not a matter for the state to
stick its nose into.

--Tim May


P.S.

>  Just remember, as was said, once you make a policy it becomes precedence
>and will stick with you forever... longer if it's a bad one.
>

Alice the Courier Service is of course perfectly free to announce new
policies, so your point is incorrect.

--Tim

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From deviant at pooh-corner.com  Mon Aug  5 17:28:16 1996
From: deviant at pooh-corner.com (The Deviant)
Date: Tue, 6 Aug 1996 08:28:16 +0800
Subject: FUCK YOU, SHITOPUNKS
In-Reply-To: <199608051211.GAA26432@zifi.genetics.utah.edu>
Message-ID: <Pine.LNX.3.94.960805185051.142A-100000@switch.sp.org>


-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 5 Aug 1996, Anonymous wrote:

> Date: Mon, 5 Aug 1996 06:11:56 -0600
> From: Anonymous <nobody at zifi.genetics.utah.edu>
> To: cypherpunks at toad.com
> Subject: FUCK YOU, SHITOPUNKS
> 
> FUCK YOU, SHITOPUNKS
> DAVID STERNLIGHT
> 

Whoever did this obviously lacks imagination, creativity, and brains.  Not
only would David not use such undescriptive phrases, but he would (and has
said so) not use a remailer.  Whoever did this, you are a true idiot.

 --Deviant
        "Uncle Cosmo ... why do they call this a word processor?"
        "It's simple, Skyler ... you've seen what food processors do to food,
	right?"
                -- MacNelley, "Shoe"


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgZDIzAJap8fyDMVAQFpZQf/Vh9A5bI6EABRkOn+izlflDSQO97FSc5T
PSddf/oH/a6biQeFsS+YLIZ/U9ZSxPUB3T0mquZe0YEtowa5FWNmfgKT40ERBHBf
n3fQrI1auBKuZ6W5TJz69qJLHUJj2ngbKqwQ49Ey3urnl4cAJqGCsvSI3qJyadmM
P6A44jHyc0YI83tOGgjTRzxbjXMGk5nmSkFfTQnDGnhpZNI7t0C5+cJ/iJ002YfS
zcTw2UbOx3jq5WLIqjFN2DZBgZy275xP0hZWQFanY4H4E90pmVKqPkW3ZQVdXysO
1fvB0hfreezH6Uc/jvDq4Zszv/m+bsAXPXDdj9EOclW0b7Pf00vEUg==
=Dn7o
-----END PGP SIGNATURE-----






From dsmith at prairienet.org  Mon Aug  5 17:34:08 1996
From: dsmith at prairienet.org (David E. Smith)
Date: Tue, 6 Aug 1996 08:34:08 +0800
Subject: PGP public key servers are useful! [noise?]
Message-ID: <199608052141.QAA15347@bluestem.prairienet.org>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Mon Aug 05 16:43:42 1996
Over the last couple of weeks, I've noticed a lot
of subscribers who PGP clearsign their messages,
but who haven't uploaded their keys to any of
the public keyservers.

Those keys are most useful when they're
available to people who might want to use them,
so I'm asking those of you who haven't sent
them to a keyserver to do so.

(The quick version: paste your key in cleartext
into a letter, sent to pgp-public-keys at pgp.mit.edu
with the subject: ADD.  If you don't have it
in cleartext, do pgp -kxa and follow the prompts.)

TIA,
dave





- ---- David E. Smith  POB 324  Cape Girardeau MO USA 63702
dsmith at prairienet.org   http://www.prairienet.org/~dsmith
send mail of 'send pgp-key' subject for my PGP public key
  "Heard a lot of talk about this Jesus, a man of love,
   a man of strength; but what a man was two thousand
    years ago means nothing at all to me today ... "
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Automagically signed with Pronto Secure for Windows.

iQEVAwUBMgZrGzVTwUKWHSsJAQGRtwf/TPjleUXsqf2GcEsutZNnyYD82bYM2ZT/
NQm0BeUTcNdU+jA/2z5aiy+FRozcL6EeIDPULtCGeMvDYu95vBOjnimIxMjng9J6
mIpFIQzXUN4ZDdE7m1khbn8Vdk/V0kehQL318LzB484SQILWNYvTNrj/cDq6CdKW
RMyyOH3+5VH1xRZJjFYvTsKnCszmtZIIvrjOt9+nX/j02bWnZRV7IGbOFjSrCL6p
r1TZG/TnU60YGz/TaUhp5OCj0bFlkFQlg+NmcwR9j4rlIza9ujBSuGIcflMRWTG3
ighrCC9cpL1v/qJkHXKy67xdvIZWlq7UiyqTRUEBg7rwjSBca0YgZQ==
=rDtm
-----END PGP SIGNATURE-----






From jimbell at pacifier.com  Mon Aug  5 17:35:29 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 6 Aug 1996 08:35:29 +0800
Subject: fbi, crypto, and defcon
Message-ID: <199608052125.OAA29181@mail.pacifier.com>


At 09:40 AM 8/5/96 -0700, Martin Minow wrote:
>Arun Mehta <amehta at giasdl01.vsnl.net.in> writes:
>>True, though even better would be simply to charge you a flat
>>rate. If billing is that expensive, why bother?

>Tragedy of the Commons.
>
>Flat rate works only if no single user can use more than
>a tiny fraction of the total bandwidth.

Using a "Tragedy of the Commons" analysis on telecommunications systems 
isn't very appropriate.  Modern telephone systems have a fairly well-defined 
instantaneous capacity, do not wear out based on usage, unused capacity 
doesn't 'store up' for later use, nor do sporadic attempts at excessive use 
have anything more than a very transitory effect.  (fast busy signals.)  And 
in addition, a person doesn't profit in an unlimited fashion by attempting 
to over-use the telephone:  Nobody I know would spend 24 hours per day on 
the phone if it were free, for example.  So there's little motivation to 
over-use the resource.

The Internet is even more "friendly" along these lines than telephone 
systems:  The Internet doesn't "fail hard," denying access when usage is 
high, it merely slows all access to match the need.  There are enough 
differences that I think Internet deserves an entirely new analysis.  Don't 
worry, it will be also be interesting, from a game-theory perspective, but 
it will be very distinct from a classic "tragedy of the commons" situation.  

The current question is how to motivate individuals and companies to invest 
in improvements to the Internet that will benefit everyone. However, I don't 
think that will be the limiting factor that it may currently appear to be.  
Due to the nature of the Internet, there is nothing to prevent a company 
(such as AOL, Compuserve, or other) from building a shadow version of the 
Internet, through which all of its customer's traffic will pass until it 
emerges local to its destination.  Customers who appreciate this kind of 
prompter service will be motivated to pay slightly more and will buy 
Internet access through that company.  So the "commons" won't be quite so 
"common," and product differentiation will allow choice.



Jim Bell
jimbell at pacifier.com





From vinnie at webstuff.apple.com  Mon Aug  5 17:57:47 1996
From: vinnie at webstuff.apple.com (Vinnie Moscaritolo)
Date: Tue, 6 Aug 1996 08:57:47 +0800
Subject: Credit Cards over the internet
Message-ID: <v0300780aae2c29df08c4@[204.179.131.29]>


Just read a forwarded message from a merchant who indicated that:

<quote>
Mastercard in no way authorises the transmission of credit card details via
the internet/email due to the possibility of fraud. Supposedly if
Mastercard finds that any merchant receives such details via
internet/email, they will cancel the merchants agreement/rights
immediately. While a lot of work is being done regarding the transmission
of secure data it has not been perfected yet. Merchants must have special
permission to accept details by phone or fax.
</quote>

We have no first hand knowledge of this change in the merchant account rules.

As a merchant who accepts credit cards via the internet/email, I know that
our credit card fraud rate is around 1 in 1403 transactions. In all cases,
the card we were given was stolen by conventional means and the charge was
authorized before that knowledge filtered through the credit card system.
Seems to me that this is a small percentage.

I have heard of no one who has had their card stolen while passing it
across the internet. Local restaurants and shops and Unix file servers,
yes, but via packet sniffing, no.

If the above internet/email restriction is true and if we assume that the
people at the credit card companies do know what they are doing, then it
sounds like someone might be attempting to kill the SSL method of accepting
credit card information in favor of some other standard such as SET. I'd be
willing to bet that SET will be proclaimed as the perfected method that is
suitable for use where other methods such as SSL or PGP would not be
allowed. I'd also be willing to bet that even with SET, the fraud rate that
I experience will remain the same.

Does anyone have real facts on this?

<name withheld>


Vinnie Moscaritolo
"Law - Samoan Style"
http://www.vmeng.com/vinnie/
Fingerprint: 4FA3298150E404F2782501876EA2146A







From jimbell at pacifier.com  Mon Aug  5 18:27:53 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 6 Aug 1996 09:27:53 +0800
Subject: Public report of the EU crack.
Message-ID: <199608052306.QAA04853@mail.pacifier.com>


At 02:20 PM 8/5/96 -0700, David M. Rose wrote:
>Hallam-Baker wrote:
>
>>I consider the political dimension of this affair to 
>>be more significant that the technical. This brings the
>>US and the French into the same category of anti-crypto
>>government with a habit of poking its nose into other
>>people business and getting caught.
>>
>>		Phill
>
>Say what?  John Young I can understand; this blather?
>
>Att: "Doc" Baker/Mr. Hyde, err, Hallam: any rudimentary text on
>diction/grammer/syntax might be helpful to you.


Have a little toleration.  I've heard he's a FOREIGNER!
Jim Bell
jimbell at pacifier.com





From mpd at netcom.com  Mon Aug  5 19:04:48 1996
From: mpd at netcom.com (Mike Duvos)
Date: Tue, 6 Aug 1996 10:04:48 +0800
Subject: SSNs (was Re: Internal Passports)
In-Reply-To: <320652BC.31DF@netscape.com>
Message-ID: <199608052313.QAA18497@netcom5.netcom.com>


Jamie Zawinski wrote:

> If you already have a SSN, can you get a *new* one in any legal way?
> (Sort of the same idea as changing your phone number to avoid
> telemarketing scum...)

The original SSN was never intended to be used as a form of 
identification, or so the government claimed.  You may request
from the government a taxpayer ID number, which you may then use
in lieu of your SSN for identification purposes, if you desire
to hold the government to its original promise. 

Of course, using a Taxpayer ID everywhere provides you with no more
anonymity than using an SSN everywhere.  Such is life. 

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $









From vagab0nd at sd.cybernex.net  Mon Aug  5 19:10:08 1996
From: vagab0nd at sd.cybernex.net (Erle Greer)
Date: Tue, 6 Aug 1996 10:10:08 +0800
Subject: Off topic: Re: viruss'
Message-ID: <2.2.32.19960805231721.006d4cb8@mail.sd.cybernex.net>


At 01:38 AM 8/5/96 -0700, you wrote:
>Does anyone know where thre is  good virus page????
>I know that there is one out there, but dont have the add.
>Zero Cool

Let your mouse do the walking.
http://www.yahoo.com
Type "virus", without the quotes.
viola!

Good luck!
Vagab0nd<br>
<a href="http://ww2.sd.cybernex.net/~vagab0nd/index.html">Visit web page for
public key.</a>






From omega at bigeasy.com  Mon Aug  5 19:38:02 1996
From: omega at bigeasy.com (Omegaman)
Date: Tue, 6 Aug 1996 10:38:02 +0800
Subject: NYtimes OPed pro-wiretapping 8/2
Message-ID: <199608052354.SAA06636@betty.bigeasy.com>


found this today as well.  One negative reply letter was also posted.

reference:
<http://www.nytimes.com/yr/mo/day/early/02heym.html>


"August 2, 1996


          Listening in on Terrorism

          By PHILIP HEYMANN

          CAMBRIDGE, Mass. -- President Clinton's major proposals
          for new powers to fight terrorism are useful and pose
          no threat to Americans' civil liberties. "

( oooookkaaay...)

"         Many of these measures are intended only to give government
          as much power to thwart terrorism as it already has to
          combat other criminal acts."

(do go on...I'm fascinated now)


"         The part of the plan that has drawn the most criticism from
          across the political spectrum involves proposals to increase
          the Government's investigative powers, particularly through
          wiretapping and other methods of monitoring phone calls. "

[..snip..]
(assertion follows that current laws are inadequate for electronic 
surveillance against terrorism.)


"        In criminal cases the courts have never considered the use
          of devices that record the numbers of incoming or outgoing
          calls on a telephone to be significant invasions of privacy."

(Never mind what the "people" might say)

"         But there is no similar provision for investigations of
          suspected foreign terrorists. Under the President's
          proposal, agents would be allowed to use the devices if they
          can show that it is relevant to a terrorism investigation."

(not exactly sure how a terrorist investigation differs from a 
criminal investigation...but this is the distinction Heyman is 
drawing.  In his view, current law is not sufficient against domestic 
terrorist investigation.) 

"        Under current law, officials must get a separate warrant for
          each phone the suspect uses unless they can prove the
          suspect is changing phones purposely to thwart
          investigation. This is a stricter standard than is applied
          even to requests to plant a microphone to overhear a 
          suspect."

[..snip..]


"        Government agents would still be required to
          show probable cause that the suspect is committing one of
          the offenses on the Federal list and that the calls being
          monitored will concern that crime. "

(Gosh!  Who knew the government and the FBI were so powerless?)


"        Philip Heymann, a former Deputy Attorney General in the
          Clinton Administration, is a professor at Harvard Law School
          and the Kennedy School of Government. 

                      Copyright 1996 The New York Times Company "

(big shock, eh?)
...
To say that Mr. Heymann is being misleading is an understatement.  He 
ignores that the government wishes to be able to wiretap for 48 hours 
without prior court approval.  He attempts to imply that the roving 
wiretap is focused on an individual rather than a location or 
locations.  And he seems to believe that all of these enormous powers 
will not be abused.

I wonder if he would feel differently if his personal FBI file was 
among those gathered by the Clinton administration.

me
--------------------------------------------------------------
 Omegaman <omega at bigeasy.com>
 PGP Key fingerprint =  6D 31 C3 00 77 8C D1 C2  
                        59 0A 01 E3 AF 81 94 63 
send a message with the text "get key" in the "Subject:"
field to get a copy of my public key.
--------------------------------------------------------------





From wombat at mcfeely.bsfs.org  Mon Aug  5 19:38:03 1996
From: wombat at mcfeely.bsfs.org (Rabid Wombat)
Date: Tue, 6 Aug 1996 10:38:03 +0800
Subject: Public report of the EU crack.
In-Reply-To: <199608052120.OAA06066@web.azstarnet.com>
Message-ID: <Pine.BSF.3.91.960805235759.10764B-100000@mcfeely.bsfs.org>



No, no, Dave, you've missed the point. Phill-grams are really stego. Send 
him an email to get the secret decoder ring. Purple ones work best.



On Mon, 5 Aug 1996, David M. Rose wrote:

> Hallam-Baker wrote:
> 
> >I consider the political dimension of this affair to 
> >be more significant that the technical. This brings the
> >US and the French into the same category of anti-crypto
> >government with a habit of poking its nose into other
> >people business and getting caught.
> >
> >		Phill
> 
> Say what?  John Young I can understand; this blather?
> 
> Att: "Doc" Baker/Mr. Hyde, err, Hallam: any rudimentary text on
> diction/grammer/syntax might be helpful to you.
> 
> Sheesh!  At least Sternlight seemed to be acquainted with the English language.
> 
> 





From tcmay at got.net  Mon Aug  5 20:27:48 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 6 Aug 1996 11:27:48 +0800
Subject: The futility of trying to "tag" ammunition
Message-ID: <ae2bdb75040210042746@[205.199.118.202]>


At 3:38 AM 8/5/96, Sean Sutherland wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Hallam-Baker Wrote --
>> Date:          Sun, 04 Aug 1996 20:20:20 -0400
>
>> I personally think that tagants is an insuffieicent approach to
>> the problem. Given the number of gun related homicides in the
>> US it is not unreasonable to require each individual cartridge
>> to be stamped with a serial number and for gun dealers to be
>> required to record each individual purchase. That at least
>> was my advice to the UK govt after Dunblane.
>
>There's four major problems with this.  First off, a large number of

Actually, there are so many problems with this that I dismissed Phill's
"plan" out of hand. But since others are weighing in on it, I might as
well, too.

It has little CP relevance, except that it parallels other seemingly well
though-out proposals which crumble when some common sense analysis is used.


The key point is this:

A billion rounds of ammunition already out in the U.S. +

Perps typically fire fewer than 5 rounds in committing their crimes  +

Incredible logistical problems in tagging and tracking shells  =

An idea shot down.

>guns used in homicides are revolvers or derringers (anyone got the
>numbers?).  These guns don't spit out the shells.  So, it would be

Most older guns in the hands of street punks are revolvers, though this is
not necessarily where handgun homicides mostly come from. Those are "home
shootings"--a man kills his wife, a woman kills her husband, a brother
shoots a brother, etc. Most of these are done with guns that are handy and
that have been in the family/house for a long time....most are, thus,
revolvers.

(The 1911 .45 is moderately common, but not nearly so much so as old .38s
and even .22s.)

In any case, Phill's proposal would collapse for this situation. First, the
guns are very old and the ammo would not be the new "tagged cases." (In
most cases, a old "box of shells." Most home owners of guns never fire
practice rounds and tend to have a few boxes at most of shells, which they
keep for many, many years.)

And in most home killings, it becomes clear real fast who did the shooting.
And, as Sean notes, these revolvers will not eject the shells.

It is marginally possible that spent shells could be identified when fired
from semi-automatics, of course. Other factors to consider, though:

1. The vast amount of ammo already out there. Given that perps typically
fire only a handful in their criminal career, not hard to just use older
ammo.

(The Sternlight-favored argument might be invoked here: "Ah, but criminals
are too stupid to do this, and so it will help." I disagree. Most street
punks would understand the principal. Just as they seek out "clean" guns,
they surely would not load their carry guns with 9mm ammo bought and
"registered" under their own names.

2. Target shooters consume the vast majority of rounds. (This is why
foolish proposals by Moynihan to "force" ammo to be sold for, say, $5 a
round, is ineffectual for the intended purpose: the perp loading his .357
or 9mm will hardly be deterred by a $30 price, even assuming he would buy
in a store at these prices.) (Think of the black market supply: my several
thousand rounds of 9mm, .45, .223, etc., would be worth $15,000 or more at
"Moynihan prices. The Feds could try to outlaw all ammo transfers between
individuals...left as an exercise as to how effective this could ever be,
and whether juries would send people off to the pen for the crime of
selling some .45 shells.)

3. Reloaders. As others have noted, there is an essentially inexhaustible
supply of reloaded shells.

4. The vast amound of ammo already out there. Crates and crates and crates
of surplus ammo in all sorts of calibers, entire container ships of ammo
coming to the U.S. (e.g, I just got my UPS delivery of 850 rounds of a
Czech brand, Sellior and Bellot, and my 1000 rounds of Italian Fiocchi are
due any day...multiply this by 100,000.

5. Stockpiling. Don't forget the "law of unintended consequences." The
biggest gun boom in history came when the Feds cracked down on gun
purchases. California gun stores were crowded for months. (Ditto for
high-capacity magazines: in the months of "warning" that people had,
factories cranked up production, customers stockpiled, and there was a
sudden surge of interest in getting that previously-obscure 3-round mag for
one's Glocks! :-})

>utterly useless to do so.  The second problem is the number of shells
>expelled in the US every day.  I doubt there's enough room on the
>butt end of a shell to print that number (it couldn't be printed on
>the sides, as this would screw up the fit of the shell, and possibly
>weaken it).  And, it'd be almost impossible getting gun manufacturers to

6. There isn't enough room. The shell I have in my hand barely has enough
room to print "FEDERAL 45 AUTO". A unique numbering of the total ammo
sales, even by boxes and not individual cases, would need a 9-12 characters
(and would likely run out in a few year--12-14 characters would be needed).
Actually, this is the "most solvable" of the problems...the others are the
real killers.

>pay for the equiptment that it would take to emprint serial numbers.
>The third number is that cartridges


>are recycled.  Aside from reloading your own, there's a large number
>of people that sweep up brass from gun ranges to reload themselves.

>The idea that someone swept up the brass could get almost anyone off.

7. There's this...and there's the possibility that one could implicate
_others_. For example, pick up a few empty shells at the range. I imagine
there might be some souvenir value in buying a "This shell was fired by
Dianne Feinstein." (For the uniniated, at the same time DiFi was railing
against the public's ownership of guns, she was carrying one in her purse.)

This gets back to the "chain of evidence" point we so often mention.

>The final problem is the paperwork.  Cops today can barly keep up
>with the paperwork involved with the Brady Bill.  Could you imagine
>if they had to keep track of AMMO purchases?

8. Indeed, it would inflate ammo prices too much.

(Given that people like me have thousands of rounds, the ability to reload,
and would be happy to undercut the local K-Mart's price.)

>The NRA, I'm sorry to say, has screwed up royally.  It's about time
>that they regroup, or else they fall.
>

Indeed, I refused to renew my membership because of their wishy-washyness
on basic issues. In my opinion, spending the "Life Member" fees on a Dillon
reloading press is a better investment.


--Tim May

HOW TO MAKE A PIPE BOMB:
"Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack the powder. Don't even tap the bottom of the pipe to make it
settle.  You want the powder loose.  For maximum explosive effect, you need
dry, fine powder sitting loose in a very rigid container." (more
information at http://sdcc13.ucsd.edu/~m1lopez/pipe.html, or by using
search engines)







From jfricker at vertexgroup.com  Mon Aug  5 20:31:15 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Tue, 6 Aug 1996 11:31:15 +0800
Subject: SSNs (was Re: Internal Passports)
Message-ID: <2.2.32.19960806003317.00a56cac@vertexgroup.com>


At 12:59 PM 8/5/96 -0700, you wrote:
>Black Unicorn wrote:
>> 
>[ ...random losers asking for your SSN... ]
>> > I was horrified and gave a random number.
>> 
>> You should always be horrified, and always give a random number.
>
>Well, it would be nice if it was that easy.  You (legally) need to give
>the correct one to anyone who has to make a report about you to the IRS,
>right?  Such as your employer.  But it's not always clear who else needs
>it. 

Originally the 1939 ('37?) Social Security Act explicitly stated that the
SSN could not be used for anything except SSA matters. Times apparently have
changed or perhaps it's just de facto legislation by complicity.






From tcmay at got.net  Mon Aug  5 20:36:30 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 6 Aug 1996 11:36:30 +0800
Subject: United States as Northern Ireland
Message-ID: <ae2be7b705021004087b@[205.199.118.202]>


At 9:16 PM 8/5/96, hallam at Etna.ai.mit.edu wrote:

>If you think the wiretap bill is bad think on this, all guns
>of all types banned except where held by special license.
>Checkpoints at major road intersections. Stop and search
>patrols in city centers and the army on the street. Its not
>at all far fetched, the UKgovt took less than a year to
>introduce such measures in Northern Ireland. Constitution or
>not, don't expect that the US Congress won't make a similar
>response.

Yes, I agree.

Welcome to our side, Phill!

--Tim May

HOW TO MAKE A PIPE BOMB:
"Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack the powder. Don't even tap the bottom of the pipe to make it
settle.  You want the powder loose.  For maximum explosive effect, you need
dry, fine powder sitting loose in a very rigid container." (more
information at http://sdcc13.ucsd.edu/~m1lopez/pipe.html, or by using
search engines)







From iang at cs.berkeley.edu  Mon Aug  5 20:45:31 1996
From: iang at cs.berkeley.edu (Ian Goldberg)
Date: Tue, 6 Aug 1996 11:45:31 +0800
Subject: Internal Passports
In-Reply-To: <199608042250.PAA13719@toad.com>
Message-ID: <4u6733$30p@abraham.cs.berkeley.edu>


-----BEGIN PGP SIGNED MESSAGE-----

In article <199608042250.PAA13719 at toad.com>,
Bill Stewart  <stewarts at ix.netcom.com> wrote:
>According to Alaska Airlines, the FAA's policy as of last week
>has switched to a mandatory policy that if you don't produce
>government-issued photo-id, you can't get on the plane;
>the previous policy had been more flexible.  

So does anyone have any sort of "official" list as to what constitutes
"government-issued photo-id"?  I'll be flying within California soon
(see you at Crypto...), as as a "furriner", I have no US ID.  I do have
photo-id issued by _another_ government, though (a health card; I wonder
if they'll have heard of that...).

   - Ian "I'd try to be sure to get to the airport early, but the plane
            leaves at some ridiculous time like 7:30am"

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgafi0ZRiTErSPb1AQFsOQQAmxihUufsUh5EYbJ1aHrnP0zFomUb/uo9
qAScGSlWAzzpXYuXnZaG29VeSJ60b/haXaIbSR8C1X4oEIUjiv69gzYa/YJS7RTr
Vb4JEKZdJyiDPxZ7rlyVBquWGLBItazw4mkPAzFi4r6f0nnlXifq1zWGtTR7qakZ
1nGEEYfBeQE=
=h/Zx
-----END PGP SIGNATURE-----





From steve at edmweb.com  Mon Aug  5 20:46:08 1996
From: steve at edmweb.com (Steve Reid)
Date: Tue, 6 Aug 1996 11:46:08 +0800
Subject: "lite" version of cpunks available?
Message-ID: <Pine.BSF.3.91.960805181131.186A-100000@bitbucket.edmweb.com>


Are there any filtered versions of the Cypherpunks mailing list available? 
I'm currently subscribed to cypherpunks-d at gateway.com, but that machine is
down and I haven't received anything in the past few days. 






From frissell at panix.com  Mon Aug  5 20:47:25 1996
From: frissell at panix.com (Duncan Frissell)
Date: Tue, 6 Aug 1996 11:47:25 +0800
Subject: Internet Economics
Message-ID: <2.2.32.19960806011555.00913cdc@panix.com>


At 02:22 PM 8/5/96 -0800, jim bell wrote:
>The current question is how to motivate individuals and companies to invest 
>in improvements to the Internet that will benefit everyone. However, I don't 
>think that will be the limiting factor that it may currently appear to be.  
>Due to the nature of the Internet, there is nothing to prevent a company 
>(such as AOL, Compuserve, or other) from building a shadow version of the 
>Internet, through which all of its customer's traffic will pass until it 
>emerges local to its destination.  

Note that this is the business model for @HOME which will be handling the
heavy lifting for various Internet Over Cable systems around the country.

DCF






From frissell at panix.com  Mon Aug  5 20:49:34 1996
From: frissell at panix.com (Duncan Frissell)
Date: Tue, 6 Aug 1996 11:49:34 +0800
Subject: SSNs (was Re: Internal Passports)
Message-ID: <2.2.32.19960806010151.008f8f48@panix.com>


At 12:59 PM 8/5/96 -0700, Jamie Zawinski wrote:

>Well, it would be nice if it was that easy.  You (legally) need to give
>the correct one to anyone who has to make a report about you to the IRS,
>right?  Such as your employer.  

Virtually no one in the history of the world has done any time for giving a
false SS#.  Considering the fact that millions of Americans daily drive
drunk, exceed the lawful speed limit, drift through stop signs without
coming to a complete halt pick each other up in bars and do a host of other
things that are much more likely to get them in trouble than making up an
SS#, I am constantly *amazed* that people always advise you not to do so.

If it's good enough for the President of Israel, it's good enough for anyone.

>Is it
>needed to get a driver's license?  (The fine print on the DMV forms says
>"yes".)  

But most DMVs don't check and the SS is still resisting verification
services (at least until the Immigration Bill passes).

>Is it necessary to make use of employer-sponsored medical
>insurance?  (I suspect that the answer to this one is "no", except for
>the fact that when my employer set up my medical insurance they let the
>insurance company use my SSN as my insurance-related-ID-number.  But in
>any event, my dentist told me, "if you don't give it to us, they won't
>pay.")

Just make sure you give the insurance company and the doctor the same number.

>If you already have a SSN, can you get a *new* one in any legal way?
>(Sort of the same idea as changing your phone number to avoid
>telemarketing scum...)

The SS resists issuing new numbers in spite of widespread duplication and
theft.  Soon people will find themselves denied the right to work in this
country unless the SS reverses this reluctance.  If your SS# is stolen and
used "too many times"  in a future worker verification program, you're
screwed.  And there won't even be any welfare for you.

Use Alta Vista to find the SS Number FAQ.  There's more stuff.

DCF







From shamrock at netcom.com  Mon Aug  5 20:58:43 1996
From: shamrock at netcom.com (Lucky Green)
Date: Tue, 6 Aug 1996 11:58:43 +0800
Subject: SSNs (was Re: Internal Passports)
Message-ID: <v02120d40ae2c47b357a4@[192.0.2.1]>


At 16:13 8/5/96, Mike Duvos wrote:
>Jamie Zawinski wrote:
>
>> If you already have a SSN, can you get a *new* one in any legal way?
>> (Sort of the same idea as changing your phone number to avoid
>> telemarketing scum...)

To prevent the blacklisting of labor leaders by SSN, the Social Security
Act has a provision that allows you to request a new SSN. You have a right
to get a new SSN issued. Don't expect your SS office to know anything about
it.

[disclaimer: I am not an attorney]



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From tcmay at got.net  Mon Aug  5 21:12:53 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 6 Aug 1996 12:12:53 +0800
Subject: Public report of the EU crack.
Message-ID: <ae2bef6106021004d576@[205.199.118.202]>


At 12:12 AM 8/6/96, John C. Randolph wrote:
>Well, well, well!
>
>So we gain a several allies in our battle against key-escrow, and
>lo and behold, it's all the *other* governments who don't want
>Uncle Sam to read their mail.
>
>I hope that any c'punks in foreign countries can make some politcal
>hay with this: "Don't let the yankee imperialists tell us a goddamn thing
>about crypto policy!  They'll only use it to pull weasel moves in the
>trade talks!"
>
>Actually, it might be a good thing for Her Majesty's government to
>issue an advisory, saying not to buy US routers and encryption software,
>because it can't be trusted, under present US ITAR rules.

Agreed. The report was only surpising to me in that it appeared in
print...anyone who read Bamford in '82 knew this sort of economic espionage
was a major mission of the NSA and various private contractors.

On the subject of routers and sniffers, excuse me if I'm misremembering
things, but wasn't a certain anti-Mitnick hacker writing in one of his
books about his role in developing certain "packet sniffers" that had
properties desirable to the U.S. intelligence community? Perhaps the Brits
are just being "monitored" by the Colonials?

(If I sound paranoid, I just came from a showing of "Chain Reaction." Some
flaws, but also some good reminders about the dangers of the "black
budget," large listening posts in Virgina (and England and elsewhere), and
a U.S. government that now sits astride the world.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jcr at idiom.com  Mon Aug  5 21:25:44 1996
From: jcr at idiom.com (John C. Randolph)
Date: Tue, 6 Aug 1996 12:25:44 +0800
Subject: Public report of the EU crack.
Message-ID: <199608060012.RAA06035@idiom.com>



Well, well, well!

So we gain a several allies in our battle against key-escrow, and
lo and behold, it's all the *other* governments who don't want
Uncle Sam to read their mail.

I hope that any c'punks in foreign countries can make some politcal
hay with this: "Don't let the yankee imperialists tell us a goddamn thing
about crypto policy!  They'll only use it to pull weasel moves in the
trade talks!"

Actually, it might be a good thing for Her Majesty's government to 
issue an advisory, saying not to buy US routers and encryption software,
because it can't be trusted, under present US ITAR rules.

-jcr







From omega at bigeasy.com  Mon Aug  5 21:34:21 1996
From: omega at bigeasy.com (Omegaman)
Date: Tue, 6 Aug 1996 12:34:21 +0800
Subject: NYtimes on " 'net telphony"
Message-ID: <199608052330.SAA06495@betty.bigeasy.com>


An article I found on Internet Telephony today in the New 
York Times.  

reference:
<http://www.nytimes.com/library/cyber/week/0805telephony.html>

article also contained a diagram of a traditional Point-to-point 
synchronous phone call and a packet-switched Internet call which 
shoed pieces of a sentence being transferred over multiple routes.

"         _ Free Long Distance
              Phone Calls! (Computer Extra)_

          By PETER H. LEWIS 

               Sometimes Internet technology moves faster than the
               speed of sound. 

          Nearly 400 Intel Corp. engineers were waiting for Brian
          Frank to stage a demonstration of Internet telephones last
          week at a business meeting in Oregon, when suddenly his
          laptop computer started ringing. 

          Frank, a summer intern, had just finished loading new
          software that would let him place a phone call from his
          laptop to an associate's PC backstage. But before he could
          make the call, someone in Norway had seen Frank's network
          connection pop up on an Internet phone directory on the
          World Wide Web and dialed him up. "

[..snip..]

        
"        For the Intel engineers, it was an industry wake-up call.
          Hitherto a hacker's hobby, the use of microphones and
          computers to place phone calls, send faxes and transmit
          pager signals over the Internet now seems ready to emerge as
          a serious business opportunity. "

[..snip..]

"        Technical drawbacks still keep Internet telephony from being
          a true substitute for the good old, reliable telephone
          network. And yet, the number of regular Internet telephone
          users is expected to rise from fewer than 400,000 last year
          to 16 million by 1999, according to a forecast from the
          research company International Data Corp. By that year, IDC
          predicts, Internet telephony could constitute a $500 million
          market. 

          Beyond cheap phone calls, the possible applications include:
          

          -- Catalogue shopping on the World Wide Web, where the
          customer could speak live with a sales agent. 

          -- Work-team software that would enable groups working
          collaboratively on documents via the Internet to converse
          about the project, too. 

          -- Adding voice capabilities to multiplayer computer games
          like "Doom" or "Quake," so that teammates could coach one
          another and jeer the opposition. "

[..snip..]
  
"         In fact, Intel and Microsoft late last month jointly
          announced a set of technical standards that are intended to
          promote compatibility among various makes of hardware and
          software used in Internet telephony. "

[..snip..]

"         "A lot of people look at Internet telephony as a replacement
          or alternative for long-distance service, and that's the
          most obvious use for it today," said Frederic H. Yeomans,
          marketing manager for Intel's Internet and communications
          group in Hillsboro, Ore. But Yeomans said the technology was
          advancing so quickly that new applications, possibly ones
          not yet imagined, would inevitably arise. "
(hype?  You make the call..)

[..snip..]

"        Telephone companies appear to be divided over how to respond
          to the technological challenges. 

          "Everyone would agree it's a compelling, alternative form of
          communication, and we're excited about it," said Mark
          Fisher, vice president for Pacific Bell Internet Services in
          San Francisco, a unit of the regional Bell holding company
          Pacific Telesis. "

[..snip..]

"         Other, smaller phone companies are not as optimistic, and
          are mounting a legal and lobbying challenge to try to halt
          competition from the computer industry. "

[..snip..]
          NYT-08-04-96 1932EDT 
         Copyright 1996 The New York Times Company 

...

What follows is more hype about a "killer app" that will bring this 
technology to the forefront. 

Little is said about current bandwitdth limitations or PC 
technology limitations.  Nothing is said of crypto technology either.

me
--------------------------------------------------------------
 Omegaman <omega at bigeasy.com>
 PGP Key fingerprint =  6D 31 C3 00 77 8C D1 C2  
                        59 0A 01 E3 AF 81 94 63 
send a message with the text "get key" in the "Subject:"
field to get a copy of my public key.
--------------------------------------------------------------





From jfricker at vertexgroup.com  Mon Aug  5 22:05:16 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Tue, 6 Aug 1996 13:05:16 +0800
Subject: Stealth cookies
Message-ID: <2.2.32.19960806003319.00a5a274@vertexgroup.com>


Doubleclick was the company.

They place banner ads on other pages that deliver a cookie header to your
browser. Their trick is a script that delivers a cookie along with the graphic.
Here's a sample from one of their own ads:

Set-Cookie: IAF=x; path=/; expires=Wed, 09-Nov-99 23:59:00 GMT


And right from the horses mouth:
"DoubleClick has created the largest and most complete user and
organization database on the Internet. DoubleClick is able to tell an
incredible amount of information about a user, such as operating system,
location, organization name, type, revenue, and size (click here for a
more detailed description of target selection criteria). Along with
sophisticated scheduling and our incredible DART software,
DoubleClick is able to automatically and dynamically assign the best ad
banner for a user."

and

"DoubleClick development ad banners are designed to capture more
data about an individual or to attract potential advertisers, both of which
ultimately benefit all DoubleClick Network member Web sites."

Pomp and Puffery. But it makes the marketeers drool.

As a user downloads more doubleclick banners, the cookie allows doubleclick
to  accumulate more crumbs in the form of url of the referring page. Just as
traditional marketing demographics were founded on what magazines one
subscribes, web advertising hopes to build demographics on what pages you view. 

Solution?

1) Don't put your name in the netscape configuration (d'oh)
2) make your cookie.txt file read only
3) use www.anonymizer.com when surfing

Turning of "auto-load images" will not prevent the doubleclick cookie from
being transmitted or recieved.

aside note:
there is a current cp archive at http://infinity.nus.sg/cypherpunks/ but it
could use a local search tool.

--j

At 03:33 PM 8/5/96 -0500, you wrote:
>There's been a thread here about some outfit that, by being referenced
>from web documents here and there, would insert its cookie in your
>browser even though you've never directly visited that site.  I've
>nuked any & all messages about that; if anybody recalls any details,
>I'd be thankful for the information.
>
>______c_____________________________________________________________________
>Mike M Nally * Tiv^H^H^H IBM * Austin TX    * For the time being,
>       m5 at tivoli.com * m101 at io.com          *    
>      <URL:http://www.io.com/~m101>         *    three heads and eight
>arms.
>






From tcmay at got.net  Mon Aug  5 22:11:12 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 6 Aug 1996 13:11:12 +0800
Subject: Internal Passports
Message-ID: <ae2bffef0a021004b92e@[205.199.118.202]>


At 1:28 AM 8/6/96, Ian Goldberg wrote:
>So does anyone have any sort of "official" list as to what constitutes
>"government-issued photo-id"?  I'll be flying within California soon
>(see you at Crypto...), as as a "furriner", I have no US ID.  I do have
>photo-id issued by _another_ government, though (a health card; I wonder
>if they'll have heard of that...).
>
>   - Ian "I'd try to be sure to get to the airport early, but the plane
>            leaves at some ridiculous time like 7:30am"

As I recall, Ian, you are some kind of Damned Foreigner, a Canadian, and
possibly a Jew (from a name like "Goldberg"). As such, your Canuck
documents are worthless in these Beknighted States (at least until the
memory of the single person killed in Atlanta fades...Atlantans are worth
the lives of 100 lives of Third Worlders, which is why the single death in
Atlanta justifies this crackdown).

Perhaps if you coverted to either Southern Baptist or Mormon your stay here
would be easier.....


--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Mon Aug  5 22:12:06 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 6 Aug 1996 13:12:06 +0800
Subject: Internal Passports
Message-ID: <ae2bfb9809021004b448@[205.199.118.202]>


At 1:01 AM 8/6/96, Duncan Frissell wrote:

>The SS resists issuing new numbers in spite of widespread duplication and
>theft.  Soon people will find themselves denied the right to work in this
>country unless the SS reverses this reluctance.  If your SS# is stolen and
>used "too many times"  in a future worker verification program, you're
>screwed.  And there won't even be any welfare for you.
>
>Use Alta Vista to find the SS Number FAQ.  There's more stuff.

BTW, I attempted to comply with the law in a recent request posted to
ba.jobs.offered and scruz.general: I solicited workers for some brush
clearing on my place, but advised them to only apply if--appearing to be
Hispanic, Latin, Mexican, or otherwise unOfficial--they provided proof of
their legal ability to work for me.

Personally, I don't care. In fact, when employing gardeners and yard works
I prefer Mexicans. But the law says, these days, that I must verify the
legality of workers *if* they appear to be dark-skinned, Mexican, Latin, or
the like. I say "if" because there are no requirements in general for
white-skinned, Anglo workers....no work permits, no proofs of citizenship
(such a document is currently lacking in the American pantheon...I, a mixed
descendant of Mayflower colonist and Scandinavian immigrants, lack such
"proof").

Predictably, I got e-mail threatening me with legal action (ha!) and
claiming me to be a racist.

I promise not to ask my potential employees for legal proof of their right
to work if the Feds and Sacramentans promise not to make it a law that I
check such things, and if the laws are not written such that I am a felon
for not asking for such documents from a dark, dusky Mexican but not from a
blonde- or red-haired ubermensch. (Jews I haven't figured out...some seem
to pass the "no documents required test" and some I want to demand Green
Cards for...ironically, it may be "discrimination" for me to request that
these "dusky" folks supply proof of their permission to work in these
Beknighted States. A strange world we live in.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From JonWienk at ix.netcom.com  Mon Aug  5 22:41:54 1996
From: JonWienk at ix.netcom.com (JonWienk at ix.netcom.com)
Date: Tue, 6 Aug 1996 13:41:54 +0800
Subject: Ballistics
Message-ID: <199608060242.TAA06198@dfw-ix10.ix.netcom.com>



On Sun, 04 Aug 96, dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM) wrote:

>Is there truth to the rumor that poking a file inside the barrel will
>alter the marks on future test firings?

A much better idea is to clean the barrel with a stiff wire brush. If you blue 
the inside of the barrel, and then brush the bluing off, that is enough. 
Alternatively/additionally, fire several hundred rounds with the weapon.  Either 
will change the microscopic pattern of grooves sufficiently to cause a mismatch. 
Poking a file around in the barrel is a good way to ruin a gun.

Changing barrels is a good idea as well. I can change the barrel on my Desert 
Eagle in about 15 seconds. A better idea yet is to fabricate a removable 
silencer (that can be attached/detached without modifying the barrel) with a 
wire brush surrounding the muzzle opening (similar to a batery terminal cleaner, 
but sturdier, of course) so that the bristles put their own marks on the bullet 
as it leaves the barrel. Even if the silencer is found, you will never be able 
to put it on aligned exactly the same way, and the marks will not line up 
exactly. Alternatively, you could mount the bristles on a bearing so they can 
rotate freely, so the patterns of marks constantly change as the brush rotates. 
Of course, getting caught with a silencer is a good way to go directly to jail 
without passing GO.

Of course, if you are serious about avoiding this kind of hassle, you will mount 
a bag to the receiver of your gun to catch the fired shells, so that they aren't 
lying around for curious people to find.

Jonathan Wienke

"1935 will go down in history! For the first time a civilized nation has full 
gun registration! Our streets will be safer, our police more efficient, and the 
world will follow our lead in the future!"
--Adolf Hitler

"46.  The U.S. government declares a ban on the possession, sale, 
transportation, and transfer of all non-sporting firearms. ...Consider the 
following statement:  I would fire upon U.S. citizens who refuse or resist 
confiscation of firearms banned by the U.S. government."
--The 29 Palms Combat Arms Survey  
http://www.ksfo560.com/Personalities/Palms.htm

1935 Germany = 1996 U.S.?

Key fingerprint =  30 F9 85 7F D2 75 4B C6  BC 79 87 3D 99 21 50 CB






From ses at tipper.oit.unc.edu  Mon Aug  5 22:56:36 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Tue, 6 Aug 1996 13:56:36 +0800
Subject: Credit Cards over the internet
In-Reply-To: <v0300780aae2c29df08c4@[204.179.131.29]>
Message-ID: <Pine.SUN.3.91.960805234211.753E-100000@tipper.oit.unc.edu>


[set discussion is available on set-discuss at commerce.net . Majordomo stuff]

This would seem to be a new policy; previously I'd heard that mastercard 
and visa were going to be encouraging the use of SET quite strongly, but 
since SET isn't going to be available until at least Q1 97, it would be 
silly to stop all activity now.

SET is massively over-engineered and is one of most obnoxious crypto 
protocols you'll find, but it does have some cute features (merchant 
never learns card number, etc).

Simon

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From dfloyd at IO.COM  Mon Aug  5 23:00:40 1996
From: dfloyd at IO.COM (Douglas R. Floyd)
Date: Tue, 6 Aug 1996 14:00:40 +0800
Subject: Cookies on Microsoft Explorer?
In-Reply-To: <Pine.SUN.3.93.960805154442.12332B-100000@duke.poly.edu>
Message-ID: <199608060328.WAA07633@pentagon.io.com>


> 
> 
> Does anyone know what the equivalent technology is on Microsoft to
> Netscape's cookie technology?  Does Microsoft have support for cookies or 
> not?  
> 
> All of the discussion on the list to do with
> cookies is related to Netscape.  Does this mean that if one switches to
> Microsoft Explorer one can avoid the problem?  Many thanks.

MSIE supports cookies.

> 
> Anne Eisenberg
> aeisenb at duke.poly.edu
> 






From smart at mel.dit.csiro.au  Mon Aug  5 23:11:56 1996
From: smart at mel.dit.csiro.au (Bob Smart)
Date: Tue, 6 Aug 1996 14:11:56 +0800
Subject: view from Australia (Re: United States as Northern Ireland)
In-Reply-To: <ae2be7b705021004087b@[205.199.118.202]>
Message-ID: <199608060349.AA24880@shark.mel.dit.csiro.au>



In Australia the gun lobby are now deeply distrusted. During the
current crackdown on high powered and repeating weapons they have made
many statements, at all levels of their movement, that indicate that
they want the guns in order to kill people and to give themselves the
option of insurrection. Unlike the US this is not an activity that is
supported by the constitution and the people are strongly against it.

If we assume that the gun lobby will lose, [please I am not discussing
whether it *should* lose and I'm not interested in arguments on this
so send them to the list not to me], then supporters of privacy and
freedom through cryptography do the cause a great disservice by
associating themselves with the gun lobby.

In fact we are passing up a great chance to sell the cause of
communication freedom through cryptography by arguing:

  Communication privacy through cryptographic technology is a 
  necessary counter-balance to the inevitable increase in state 
  control of public spaces [in an age when weapons technology
  permits weapons that can kill large numbers of people to be
  easily concealed].

  Secure electronic communication is the freedom that carries no 
  direct risk to other people. It is the one that must be preserved 
  in a free society.

  The 1990s is the decade of the bloodless revolution built on
  the freedom of communication. Preserving free communication is
  the vital step in countering out-of-control governments and criminal
  organizations, and cryptography is the way to keep communication
  free.

I don't think this line of argument will appeal to cypherpunks but
if there are other organizations running this line I'd be keen to
support them.

Bob Smart






From gimonca at skypoint.com  Mon Aug  5 23:22:57 1996
From: gimonca at skypoint.com (Charles Gimon)
Date: Tue, 6 Aug 1996 14:22:57 +0800
Subject: SSNs (was Re: Internal Passports) (fwd)
Message-ID: <m0unbyR-00002wC@skypoint.com>


Forwarded message:
> Date: Mon, 05 Aug 1996 17:33:17 -0700
> From: jfricker at vertexgroup.com (John F. Fricker)
> Subject: Re: SSNs (was Re: Internal Passports)
> 

Before this gets too out of hand, I'm going to mention that Chris
Hibbert's Social Security Number FAQ (posted regularly to several
newsgroups, including news.answers) is superb. Great job of
separating legitimate paranoia from old wives' tales. Check for it
in Usenet or your favorite search engine.

Remember--privacy is your own responsibility.

> At 12:59 PM 8/5/96 -0700, you wrote:
> >Black Unicorn wrote:
> >> 
> >[ ...random losers asking for your SSN... ]
> >> > I was horrified and gave a random number.
> >> 
> >> You should always be horrified, and always give a random number.
> >
> >Well, it would be nice if it was that easy.  You (legally) need to give
> >the correct one to anyone who has to make a report about you to the IRS,
> >right?  Such as your employer.  But it's not always clear who else needs
> >it. 
> 
> Originally the 1939 ('37?) Social Security Act explicitly stated that the
> SSN could not be used for anything except SSA matters. Times apparently have
> changed or perhaps it's just de facto legislation by complicity.
> 
> 






From dlv at bwalk.dm.com  Mon Aug  5 23:38:46 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Tue, 6 Aug 1996 14:38:46 +0800
Subject: Integrating PGP 3.0 Library with INN
In-Reply-To: <199608052017.PAA09340@homeport.org>
Message-ID: <X5Z8RD36w165w@bwalk.dm.com>


Adam Shostack <adam at homeport.org> writes:

> Igor Chudov wrote:
>
> | Has anyone thought of integrating PGP 3.0 library with INN?
> |
> | I was thinking along the lines of having PGPMoose support built
> | right into INN: if an arriving article is posted to a moderated
> | newsgroup for which a PGP key is available in the INN's keyring,
> | INN verifies existence and correctness of a PGP signature.
>
>
> | If moderators choose short enough keys (512 bits for example), this
> | verification will not take any significant amount of CPU time.
>
> Its my experience that at full feed sites, there isn't enough cpu to
> do this.  A p-90 can get ovewhelmed pretty easily trying to keep up
> with the load.  Trying to look into the body of an article means at
> least a few hundred more ops per article.  You could do this on a leaf
> node.  However, you cut the reliability of the system by adding things
> to go wrong.  Better to have a scanner that checks specific moderated
> groups after INN has deposited the articles.

It's wasteful to run this checking at every Usenet node.

It would be more efficient to run PHPMoose checking at a few trusted sites
and have them issue NoCeMs for articles that fail the check.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From mpd at netcom.com  Mon Aug  5 23:55:56 1996
From: mpd at netcom.com (Mike Duvos)
Date: Tue, 6 Aug 1996 14:55:56 +0800
Subject: Internal Passports
In-Reply-To: <ae2bfb9809021004b448@[205.199.118.202]>
Message-ID: <199608060439.VAA25581@netcom22.netcom.com>


tcmay at got.net (Timothy C. May) writes:

 > Predictably, I got e-mail threatening me with legal action
 > (ha!) and claiming me to be a racist.

 > I promise not to ask my potential employees for legal proof
 > of their right to work if the Feds and Sacramentans promise
 > not to make it a law that I check such things, and if the
 > laws are not written such that I am a felon for not asking
 > for such documents from a dark, dusky Mexican but not from a
 > blonde- or red-haired ubermensch.

Yet, when the laws are "improved" to apply to all equally, people
still bitch.

The producers of the geriatric porn film "Grandma Does Grandpa",
and the popular sequel, "Grandma Does Grandpa II", must show at
the beginning of the film the address where the legally required
affidavits proving that Grandma and Grandpa are over 18 years of
age are available for inspection.

If they fail to do this, of course, they are child pornographers,
and may fork over many decades of their lives and hundreds of
thousands of their dollars towards the official government
crusade to protect our nation's youth from exploitation.

The fact that Grandma and Grandpa are obviously within mere
months of buying the farm does nothing to mitigate their offense,
should they decide that the law is not worth bothering with.

"What are you in for?"

"Child Porn."

"How old were the kids?"

"In their mid 70s."

"Ewwwwwww.  That's sick man!  You're disgusting."

:)

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $






From tcmay at got.net  Mon Aug  5 23:57:17 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 6 Aug 1996 14:57:17 +0800
Subject: SSNs (was Re: Internal Passports) (fwd)
Message-ID: <ae2c1c850b0210047075@[205.199.118.202]>


At 2:34 AM 8/6/96, Charles Gimon wrote:
>Forwarded message:
>> Date: Mon, 05 Aug 1996 17:33:17 -0700
>> From: jfricker at vertexgroup.com (John F. Fricker)
>> Subject: Re: SSNs (was Re: Internal Passports)
>>
>
>Before this gets too out of hand, I'm going to mention that Chris
>Hibbert's Social Security Number FAQ (posted regularly to several
>newsgroups, including news.answers) is superb. Great job of
>separating legitimate paranoia from old wives' tales. Check for it
>in Usenet or your favorite search engine.

I _know_, Chris Hibbert. Chris Hibbert is a _friend_ of mine. And this is
not just old wives' tales.

(w apologies to the Texas senator)

--Tim

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jfricker at vertexgroup.com  Mon Aug  5 23:59:15 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Tue, 6 Aug 1996 14:59:15 +0800
Subject: Internal Passports
Message-ID: <2.2.32.19960806044723.01073e4c@vertexgroup.com>


At 07:37 PM 8/5/96 -0700, you wrote:
>At 1:01 AM 8/6/96, Duncan Frissell wrote:
>
>>The SS resists issuing new numbers in spite of widespread duplication and
>>theft.  Soon people will find themselves denied the right to work in this
>>country unless the SS reverses this reluctance.  If your SS# is stolen and
>>used "too many times"  in a future worker verification program, you're
>>screwed.  And there won't even be any welfare for you.
>>
>>Use Alta Vista to find the SS Number FAQ.  There's more stuff.
>
>BTW, I attempted to comply with the law in a recent request posted to
>ba.jobs.offered and scruz.general: I solicited workers for some brush
>clearing on my place, but advised them to only apply if--appearing to be
>Hispanic, Latin, Mexican, or otherwise unOfficial--they provided proof of
>their legal ability to work for me.
>


Hmmm. Actually a long time ago I lost my job with Greenpeace out of refusal
to sign an I-9 which was in '86 the Department of Justice's form to exhibit
eligibility to work in the US. The form required that I present two pieces
of photo identification or a driver's license to be authenticated by my
employer. Maybe it's a CA state law that adds an additional skin tone
criterium to for the filing of an I-9.

--j






From declan at eff.org  Tue Aug  6 00:08:17 1996
From: declan at eff.org (Declan McCullagh)
Date: Tue, 6 Aug 1996 15:08:17 +0800
Subject: Tolerance (fwd)
In-Reply-To: <199608051349.GAA22092@toad.com>
Message-ID: <Pine.SUN.3.91.960805200936.24298B-100000@eff.org>


Hmm... Perhaps my attorney went to Princeton as an undergrad. *shrug* I 
recall a Princeton diploma on his office wall.

Now, Peter, you're a moron, and I call you on it. 

-Declan


On Mon, 5 Aug 1996, peter honeyman wrote:

> Declan McCullagh writes:
> 
> > This is attempted proof by credentalism. I call him on it. 
> > 
> > Okay, Jim, what _do_ your lawyers say on this? Have you asked them? I,
> > too, have an attorney, a civil liberties specialist and a graduate from
> > Princeton law. So what? 
> 
> declan, you are a fucking liar, and i am calling you on it.  princeton does
> not have a law school.
> 
> 	peter
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From rah at shipwright.com  Tue Aug  6 00:10:31 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Tue, 6 Aug 1996 15:10:31 +0800
Subject: e$: Watching the MacRubble Bounce
Message-ID: <v03007800ae2c742ab98e@[206.119.69.46]>


-----BEGIN PGP SIGNED MESSAGE-----

e$: Watching the MacRubble Bounce

Stiffing, Stealth Conferences,
Pieces of the True Cross, Stiffies,
Grenades and Magic Feathers

Robert Hettinga
8/5/96

The principal waste of my time and attention, for the last six weeks or so,
has been my negotiations (or lack thereof) with an (as yet ;-)) unnamed
cypherpunk (and company) about whether they're going to stiff (or not) Peter
Cassidy, me, and two (as yet) unnamed other people, on the final payment
(a moderately signigicant chunk of change) for some consulting work we
did for them earlier this year. We accuse them of shooting the messenger,
because their idea won't work. More to the point, they couldn't make it work
even if a market was there. Which it isn't. For them, anyway. They accuse us
of gross incompetence. Interesting, because we punchlisted the entire
contract (and voluminous addenda) before we shipped the report, have logs of
them downloading *all* the source material and appendices, which we put on
the server for them *long* before we started dunning them for a past due
invoice. Not to mention Peter's written more *published* articles on
topics like this (in places, like, say, the Economist) in the last *year*
than most people *write* about *anything* in their entire lifetimes. And, of
course, they *aren't* going with the business idea they hired us to check
out in the first place. Go figure.

May you live in interesting times, the chinese curse goes, and things have
gotten interesting enough for me lately, thank you very much. I finally
decided to unwrap myself emotionally this week from this particular
"interesting time", "modulo" (to quote the aforementioned unnamed
cypherpunk) real (or imagined :-)) "other" measures our legal help says we
can take, should the inevitable stiffing (or not) occur, and concentrate on
other stuff, "modulo" my time spent in further negotiations about being
stiffed (or not).

Clearly, I've been talking with legal types too much lately. Speaking of
which, someday, I want to write another non-repudiation rant. Code and
Reputation instead of Law and Force, and all that. But not now. We still
might work this out. I hope.


So, in the background of the aforementioned stiffing (or not), Vinnie
Moscaritolo and I have been working on a project, something we've been
talking about since January or so. We wanted to throw a small Macintosh
crypto conference. Tim Dierks, of Consensus (and ex- Apple DTS, where Vinnie
now works), buttonholed Vinnie in a coffee shop a while back, and proposed
that we "stealth" the crypto conference idea into one about digital
commerce. Seeing as how both Vinnie and I gibber about "Digital Commerce is
Financial Cryptography" and all, it was fine by us. Along about June (July?)
or so, Vinnie, ever the mil-spec, surreptitiously obtained the necessary
sack of grenades and started paddling in towards the beach in a rubber raft,
inviting us to mop-up festivities the next morning at dawn. Next thing we
all knew, he had scheduled an Apple conference facility in Cupertino for 2
days, the 5th and 6th of September, a Thursday and Friday, and he may have
even gotten Apple to spring for groceries, though Those with Proper
Budgetary Authority might have gotten hit by a grenade or two, and they (the
groceries) could be MIA. Fortunately, this activity has been entirely a
ground-up exercise on the developers' part, so going dutch for lunch
probably won't scare anyone off, one way or the other. We could probably
hold it in a Chuck-E-Cheese and fill the room, people are that interested in
internet commerce, and crypto, on the Mac. And those little gophers, of
course...

Meanwhile, also in my, heh, copious, free time, (did I tell you I'm also
pitching sponsors for FC97? :-)), I've been working on a Mac-e$ rant with
Vinnie. Collaberation is Hard.  But, it looks like we're just about through.
Real Soon Now. Kind of reminds me of the late-1960's button which said
"Freedom Soon". In the process, said rant has turned into some kind of
Magnum Opus, which makes me nervous, with contributions from a couple of
other people besides Vinnie and myself. And, no, the one you're reading
isn't it. :-). But it's coming. Soon. We hope.


All of which brings up the *real* point of this rant. I mean, who *cares* if
you can do crypto on the Mac or not? Why not stand back and watch the
MacRubble bounce?

My thinking about all of this started because I've been reading Vinnie's
mail over his shoulder. (Yes. I'm shameless. When we're working on stuff
together, we trade our mail about it. As they say in the Mac biz, "Sosumi".)
That is, Vinnie's been out there scaring up speakers for this shindig that
he "borrowed" the grenades for, and, well, in his tree-shaking (God help you
if Vinnie shakes a tree you're in), he invites (if you could call what
Vinnie sent an invitation :-)) Yet *Another* Nameless Cypherpunk (YANC) to
come and give us what we hope would be a Patented Colorful Cypherpunk
crypto-Peptalk, with Vinnie saying to him (YANC), in effect, we need him
(YANC) for a proper Laying-On of Hands, him being a Piece of the True Crypto
Cross, and all.

Of course, Vinnie didn't stand a chance.  If we *could* consider Vinnie for
it, (which we can't, because he's on the selection committee) he might have
earned the coveted 1996 Black Rhino "Mr. Kevlar" award (for courage in the
face of imaginary gunfire) for his efforts. Actually, considering the, heh,
caliber, of last year's winner, it's just as well. A, uh, bang-up job Mr.
Weinstein of Netscape did last year. A hard one to top. And so, the search
continues. Both for this year's "Mr. Kevlar", and, of course, for some other
Piece of the True Cross. Or so we think. I'll get to that in a moment.

What Vinnie got from Yet Another Nameless Cypherpunk, instead of "Yes, I'll
come talk about crypto, the universe, and everything.", was Yet Another
Rendition of the Apple Macintosh Massacree. In six-part ;-) harmony, of
course. And, no, I won't sing it here in its 21-minute (not even 17 for
radio) entirety. However, I should really note here that no matter how
reasoned and cogent YANC's arguments were (and cogent they were, too: upon
reading them, I was halfway to the dumpster with my trusty old PB180,
tears in my eyes, before I came to my senses), in general, one of the *big*
reasons that Vinnie got the $0$AD ($ame Old $ong And Dance) Re the Future of
the Mac as a Viable Platform was probably more because the aforementioned
YANC has eschewed speaking opportunities like this for years anyway, and
Vinnie probably didn't ask him with the Proper Deference Necessary for a
Cypherpunk of That Stature. In fact, I *know* Vinnie didn't, because I read
his mail ;-). However, that, of course, wasn't why YANC gave Vinnie the
aforementioned Massacree in particular.

YANC Massacreed Vinnie because there's a lot of *very* disappointed Mac
users out there, YANC being a prominent example thereof. Love the computer.
Hate the company. Hell hath no fury like a Mac user (not to mention
shareholder) scorned. Heck. I understand *that*. I did the *same* thing just
over a year ago this week. "Platforms are Meat", and all that. For what it's
worth, YANC, I *feel* your pain... :-).


So, I repeat, why *not* stand back and let the MacRubble bounce? No, this is
not a segue for me to stand up in my chair and start singing the Apple
Company Song at the top of my lungs, complete with a QuickDraw-VR DOOM
environment file of One Infinite Loop right up there on the screen for y'all
to marvel at and play with using your very own Newtons, all while I sing 100
Company Song verses with a six-part MIDI chorus of my own voice (Yechhh!).
Nope. Not me. Indeed, I really *do* say, "Why not?". That is, let's look at
what happens if people *don't* develop crypto for the Mac.

The truth is folks, not much.

First of all, we all think it'll be Real Bad News for Apple Real Soon
if real-live strong cryptography isn't shoved as far down as it's possible
to make it go into the Mac's operating system, and right now, dammit. But,
so *what*? The Mac's only, say, 5-7% of the computer market anyway, and the
only possibly new, cool, stuff Apple's involved in, say, OpenDoc/Cyberdog,
has 5%, maybe 10%, of *that*, so, who *cares*? Potential Mac crypto
developers aren't effecting that many people at *all*. They would better
spend their time doing CryptoJava++ or something, because there's *much*
more market penetration *there*. Or, even better, developers should go do
CAPI for Windows. I mean, that's where the *real* money is, right? So
fergadaboudit, go write CAPI-code, I mean, Microsoft Gets The Internet Now,
right? At least there'll be *active* developer support from the MotherShip,
which is better than whatcha get from Apple ferchrissakes <He said, ducking
a mysteriously appearing grenade fusilade from Vinnie's general direction.
Can someone tell me *how* he pulls the pins and throws them all at once
like that?>.

But, as bad as all this is, lack of strong crypto is not nearly that much of
a Mac-Killer, or more to the point, an Apple-Killer. (Love the Machine, Hate
the Company, remember?) What's killing Apple is Apple's sclerotic management
style, and, frankly, too much living high off the hog when margins were fat.
Of course, you never know. Apple could just keep cranking out more and more
machines, at smaller and smaller market shares, ad infinitum. Look at
Porsche (remember Ferry Porsche and what a "disaster" the Volkswagen was?),
or Rolls-Royce. Personally, I would bet that, *if* the Sclerotic Apple
scenario's the case, then jumping with both feet into crypto, and by
extension, financial cryptography and digital commerce, could add a few more
years to Apple's lifetime, but all that money might just go straight to
Apple's waistline *anyway* (at 360lbs soaking wet, *I* should talk...), and
make the end, if it occurs, even that much more grotesque.  ( Yeah, but what
a way to go... Fat Power! ;-))


And, yet, Vinnie's probably going to fill the room on September 5th and 6th.
Hell, he might even fill Chuck-E-Cheese to boot. How come? Because, even
though the market share is small, there's just enough there to support the
small developers who made the Mac a great machine in the first place.


There's a guy in Germany named Ruf. I still think he's around.  Don't ask me
how to say his name. What he does is buy brand-new Porsche 911s, fresh from
the factory, and "blueprints" them. That is, he takes them all apart, down
to the nuts and bolts, and rebuilds them *exactly* to the original design
specifications, remachining metal where necessary. You can imagine that,
with Porsches, there isn't much tolerence for production errors to begin
with, but blueprint them Mr. Ruf does. After he does that, he tweaks them
with all the aftermarket go-fast stuff it's possible to cram onto the little
30-year-old 911 design, some of which he's invented himself. After he's
done, they really do. Go fast, I mean. Usually, his tweaky stuff gets onto
his cars, now sold under the "Ruf" brand name, *waay* before it gets
adopted for production 911s. Mr. Ruf has been doing this for a long time.
His cars go for twice or three times what a production 911 goes for, if you
can imagine paying that much for a *very* fast Porsche 911. He has a very
long waiting list. He sells, say, 10 cars a year. He makes out like a
bandit. And he *loves* his job. There're a whole bunch of guys around
Stuttgart who do this kind of stuff. And *they* love their jobs, too.


That's why Vinnie's going to fill that room in Cupertino. (On the 5th and
6th of September, remember?) First of all, the developers who are left in
the Mac market are there because they love it. The old guys, who, like me,
can't get it up anymore, still hack Macs because they love them. The *new*
developers hack Macs because they can't get leave it *alone* and don't know
from market share anyway. They just love what they're doing.

                               <heh, heh. He said "get it up", Bevis>
           <heh, heh. Yeah. And up there, Butthead, he said "Stiffy">
                                      <No, Bevis. He said "Stiffing">
                               <Oh, yeah. heh, heh. *I* knew that...>

Mssrs. B & B aside, who *knows* what the women Mac developers feel, young or
old, because I'm not one. Or a woman, for that matter. :-). But I *bet*
they're there because *they* love the Mac, too. And, of course, *all* of the
Mac crypto developers also understand the importance of strong cryptography
to digital commerce, so they want to make sure the Mac has it, if they have
to do it themselves, just like Mr. Ruf and his friends blueprint those
brand-new Porsche 911s.


So, finally, I'm going to pull out a dusty old story from the Disney Canon:
Dumbo. <Oh, No! Not the Dumbo story!!! Not Again!!!> Yes. The Dumbo story.
Again.

Remember that Dumbo had a magic feather, given to him by the crows, so that
he could fly, which of course, he didn't really need, because he could fly
already, he just didn't know it. Yes, boys and girls, Vinnie and the Mac
crypto developers wanted, in fear of that 900-foot drop into a teeeny bucket
of water, to have Yet Another Nameless Cypherpunk, A Piece of the True
Crypto Cross, be a magic feather. So they could fly.

Well, it looks like Vinnie, and all those room-filling Chuck-E-Cheese-
Gopher-Banging Mac crypto developers will have to use their ears (or what's
between them, anyway) to fly instead.

Only this time, Dumbo's got a sack of grenades.

A "munition" indeed...


Cheers,
Bob Hettinga

<Heh, heh. Uh, anyone out there got a magic feather, uh, just in case?>
<Shut *up*, Bevis!>
<Owwwwww! My *'Nads*!>





-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgbH1PgyLN8bw6ZVAQGkrQP9GyrOI9NWlookyXQdbfdjmC437fxNbQuQ
g3CHsGMi4uhqO1UO6dF71XO7Osh57n//cVKF52Tv3b2UpOU3khtj15ASH7sOLaMs
KwDQYvNta1I/nL1k9L8mAnNUfEdkttfhqgKjDwB5nKvwwJqbOemG60Bz6jKzCO5T
cXOXOcEVyLE=
=Fjkr
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From zachb at netcom.com  Tue Aug  6 00:11:17 1996
From: zachb at netcom.com (Zach Babayco)
Date: Tue, 6 Aug 1996 15:11:17 +0800
Subject: viruss'
In-Reply-To: <3205B2F7.7E74@cnmnet.com>
Message-ID: <Pine.3.89.9608052107.A27020-0100000@netcom22>




On Mon, 5 Aug 1996, Zero Cool wrote:

> Does anyone know where thre is  good virus page????
> I know that there is one out there, but dont have the add.
> Zero Cool
> 
Do a web search for the word VIRUS and try posting this somewhere else - 
this isn't a virus newsgroup, last time I checked.





From JonWienk at ix.netcom.com  Tue Aug  6 00:23:11 1996
From: JonWienk at ix.netcom.com (JonWienk at ix.netcom.com)
Date: Tue, 6 Aug 1996 15:23:11 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <9608052116.AA09050@Etna.ai.mit.edu>
Message-ID: <199608060242.TAA18997@dfw-ix11.ix.netcom.com>


On Mon, 05 Aug 96, hallam at Etna.ai.mit.edu wrote:
>The shells are removed sometime or other. Nothing is a 100% solution
>but anything that gives the criminal an extra thing to worry about 
>improves the chances that a mistake is made.
>
>Many people go to jail because of fingerprints on shell cases.

If the shell cases are NOT left at the crime scene, there is NO link between 
them and the crime. You are suffering from cranio-rectal inversion.

>I doubt that more than 32 bits of info will be required. Thats not 
>that difficult to imprint.
[snip]
>Not a problem, that type of machinery is a standard type of 
>industrial machine. Might be expensive to adapt the lines but 
>I doubt it.

That doesn't address the fact that (1) there are billions of unstamped shell 
casing extant, (2) stamping the side of a case will weaken it and be a 
significant safety hazard, (3) stamps in the head of the case can be 
filed/scraped off, (4) cases not left at the crime scene have no value as 
evidence, regardless of any serial stamps, extractor marks, etc. Even if you can 
prove a shell was fired in a particular gun, if there is no link between that 
gun and the crime, the "evidence" is worthless. You are suffering from 
cranio-rectal inversion.

>Not an issue. A person may have an excuse that explains why
>the blood is in his car or his fingerprints are on the knife but
>a conviction depends on more than one piece of evidence. If 
>there is information that gives the police a lead it is 
>usefull.

See above. You are suffering from cranio-rectal inversion.

>At present the police are investigating the purchase of white 
>powder - checking each purchaser out who fits the Olympic
>bomber profile. That is a lot of work for a much weaker lead.

That's BLACK powder, stupid! Also, profiling a bomber requires more than one 
crime. A profile is a psychological analysis of the patterns in a criminal's 
handiwork, and patterns cannot be clearly deliniated with a single crime.

>If a person says that they fired at a range then you have 
>narrowed the search scope to the guys at the range.

Huh? Smoke another one, Beavis!

>Not a problem, thats an opportunity. I build very large, very
>high reliability computer systems. I can build machines that
>deal with several million transactions a day for less than a 
>million and run them for less than a quarter million a year. That
>is cheap when one considers the cost of investigation saved.

Yeah, and lets make it mandatory for everyone to accept subcutaneous transponder 
implants monitored by your system. Can anyone say BIG Brother? Regardless of the 
system, some poor schmuck (or an army of them) is going to have to do the data 
entry work for your computer, or it is worthless. Remember the GIGO concept?

>Making that argument defeats your case. Irespective of the framers
>of the constitution nobody in Congress or the Administration believes
>that you have a right to take up arms against the government. In
>fact they are scared of the militia movement and the NRA. Every time
>you make that argument you make it harder for people to accept your
>case. 

The fact that the current government despises the intent of the people who wrote 
the Constitution and tries to circumvent and negate it to the maximum extent 
possible is the root of much of the disillusionment with and distrust of 
government in America today.

>Its like hearing a Marxist spout stuff from Capital to support a
>civil liberties. Regardless of wether the content makes sense the
>form of the argument is a complete turn off. 
>
>I used to side with HCI before I started talking to the 
>talk.politics.guns people. That convinced me that they were a threat
>to the security of the country - even before McVeigh sent me a
>mail defending his 2nd ammendment rights that looked very 
>much like yours. Regardless of whether he is guilty or not I
>still regard him and those that hold his views to be as 
>serious a threat to the USA as the Red Army Faction were in
>Germany, or the Red Brigades in Italy or the IRA in the UK.

Ted Kennedy's car has killed more people than Tim McVeigh's guns.

>If people carelessly justify terrorism they are fueling that
>fire. Up until now the US has not had a serious terrorist 
>problem. If terrorism becomes widespread then don't imagine
>the constitution will be a protection. Thomas and Reinquist 
>are not going to stop measures to "protect the nation" even
>if like the WWII internement of Japaneese nationals they are in
>gross violation of the constitution. 
>
>If you think the wiretap bill is bad think on this, all guns
>of all types banned except where held by special license.
>Checkpoints at major road intersections. Stop and search
>patrols in city centers and the army on the street. Its not
>at all far fetched, the UKgovt took less than a year to 
>introduce such measures in Northern Ireland. Constitution or
>not, don't expect that the US Congress won't make a similar 
>response.

See my sigfile. These are shining examples illustrating why an armed populace is 
critical to freedom, even if some people do misuse firearms. I would rather be 
armed and take my chances against a crackhead looking for someone to mug than be 
disarmed and take my chances against government thugs who have discovered that 
they can act against the populace with impunity.

Jonathan Wienke

"1935 will go down in history! For the first time a civilized nation has full 
gun registration! Our streets will be safer, our police more efficient, and the 
world will follow our lead in the future!"
--Adolf Hitler

"46.  The U.S. government declares a ban on the possession, sale, 
transportation, and transfer of all non-sporting firearms. ...Consider the 
following statement:  I would fire upon U.S. citizens who refuse or resist 
confiscation of firearms banned by the U.S. government."
--The 29 Palms Combat Arms Survey  
http://www.ksfo560.com/Personalities/Palms.htm

1935 Germany = 1996 U.S.?

Key fingerprint =  30 F9 85 7F D2 75 4B C6  BC 79 87 3D 99 21 50 CB






From jim at ACM.ORG  Tue Aug  6 00:37:05 1996
From: jim at ACM.ORG (Jim Gillogly)
Date: Tue, 6 Aug 1996 15:37:05 +0800
Subject: SSNs (was Re: Internal Passports)
In-Reply-To: <Pine.SUN.3.91.960805234946.753F-100000@tipper.oit.unc.edu>
Message-ID: <199608060523.WAA04715@mycroft.rand.org>



Simon Spero <ses at tipper.oit.unc.edu> writes:
>one silly thought: lots of people use cypherpunks as the username and 
>password for all those websites that want an id. What about a cypherpunks 
>3-2-4 number for those cases where an SSN isn't appropriate. Anyone know 
>what J. Edgar Hoover's SSN was?

Yes, that does indeed sound silly.  BTW, the UNABOMer's secret ID number,
used to identify various communications with the NYT as being his, is
reported (Mad Genius and a government deposition) to be 553-25-4394, which
allegedly turned out to be the SSN of a prisoner somewhere in California.
I suppose it's not useful for this application, since it belongs to
somebody who might need it again sometime.

	Jim Gillogly
	14 Wedmath S.R. 1996, 05:21





From ses at tipper.oit.unc.edu  Tue Aug  6 00:48:18 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Tue, 6 Aug 1996 15:48:18 +0800
Subject: SSNs (was Re: Internal Passports)
In-Reply-To: <2.2.32.19960806010151.008f8f48@panix.com>
Message-ID: <Pine.SUN.3.91.960805234946.753F-100000@tipper.oit.unc.edu>


one silly thought: lots of people use cypherpunks as the username and 
password for all those websites that want an id. What about a cypherpunks 
3-2-4 number for those cases where an SSN isn't appropriate. Anyone know 
what J. Edgar Hoover's SSN was?



---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From hallam at Etna.ai.mit.edu  Tue Aug  6 00:51:45 1996
From: hallam at Etna.ai.mit.edu (hallam at Etna.ai.mit.edu)
Date: Tue, 6 Aug 1996 15:51:45 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <199608060242.TAA18997@dfw-ix11.ix.netcom.com>
Message-ID: <9608060554.AA01285@Etna.ai.mit.edu>



Contrary to reports of some sort of inversion it is not the case that
shell cases need to be found at the scene of a crime to cause an
arrest and conviction. There are many people who are serving time
after having left their fingerprints on shell cases found in a gun
recovered after a crime. If the gun can be linked to a crime scene
via balistics reports and the shells in the gun to an individual via
fingerprints that is circumstansial evidence.

Of course nobody gets sent to jail on a single piece of questionable
evidence (at least if they have a decent lawyer). But a weak piece
of evidence is sufficient to lead to a conviction if it is a lead.
Anything that reduces the search space for an investigating team
is an advantage for the police.

	Phill






From alanh at infi.net  Tue Aug  6 01:01:28 1996
From: alanh at infi.net (Alan Horowitz)
Date: Tue, 6 Aug 1996 16:01:28 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <9608052116.AA09050@Etna.ai.mit.edu>
Message-ID: <Pine.SV4.3.91.960806013641.11416F-100000@larry.infi.net>


Phil,

The Japanese were not interned in the State of Kansas. The people 
wouldn't permit it and the FBI just quietly backed down.

The Nazis couldn't enforce the Yellow Star in Denmark. The people 
wouldn't permit it.

I can't speak about what people in the UK will permit. If they're all 
like you, they'll permit anything.

Oh the Administration and the Congress don't agree that we have a right to
defend our freedoms, if necessary, against them?  I work in a military
base in the heartland, not a computer lab in Cambridge - and I think
you're wrong about that - I don't think you could get enough American
troops to perticipate in disarming innocent civilians. And the Congress
and the Administration DO know it and are scared to death of it. 


Anyway, Phil, I was trying to ask your opinion about something.... Is 
there any freedom for which you would personally risk your life for?





From alanh at infi.net  Tue Aug  6 01:15:07 1996
From: alanh at infi.net (Alan Horowitz)
Date: Tue, 6 Aug 1996 16:15:07 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <9608060607.AA01332@Etna.ai.mit.edu>
Message-ID: <Pine.SV4.3.91.960806021028.11416N-100000@larry.infi.net>


On Tue, 6 Aug 1996 hallam at Etna.ai.mit.edu wrote:
> Several years ago the IRA attempted to murder my cousin. I have been 
> warned not to continue my political activity but I do so regardless.
> 
> I do not advocate the bringing of troops onto the streets but I see 
> it as the logicial response to the case put by the NRA. They are
> playing a tune I have heard before. Claim to stand for freedom while
> doing whatever is possible to encourage restriction of liberty.

  I have added you to my computerized list of individuals who advocate 
the violent overthrow of the US Constitution.

I am going to go to the law library and see what my options are, with 
respect to filing a petition to have you deported out of the United 
States.

This is not a rhetorical statement.





From remailer at cypherpunks.ca  Tue Aug  6 01:16:43 1996
From: remailer at cypherpunks.ca (John Anonymous MacDonald)
Date: Tue, 6 Aug 1996 16:16:43 +0800
Subject: PGP public key servers are NOT useful!
In-Reply-To: <199608052141.QAA15347@bluestem.prairienet.org>
Message-ID: <199608060552.WAA04209@abraham.cs.berkeley.edu>


"David E. Smith" <dsmith at prairienet.org> writes:
> Over the last couple of weeks, I've noticed a lot
> of subscribers who PGP clearsign their messages,
> but who haven't uploaded their keys to any of
> the public keyservers.
> 
> Those keys are most useful when they're
> available to people who might want to use them,
> so I'm asking those of you who haven't sent
> them to a keyserver to do so.

I, for one, make it a point of never using the PGP public key servers.
I make my key available by finger, and always check for people's keys
through finger.  The problem with the PGP public key servers is that
one has absolutely no control over what gets uploaded there in one's
own name.

If someone really wanted to prevent me from using PGP, for example,
that person could just upload 500 different PGP keys to the key
servers all with my E-mail address as the key ID.  Even if you already
have a PGP key of someone you trust who has certified my key, are you
really going to verify all 500 other keys until you find the one that
is certified by the real trusted person?

Moreover, what's to stop someone from downloading my key, adding an ID
"kkk grand wizard", signing it with a fake "David Duke" key, and
uploading the new signature to the PGP servers.  I don't want anyone
to be able to put such things on my PGP key in the place where most
people will go looking for it first.

Deleting a key from a PGP key server is probably even more difficult
than getting an error corrected on your credit report.  Even if one
keyserver deletes it, it will probably end up propagating there again
from another server.

The finger approach is far from perfect, because not everyone can run
a finger daemon accessible to the net at large.  Moreover, even people
with PGP keys in their .plan files often can't be fingered at their
mail hubs (in fact, people often receive E-mail at addresses which are
only DNS "MX records" which don't have corresponding IP addresses).

Thus, I'm not saying finger is the solution.  However, at least people
have control over the plausible PGP key finger locations in a way that
fits sensibly with the key ID's sought.  In other words, if I have
absolutely no affiliation with Berkeley, I should not be able to stick
a PGP key with an ID ending "<.. at cs.berkeley.edu>" where people will
primarily look for such keys.  (Of course I'm welcome put the key any
other place I have access to.)

Note finally that the key distribution problem addressed by the key
servers has nothing to do with key certification.  I think one of
PGP's greatest strenghts is that anyone can certify any one else's
public key.  I hate the idea of a hierarchical system where you might
have to pay $20 and wait 3 days to get a public key (Verasign I gather
does this for SSL certificates, though the cost/wait are probably
completely different).  Thus, while I'm advocating some kind of
hierarchical key distribution mechanism, I absolutely don't want to
see that kind of structure imposed on key certification.

In fact, the key distribution problem is just the opposite of key
certification in that one wants to prevent unwanted certificates and
keys from being interpreted as condoned by the supposed owner of the
PGP key.  Even if my key really was certified by someone a year ago,
if I've now forgotten the passphrase I don't want to keep having
people grab my old key.  I also don't want random attacks on my
character appended to my PGP key where most people will seek it.

Finally, for those who desire the "light security" of encrypting with
my PGP public key even though they can't verify any of the
certificates (and I do get plenty of such PGP-encrypted mail), it
might be nice to have a system in place that at least required an
active network attack to bypass.  You might argue that this would be
worse as it would encourage more people to use untrusted PGP keys.
However, consider SSH's mechanism whereby it acquires public keys
automatically at first and then keeps verifying the keys on subsequent
sessions.  It's not perfect, but I think it definitely improves the
security of the situation.  Anyway, if the NSA started mounting
massive active attacks from the internet backbones, we would at least
find out about it soon enough.

[Posted anonymously to prevent some wise guy from getting the
brilliant idea of uploading 500 fake PGP keys in my name...]





From alano at teleport.com  Tue Aug  6 01:44:03 1996
From: alano at teleport.com (Alan Olsen)
Date: Tue, 6 Aug 1996 16:44:03 +0800
Subject: Cookies on Microsoft Explorer?
Message-ID: <2.2.32.19960806062542.00a47d1c@mail.teleport.com>


At 03:48 PM 8/5/96 -0400, you wrote:
>
>Does anyone know what the equivalent technology is on Microsoft to
>Netscape's cookie technology?  Does Microsoft have support for cookies or 
>not?  

Internet exploder 3.0 supports cookies.

>All of the discussion on the list to do with
>cookies is related to Netscape.  Does this mean that if one switches to
>Microsoft Explorer one can avoid the problem?  Many thanks.

There is no escape.  Resistance is futile. You will be server pushed, filed,
tracked, counter digited, and numbered. You are not a free individual, you
are an IP address assigned from a dynamic pool.

Be seeing you!
---
|"Computers are Voodoo -- You just have to know where to stick the pins."|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From blane at aa.net  Tue Aug  6 01:54:45 1996
From: blane at aa.net (Brian C. Lane)
Date: Tue, 6 Aug 1996 16:54:45 +0800
Subject: ****Tacoma, Washington Starts Taxing Internet Access 07/30/96
In-Reply-To: <2.2.32.19960805181729.00e8c4a0@mail.teleport.com>
Message-ID: <3206e54a.46270083@mail.aa.net>


On Mon, 05 Aug 1996 11:17:29 -0700, you wrote:

>At 05:42 AM 8/5/96 -1000, NetSurfer wrote:
>>
>>On Wed, 31 Jul 1996, Joseph M. Reagle Jr. wrote:
>>
>>>   	  				 
>>> >WASHINGTON, DC, U.S.A., 1996 JUL 30 (NB) -- By Bill Pietrucha.  
>>> >Tacoma, Washington, has just gained the distinction of being the 
>>> >only municipality in the United States to tax Internet Access 
>>> >providers (IAPs) like telephone service providers. 
>>> >
>
>I believe the reason the Tacoma ordinance is getting so much flack is that
>they are wanting to charge sales tax on all transactions that take place
>from ISPs in Tacoma.

  

>
>This type of taxation is not new.  Various jurisdictions have tried to use
>the same thing on mail order houses.  Having worked for a service bureau
>that dealt with mail order, I know what a hassle it is to try to keep track
>of such taxation.  There is a company that will sell you the data of all of
>the sales tax rates throughout the country.  This includes every little
>podunk city, county, and fire district tax.  They are divided by zip code,
>but that is no guarantees that you have the right place. The reality is that
>trying to "be legal" under such regulations is next to impossible, even with
>the proper data.  I know of few mail order firms that are willing to go to
>that extreme.  (Unless, of course, they have gotten the proper threats from
>some miffed tax baron.)
>
>And they wonder why there is so much disrespect for the law...
>---
>Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
>        `finger -l alano at teleport.com` for PGP 2.6.2 key 
>                http://www.teleport.com/~alano/ 
>  "We had to destroy the Internet in order to save it." - Sen. Exon
>                "Microsoft -- Nothing but NT promises."
>
>

------- <blane at aa.net> -------------------- <http://www.aa.net/~blane> -------
     Embedded Systems Programmer, quick hacks on request, CryptoAnarchist
==============  11 99 3D DB 63 4D 0B 22  15 DC 5A 12 71 DE EE 36  ============





From jimbell at pacifier.com  Tue Aug  6 02:02:03 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 6 Aug 1996 17:02:03 +0800
Subject: More to be paranoid about...
Message-ID: <199608060636.XAA29816@mail.pacifier.com>


At 01:50 PM 8/4/96 -0700, Bill Stewart wrote:
>At 10:14 PM 8/3/96 -0700, you wrote:
>>Take a look at:
>>     http://www.spiritone.com/cgi-bin/plates
>>Feed it an Oregon licence plate number and it will feed you back all sorts
>>of info about the person/victim.
>
>It's interesting to know that Senator Hatfield's wife's birthday
>is 1/17/29, and that the title to the car is held with a 
>security interest by the US SENATE EMPLOYEES FEDERAL CREDIT,
>and that (at least) Social Security Numbers weren't listed
>for the plates I checked.  Also that, unlike many states,
>the Governor doesn't have License Plate #1.

It turns out that I am indirectly (two steps removed) responsible for this 
information being publicized on the 'net.  I bought a copy of a CDROM that 
included this data (from a person who bought this data from the State of 
Oregon on magtape), and a friend of mine got a copy from me and made a copy 
for his friend, who decided to put it on the web as an accessible item.

In any case, contrary to Alan Olsen's implication, I think that this kind of 
thing is a step forward for freedom.  Government agencies already have 
access to this kind of information whenever they want; it's only the 
individuals who don't.  Indeed (as my friend pointed out, correctly) this 
information is only considered valuable because not everyone has it.  Making 
this information available puts government-types under the same "gun" as the 
rest of us already were.  

It is now being seen that driver's licenses, while ostensibly merely being a 
certification that we know how to drive, are most useful to government as a 
way to "legitimately" collect information on us, including our address and 
age.  Since the function of credentialing is being implemented using 
encryption in ways to protect privacy, I suggest that we should push the 
government in that direction.  





Jim Bell
jimbell at pacifier.com





From alano at teleport.com  Tue Aug  6 02:18:51 1996
From: alano at teleport.com (Alan Olsen)
Date: Tue, 6 Aug 1996 17:18:51 +0800
Subject: Credit Cards over the internet
Message-ID: <2.2.32.19960806064420.00af96e8@mail.teleport.com>


At 02:46 PM 8/5/96 -0800, Vinnie Moscaritolo wrote:
>Just read a forwarded message from a merchant who indicated that:

{credit card hastles deleted]

I have been having some similar hastles setting up a site for credit card
usage.  It seems that the credit card companies are confused between
protecting cards over the net and validating credit card information.  (Two
entirly different problems.)  The broker we are going through seems to have
gotten a few clues, but it is taking ALOT of explaining.  (The site will be
running Stronghold when we are able to process credit cards. We are
currently running Apache 1.1.)  Actually I am having a harder time getting
through to the sysadmin at the host site why we need a commerce server than
I am with the credit card company...

It sounds like the scare stories on the news have taken their toll.
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From jsw at netscape.com  Tue Aug  6 02:21:33 1996
From: jsw at netscape.com (Jeff Weinstein)
Date: Tue, 6 Aug 1996 17:21:33 +0800
Subject: Stealth cookies
In-Reply-To: <2.2.32.19960806003319.00a5a274@vertexgroup.com>
Message-ID: <3206EFF8.6238@netscape.com>


John F. Fricker wrote:
> Solution?
> 
> 1) Don't put your name in the netscape configuration (d'oh)

  No, no, no.  Netscape navigator does not reveal your name or
put it into cookies.  The only way to get your name or other
personal information about you into a cookie is for you to type
it into a web site, and have that site send you back a cookie.

  The only time we reveal your name is in e-mail headers, and
when doing anonymous FTP when you have manually disabled the default
of sending 'mozilla@' as the anon ftp password.

	--Jeff





From wombat at mcfeely.bsfs.org  Tue Aug  6 02:30:12 1996
From: wombat at mcfeely.bsfs.org (Rabid Wombat)
Date: Tue, 6 Aug 1996 17:30:12 +0800
Subject: The futility of trying to "tag" ammunition
In-Reply-To: <ae2bdb75040210042746@[205.199.118.202]>
Message-ID: <Pine.BSF.3.91.960806050739.11416B-100000@mcfeely.bsfs.org>



> >> US it is not unreasonable to require each individual cartridge
> >> to be stamped with a serial number and for gun dealers to be

How about just numbering the criminals?  There's more room for the 
numbers, there's precedent, and less specialized equipment is required.

 ;)






From gnu at toad.com  Tue Aug  6 02:32:08 1996
From: gnu at toad.com (John Gilmore)
Date: Tue, 6 Aug 1996 17:32:08 +0800
Subject: Looking for CJ's or State Dept. correspondence re "public domain"
Message-ID: <199608060718.AAA11804@toad.com>


We got a brief last week from the State Department in the Bernstein
case (in which we're trying to overturn the crypto export controls
on First Amendment grounds).  They state:

	"In fact, the State Department does not seek to control the
various means by which information is placed in the public domain.
Lowell Decl, para. 22.  The Department does not review scientific
information to determine whether it may be offered for sale at
newsstand and bookstores, through subscriptions, second-class mail, or
made available at libraries, or distributed at a conference or seminar
in the United States.  Id.

	"These clear examples are included in the ITAR to enable
	individuals to determine for themselves whether particular
	information is subject to regulation as technical data.
	Indeed, individuals rarely -- if ever -- seek a determinatino
	from the Department as to whether information is in the public
	domain, and the regularions are not applied to establish a
	prepublication review requirement for the general publication
	of scientific information in the United States."

I am wondering if anyone else has ever sent in a CJ request that
sought to determine whether the item in question was considered
"public domain" by the State Department.  Several CJ's of this type
can be found near the bottom of my crypto export web page, at
ftp://ftp.cygnus.com/pub/export/export.html.

Has anyone else had interactions with the State Department about
the "public domain" status of anything?  Please let me know.
--
John Gilmore                                    gnu at toad.com  --  gnu at eff.org
				RESTRICTED
    Notice. - This document contains information affecting the national
    defense of the United States within the meaning of the Espionage Act
    (U.S.C. 50: 31, 32).  The transmission of this document or the
    revelation of its contents in any manner to any unauthorized person
    is prohibited.





From tcmay at got.net  Tue Aug  6 02:52:41 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 6 Aug 1996 17:52:41 +0800
Subject: e$: Watching the MacRubble Bounce
Message-ID: <ae2c29840d0210047e61@[205.199.118.202]>


[Note: My analysis of Apple Computer, and why I will not give a "pep talk"
to certain Apple Macintosh folks, is contained at the _end_ of this piece.
Skip forward if you like, or read my response to Bob H. to get the
background on why I am posting this.]

At 4:20 AM 8/6/96, Robert Hettinga wrote:

[much stuff elided]

>All of which brings up the *real* point of this rant. I mean, who *cares* if
>you can do crypto on the Mac or not? Why not stand back and watch the
>MacRubble bounce?
>
>My thinking about all of this started because I've been reading Vinnie's
>mail over his shoulder. (Yes. I'm shameless. When we're working on stuff
>together, we trade our mail about it. As they say in the Mac biz, "Sosumi".)
>That is, Vinnie's been out there scaring up speakers for this shindig that
>he "borrowed" the grenades for, and, well, in his tree-shaking (God help you
>if Vinnie shakes a tree you're in), he invites (if you could call what
>Vinnie sent an invitation :-)) Yet *Another* Nameless Cypherpunk (YANC) to
>come and give us what we hope would be a Patented Colorful Cypherpunk
>crypto-Peptalk, with Vinnie saying to him (YANC), in effect, we need him
>(YANC) for a proper Laying-On of Hands, him being a Piece of the True Crypto
>Cross, and all.

I have to assume you are referring to me, as I had an exchange with Vinnie
which resembles this. As you were given "over the shoulder" access to mail
I sent to Vinnie, by all accounts, I certainly will have no qualms
forwarding my correspondence on this issue to this list.

>Of course, Vinnie didn't stand a chance.  If we *could* consider Vinnie for
>it, (which we can't, because he's on the selection committee) he might have
>earned the coveted 1996 Black Rhino "Mr. Kevlar" award (for courage in the

Oh, he "had a chance." He just wasn't very persuasive. And given that I
don' think crypto needs to be tied to the Macintosh platform (which is
dead, even though it hasn't yet topped over, and even though people like me
continue to use it), more is needed than "We need you." I'm not big on
charity, and Apple is truly a charity case.

>face of imaginary gunfire) for his efforts. Actually, considering the, heh,
>caliber, of last year's winner, it's just as well. A, uh, bang-up job Mr.
>Weinstein of Netscape did last year. A hard one to top. And so, the search
>continues. Both for this year's "Mr. Kevlar", and, of course, for some other
>Piece of the True Cross. Or so we think. I'll get to that in a moment.
>
>What Vinnie got from Yet Another Nameless Cypherpunk, instead of "Yes, I'll
>come talk about crypto, the universe, and everything.", was Yet Another
>Rendition of the Apple Macintosh Massacree. In six-part ;-) harmony, of
>course. And, no, I won't sing it here in its 21-minute (not even 17 for

Clever writing, to some, but empty of calories. My "Massacree" will be
included at the end of this message. Judge for yourself.

>radio) entirety. However, I should really note here that no matter how
>reasoned and cogent YANC's arguments were (and cogent they were, too: upon
>reading them, I was halfway to the dumpster with my trusty old PB180,
>tears in my eyes, before I came to my senses), in general, one of the *big*
>reasons that Vinnie got the $0$AD ($ame Old $ong And Dance) Re the Future of
>the Mac as a Viable Platform was probably more because the aforementioned
>YANC has eschewed speaking opportunities like this for years anyway, and
>Vinnie probably didn't ask him with the Proper Deference Necessary for a
>Cypherpunk of That Stature. In fact, I *know* Vinnie didn't, because I read
>his mail ;-). However, that, of course, wasn't why YANC gave Vinnie the
>aforementioned Massacree in particular.

Your future as a mind reader, Bob, is limited. It is true that I avoid some
speaking engagements which appear to be "hype" and "pep talks." But I also
have elected to give a few talks, incuding one in Monte Carlo which took me
several weeks to prepare for, and one at CFP '95, arranged by our own Prof.
Michael Froomkin.

>YANC Massacreed Vinnie because there's a lot of *very* disappointed Mac
>users out there, YANC being a prominent example thereof. Love the computer.
>Hate the company. Hell hath no fury like a Mac user (not to mention
>shareholder) scorned. Heck. I understand *that*. I did the *same* thing just
>over a year ago this week. "Platforms are Meat", and all that. For what it's
>worth, YANC, I *feel* your pain... :-).

I'm not sure what you're drinking, but you might want to lay off for a few
hours before sitting down to write.

>So, I repeat, why *not* stand back and let the MacRubble bounce? No, this is
>not a segue for me to stand up in my chair and start singing the Apple
>Company Song at the top of my lungs, complete with a QuickDraw-VR DOOM
>environment file of One Infinite Loop right up there on the screen for y'all
>to marvel at and play with using your very own Newtons, all while I sing 100
>Company Song verses with a six-part MIDI chorus of my own voice (Yechhh!).
>Nope. Not me. Indeed, I really *do* say, "Why not?". That is, let's look at
>what happens if people *don't* develop crypto for the Mac.
>
>The truth is folks, not much.

I agree. Not much to be done about Apple. Too bad, but it's not something I
can do much about. I've known some of the early Apple folks since 1977, and
first invested in them in 1984. (Though I sold 90% of my stock in Apple a
year or so ago, at $45, well above its current level.) In 1986, upon my
departure from Intel, I bought a Macintosh Plus, the closest thing I could
afford to a Symbolics 3600. (Interesting note: a friend of mine said she
just saw an ad for a Symbolics: $100 takes it away. Except for the
likelihood that it would cost far more per month to run it, I'd buy it.
Maybe I still will....) Then I bought a Mac IIci, a Powebook 100, a
Powerbook 170, and then a Power Macintosh 7100av. Mostly I've been happy,
as I had access to a windows environment (before Microsoft tried to patent
the name "windows"), visual metaphor (a la my Symbolics), and an adequate
supply of programs, including: Excel, Photoshop, Painter, Eudora, etc., all
of which made their appearance on Macs before on Windows.

However, the same windows/Lisp machine/Xerox/Smalltalk appearance which
Apple stole from the Xerox and MIT machines is now available in robust form
in the form of Windows NT machines, with huge market share and incredible
performance. (I am "loyal" to the computing metaphor, not to the current
market Apple has.)

>First of all, we all think it'll be Real Bad News for Apple Real Soon
>if real-live strong cryptography isn't shoved as far down as it's possible
>to make it go into the Mac's operating system, and right now, dammit. But,

As my message to Vinnie (below) points out, Apple blew a couple of chances
it has to incorporate crypto and security. For one, it announced some sort
of System 7 signature system...like a lot of Apple announcements, nothing
more was heard of it and it today merits not even the slightest footnote.
Second, Apple could've _owned_ the "Internet telephony" market which Intel
(!!!!!) is now touting so highly: Macintosh AC models (660av. 640av, all
PowerMacs) had extensive audio in/out capabilities, with DSP or CPU powers
sufficient to implement secure teleconferencing.

Instead, we got me-too  products like "E-World," a now-defunct proprietary
version of Prodigy, and countless other "detour" products, including
OpenTransport, GeoPort, speech recognition (which doesn't really work, at
least not on my $5K Mac), the Newton, and endless catchily-named Apple
products.


>so *what*? The Mac's only, say, 5-7% of the computer market anyway, and the
>only possibly new, cool, stuff Apple's involved in, say, OpenDoc/Cyberdog,
>has 5%, maybe 10%, of *that*, so, who *cares*? Potential Mac crypto
>developers aren't effecting that many people at *all*. They would better
>spend their time doing CryptoJava++ or something, because there's *much*
>more market penetration *there*. Or, even better, developers should go do
>CAPI for Windows. I mean, that's where the *real* money is, right? So
>fergadaboudit, go write CAPI-code, I mean, Microsoft Gets The Internet Now,
>right? At least there'll be *active* developer support from the MotherShip,
>which is better than whatcha get from Apple ferchrissakes <He said, ducking
>a mysteriously appearing grenade fusilade from Vinnie's general direction.
>Can someone tell me *how* he pulls the pins and throws them all at once
>like that?>.

Bob, your rants lose effect when mixed with this Hunter S. Thompsonesque
writing style (" <He said, ducking a mysteriously appearing grenade
fusilade ..."). Maybe this comes from too much time spent in front of a
Macintosh?

[much more stuff elided]

>That's why Vinnie's going to fill that room in Cupertino. (On the 5th and
>6th of September, remember?) First of all, the developers who are left in
>the Mac market are there because they love it. The old guys, who, like me,
>can't get it up anymore, still hack Macs because they love them. The *new*
>developers hack Macs because they can't get leave it *alone* and don't know
>from market share anyway. They just love what they're doing.

Well, if you "can't get it up anymore," to use your words, maybe it's time
for you to move on to something else?

>Well, it looks like Vinnie, and all those room-filling Chuck-E-Cheese-
>Gopher-Banging Mac crypto developers will have to use their ears (or what's
>between them, anyway) to fly instead.
>
>Only this time, Dumbo's got a sack of grenades.

Well, good luck. For me, giving a pep talk to a bunch of tired old Mac
developers at a Chuck-E-Cheese--especially when I went to the first one, in
San Jose, in 1977-78--does not excite me in the slightest. After all, it's
not as if Apple people cannot come to the Bay Area Cypherpunks meetings (I
know of only one current Apple employee on our mailing list, actively, or
who attends meetings: Martin Minow).

I refuse to accept any burden of guilt for not volunteering to speak for 30
minutes at a conference which is poorly-defined to me and which would cover
material the attendees could get by subscribing to our list for a few days
or weeks or by attending a physical Cypherpunks meeting in the Valley.

I'm sorry (for Vinnie, never for me) that  Vinnie is pissed off at me for
not helping out at his Let's Save Apple conference, and that Bob feels it
necessary to rant about this Mysterious Cypherpunk who won't Help the
Cause.

Life is tough. I'm available as a consultant, of course, and Apple is, as
always, free to hire me as a consultant.

Attached below is my major response to Vinnie. I would not have raised the
issue here on this list, except for Bob's post. Take it or leave it.

--Tim


At 9:52 PM 7/23/96, Vinnie Moscaritolo wrote:

>Cut the Bullshit, Tim;

I normally don't respond to anyone who tells me to "Cut the Bullshit,"
"Knock it off," etc. In fact, I deleted your message as soon as I saw
this....then a few minutes later I elected to retrieve it from Eudora's
trash folder before I had emptied the Trash.

I'll respond here, but not to "dammits" and "Knock it offs." If you want to
calmly discuss things, fine. Otherwise, I'll just add you to my filter
file. No harm done.


>I am having to pull teeth and do this a guerilla effort, but dammit If I
>have to do it alone I will. SO DONT GIVE ME THIS "I was not welcome on the
>list"  crap, what I am trying to avoid is folks like  dave weiner.  who
>just bitch and dont offer any solutions. Most of what you say IS EDUCATED
>and needs to be heard. Tim if you sent me a message saying you want to be
>on the list, I would stop what I was doing and put you on in a second..

I'm not surprised you are having trouble pulling this together, for several
good reasons:

1. Apple is struggling, developers are focussing on Windows.

2. Crypto for the Mac is really dependent on a couple of main apps: mail
programs (Eudora, Claris E-Mailer, Lotus Notes, etc.) and Web browsers
(obvious name here). If you want Apple to be "in the game" on crypto, as it
clearly is not now, ask Claris why they are not supporting PGP or S/MIME.

3. And crypto is not really a "Macintosh" issue. The best programs are now
platform-neutral.

4. A "guerilla" program, absent a compelling need, is likely to generate
little support.

5. "Internet commerce" is indeed a Big Issue (and of course a massively
hyped issue). But it is unlikely in the extreme that the Mac could ever be
a central player...the focus is on Web browsers and other tools that
represent 95% of what Web users have. (Don't tell me about CyberDog...less
than 10% of the market has Macs, and probably less than 10% of them have
installed CyberDog. I don't personally know any Mac users planning to use
it. This may change, of course, but at this point its prospects are not too
bright.)

My point is simple: if your conference is the effective realization of the
goals of your Mac-Crypto mailing list, as appears to be the case (at least
to me), then I can't see how my discussion of political issues would be
consistent with your insistence that Mac-Crypto avoid issues that don't
involve coding.

(And I would not welcome the attention I might get at Apple if I were to
discuss what I know of "information liberation," including the NuPrometheus
League.) Friends of mine have been called by P.I.s investigating this
case.)

>>No "solution" predominantly on the Mac is a solution for the masses, who
>>are overwhelmingly using Windows today. (You surely know this...your
>>company is struggling to hold 5-7% of the new sales figure; you haven't
>>been above 10% for several years.)
>>
>
>so why do YOU use a mac? or do you.

I use a Mac, primarily these days to run Netscape, Eudora Pro, and a
handful of related tools. None of these are Mac-specific anymore, and in
fact the Mac is way behind in a lot of ways (e.g., automatic signing of
messages).

The Mac has perhaps 8-10% of the installed base, and something less than
this in terms of new sales. Of this 10% (charitably), I doubt more than 10%
has installed and used "CyberDog." So, perhaps 1% of users have access to
this (at least at this time).

(I don't know the % of Web sites hosted on Macs, but I know the Mac is
coming under fire there, too. Lack of "multi-homing," lack of Unix-type
robustness, and the power of NT servers, from what I read. In any case, Web
site hosting is not a major point of confluence with crypto issues. I know
Sameer Parekh and folks like him would laugh if anyone suggested they host
their sites on a Mac.)

I've watched with growing incredulity and confusion as Apple has gone off
on tangents which seem to have little value to its core customers. Sure,
some of these have succeeeded (QuickTime for one), but many are just
tangents, at least for the dozen or so home Mac users I know. For example,
OpenTransport, GeoPort, Publish and Subscribe, OpenDoc, Interactive Music
Toolkit, the Speech recognition stuff, and so on. Not to mention expensive
detours into the Newton.

(I don't fault Apple for pursuing these things; it's hard to know what will
be the Next Big Thing and all. What I fault them for is having a confusing
array of add-ons to the basic OS, with lots of confusion about what the
advantages are. I, for example, use plain old System 7.1.2, an external
28.8 modem, and fairly standard apps and tools. I see no need for GeoPorts,
OpenTransport, or any of that stuff. And when Apple stopped bundling the
System software with machines, and making upgrades free, and generating
multiple versions of System 7.5x, well, this all made my glad to just sit
all this confusion out.)

Can Apple do anything to "help crypto"? Not a thing, as near as I can tell.
Eudora is _still_ not putting PGP or S/MIME in in Eudora Pro 3.0, and
Netscape is doing whatever it is doing (as you know). Thus, all I care
about is what Qualcomm does with Eudora and what Netscape does with
Navigator. I don't care about what Apple puts in CyberDog, as I have no
immediate plans to use it as my browser or my mailer. I think I represent
about 80% or more of all Macintosh users, too.

>>I just don't see the point of trying to educate Apple people on something
>>so far from what they need to be doing.
>>
>
>Point is put up or shut up, I am giving you a chance to be heard, I dont
>give a flying hoot what you say, except that you make people aware of the
>issues.  Tim dont you know that outside of cp very little is known about
>crypto-anarchy. and what it mean.. hey even if you hate the very essence of
>apple, (and I know your don't) you can helpbe part of the solution instead
>of part of the problem...
>
>
>so whats it gonna be.

I don't buy this notion that I have to choose to be part of the problem or
part of the solution. Nothing Apple can do really matters at this point, as
they've lost the leadership role they once had and are increasingly
"marginalized."

Crypto tools are platform-independent, ideally. Unless crypto tools and
algorithms are "built in" in some very usable way to Copland, say, there
just is no role for Apple. Sure, you lean on Steve Dorner at Qualcomm to
get crypto into Eudora in a more central way, and work with Netscape in
some way, but not much else is to be done.

(And Apple dropped the ball a couple of years ago with the "digital
signature" stuff they announced...I forget the name, but it was some kind
of certificate-based system, probably called something typically Apple-ish
like "OpenCertification" or somesuch. I think it was introduced in 1994 or
so, about the time the 660av and 840av were rolled out. Nothing more has
ever come of it, not too surprisingly.)

And speaking of the av-series machines, and the later PPC machines (of
course), Apple blew it by not developing this as an "Internet phone" sort
of thing. Here they have had av-compatible machines (speakers, microphones,
DSP functionality) for a few years, and yet Microsoft and Intel are
grabbing the headlines with "Internet phone" systems! Jeesh.

(This is not something that talking to the bottom-level troops at a
"crypto" meeting can do, this indicates the complete lack of vision at
higher levels.)

Apple consistently blows its lead, and is now becoming irrelevant. (I don't
plan to switch, so long as my Web-centric apps continue to run and updates
are provided. And I have too many thousands of dollars tied up in Mac
hardware, including the usuals several gigs of disk, CD-R, laser printer,
Powerbooks, etc. So, it'll be several years before I have to switch.

But that sure doesn't mean I have to be a cheerleader for a probably doomed
system. I first bought Apple stock the day after the Mac was unveiled, on
January 25th, 1984, and added to my holdings over the years. I finally
dumped 90% of my shares last fall, for $45. And I'm glad I did.

There is nothing Apple people can do to "help crypto" at this time. And the
only thing they can do to help Apple survive is to do just that, help it
survive. As for what that might be, at this late date, I'm fresh out of
ideas.

You may think this is Apple-bashing. I avoid bashing Apple in public, as
the issues and themes are well-known to all. But you have framed your note
to me as a call for me to "put up or shut up," implying I have some duty to
help Apple and the Macintosh succeed. I do not.

I am available as a consultant, of course. I doubt Apple needs more more
consultant advising it  on corporate strategies, but this option is open to
you.

--Tim


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From bdurham at metronet.com  Tue Aug  6 03:28:35 1996
From: bdurham at metronet.com (Brian Durham)
Date: Tue, 6 Aug 1996 18:28:35 +0800
Subject: FUCK YOU, SHITOPUNKS
In-Reply-To: <199608051211.GAA26432@zifi.genetics.utah.edu>
Message-ID: <3206F8E4.2781@metronet.com>


Anonymous wrote:
> 
> FUCK YOU, SHITOPUNKS
> DAVID STERNLIGHT

Well, I guess I don't have to take the pledge now.

Brian Durham





From lyalc at zemail.com.au  Tue Aug  6 03:47:40 1996
From: lyalc at zemail.com.au (lyal collins)
Date: Tue, 6 Aug 1996 18:47:40 +0800
Subject: Credit Cards over the internet
In-Reply-To: <Pine.SUN.3.91.960805234211.753E-100000@tipper.oit.unc.edu>
Message-ID: <3207FC8B.477E@zemail.com.au>


I agree it is over engineered, possibly in the wrong directions.
There are other ways to avoid merchant never sees the cardholders card 
number, though - and a lot cheaper.
lyal
-- 
All mistakes in this message belong to me - you should not use them!






From fair at cesium.clock.org  Tue Aug  6 07:47:39 1996
From: fair at cesium.clock.org (Erik E. Fair (Time Keeper))
Date: Tue, 6 Aug 1996 22:47:39 +0800
Subject: e$: Watching the MacRubble Bounce
Message-ID: <v02140b0dae2caf6e1f9c@[198.68.110.3]>


Just FYI, there is at least one other full-time Apple employee on this list.

The previous digital signature stuff from Apple was part of PowerTalk, our
own attempt to do an E-mail system as part of the base OS. We licensed the
crypto stuff from RSA (as did Lotus and a bunch of others at about the same
time). PowerTalk had good goals (full digital signatures, encrypted mail,
etc), but an exceedingly bad plan for getting there (completely proprietary
file formats and protocols, and incompletely fleshed out APIs for getting
at them).

Needless to say, it was a flop in the market, and we've let everyone know
that we've stopped development of it. Fortunately, we still have that RSA
license, and we may yet be able to do something useful with it before
either the license or the patent expires. I keep pressing people about
these issues when I get the chance, internally.

I haven't made any of the face-to-face meetings of the Cypherpunks because
I have been busy frying other fish since I got on the list. I post from
this odd return address because I prefer to use my private system and
domain for cypherpunks. At work, I'm

        Erik E. Fair <fair at research.apple.com>
        Apple Research Labs (nee Advanced Technology Group)







From shamrock at netcom.com  Tue Aug  6 11:44:55 1996
From: shamrock at netcom.com (Lucky Green)
Date: Wed, 7 Aug 1996 02:44:55 +0800
Subject: e$: Watching the MacRubble Bounce
Message-ID: <v02120d46ae2c9d988525@[192.0.2.1]>


At 0:20 8/6/96, Robert Hettinga wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>e$: Watching the MacRubble Bounce

Robert, you *really* need to cut back on that Ritalin. No, not just `one
more'. Put it *away*. Now!

;-)




-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From mclow at owl.csusm.edu  Tue Aug  6 11:45:31 1996
From: mclow at owl.csusm.edu (Marshall Clow)
Date: Wed, 7 Aug 1996 02:45:31 +0800
Subject: Internal Passports
In-Reply-To: <2.2.32.19960806044723.01073e4c@vertexgroup.com>
Message-ID: <v03007801ae2c9ebff6b6@[207.67.250.128]>


At 9:47 PM -0700 8/5/96, John F. Fricker wrote:
>Hmmm. Actually a long time ago I lost my job with Greenpeace out of refusal
>to sign an I-9 which was in '86 the Department of Justice's form to exhibit
>eligibility to work in the US. The form required that I present two pieces
>of photo identification or a driver's license to be authenticated by my
>employer. Maybe it's a CA state law that adds an additional skin tone
>criterium to for the filing of an I-9.
>
I have found that promising to provide the necessary docs, and then failing to do so, is the least confrontational and most effective way around this.

"Delay is the deadliest form of denial"


-- Marshall

Marshall Clow     Aladdin Systems   <mailto:mclow at mailhost2.csusm.edu>

"We're not gonna take it/Never did and never will
We're not gonna take it/Gonna break it, gonna shake it,
let's forget it better still" -- The Who, "Tommy"







From jimbell at pacifier.com  Tue Aug  6 11:52:49 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 7 Aug 1996 02:52:49 +0800
Subject: Digital Telephony costs $2
Message-ID: <199608060636.XAA29824@mail.pacifier.com>


At 01:50 PM 8/4/96 -0700, Bill Stewart wrote:

>One advantage of higher-speed modems is that you can get away with
>16kbps ADPCM coding, which is dirt-simple computationally;
>your 386 probably has enough horsepower to do it, though a PC's
>interrupt structure may make it tough to shove all the data in and
>out in real time.  You still need a sound card that'll do the
>A/D and D/A conversion simultaneously if you want full-duplex;
>that wasn't part of the original market vision of Soundblaster,
>so vanilla sound cards don't all do it.

What is unclear, however, is WHY they "had to" build a card that couldn't do 
full-duplex.  I mean, would there have been a problem implementing that?  Or 
was this just another one of those stupid design decisions which could have 
been easily fixed if it had been realized in time?


> It also has the advantage
>that the data is being moved through your CPU, so encryption is
>an easy add-on, rather than having one combined modem/voiceblaster
>card which doesn't have any hooks for crypto or other processing.

Well, I assume that if implemented as a new type of modem card, the 
processor can be used to do the data transfer.


>
>>Sure,  it may not be necessary to compress voice audio all the way down to 
>>2400 bps, since the current modem standards allow 28.8kbps and beyond, but I 
>>suggest that decreasing net traffic by a factor of 12 (28.8k to 2.4k) is a 
>>desirable goal.  
>
>One problem is that tighter compression methods are far more sensitive
>to network latency than crude ones, and need to process more milliseconds
>of speech before putting out a packet on the net (e.g. a 64-byte tinygram
>is 200ms of speech at 2400bps, vs. 32ms at 16kbps.)  For modem-to-modem
>communications, this is no problem; for Internet random delays it is.

I see what you're saying; this makes sense.  Maybe what the industry is 
going to have to do is to start out at 16kpbs, reserving full 2400 bps 
compression for a (near?) future time when network latencies are low and 
predictable.


>Also, another big difficulty with full-duplex transmission is that you
>need echo-cancelling, especially with high-latency circuits.
>Half-duplex is annoying, but it doesn't echo, and it's more tolerant
>of delay because you're not expecting it to have natural timing...

Fortunately, this is the kind of thing that DSP's are good at...


>>The reason I think a system I've described has a future is that modem 
>>manufacturers have a PROBLEM.  Their problem is that they've pretty much run 
>>out of room to improve the bit-pushing through a 3 KHz bandwidth.  
>
>Given that the "3KHz" is almost universally transmitted over 64kbps
>digital channels, there's really no point in pushing past 33.6 with
>analog-based coding; better to just do ISDN. 

The local phonecos still want to overcharge for ISDN, however.  Major 
bigtime problem.  ISDN looked great back in about 1980 when the fastest 
common modem was 300 baud, but it's lost much of its lustre competing 
against 33.6 kbps.  Maybe if ISDN were available at a premium of $5 per 
month or so...

Jim Bell
jimbell at pacifier.com





From jimbell at pacifier.com  Tue Aug  6 14:18:26 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 7 Aug 1996 05:18:26 +0800
Subject: Internet Economics
Message-ID: <199608060643.XAA00161@mail.pacifier.com>


At 09:15 PM 8/5/96 -0400, Duncan Frissell wrote:
>At 02:22 PM 8/5/96 -0800, jim bell wrote:
>>The current question is how to motivate individuals and companies to invest 
>>in improvements to the Internet that will benefit everyone. However, I don't 
>>think that will be the limiting factor that it may currently appear to be.  
>>Due to the nature of the Internet, there is nothing to prevent a company 
>>(such as AOL, Compuserve, or other) from building a shadow version of the 
>>Internet, through which all of its customer's traffic will pass until it 
>>emerges local to its destination.  
>
>Note that this is the business model for @HOME which will be handling the
>heavy lifting for various Internet Over Cable systems around the country.

They'll need it.  However, we can assume that POLDCs (Plain Old 
Long-Distance Companies) will fight back.  The easiest thing for them to do 
would be to offer a single-payment-per-year, unlimited-use LD telephone 
service for maybe $10 per month or so.  If, as various people have 
suggested, half the cost for LD is billing and customer service, they'll cut 
their costs by a factor of two and still make money.  This would take the 
wind out of the sails of domestic LD; it is unclear whether foreign LD would 
follow suit.


Jim Bell
jimbell at pacifier.com





From apb at iafrica.com  Tue Aug  6 15:59:35 1996
From: apb at iafrica.com (Alan Barrett)
Date: Wed, 7 Aug 1996 06:59:35 +0800
Subject: Integrating PGP 3.0 Library with INN
In-Reply-To: <199608051829.NAA19030@galaxy.galstar.com>
Message-ID: <Pine.NEB.3.95.960806113638.23524E-100000@apb.iafrica.com>


On Mon, 5 Aug 1996, Igor Chudov wrote: 
> Has anyone thought of integrating PGP 3.0 library with INN? 

INN-1.5 will include a mechanism for PGP-authentication of control
messages (newgroup, rmgroup, cancel, ...).  My understanding is that
ordinary (non-control) messages will not be authenticated at all by innd
itself; that will still need to be done externally (by tools such as
PGPMoose). 

--apb (Alan Barrett)






From aba at dcs.ex.ac.uk  Tue Aug  6 16:13:15 1996
From: aba at dcs.ex.ac.uk (Adam Back)
Date: Wed, 7 Aug 1996 07:13:15 +0800
Subject: crypto CD source
In-Reply-To: <9608050810.AA04146@srzts100.alcatel.ch>
Message-ID: <199608060504.GAA00115@server.test.net>


Remo Pini <rp at rpini.com> writes:
> My wish list:
> 
> - - PGP
> - - A lot of algorithms in C, Pascal, ASM (for diverse processors)
> - - Private Idaho
> - - Pronto Secure
> - - a suite of html pages describing all files (I'll probably have to do that
>   myself)
> - - Netscape (the secure versions, if its legally feasable -> Netscape?)
> - - Crypto papers
> - - Crypto analysis papers
> - - Lawtexts concerning crypto (ITAR, France, ...)
> 
> Anything else?

Cypherpunks archive?

	http://infinity.nus.sg/cypherpunks/

The earlier archives were at www.hks.net, try mailing cactus at hks.net.

sci.crypt, sci.crypt.research archive?

Mirrors of:

	ftp.dsi.unimi.it
	http://www.cs.hut.fi/crypto/
	ftp.ox.ac.uk/pub/crypto

(plus Peter's collection).

Adam
--
#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)





From anthony at direct.it  Tue Aug  6 17:49:37 1996
From: anthony at direct.it (Anthony Daniel)
Date: Wed, 7 Aug 1996 08:49:37 +0800
Subject: European crypto export controls
Message-ID: <2.2.32.19960806130653.00694410@betty.direct.it>


Hello

I'm looking to find information on which European countries ban the
exportation of strong cryptography.

Please reply to: anthony at direct.it

Thanks in advance

Anthony






From aeisenb at duke.poly.edu  Tue Aug  6 17:53:17 1996
From: aeisenb at duke.poly.edu (Anne Eisenberg)
Date: Wed, 7 Aug 1996 08:53:17 +0800
Subject: DoubleClick: Does is track browsing across multiple sites?
Message-ID: <Pine.SUN.3.93.960806103613.20022F-100000@duke.poly.edu>


Does anyone know whether DoubleClick really is tracking browsing patterns
across multiple sites?  They claim to be able to do this; is it just
advertising hype, or does anyone have knowledge of its actually doing so?
Many thanks.

Anne Eisenberg
aeisenb at duke.poly.edu






From perry at alpha.jpunix.com  Tue Aug  6 17:55:51 1996
From: perry at alpha.jpunix.com (John Perry)
Date: Wed, 7 Aug 1996 08:55:51 +0800
Subject: New type2.list/pubring.mix
Message-ID: <199608061252.HAA01826@alpha.jpunix.com>


-----BEGIN PGP SIGNED MESSAGE-----

Hello Everyone!

	The new type2.list/pubring.mix files reflecting the
disappearance of flame are now available by WWW from www.jpunix.com as
well as by anonymous ftp from ftp.jpunix.com.

- -- 
 John Perry - perry at alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry at jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgc/31OTpEThrthvAQEvvAP/Rs+vh7LDDbEdUkacVylsoBwHXTpfvV1l
aHl7e8zt3CCueAgAXYbdHI2QPB7eptWpizlQxP3JAWB8/Z9SBzQBP/FxKIlVPKGa
p//wvh+yiUHphBh/+6G3gtrkiGnYSXqgxvnwSLGnPNIdrXLnPMe66eTP4CW9E9ZD
TC02uA9d9qw=
=0Q+6
-----END PGP SIGNATURE-----





From snow at smoke.suba.com  Tue Aug  6 17:55:59 1996
From: snow at smoke.suba.com (snow)
Date: Wed, 7 Aug 1996 08:55:59 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <9608052116.AA09050@Etna.ai.mit.edu>
Message-ID: <Pine.LNX.3.93.960805215547.151A-100000@smoke.suba.com>


On Mon, 5 Aug 1996 hallam at Etna.ai.mit.edu wrote:
> >weaken it).  
> I doubt that more than 32 bits of info will be required. Thats not 
> that difficult to imprint.

     You haven't spent a lot of time with guns & ammunition have you?
The most common size round (from what I have seen) is a .22, .25s & .32s 
are also very common. That isn't a lot of room. 
 
> >government are in the Constitution.  That's why the second amendment 
> >is there -- to empower the people to protect themselves against the 
> >government. 
> Making that argument defeats your case. Irespective of the framers
> of the constitution nobody in Congress or the Administration believes
> that you have a right to take up arms against the government. In

     It's the truth. If you can't stand the truth, get out of the gene pool.

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From charlee at netnet.net  Tue Aug  6 17:56:54 1996
From: charlee at netnet.net (kickboxer)
Date: Wed, 7 Aug 1996 08:56:54 +0800
Subject: test message
Message-ID: <199608061646.LAA26121@netnet1.netnet.net>


test
                                                                               






From hallam at ai.mit.edu  Tue Aug  6 17:59:25 1996
From: hallam at ai.mit.edu (Hallam-Baker)
Date: Wed, 7 Aug 1996 08:59:25 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <4u6v5o$gt@life.ai.mit.edu>
Message-ID: <3207B8DD.794B@ai.mit.edu>


Alan Horowitz wrote:

>   I have added you to my computerized list of individuals who advocate
> the violent overthrow of the US Constitution.
> 
> I am going to go to the law library and see what my options are, with
> respect to filing a petition to have you deported out of the United
> States.
> 
> This is not a rhetorical statement.

First off Alan posted private mail to the list. In this case mail
that was more than simply personal. 

Secondly unless Alan withdraws his allegations I will bring proceedings
against him for libel. While I accept his right to free speech I do
not accept that he has a right to attempt to restrict mine with his
threats of deportation. 


	Phill Hallam-Baker





From frissell at panix.com  Tue Aug  6 17:59:42 1996
From: frissell at panix.com (Duncan Frissell)
Date: Wed, 7 Aug 1996 08:59:42 +0800
Subject: Internal Passports
Message-ID: <2.2.32.19960806103803.0090e254@panix.com>


At 12:06 AM 8/6/96 -0700, Marshall Clow wrote:

>I have found that promising to provide the necessary docs, and then failing
to do so, is the least confrontational and most effective way around this.
>
>"Delay is the deadliest form of denial"

Works for me as well.  Likewise, self employment.

DCF






From mixmaster at remail.obscura.com  Tue Aug  6 18:01:28 1996
From: mixmaster at remail.obscura.com (Mixmaster)
Date: Wed, 7 Aug 1996 09:01:28 +0800
Subject: Where can I obtain code similar to the Anonymizer?
Message-ID: <199608061540.IAA25410@sirius.infonex.com>


I am looking to find code so I can set up a "re-webber"
similar to www.anonymizer.com.  I thank Sameer and c2.org
for nicely putting a service like that up on the Net, and
am willing to pay a fee if necessary for this code.

If Sameer's code is not available, what is needed to do
a "re-webber"?

I apologize for my inexperience in this kind of stuff.

Thanks very much in advance,








From joelm at eskimo.com  Tue Aug  6 18:08:05 1996
From: joelm at eskimo.com (Joel McNamara)
Date: Wed, 7 Aug 1996 09:08:05 +0800
Subject: Censorship through proxy
Message-ID: <199608061625.JAA04294@mail.eskimo.com>


SingNet, one of Singapore's larger ISPs is telling all of their subscribers
they must move to using SingNet's proxy server by September 14, 1996 if they
want to have access to the Web.

If you try to access one of the SBA's banned sites, you'll get a message
that says, "The site you requested is not accessible."

Check out:

http://www.singnet.com.sg/cache/sbareg.html

It's interesting that in the blurb about the proxy server, they're marketing
it as offering "better and faster performance" than not using it.









From frissell at panix.com  Tue Aug  6 18:14:58 1996
From: frissell at panix.com (Duncan Frissell)
Date: Wed, 7 Aug 1996 09:14:58 +0800
Subject: Internal Passports
Message-ID: <2.2.32.19960806100644.00911380@panix.com>


At 07:37 PM 8/5/96 -0700, Timothy C. May wrote:

>But the law says, these days, that I must verify the
>legality of workers *if* they appear to be dark-skinned, Mexican, Latin, or
>the like. I say "if" because there are no requirements in general for
>white-skinned, Anglo workers....no work permits, no proofs of citizenship
>(such a document is currently lacking in the American pantheon...I, a mixed
>descendant of Mayflower colonist and Scandinavian immigrants, lack such
>"proof").

Naughty naughty Tim.  You're violating the Immigration Control and
Nationality Act of 1986.  You are supposed to check all employee's IDs even
your own childrens' and fill out that I-9 form.  You have to verify identity
and right to work using a menu of documents ranging from passports and SS
cards to Driver's licenses and "American Indian Tribal Documents" (I gotta
get me some of them).  And there are special provisions to punish
discrimination against those who appear foreign.  After all, there are loads
of illegal Canadians and Irish here.  People are always coming from the
third world counties.  <G>

The law also required that a commission study whether or not the "foreign
appearing" were suffering discrimination because of the law and it reported
a few years later that sure enough, they were.

DCF






From minow at apple.com  Tue Aug  6 18:39:36 1996
From: minow at apple.com (Martin Minow)
Date: Wed, 7 Aug 1996 09:39:36 +0800
Subject: e$: Watching the MacRubble Bounce
Message-ID: <v03007803ae2d271b50b8@[17.202.12.102]>


Cypherpunks as a spectator sport becomes interesting when a several
intelligent, articulate, people start a productive rant. Emphasis
on "productive."  Unfortunately, this rant is rapidly degenerating
into an emotional bickering between people who are capable of
accomplishing much more.

For the record, there are several Apple employees, some *very*
high up in the food chain, who receive selected postings from
Cypherpunks. For better or for worse, however, they are spared
pipebomb-punks, Sternlight-punks, Ritalin-punks, and most of
the other nonsense that permeates this mailing list.

I, for one, would appreciate the chance to hear Tim May present
"crypto-anarchy" and "crypto-privacy" -- in a much more coherent fashion
than I would get at a physical cypherpunks meeting or from the
mailing list. I'm not sure what Tim's consulting fee might be, but
I'd be happy to contribute a six-pack of Anchor Steam if that would help.

Vinnie is putting the "Mac Crypto" conference together in his spare
time using "borrowed" facilities in a way that stays below Apple's
"radar horizon". Think of it as a slightly more formal physical
cypherpunks meeting. He may be able to scare up a budget for drinks and
munchies, but don't expect a t-shirt.

As for the "Mac is dead," I'll leave that to another time and place.

Martin Minow
minow at apple.com









From rah at shipwright.com  Tue Aug  6 18:45:58 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Wed, 7 Aug 1996 09:45:58 +0800
Subject: Dumbo Lays an Egg (Was Re: e$: Watching the MacRubble Bounce)
In-Reply-To: <v02120d46ae2c9d988525@[192.0.2.1]>
Message-ID: <v0300780fae2ceab5c642@[206.119.69.46]>


At 3:12 AM -0400 8/6/96, Lucky Green wrote:
> Robert, you *really* need to cut back on that Ritalin. No, not just `one
> more'. Put it *away*. Now!
>
> ;-)


*Now* I've gone and done it. In private e-mail, I've gotten things back
like "You're outta control, man.", and "....Boom... My brain exploded.
Summarize please." Usually, I get *nice* letters in my e-mail box after one
of these things...

Serves me right. On a second(!) read, it looks more like I didn't take
*enough* ritalin. Might have focused things down a *lot*...

That's what I get for trying out the May Method of rant-writing (i.e., fire
'em and forget 'em...). *Not* blaming May, of course, I'm just not *that*
smart. ;-). I mean, Heinlien never drafted his short stories, either. :-).
Yes, I know, Tim, You *Knew* Robert Anson Heinlien, and...

Anyway, next time, I'll let it compost a bit, like the other e$ rants I do.
On this one, I just sort of sat down, and, Flow, Vesuvius!, out comes a
rant, 6 hours later. One Command-E, and out it goes.

Now, of course, I'm reminded more of the time I played "Pinata" with the
wasp nest...

Sorry, folks. I'll be more considerate of your time on the next one. Promise.

Oh. In Re the "Hunter Thompson" stuff. I *did* read too much Thompson --
and Tom Wolfe, and lots of other people -- and frankly, unless I'm writing
something nice, dry, and pithy, which I can't do *all* the time, I can't
stop now. You are what you read too much of. I'm kind of, well, twisted,
that way, I guess.

Cheers,
Bob Hettinga




-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From unicorn at schloss.li  Tue Aug  6 19:24:12 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Wed, 7 Aug 1996 10:24:12 +0800
Subject: SSNs (was Re: Internal Passports)
In-Reply-To: <320652BC.31DF@netscape.com>
Message-ID: <Pine.SUN.3.94.960806122909.10763A-100000@polaris>


On Mon, 5 Aug 1996, Jamie Zawinski wrote:

> Black Unicorn wrote:
> > 
> [ ...random losers asking for your SSN... ]
> > > I was horrified and gave a random number.
> > 
> > You should always be horrified, and always give a random number.
> 
> Well, it would be nice if it was that easy.  You (legally) need to give
> the correct one to anyone who has to make a report about you to the IRS,
> right?  Such as your employer.  But it's not always clear who else needs
> it.  Is it needed to allow someone to do a credit check on you?  Is it
> needed to get a driver's license?  (The fine print on the DMV forms says
> "yes".)  Is it necessary to make use of employer-sponsored medical
> insurance?  (I suspect that the answer to this one is "no", except for
> the fact that when my employer set up my medical insurance they let the
> insurance company use my SSN as my insurance-related-ID-number.  But in
> any event, my dentist told me, "if you don't give it to us, they won't
> pay.")
> 
> I don't like the idea of having a universal ID number, but neither do I
> like the idea of having to go to extreme lengths to make the "right
> thing" happen for something where my effort will have only moral impact,
> not material.
> 
> If you already have a SSN, can you get a *new* one in any legal way?
> (Sort of the same idea as changing your phone number to avoid
> telemarketing scum...)

I explained a good deal of this in a post I made some time ago where I
related the tale of a friend who had simply made up a number and used it
since age 17.

The reality is that not much will be done, aside some form letters from
the IRS indicating that you seem to be using the wrong number, and won't
you please change it. 

I suppose that you might have to give it to the IRS if you want a refund,
but why to your employer?  Why not give your employer the wrong number
and correct it directly to the IRS when the IRS complains?

Ditto for your bank.

Almost no one can actually get the number related to your name, only
verify if the number you are using has been issued.

I am continually amazed at the number of people who surrender this number
simply because someone tells them that they have to or the sky will fall
in.

Bottom line, if someone besides the IRS or the SS people have your
name/number relation, it is because YOU gave it to them.

> 
> -- 
> Jamie Zawinski    jwz at netscape.com   http://www.netscape.com/people/jwz/
> ``A signature isn't a return address, it is the ASCII equivalent of a
>   black velvet clown painting; it's a rectangle of carets surrounding
>   a quote from a literary giant of weeniedom like Heinlein or Dr. Who.''
>                                                          -- Chris Maeda
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From alanh at infi.net  Tue Aug  6 20:24:51 1996
From: alanh at infi.net (Alan Horowitz)
Date: Wed, 7 Aug 1996 11:24:51 +0800
Subject: Internal Passports
In-Reply-To: <199608061308.JAA24021@odin.nyser.net>
Message-ID: <Pine.SV4.3.91.960806193211.6907D-100000@larry.infi.net>


If you want to pay _with a check_, you play by their rules.  In fact, the 
word "pay" might not completely appropriate in that transaction.





From sandfort at crl.com  Tue Aug  6 20:26:20 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Wed, 7 Aug 1996 11:26:20 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <3207B8DD.794B@ai.mit.edu>
Message-ID: <Pine.SUN.3.91.960806152235.17794B-100000@crl4.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Tue, 6 Aug 1996, Hallam-Baker wrote:

> ...unless Alan withdraws his allegations I will bring proceedings
> against him for libel. While I accept his right to free speech I do
> not accept that he has a right to attempt to restrict mine with his
> threats of deportation. 

One of the ways UK and US laws differ is in regard to defamation.
In the US, truth is a defense.  In the UK it is not.  Phill may
have a tough time prevailing with such a suit.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From lspeidel at earthlink.net  Tue Aug  6 21:13:28 1996
From: lspeidel at earthlink.net (Michael Cortes)
Date: Wed, 7 Aug 1996 12:13:28 +0800
Subject: THE WORLD IS SCREWD UP
Message-ID: <3207C10E.60AF@earthlink.net>


THIS WORLD IS SREWED UP i hate my life so mue hobbeys makeing time pipe 
bommbs so what is this all about huh what the fuck "anti terrisiom bill" 
damn sad ok so what does  this mean FREE COUNTRY hahahaha i laugh when i 
hear that term there is no free country and we never have a wright to 
privesy u know man this sux so much....... oh and to the government u can 
kiss my ass





From jsw at netscape.com  Tue Aug  6 21:23:48 1996
From: jsw at netscape.com (Jeff Weinstein)
Date: Wed, 7 Aug 1996 12:23:48 +0800
Subject: Stealth cookies
In-Reply-To: <2.2.32.19960806171618.00a52aec@vertexgroup.com>
Message-ID: <3207E80C.79D1@netscape.com>


John F. Fricker wrote:
> Oh I was just being paranoid I guess. There used to be JavaScript that would
> automatically send email from a page. something like
> 
> <html>
> <body onLoad="document.mailme.submit()">
> <form method=post name="mailme"
> action="mailto:john at vertexgroup.com?subject=user address">
> <input type=hidden name="userAddress" value="done">
> </form>
> </body>
> </html>
> 
> But even if that still works it would be a good trick to associate it with a
> cookie.

  This was a bug that existed for a short time, and was fixed about
6 months ago.  Javascript can not submit mailto: forms at all, and
all mailto: forms now cause a warning dialog to come up(the dialog
can be turned off in preferences).

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From David.K.Merriman.-.webmaster at cygnus.com  Tue Aug  6 21:35:18 1996
From: David.K.Merriman.-.webmaster at cygnus.com (David.K.Merriman.-.webmaster at cygnus.com)
Date: Wed, 7 Aug 1996 12:35:18 +0800
Subject: Cookies on Microsoft Explorer?
Message-ID: <199608061531.IAA05438@cygnus.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com, aeisenb at duke.poly.edu
Date: Tue Aug 06 10:30:17 1996
> 
> Does anyone know what the equivalent technology is on Microsoft to
> Netscape's cookie technology?  Does Microsoft have support for cookies
>  or 
> not?  
> 
> All of the discussion on the list to do with
> cookies is related to Netscape.  Does this mean that if one switches to
> Microsoft Explorer one can avoid the problem?  Many thanks.
> 
> Anne Eisenberg
> aeisenb at duke.poly.edu
> 
> 

My MSIE3.0b2 does cookies - tho' I've told it to ask me if it's OK first 
:-)
I've even got a specific _sub-directory_ for cookies under my Windows dir. 
I just wish I could automate the refuse-it-if-it-doesn't-expire "policy" 
I'm running under.

Dave Merriman

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome and encouraged. Visit my web site at
         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAi3uZ2MAAAEEALWQtxX77SZSaFls6cVbPp+fZS4MNyKK3ZFYQo0qWyj+0tMq
YgRTPRJRaCQixo63RttknogfPp514qdVMZw5iPeOXmD+RxrmTTwlbGqA7QUiG1x5
LG2Zims5zk4U6/rt8hwLh0/8E4lIb9r5d31qc8L1A9Twk/cmN8VrTvyYOzAZAAUR
tClEYXZpZCBLLiBNZXJyaW1hbiA8bWVycmltYW5AbWV0cm9uZXQuY29tPokAlQMF
EC6sAl+SAziJlog3BQEBxX8D/05ub986Io1PaGJgDtVlbMOPh2pjdB3QSpA8T7bh
ngpsTbogz7LnFY6nLTH24dVswnzRGzX2XYN2FXQzYLEKpbuJPF85620EqEJt7eck
kDSr0MdCorCZ3ntHGlaRIEOG8En7r/NUxtPJSbeANHyKV0pZTJ0ZF3p71yAZoCU1
JJWoiQCVAwUQLqcRtKljmJBIq8VdAQFFCQQAidBWF05UfZ3HdLTZ2BjhkiztbHIL
fCMVAzMkNobRLH0jcQ+o4N9Ny7gAP2bHreadCYQAiyx24LWZaWB+LkG48vVXvSa1
Zv+ksrEp19U30jReTaDHMRg2IDQ0S7T/+YykWf4cx/L4x0ll55zfT29THWHVqpeA
4w0PnSBJubMsG6iJAJUCBRAt7mhNxWtO/Jg7MBkBAWyPA/9BYsA3G33jcg1SfuxC
Fh4yMVZCBrvgK2FBJZUdxkgR1WfVYe5/GzV3jRzJxuXGdt0yzFb8HsocRUvnA4vi
O6Jngza+seuc+dNC8X1LyyuW0rkogVZE6ds/v4qI2P+uticCh8xBLp7ieAjvGIcc
tdQnXrMxF+w6V80cSy/dqxJjtg==
=WVf6
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgauP8VrTvyYOzAZAQH6sQP/U8kaDIUG1VrPqqaLaXLfvS0M3bpk8fq+
YUjVEbg94qTXZeCuw+D7dKbVOtX0WiFFcvqsrTtHfZPWZQ8uHPkgAX0EHpoPoOR4
Dx44XoZrHm/fYlQV7GJh5bxB4qrRg7a4ciJ9lSHfs1tCERy6U5R687rhizS3kJYm
SOR3MBilsTE=
=OawJ
-----END PGP SIGNATURE-----






From David.K.Merriman.-.webmaster at cygnus.com  Tue Aug  6 21:57:31 1996
From: David.K.Merriman.-.webmaster at cygnus.com (David.K.Merriman.-.webmaster at cygnus.com)
Date: Wed, 7 Aug 1996 12:57:31 +0800
Subject: Cookies on Microsoft Explorer?
Message-ID: <199608061614.JAA06961@cygnus.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com, aeisenb at duke.poly.edu
Date: Tue Aug 06 11:14:00 1996
> Dave:
> 
> Thanks very much for responding.  Yes, MSIE3.0b2 does support cookies. 
>  I
> have several more questions based on your answer, if you have the time:
> 
> 1.  Does it ask you each time a cookie is sent?  Some sites send many,
> many cookies.  This would mean that you are in some instances constantly
> declining, even dozens of times.  Have I got this right?  

I have IE3 configured to ask me for permission to accept a cookie. Yes, 
some sites send (n!)+1 cookies during a session. If they send too many, I 
personally move on to another site, after sending them email (!).

> 
> 2.  Is "refuse-it-if-it-doesn't-expire" actually printed on the screen? 
>  I
> understand that some servers set short expiration times.  Does Netscape
> actually say, "tell us what expiration time you want?"  Or is it done
>  some
> other way?

Sorry for the confusion - the refuse-it policy I mentioned is a personal 
policy; there's no option (yet) to configure something like that in IE3. 
The only two things I've personally seen have been cookies with specific 
expiration dates (which I usually accept, if the date is reasonable 
[IMHO]), and cookies that don't display an expiration (which I refuse 
out-of-hand). It seems to be a compromise that suits _me_; YMMV.

> 
> 3.  If you can't automate, does this mean you have to refuse every
>  time?
> (This is, I guess, the same as question 1.)  Many, many thanks.

I can 'automate' to the extent of automatically accepting all cookies; yes, 
by not accepting every cookie, I'm obliged to make a decision for each 
request. One of the 'benefits' of being somewhate security-aware :-)

Dave

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome and encouraged. Visit my web site at
         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAi3uZ2MAAAEEALWQtxX77SZSaFls6cVbPp+fZS4MNyKK3ZFYQo0qWyj+0tMq
YgRTPRJRaCQixo63RttknogfPp514qdVMZw5iPeOXmD+RxrmTTwlbGqA7QUiG1x5
LG2Zims5zk4U6/rt8hwLh0/8E4lIb9r5d31qc8L1A9Twk/cmN8VrTvyYOzAZAAUR
tClEYXZpZCBLLiBNZXJyaW1hbiA8bWVycmltYW5AbWV0cm9uZXQuY29tPokAlQMF
EC6sAl+SAziJlog3BQEBxX8D/05ub986Io1PaGJgDtVlbMOPh2pjdB3QSpA8T7bh
ngpsTbogz7LnFY6nLTH24dVswnzRGzX2XYN2FXQzYLEKpbuJPF85620EqEJt7eck
kDSr0MdCorCZ3ntHGlaRIEOG8En7r/NUxtPJSbeANHyKV0pZTJ0ZF3p71yAZoCU1
JJWoiQCVAwUQLqcRtKljmJBIq8VdAQFFCQQAidBWF05UfZ3HdLTZ2BjhkiztbHIL
fCMVAzMkNobRLH0jcQ+o4N9Ny7gAP2bHreadCYQAiyx24LWZaWB+LkG48vVXvSa1
Zv+ksrEp19U30jReTaDHMRg2IDQ0S7T/+YykWf4cx/L4x0ll55zfT29THWHVqpeA
4w0PnSBJubMsG6iJAJUCBRAt7mhNxWtO/Jg7MBkBAWyPA/9BYsA3G33jcg1SfuxC
Fh4yMVZCBrvgK2FBJZUdxkgR1WfVYe5/GzV3jRzJxuXGdt0yzFb8HsocRUvnA4vi
O6Jngza+seuc+dNC8X1LyyuW0rkogVZE6ds/v4qI2P+uticCh8xBLp7ieAjvGIcc
tdQnXrMxF+w6V80cSy/dqxJjtg==
=WVf6
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMga4f8VrTvyYOzAZAQFSHQP+PDyrhYPZ6AMVyTk3ZSvlyF3rba9Xn7jZ
iGk3hN/2yPwdk2Oyaf7NOsL6WyyFPQOvfYgOhgb2Q49EPfhmqmo5PkZLEqb16f35
otKOAcAdKwMxwcG8aS7zEBrT4zquGoVRHxldJhfv71PUWihpsIxc4ZJKed9q+uCq
DjkRUtAW+2U=
=s19M
-----END PGP SIGNATURE-----






From sandfort at crl.com  Tue Aug  6 22:15:13 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Wed, 7 Aug 1996 13:15:13 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <9608062338.AA01808@Etna.ai.mit.edu>
Message-ID: <Pine.SUN.3.91.960806175813.20074A-100000@crl4.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

When I wrote:

> >One of the ways UK and US laws differ is in regard to defamation.
> >In the US, truth is a defense.  In the UK it is not.  Phill may
> >have a tough time prevailing with such a suit.        ^^^^^^^^^
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^  
> >[emphasis added]
           
Phill responded:

> In the first place cypherpunks is distributed in the UK. That
> means I can issue a writ in the UK. 

And that plus 75 cents will get you coffee.  Unless Alan is in
the UK, its repressive laws are of little consequence.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From jimbell at pacifier.com  Tue Aug  6 22:28:01 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 7 Aug 1996 13:28:01 +0800
Subject: Apple people on the list
Message-ID: <199608070252.TAA01351@mail.pacifier.com>


At 11:15 PM 8/6/96 GMT, John Young wrote:
>I'd like to hear Tim, too, in this Big Apple. RealAudio, perhaps. 

>What would you offer to set off Tim's simmering crypto-anarcho-volcano,
>make it heard round the planet? 

A plan.


Jim Bell
jimbell at pacifier.com





From ichudov at algebra.com  Tue Aug  6 22:54:14 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Wed, 7 Aug 1996 13:54:14 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <3207B8DD.794B@ai.mit.edu>
Message-ID: <199608070205.VAA17482@manifold.algebra.com>


Hallam-Baker wrote:
> Alan Horowitz wrote:
> >   I have added you to my computerized list of individuals who advocate
> > the violent overthrow of the US Constitution.
> > 
> > I am going to go to the law library and see what my options are, with
> > respect to filing a petition to have you deported out of the United
> > States.
> > 
> > This is not a rhetorical statement.
> 
> First off Alan posted private mail to the list. In this case mail
> that was more than simply personal. 
> 
> Secondly unless Alan withdraws his allegations I will bring proceedings
> against him for libel. While I accept his right to free speech I do
> not accept that he has a right to attempt to restrict mine with his
> threats of deportation. 

Relax, nobody will deport you. Once The Right Reverend Colin James III
(puke) tried to get me deported, with no result.

And unlike Horowitz, CJ3 was serious. CJ3 is much dumber than Horowitz 
though, in my opinion.

	- Igor.





From declan at well.com  Tue Aug  6 23:03:40 1996
From: declan at well.com (Declan McCullagh)
Date: Wed, 7 Aug 1996 14:03:40 +0800
Subject: Waiting Game on wiretapping and crypto, from HotWired
Message-ID: <v01510101ae2d0b1a7fc7@[204.62.128.229]>





Date: Tue, 6 Aug 1996 05:15:15 -0700 (PDT)
From: Declan McCullagh <declan at well.com>
Reply-To: Declan McCullagh <declan at well.com>
Subject: Waiting Game on wiretapping and crypto, from HotWired
To: fight-censorship at vorlon.mit.edu
Sender: owner-fight-censorship at vorlon.mit.edu

We have a four-week reprieve until the Senate returns. As I say in the
full article at the URL below, they've been worse than the House when it
comes to wiretapping/crypto/censorship. For instance, senators already
passed the Feinstein Amendment banning bomb-making info (on- and off-line)
as part of a defense appropriations authorization bill.

-Declan

---

http://www.netizen.com/netizen/
HotWired, The Netizen

Waiting Game
by Declan McCullagh (declan at well.com)
Washington, DC, 5 August

   In a last-minute legislative crunch before the summer recess, House
   Republicans on Friday outmaneuvered their Democratic counterparts and
   coughed up a surprisingly reasonable anti-terrorism bill, which the
   Senate will act on when Congress returns next month.

[...]

   But the Senate has begun its own four-week vacation without voting on
   the measure, and they'll have plenty of time to reintroduce the
   missing [wiretapping] language when they return.

   The outlook, frankly, is dismal, says Don Haines of the American Civil
   Liberties Union. "The Senate has been much more interested in giving
   the FBI a blank check. They've been much more sympathetic to
   increasing wiretapping. They've been much less interested in
   protecting privacy," Haines said.

[...]

   Meanwhile, Senator Patrick Leahy (D-Vermont) - a staunch opponent of
   the Communications Decency Act - continues to tout his Digital
   Telephony legislation, which he shepherded through Congress in 1994...

   Perhaps Harry Browne, the Libertarian Party's candidate for president,
   had it right when he said last week: "If we're not careful, half of
   the Bill of Rights will fall victim to the frantic desire of
   Republican and Democratic politicians to appear tough on terrorists."

   The last few years have seen several murderous acts of terror on
   American soil - and now, with the explosion of TWA Flight 800, in
   American airspace. Americans should brace themselves for even more...
   Whether the terror is foreign or domestic in origin, one thing's for
   certain: cries for a government crackdown will mount.

   But by granting their government police-state powers, Americans will
   have awarded terrorists their first substantial victory in the United
   States.

###







From dlv at bwalk.dm.com  Wed Aug  7 00:01:47 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Wed, 7 Aug 1996 15:01:47 +0800
Subject: Internal Passports
In-Reply-To: <2.2.32.19960806100644.00911380@panix.com>
Message-ID: <D3o0RD47w165w@bwalk.dm.com>


Duncan Frissell <frissell at panix.com> writes:
> Naughty naughty Tim.  You're violating the Immigration Control and
> Nationality Act of 1986.  You are supposed to check all employee's IDs even
> your own childrens' and fill out that I-9 form.  You have to verify identity
> and right to work using a menu of documents ranging from passports and SS
> cards to Driver's licenses and "American Indian Tribal Documents" (I gotta
> get me some of them).  And there are special provisions to punish
> discrimination against those who appear foreign. ...

In New York State, there are periodic complaints from Sovok "refugees" like
Igor Chewed-Off, who come in with a I-94 visa (and authorization to work), and
get the green card after two years. They get welfare, but apply for jobs...
Some poor employer slob refuses to hire the Sovok, thinking mistakenly that he
can only hire amcits or green card holders (even though I-94 with authorization
is listed on I-9). The employer pays a hefty fine for "illegal discrimination",
of which the Sovok gets a cut. Nice racket. Did you ever try it, Igor?

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From mccoy at communities.com  Wed Aug  7 00:03:15 1996
From: mccoy at communities.com (Jim McCoy)
Date: Wed, 7 Aug 1996 15:03:15 +0800
Subject: appropriate algorithm for application
Message-ID: <v02140b00ae2db6e5a520@[205.162.51.35]>


Cerridwyn Llewyellyn <ceridwyn at wolfenet.com> writes:
> I need an algorithm/protocol that is capable of encrypting numerous
> files with separate keys, but there also needs to be a master key
> that will be able to decrypt all of them.  Is there such a system
> that is relatively secure?  I'd prefer the system to be as secure
> as possible, but in this application, security is secondary to
> functionality.

You can get the basic functionality you require by using a regular hybrid
PKE system (pubkey encrypts symmetric session key) and encrypting the
session key with the public key of a "master key" as well.  For example,
assuming a user A and a master key C you just have the program A uses to
encrypt files operate in a manner similar to that used by PGP and other
public-key encryption systems [pubkeyA(sessionkey),IDEA(sessionkey,data)]
except in addition to the pubkeyA(sessionkey) which encrypts the random
key used to encrypt the actual data you add a masterpubkeyC(sessionkey)
section to the beginning of the file as well.  The resulting data packet
is [pubkeyA(sessionkey),masterpubkeyC(sessionkey),IDEA(sessionkey, data)]
This system is as secure as the public-key system used for encryption and
would actually be fairly easy to hack in to PGP, although the modified PGP
messages which contain the master key information would not be usable by
regular PGP.

jim







From tomw at netscape.com  Wed Aug  7 00:03:39 1996
From: tomw at netscape.com (Tom Weinstein)
Date: Wed, 7 Aug 1996 15:03:39 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <19960805204130906.AAB148@maverick>
Message-ID: <32080CFD.15FB@netscape.com>


For anyone who's interested, the antiterrorism bill is finally up on
Thomas.  It's H.R. 3953, the Aviation Security and Antiterrorism Act of
1996.  The discussion about it is also there, in the congressional
record.  It's interesting.

-- 
You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      | tomw at netscape.com





From tcmay at got.net  Wed Aug  7 00:32:08 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 7 Aug 1996 15:32:08 +0800
Subject: e$: Watching the MacRubble Bounce
Message-ID: <ae2cccd914021004de59@[205.199.118.202]>


At 5:01 PM 8/6/96, Martin Minow wrote:
>Cypherpunks as a spectator sport becomes interesting when a several
>intelligent, articulate, people start a productive rant. Emphasis
>on "productive."  Unfortunately, this rant is rapidly degenerating
>into an emotional bickering between people who are capable of
>accomplishing much more.

Note that I had made no mention of this exchange with VM on the list. I had
not echoed my "Mac is dead" points, and had not bad-mouthed the "Mac
Crypto" thing.

However, when my private e-mail to VM was commented upon, in a not so
thinly disguised form, and when Bob H. made it clear he'd been privy to my
e-mail, I felt justified in setting the record straight on my views, as
expressed in my e-mail to Vinnie.

(It was not, being an e-mail note, meant to be a closely-reasoned and
footnoted summary of Apple's problems, just a statement of why I had no
interest in giving a kind of pep talk to Apple folks.)

As to whether it's appropriate as a thread here on Cypherpunks, hey,
there's a "delete" key on most machines.

Again, I don't consider the Mac to be dead, at least not for several years.
The Amiga lives on, and it never had even a fraction of the peak market
share of the Mac. However, the focus of crypto has clearly moved well away
from the Mac. I noted where the emphasis needs to be, for maximum impact.
Namely, Eudora, Netscape, and other mail and Web programs.

It's a basic fact of life--think about it--that people on this list and
elsewhere are _not_ asking what Gil Amelio's stance on cryptography is.
They don't care, as Gil Amelio, Heidi Roizen, Guy Kawasaki, and all the
rest are simply not in the critical path. What people care about is what
plans Bill Gates, Jim Clarke, and Jim Bidzos have, or their factotums, as
these are the folks who will likely shape the commercial product landscape.

(As to why I don't switch, I have much time and money invested in Macs, and
they still work. As I said in one of my notes to Vinnie, I mainly use
Eudora Pro for mail, Netscape Navigator for browsing, and a handful of
other programs. There would be no compelling gain were I to scrap my Mac
investment and buy a Pentium Pro and Windows NT.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Wed Aug  7 00:32:16 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 7 Aug 1996 15:32:16 +0800
Subject: Internal Passports
Message-ID: <ae2d3dde170210046be8@[205.199.118.202]>


At 10:06 AM 8/6/96, Duncan Frissell wrote:
>At 07:37 PM 8/5/96 -0700, Timothy C. May wrote:
>
>>But the law says, these days, that I must verify the
>>legality of workers *if* they appear to be dark-skinned, Mexican, Latin, or
>>the like. I say "if" because there are no requirements in general for
...
>Naughty naughty Tim.  You're violating the Immigration Control and
>Nationality Act of 1986.  You are supposed to check all employee's IDs even
>your own childrens' and fill out that I-9 form.  You have to verify identity
>and right to work using a menu of documents ranging from passports and SS
>cards to Driver's licenses and "American Indian Tribal Documents" (I gotta
>get me some of them).  And there are special provisions to punish
>discrimination against those who appear foreign.  After all, there are loads
>of illegal Canadians and Irish here.  People are always coming from the
>third world counties.  <G>
>
>The law also required that a commission study whether or not the "foreign
>appearing" were suffering discrimination because of the law and it reported
>a few years later that sure enough, they were.

On this last point, hardly surprising. After all, the "punishment" (risk,
cost) for not checking an obviously-Caucasoid person of apparent American
origins is effectively zero, while the punishment for hiring a Mexican who
may have slipped over the border and gotten a forged credential is high.
(Employers here in California have been penalized for hiring Mexicans whose
credentials turned out to be phony...I guess the employer was supposed to
have known this by some sort of ESP.) Simpler to avoid hiring Mexicans and
other dusky folks.

The law of unintended consequences...

BTW, I am _not_ a supporter of the Prop. 187 issue in California. Nor do I
in any way support the "deputization" of employers as agents of the
Immigration and Naturalization Service. This is comparable to deputizing
employers as agents of the Drug Enforcement Agency...though many companies
have bowed to pressure from the narcs and "D.A.R.E." lobby and have
drug-testing programs, they are not (yet) required by law to test all
employees, except in some particular job funcitons, etc.

As far as I am concerned, this country has never moved toward the general
concept of a "work permit" (permission by the government to get a job), and
it is a real danger of this anti-illegal-immigrant hysteria that we will
soon see the effective equivalent of "work permits." This will of course
give the authorities even more power.

We're getting closer and closer to the world of "The Shockwave Rider."

--Nicky Halflinger

HOW TO MAKE A PIPE BOMB:
"Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack the powder. Don't even tap the bottom of the pipe to make it
settle.  You want the powder loose.  For maximum explosive effect, you need
dry, fine powder sitting loose in a very rigid container." (more
information at http://sdcc13.ucsd.edu/~m1lopez/pipe.html, or by using
search engines)







From jya at pipeline.com  Wed Aug  7 00:39:53 1996
From: jya at pipeline.com (John Young)
Date: Wed, 7 Aug 1996 15:39:53 +0800
Subject: CRN on Crypto Roadblock
Message-ID: <199608061732.RAA18656@pipe5.t2.usa.pipeline.com>


   Computer Reseller News, 8-05-96, p. 51 
 
   Channel feels pinch of export limitations -- VARs Hit 
   Encryption Roadblock 
 
   By Charlotte Dunlap & Deborah Gage 
 
 
   Could 40 bits of code cost you that multimillion-dollar 
   bid? 
 
   Andrew Sheppard, president of Branford, Conn.-based Espion 
   Inc., just returned from a frustrating business trip to 
   Europe, where he said he lost a number of accounts with 
   financial institutions because he could not deliver 
   software with more than 40 bits of encryption key length. 
 
   Sheppard, who recently tried to sell his encryption wares 
   to clients in Europe, said he lost business to competitors 
   offering stronger encryption. 
 
   "There is a real demand for this type of product, and yet 
   I find myself thwarted at every single opportunity by this 
   stupid law, which everyone realizes is unnecessary," 
   Sheppard said. 
 
   Sheppard said potential clients that turned him down during 
   his recent trip included Banco Santander, a Madrid-based 
   bank; the London office of Credit Suisse; Logica Systems of 
   London; and the financial reporting arm of Reuters' news 
   service in London. 
 
   As the trend toward networking-sensitive information grows, 
   woes tied to encryption export limitations are spreading to 
   the VAR community. The dilemma of shipping overseas 
   anything other than light versions of security software is 
   starting to sabotage the efforts of Internet resellers. 
 
   Because 40 bits of code is considered to be breakable by an 
   elementary hacker, major corporations with data to protect 
   are reluctant to trust U.S. technology. So, U.S. resellers 
   are being turned away while multinational corporations turn 
   to foreign technologies. 
 
   The debate between business and the U.S. government about 
   export limitations is getting increasingly heated with the 
   growth of the Internet. The Pro-Code Bill, which aims to 
   relax export restrictions, has just been introduced, and 
   prominent Silicon Valley executives are trekking to 
   Washington regularly to argue the case. Jim Bidzos, 
   president and chief executive of encryption market leader 
   RSA Data Security Inc., Redwood City, Calif., has spent a 
   lot of time in Washington. 
 
   "The big picture in terms of what's happening is all of our 
   communications and document storage is moving from paper 
   and filing cabinets to the Internet and disk drives. We 
   need crypto technology in order to protect this," he said. 
   But resellers are getting discouraged and do not see a 
   quick resolution with law makers. Meanwhile, they are 
   losing business at a staggering rate. 
 
   Norm Yamaguchi, director of sales for RSA master reseller 
   Secure Distribution Inc., said he could have tripled the 
   size of his million-dollar company this year if it were not 
   for U.S. export laws dictating a maximum 40-bit key 
   encryption length to his clients' international offices. 
 
   "To say this law is causing me problems is a massive 
   understatement," Yamaguchi said. The reseller currently is 
   in talks with Price Waterhouse to get them to standardize 
   on Oakland, Calif.-based Secure Distribution's security 
   products, but will likely lose the contract because of the 
   40-bit key length limitation. 
 
   Resellers' fear of losing business to foreign players is 
   not paranoia, either. The Business Software Alliance has 
   identified 500 encryption products that can be purchased in 
   foreign countries. Information about the stronger foreign 
   technology can be obtained easily through the Internet. 
 
   "The laws are punishing U.S. companies, and we're losing 
   business to foreign countries because they can offer the 
   same thing. The law is not holding back the flow of 
   encryption, it is just holding back U.S. companies from 
   making money," he added, calling it a "lose-lose 
   situation." 
 
   Reseller Al Hill, vice president of engineering for 
   Successful Systems Solutions, Rancho Cordova, Calif., has 
   to surrender part of his solutions services in order to 
   keep his foreign clients. 
 
   "We ship units to England, Hong Kong and Singapore, and we 
   have to downgrade the software [to 40 bits] on all of them. 
   They were rather upset but smart enough to realize they 
   could upgrade the security themselves," he said, adding 
   that he has lost business because he could not complete 
   projects himself. 
 
   "We have to make sure the APIs in the software are 
   available so people overseas can tie them into their 
   [security] applications," he said. Similarly, Dave Johnson, 
   senior account manager of Precision Computers Inc., 
   Portland, Ore., said he lost an account with a 
   multinational company with offices in France because "it 
   became too troublesome for them to implement U.S. products 
   because of the legal problems." 
 
   Uncle Sam's View 
 
   U.S. companies and civil libertarians have been battling 
   the government since 1991, when the proposal of the Clipper 
   Chip first surfaced. At that time, the government proposed 
   splitting the encryption keys and holding a portion of them 
   in escrow, giving law enforcement officials with court 
   orders a back door through which to conduct electronic 
   surveillance. To date, the U.S. government has budged 
   little from its original idea. 
 
   The Clipper Chip idea was squelched, but the government 
   refuses to concede that strong encryption is not a munition 
   because it believes national security is at stake. In 
   recent weeks, Vice President Al Gore proposed a compromise: 
   The government would extend the types of software that 
   could be exported, perhaps to include healthcare or 
   insurance instead of just finance, and allow long keys if 
   countries where the United States has government-to- 
   government agreements could hold keys in escrow. A 
   24-member technical advisory committee is expected to 
   produce a blueprint for establishing the Federal Key 
   Management Infrastructure in September. 
 
   The Vendor's View 
 
   Software executives remain disgruntled with the 
   government's progress. "Do we really want government- 
   to-government agreements?" asked Eric Schmidt, Sun 
   Microsystems Inc.'s Chief Technology Officer. "The U.S. has 
   protections that other countries don't. France, for 
   example, is noted for industrial espionage." 
 
   Microsoft Corp. Senior Vice President Craig Mundie said an 
   escrow system would create an expensive bureaucracy, 
   adding: "This should really be described as a key-leasing 
   system. This will create a huge new business in extracting 
   keys from the public. If you want to make sure that your 
   key is not compromised by law enforcement officials, you're 
   going to need insurance. There will be a whole service 
   industry around keys." 
 
   Vendors also argue that the government's reasoning is not 
   legitimate. "The current controls do not keep encryption 
   out of the hands of the criminals. They keep it out of the 
   hands of individuals and corporations," said Sybase Inc. 
   Director of Data and Communications Security Development 
   Thomas Parenty. 
 
   Sun, Microsoft and other companies would like complete 
   deregulation of encryption. Three bills that would lift 
   government restrictions and prohibit mandatory key escrow 
   are working their way through Congress, although none are 
   likely to pass this year. 
 
   NEXT WEEK: Measuring the level of difficulty in cracking 
   code. 
 
   [End] 
 
   Thanks to LG. 
 
 
 
 
 
 





From jamesd at echeque.com  Wed Aug  7 01:06:31 1996
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 7 Aug 1996 16:06:31 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <199608070517.WAA03969@dns2.noc.best.net>


At 08:20 PM 8/4/96 -0400, Hallam-Baker wrote:
> It would be entirely foolish for the crypto
> lobby to allow themselves to be tied to the NRA. The NRA has
> no choice but to support civil liberties, there is no reason
> why the wider civil liberties movement needs to support the
> NRA.

First they came for the communists .....

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From hallam at Etna.ai.mit.edu  Wed Aug  7 01:07:58 1996
From: hallam at Etna.ai.mit.edu (hallam at Etna.ai.mit.edu)
Date: Wed, 7 Aug 1996 16:07:58 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <199608070205.VAA17482@manifold.algebra.com>
Message-ID: <9608070531.AA02593@Etna.ai.mit.edu>



I was rather more angry that Alan published a private correspondence
on a public mailing list. I live in the same city as between twenty
and thirty members of a group that have in the past tried to murder my
familly. If he wasn;t such a fool he would have realised that I deliberately
did not post the message to the list. 

	Phill





From ichudov at algebra.com  Wed Aug  7 01:20:27 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Wed, 7 Aug 1996 16:20:27 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <9608070531.AA02593@Etna.ai.mit.edu>
Message-ID: <199608070525.AAA21051@manifold.algebra.com>


hallam at Etna.ai.mit.edu wrote:
> 
> 
> I was rather more angry that Alan published a private correspondence
> on a public mailing list. I live in the same city as between twenty
> and thirty members of a group that have in the past tried to murder my
> familly. If he wasn;t such a fool he would have realised that I deliberately
> did not post the message to the list. 
> 

Wow! Why did they want to murder your family?

	- Igor.





From sandfort at crl.com  Wed Aug  7 01:25:16 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Wed, 7 Aug 1996 16:25:16 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <9608070525.AA02577@Etna.ai.mit.edu>
Message-ID: <Pine.SUN.3.91.960806222122.18670B-100000@crl7.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Wed, 7 Aug 1996 hallam at Etna.ai.mit.edu wrote:

> 
> Au contraire, the UK is as obnoxious in exporting its laws as
> the US...

Fine, Phillll can sue in the UK.  I'm sure Alan is quaking in his
boots at the prospect.  As I said, Phillll is going to have a 
tough time prevailing.  Of course, if Phillll thinks he has a
winner, he should double dip and offer me a wager on the outcome
of his suit.  (Yeah, that'll happen when primates take wing out 
of my derriere.)


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From shamrock at netcom.com  Wed Aug  7 02:03:47 1996
From: shamrock at netcom.com (Lucky Green)
Date: Wed, 7 Aug 1996 17:03:47 +0800
Subject: Stealth cookies
Message-ID: <v02120d04ae2db6282eb6@[192.0.2.1]>


At 17:49 8/6/96, Jeff Weinstein wrote:
[...]
>  This was a bug that existed for a short time, and was fixed about
>6 months ago.  Javascript can not submit mailto: forms at all, and
>all mailto: forms now cause a warning dialog to come up(the dialog
>can be turned off in preferences).

You have done a lot to improve security. It is not going unnoticed.


-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From hallam at Etna.ai.mit.edu  Wed Aug  7 02:08:21 1996
From: hallam at Etna.ai.mit.edu (hallam at Etna.ai.mit.edu)
Date: Wed, 7 Aug 1996 17:08:21 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <Pine.SUN.3.91.960806175813.20074A-100000@crl4.crl.com>
Message-ID: <9608070525.AA02577@Etna.ai.mit.edu>



Au contraire, the UK is as obnoxious in exporting its laws as the
US. The Prime Minister of Greece when (accurately) accused of corruption
in the Greek press sued them in the UK courts and won $200K

In recent years many Tory Grandees have benefited from the libel
lottery. Amongst them Lord Aldington who was accused of being involved
in war crimes during WWII and 'won" 1.75 million which the European
Court of Human rights rejected as being "disproportionate". Lord
Archer recently won $1 million after a couple of newspapers alledged
that he might have been sleeping with the prostitute he was photographed
giving 5000GBP to (and afterwards claimed not to have met).

With the exception of the suicide act its probabky the stupidest and
most damaging law that ever got passed in the English system.

		Phill





From jamesd at echeque.com  Wed Aug  7 02:08:56 1996
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 7 Aug 1996 17:08:56 +0800
Subject: Bombs & bomb threats in LA
Message-ID: <199608070517.WAA03971@dns2.noc.best.net>


At 10:15 AM 8/5/96 -0800, jim bell wrote:
> The molecular difference between TNT and picric acid is a methyl group, 
> weight 15 (on TNT) substituted for a hydroxyl, weight 17 (on 
> picric acid.)   If there is a difference, it is a very small one.

Picric acid is easier for amateurs to make than TNT.

It has the same energy per unit mass as TNT, but it's destructive
power is greater because of the substantially higher velocity of
detonation.

It is far less predictable and far easier to detonate than TNT.  Also
TNT has the advantage that it can be melted and poured into molds,
and it is cheaper to manufacture in large quantities.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From hal9001 at panix.com  Wed Aug  7 02:18:44 1996
From: hal9001 at panix.com (Robert A. Rosenberg)
Date: Wed, 7 Aug 1996 17:18:44 +0800
Subject: FAA to require transponders on all aircraft passengers
In-Reply-To: <199608042050.NAA12512@toad.com>
Message-ID: <v03007802ae2c8c62a9da@[166.84.220.80]>


At 13:50 -0700 8/4/96, Bill Stewart wrote:


>My guess about how they'll be used is to replace the bar-code
>stickers used by many baggage-handling systems - they'll stick
>one on at checkin, corresponding to the number on your ticket,
>track them when they load them on the plane (so they know
>that all the bags correspond to people expected to get on the plane,
>as well as knowing the bags are getting on the correct plane),
>and track the tickets to make sure that all the people expected
>to get on the plane actually do get on (I think they use bar-code
>readers or OCR today, and that'll probably continue.)

They better hold off loading the containers with the luggage until they
lock down/up the plane so they can verify who got on (and can pull any
unaccompanied luggage). It is either that or unloading the plane if there
is a missing passenger.







From blane at aa.net  Wed Aug  7 02:49:14 1996
From: blane at aa.net (Brian C. Lane)
Date: Wed, 7 Aug 1996 17:49:14 +0800
Subject: ****Tacoma, Washington Starts Taxing Internet Access 07/30/96
In-Reply-To: <2.2.32.19960805181729.00e8c4a0@mail.teleport.com>
Message-ID: <320824da.6417327@mail.aa.net>


On Mon, 05 Aug 1996 11:17:29 -0700, you wrote:

>At 05:42 AM 8/5/96 -1000, NetSurfer wrote:
>>
>>On Wed, 31 Jul 1996, Joseph M. Reagle Jr. wrote:
>>
>>>   	  				 
>>> >WASHINGTON, DC, U.S.A., 1996 JUL 30 (NB) -- By Bill Pietrucha.  
>>> >Tacoma, Washington, has just gained the distinction of being the 
>>> >only municipality in the United States to tax Internet Access 
>>> >providers (IAPs) like telephone service providers. 
>>> >
>I believe the reason the Tacoma ordinance is getting so much flack is that
>they are wanting to charge sales tax on all transactions that take place
>from ISPs in Tacoma.

  A slight correction. They are imposing a 6% tax on the Gross receipts of
all Internet Providers who have customers in Tacoma. This includes AOL,
Compu$erve, and my local favorites - aa.net and eskimo.com

  Tacoma also wants these companies to buy a $72 a year business license.
There are the beginnings of an uprising against this, the mayor has called
for it to be repealed, but the City Council (In all of its bureaucratic
wisdom) wants to wait and see what happens. There's a public meeting on the
27th of August.

>
>This type of taxation is not new.  Various jurisdictions have tried to use
>the same thing on mail order houses.  Having worked for a service bureau
>that dealt with mail order, I know what a hassle it is to try to keep track
>of such taxation.  There is a company that will sell you the data of all of
>the sales tax rates throughout the country.  This includes every little
>podunk city, county, and fire district tax.  They are divided by zip code,
>but that is no guarantees that you have the right place. The reality is that
>trying to "be legal" under such regulations is next to impossible, even with
>the proper data.  I know of few mail order firms that are willing to go to
>that extreme.  (Unless, of course, they have gotten the proper threats from
>some miffed tax baron.)

  Plus the fact that the taxation of these services (well, IMHO all
taxation is ...) is not based on services provided to the business by the
city. My provider is located in seattle, and has lines in Tacoma. They use
no Tacoma services, and yet Tacoma says that the provider owes them money.

  Its just another grab for money by the simple minded bureaucrats.
Hopefully we can toss some more of these jokers out of office the next
election.

   Brian

p.s. Sorry for the previous aborted message. The printer dialog popped up
in the middle of typing and it the message somehow got sent out.

------- <blane at aa.net> -------------------- <http://www.aa.net/~blane> -------
     Embedded Systems Programmer, quick hacks on request, CryptoAnarchist
==============  11 99 3D DB 63 4D 0B 22  15 DC 5A 12 71 DE EE 36  ============





From alano at teleport.com  Wed Aug  7 03:11:03 1996
From: alano at teleport.com (Alan Olsen)
Date: Wed, 7 Aug 1996 18:11:03 +0800
Subject: Cookies on Microsoft Explorer?
Message-ID: <2.2.32.19960807070636.00a7ffa8@mail.teleport.com>


At 09:14 AM 8/6/96 -0700, David.K.Merriman.-.webmaster at cygnus.com, wrote:

>I have IE3 configured to ask me for permission to accept a cookie. Yes, 
>some sites send (n!)+1 cookies during a session. If they send too many, I 
>personally move on to another site, after sending them email (!).

If the site sends you *LOTS* of cookies with no expire date, then they have
probibly compiled their Apache server with the mod_cookie module.  The
cookies are only used by the log files and i am willing to bet that most
people who have that option compiled in do not even read the logs.
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From rp at rpini.com  Wed Aug  7 03:12:17 1996
From: rp at rpini.com (Remo Pini)
Date: Wed, 7 Aug 1996 18:12:17 +0800
Subject: crypto CD source
Message-ID: <9608070607.AA05020@srzts100.alcatel.ch>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: cypherpunks at toad.com
Date: Wed Aug 07 08:04:50 1996
That's all well (your diverse site/mirror-suggestions), but my local 
phonecompany charges by the minute. If I download the lets say 500MB for 
the CD, I'm broke! Does anyone have direkt access to the sites and can make 
a DAT-backup? (In some format I can read: WinNT Backupprog)?

Thanks,
Remo

- --------< fate favors the prepared mind >--------
Remo Pini                            rp at rpini.com
PGP:  http://www.rpini.com/remopini/rpcrypto.html
- ------< words are what reality is made of >------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMggyBhFhy5sz+bTpAQGLjQf9EX3/mJQa6woKTZN5uz8dma8Cpv/PFQTC
zsV5h0pjDLiA0RdIZexPJMfTNw+ZFyPdNkma9PgB60kGf2CrNrqLlBWv5XmZQ2HH
kTqcuou2mHm/JeJv5m8v7Vckm8BmTtvdpL2mWK8pG0iB5fWbwiTo9VkyCrwfq/q+
BoAaGS4zkNOTuTlmWo/zwkheEVdV5gRjwI+IyHCTQMZ9rFRqLvmOYxClcEQ0X7C4
X5pFIZgaxw7u953MNbnmyeGVwpHqahhi8mn8mblKpVG2KIxR17lC9lKcZFygTAqA
eddDvrCnCNcyH4zrWksOvPCZfqQbH5mBuFskxjSC1ZXgz+1ZoGKpOw==
=veJq
-----END PGP SIGNATURE-----




From drose at azstarnet.com  Wed Aug  7 03:16:02 1996
From: drose at azstarnet.com (David M. Rose)
Date: Wed, 7 Aug 1996 18:16:02 +0800
Subject: [NOISE] Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <199608062350.QAA18315@web.azstarnet.com>


Hallam-Baker wrote:

>First off Alan posted private mail to the list. In this case mail
>that was more than simply personal. 
>
>Secondly unless Alan withdraws his allegations I will bring proceedings
>against him for libel. While I accept his right to free speech I do
>not accept that he has a right to attempt to restrict mine with his
>threats of deportation. 
>
>
>	Phill Hallam-Baker
>

Oh goody! Another Hallam-Baker-generated p*ssing contest.  Perhaps you
fellows should settle your differences with a bet. Oops, I forgot. The good
"Doc" dishonors his wagers with a series of fantastic and infantile
"misunderstandings".






From tcmay at got.net  Wed Aug  7 03:16:49 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 7 Aug 1996 18:16:49 +0800
Subject: Censorship through proxy
Message-ID: <ae2d3ca1160210042150@[205.199.118.202]>


At 4:23 PM 8/6/96, Joel McNamara wrote:
>SingNet, one of Singapore's larger ISPs is telling all of their subscribers
>they must move to using SingNet's proxy server by September 14, 1996 if they
>want to have access to the Web.
>
>If you try to access one of the SBA's banned sites, you'll get a message
>that says, "The site you requested is not accessible."
>
>Check out:
>
>http://www.singnet.com.sg/cache/sbareg.html

Sing Sing (the country is now a prison, so...) is one of the states we
should think about targetting for "special attention." Not in the sense of
violence, but in the sense of offering help to freedom fighters, those who
want to use stego, web proxies, etc.

I wonder what would happen if "Computers, Freedom, and Privacy '98" was
held in Sing Sing?

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From rp at rpini.com  Wed Aug  7 03:17:25 1996
From: rp at rpini.com (Remo Pini)
Date: Wed, 7 Aug 1996 18:17:25 +0800
Subject: THE WORLD IS SCREWD UP
Message-ID: <9608070619.AA05456@srzts100.alcatel.ch>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: cypherpunks at toad.com
Date: Wed Aug 07 08:16:48 1996
> THIS WORLD IS SREWED UP i hate my life so mue hobbeys makeing time pipe
> bommbs so what is this all about huh what the fuck "anti terrisiom bill"
> damn sad ok so what does  this mean FREE COUNTRY hahahaha i laugh when i
> hear that term there is no free country and we never have a wright to 
> privesy u know man this sux so much....... oh and to the government u
> can kiss my ass

And here I was thinking my English sucks! By the way, keyboard do have keys 
like ".,;:".

:-)


- --------< fate favors the prepared mind >--------
Remo Pini                            rp at rpini.com
PGP:  http://www.rpini.com/remopini/rpcrypto.html
- ------< words are what reality is made of >------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMgg01BFhy5sz+bTpAQFz9ggArJOn4g8i/xREcEAjYXAO5oB+Jt6wUox1
dMh9GYpoYiYkb2qzpvQ9kK7JRMbehZRqhsltPQ7ydn1hNs/v+O+M4MG6I0FoIJg4
mmpEY7DDfLmqyPUAgEFq07re3pGraeteLFdSTlDvjxiBNw2+0K1EjQWHVVgxT/2p
CKeKW8/v/dSA68TFVFcBlYKbNYZREUeEhTLhFLmuXXXkJcC3orrO0ODaENT7MWUz
o1uCPq0v+XM+WMhNji5dIkVN6/SJQ0QT1MjocCmOFuMAa/UW8lwX2BPqBvI3K1ao
EOb8hHDut+yMExRI2X6rtC3u8lgvm/8i58BBc1IncuI1Oxgn1ivmDw==
=hwr+
-----END PGP SIGNATURE-----




From hallam at Etna.ai.mit.edu  Wed Aug  7 03:18:21 1996
From: hallam at Etna.ai.mit.edu (hallam at Etna.ai.mit.edu)
Date: Wed, 7 Aug 1996 18:18:21 +0800
Subject: [NOISE] Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <199608062350.QAA18315@web.azstarnet.com>
Message-ID: <9608070000.AA01836@Etna.ai.mit.edu>



>Oh goody! Another Hallam-Baker-generated p*ssing contest.  Perhaps you
>fellows should settle your differences with a bet. Oops, I forgot. The good
>"Doc" dishonors his wagers with a series of fantastic and infantile
>"misunderstandings".

Actually I'm now happy to accept the bet but in the forum of my choice:-

http://www.ideosphere.com/ideosphere/fx/main.html


	Phill





From jon at taurus.apple.com  Wed Aug  7 03:18:23 1996
From: jon at taurus.apple.com (Jon Callas)
Date: Wed, 7 Aug 1996 18:18:23 +0800
Subject: Apple people on the list
Message-ID: <v02130504ae2d6c856d70@[17.130.22.227]>


A quick response to Tim May's recent mail.

I'm an Apple employee. I'm on the cypherpunks list, but I'm not sure if Tim
would consider me active. I read cypherpunks on one of the edited versions
(the "frogfarm" edition, many thanks to its editor, Damaged Justice), but I
subscribe to and read Coderpunks. I do, however write software and papers on
security and crypto. I have done so for over six years.

One of the reasons I subscribe to Cypherpunks is, in fact, Tim May. Whenever
I see something he's written, I read it, which is more than I can say for
most of Cypherpunks. When I was getting all of Cypherpunks, I used Tim's
messages as navigation buoys.

I am disappointed that Tim won't be at the Mac Crypto conference. I thought
it was an excellent idea for him to speak, and think it would still be an
excellent idea. I would like to hear his views in a forum more detailed than
the short things that go on Cypherpunks. As for me, I'm going to be giving a
talk at the conference on using, abusing, and constructing random number
generators. The talk is an updated reprise of the talk and paper I gave at
MacHack '96.

A number of us would also like to hear Tim speak. I'm sure that as a
consulting fee we can come up with enough t-shirts and beer that it will make
the drive back over 17 even more harrowing than it usually is. I'll toss in a
copy of the Macintosh Entropy Manager, but since I'm giving it away to anyone
who wants it, it's not much. Perhaps I can autograph a floppy or something.

        Jon Callas
        Senior Scientist
        Apple Labs, Advanced Communications and Collaboration
        jon at taurus.apple.com
        http://www.merrymeet.com/jon







From JonWienk at ix.netcom.com  Wed Aug  7 03:18:24 1996
From: JonWienk at ix.netcom.com (JonWienk at ix.netcom.com)
Date: Wed, 7 Aug 1996 18:18:24 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <199608070325.UAA22254@dfw-ix6.ix.netcom.com>


On Tue, 06 Aug 96, hallam at Etna.ai.mit.edu wrote:
>
>Contrary to reports of some sort of inversion it is not the case that
>shell cases need to be found at the scene of a crime to cause an
>arrest and conviction. There are many people who are serving time
>after having left their fingerprints on shell cases found in a gun
>recovered after a crime. If the gun can be linked to a crime scene
>via balistics reports and the shells in the gun to an individual via
>fingerprints that is circumstansial evidence.

I am very skeptical of this. When a gun is fired, the shell casing becomes quite 
hot--hot enough to burn skin. (I have learned this from experience--once when 
firing my semi-auto .22 at a range, an ejected casing bounced off a post next to 
me and landed inside my collar. The resulting burn formed a blister on my neck.) 
This kind of heat has a tendency to evaporate the skin oils that fingerprints 
are composed of, which is going to make getting any useful print from the case 
extremely difficult. Also, when the gun is fired, the pressure inside the case 
presses it flat against the chamber wall, which is going to smudge the print, 
especially on semi-autos where extraction occurs while there is still a 
significant amount of pressure in the case. Furthermore, most shell cases are 
too small to get anything close to a complete print, which makes positive 
matching even more difficult. It is much more believable that prints were taken 
from the gun, which is handled more (thereby collecting more prints) and which 
generally doesn't reach skin-damaging temperatures.

Regardless of feasibility of collecting prints from cases, serial numbers on 
ammunition is still a stupid idea. Currently, all firearms are required to have 
serial numbers. However, serial numbers only rarely help solve crimes. Most 
criminals use weapons that have had the serial number welded over, filed off, 
etc. or that have been stolen, so the gun is registered in someone else's name, 
or both. Registration is a vastly more effective tool for the government to know 
where most of the lawfully owned firearms are (and who owns them) than it is at 
preventing or solving any crime. Putting serial numbers on ammo has all of the 
same problems, except the paperwork would be worse because people purchase ammo 
more frequently than guns.

Imagine someone breaks into your house while you are gone, and steals your 
serial-numbered gun and serial-numbered ammo. Then he uses them to stick up some 
of the local Stop-N-Rob's in your neighborhood while wearing the same gloves and 
ski mask he wore at your house. He fires numerous shots and reloads the gun 
several times, leaving fired cases in each store. After the last robbery, he 
dumps the gun in a storm drain, burns the gloves and mask, and catches the next 
flight to Tahiti. Do you really think that serial numbers on the gun or the ammo 
are going to help YOU?

Also, 32 bits of serial number is not enough. Over a billion rounds of .22 Long 
Rifle are fired in the US annually. Need I say more?

Since there are already natural means of positively matching bullets to guns, 
guns to cases, and guns to fingers, which cannot be used to falsely implicate 
anyone, , and since the claimed benefits of serial numbering can easily be 
circumvented by unscrupulous persons (in other words, CRIMINALS) I contend that 
serial numbers are a much better tool for facilitating a police state than for 
reducing crime.

On Tue, 6 Aug 1996, Rabid Wombat <wombat at mcfeely.bsfs.org> wrote:
>How about just numbering the criminals?  There's more room for the 
>numbers, there's precedent, and less specialized equipment is required.

obCrypto: How about defining the "number" as an MD5 hash of the X-Y coordinates 
of the entry points of 15 pellets of 00 buckshot in the criminal's chest, sorted 
in ascending order X, Y? (ORDER BY X ASC, Y ASC)
Jonathan Wienke

[End of gun rant. Sorry for burning up so much list bandwidth on this, but I 
recently had an experience where gang members were following me around for 
several weeks, trying to intimidate me from testifying against some of their 
friends who beat the crap out of some of my neighbors with sawed-off baseball 
bats... "Cold, dead, fingers" and all of that.]

"A conservative is a liberal who got mugged last night."
--Lee Rodgers

"1935 will go down in history! For the first time a civilized nation has full 
gun registration! Our streets will be safer, our police more efficient, and the 
world will follow our lead in the future!"
--Adolf Hitler

"46.  The U.S. government declares a ban on the possession, sale, 
transportation, and transfer of all non-sporting firearms. ...Consider the 
following statement:  I would fire upon U.S. citizens who refuse or resist 
confiscation of firearms banned by the U.S. government."
--The 29 Palms Combat Arms Survey  
http://www.ksfo560.com/Personalities/Palms.htm

1935 Germany = 1996 U.S.?

Key fingerprint =  30 F9 85 7F D2 75 4B C6  BC 79 87 3D 99 21 50 CB






From hal9001 at panix.com  Wed Aug  7 03:20:58 1996
From: hal9001 at panix.com (Robert A. Rosenberg)
Date: Wed, 7 Aug 1996 18:20:58 +0800
Subject: TrustBucks
In-Reply-To: <64gf4trmj9@nowhere.com>
Message-ID: <v03007800ae2c81fb3823@[166.84.220.80]>


At 1:11 -0500 8/2/96, TrustBuckFella wrote:


>Examples: Say Alice wants to pay Bob in TrustBucks, and Bob agreed to
>accept payment in this form. Alice has several options for paying him.
>
>*       Alice already has some TrustBucks( Bob ).
>
>                Alice pays Bob.
>
>*       The amount is small enough that Bob trusts Alice directly.
>
>                Alice and Bob swap TrustBucks( Alice ) for TrustBucks( Bob )
>                Alice pays Bob.
>
>        I know this looks like an extra piece of complexity, but it's
>        really not. By insisting that only TrustBucks( Bob ) are payment
>        to Bob, we insure that Bob can't manipulate what currency he
>        will accept to his advantage, which would otherwise be a
>        problem. For instance, Bob cannot refuse to make good on his
>        debts while accepting other people's money.

I fail to see why/how the initial swap of  TrustBucks(Alice) for
TrustBucks(Bob) followed by Alice returning the TrustBucks(Bob) [as
supposed payment] differs from her just paying with the TrustBucks(Alice)
in the first place [ie: He is willing to accept the TrustBucks(Alice) as
payment for the TrustBucks(Bob) that she will use to pay off her debt]. The
net result is the same - Bob has the same amount of TrustBucks(Bob) in
circulation and has an amount of TrustBucks(Alice) equal to Alice's payment
[the back and forth of the TrustBucks(Bob) is just playing "Right
Pocket/Left Pocket"].







From accessnt at ozemail.com.au  Wed Aug  7 03:22:35 1996
From: accessnt at ozemail.com.au (Mark Neely)
Date: Wed, 7 Aug 1996 18:22:35 +0800
Subject: The Solution: 20 Beautiful women
Message-ID: <2.2.32.19960807080312.00695a08@ozemail.com.au>


Fellow Cypherpunks,

Maths was never my strong point, but this response (from my statistician
g/f) sounds convincing...but then, maybe I'm biased :)

-----8<-------

According to your friendly neighbourhood statistician (ie me) the answer can be
deterined as follows:

Suppose we have 20 beautiful women and we call them W1, W2 through to W20.  For
any given women, say Wi where 1<=i<=20, we have only two choices, choosing her
or rejecting her.  Knowing that she's beautiful anyway, we assume that:

Probability(Choosing Wi)=Probability(Rejecting Wi)=0.5

Now, let Wn where 1<=n<=20 be the most beautiful woman, then the probability of
getting the most beautiful woman is:

Probability(Getting Wn)
        =Probability(Rejecting W1) * Probability(Rejecting W2) *
                Probability(Rejecting W3) * ... * Probability(Rejecting Wn-1) *
                Probability(Choosing Wn)
        =(0.5)^(n-1) * (0.5)
        =(0.5)^n

Now we know that the value for a fraction raised to any of the valid values of n
(defined above to be 1<=n<=20) can be maximised by minimising the power to which
the fraction is raised.  So we take the minimum possible value of n, namely n=1.

Thus Probability(Getting Wn)=(0.5)^n=0.5.  This gives us the highest chance of
choosing the most beautiful woman.

This could have been done more intuitively and less rigorously by considering
the fact that when we multiply any fraction by another fraction, it always
becomes a smaller fraction (and hence our probability is reduced).

So you can see there is a moral in this story, can you not?

I pat myself on the head.  I am extremely brilliant.

She who is most luscious
___
Mark Neely - accessnt at ozemail.com.au 
Lawyer, Internet Consultant, Professional Cynic
Author: Australian Beginner's Guide to the Internet (2nd Ed.)
	Australian Business Guide to the Internet
	Internet Guide for Teachers, Students & Parents
WWW: http://www.ozemail.com.au/~accessnt






From ceridwyn at wolfenet.com  Wed Aug  7 04:12:44 1996
From: ceridwyn at wolfenet.com (Cerridwyn Llewyellyn)
Date: Wed, 7 Aug 1996 19:12:44 +0800
Subject: appropriate algorithm for application
Message-ID: <2.2.32.19960806232209.006e2c84@gonzo.wolfenet.com>



I need an algorithm/protocol that is capable of encrypting numerous
files with separate keys, but there also needs to be a master key
that will be able to decrypt all of them.  Is there such a system 
that is relatively secure?  I'd prefer the system to be as secure
as possible, but in this application, security is secondary to 
functionality.  Thanks... //cerridwyn//






From stewarts at ix.netcom.com  Wed Aug  7 04:12:55 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Wed, 7 Aug 1996 19:12:55 +0800
Subject: Freeh slimes again: Digital Telephony costs $2 billion now  ...
Message-ID: <199608070259.TAA17442@toad.com>


>>> Louis Freeh is now asking the Congress for $2 billion to fund
>>> Digital Telephony.  Yes, that is FOUR TIMES what he said it

>How many crimes, approximately, are going to be solved or prevented by the 
>expenditure of this $2 billion dollars?  One hundred?  A thousand? 

I haven't been able to find the reference, but a month or two ago
there was an article on the net or in a newspaper about the targets
of wiretapping - how many wiretaps were for drugs, gambling, tax evasion,
and of course terrorism.  The number of wiretaps for bombs and guns
was something low like 80 in the last 5-10 years - about 1/10%. 
        (Did anybody else see this article??)
On the other hand, the recent articles in the press about increasing
bomb-related crimes in the US; it's up to about 3000/year from 2000 in 5 yrs.
So maybe 1/10% of the bombing investigations  have even used wiretapping.

So why is Louis Freeh ranting up and down about the need to
ban encryption because he needs wiretapping to catch terrorists?
At least he could be honest and rant about the need to stop the
hordes of drug dealers and escalate the War On Gambling.


#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From stewarts at ix.netcom.com  Wed Aug  7 04:13:00 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Wed, 7 Aug 1996 19:13:00 +0800
Subject: Corporate e-mail policy
Message-ID: <199608070259.TAA17453@toad.com>




>    "Electronic mail may be monitored if there is sufficient reason to
>     believe that it is being improperly used which includes, but is not
>     limited to: mail to competitors, more than 20 recipients (spam), and
>     incoming mail from questionable sources.  If such monitored mail is
>     encrypted the employee must provide a clear text version of the mail
>     which is to be unencrypted under supervision to avoid substitutions.
>     Any employee refusing to make available such mail will be ...."

Official mail to competitors, the press, or customers is probably something
you'd want an official copy of anyway, and the employee should be
able to decide intelligently what to keep (unless your lawyers say
to always keep everything, in which case the legal department should
be responsible for maintaining the archives....)

Incoming encrypted mail you can (presumably) get an employee to decrypt.
Outgoing encrypted mail may not support that - PGP, for instance,
supports an encrypt-to-self option, but if you don't use it,
and didn't record the outgoing message, you _can't_ decrypt it.
Writing something into a policy that will get an employee fired
for refusing to do something that can't be done with the available tools
is not a good idea.  I'm not highly impressed with the idea of 
snooping on employees' mail, even if it _is_ your company.
If you don't trust them, don't hire them.  If you do trust them,
don't eavesdrop.   And if they're ripping you off and don't have the sense
to sneak their sotlen data outside the building by sneakernet
or other untappable mechanism, you probably should have fired them
for incompetence long ago anyway.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From EALLENSMITH at ocelot.Rutgers.EDU  Wed Aug  7 04:24:34 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Wed, 7 Aug 1996 19:24:34 +0800
Subject: e$: Watching the MacRubble Bounce
Message-ID: <01I7YR8ENYFK9JD1RF@mbcl.rutgers.edu>


	If you're wanting someone to talk on NuPrometheus, you might try
Barlow.... he's already been investigated for it and doesn't seem likely
to be harrassed again. Of course, _getting_ him could be a problem.
	-Allen





From proff at suburbia.net  Wed Aug  7 04:25:10 1996
From: proff at suburbia.net (Julian Assange)
Date: Wed, 7 Aug 1996 19:25:10 +0800
Subject: Fixes to loop.c et al. for DES,IDEA,stego now done
In-Reply-To: <Pine.LNX.3.91.890918054255.204A-100000@HellSpawn>
Message-ID: <199608070806.SAA26988@suburbia.net>


> > -----BEGIN PGP SIGNED MESSAGE-----
> > 
> > This directory contains patches to the Linux kernel to enable encryption and
> > steganography of filesystems. Encryption allows you to have a scrambled
> > partition or file that, with the proper pass phrase, you can mount, just
> > like a normal filesystem. Steganography allows you to hide a filesystem in
> > the low bits of, say, an audio file. You can even combine these two to hide
> > a scrambled filesystem in the low bits of an audio file (see the example,
> > below).
> 
> 
> 
> With the addition of stego, this arrangment seems to be rather similar to 
> CFS.  So the question on my mind, is can the loop device(s) be 

Since when has CFS had any steganography features?

--
"Of all tyrannies a tyranny sincerely  exercised for the good of its victims  
 may be the most  oppressive.  It may be better to live under  robber barons  
 than  under  omnipotent  moral busybodies,  The robber baron's  cruelty may  
 sometimes sleep,  his cupidity may at some point be satiated; but those who  
 torment us for own good  will torment us  without end,  for they do so with 
 the approval of their own conscience."    -   C.S. Lewis, _God in the Dock_ 
+---------------------+--------------------+----------------------------------+
|Julian Assange RSO   | PO Box 2031 BARKER | Secret Analytic Guy Union        |
|proff at suburbia.net   | VIC 3122 AUSTRALIA | finger for PGP key hash ID =     |
|proff at gnu.ai.mit.edu | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 |
+---------------------+--------------------+----------------------------------+





From anonymous-remailer at shell.portal.com  Wed Aug  7 04:25:41 1996
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 7 Aug 1996 19:25:41 +0800
Subject: THE WORLD IS SCREWD UP
Message-ID: <199608070617.XAA03942@jobe.shell.portal.com>


At 05:02 PM 8/6/96 -0500, you wrote:
>THIS WORLD IS SREWED UP i hate my life so mue hobbeys makeing time pipe 
>bommbs so what is this all about huh what the fuck "anti terrisiom bill" 
>damn sad ok so what does  this mean FREE COUNTRY hahahaha i laugh when i 
>hear that term there is no free country and we never have a wright to 
>privesy u know man this sux so much....... oh and to the government u can 
>kiss my ass


TAKE it to a shrink... not Cypherpunks!

Ps. learn to spell!






From shamrock at netcom.com  Wed Aug  7 04:31:11 1996
From: shamrock at netcom.com (Lucky Green)
Date: Wed, 7 Aug 1996 19:31:11 +0800
Subject: Censorship through proxy
Message-ID: <v02120d05ae2db6d15662@[192.0.2.1]>


At 18:12 8/6/96, Timothy C. May wrote:

>I wonder what would happen if "Computers, Freedom, and Privacy '98" was
>held in Sing Sing?

We'd all get caned?



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From sebago at earthlink.net  Wed Aug  7 04:32:00 1996
From: sebago at earthlink.net (Allen Robinson)
Date: Wed, 7 Aug 1996 19:32:00 +0800
Subject: "Eternity service" paper request
Message-ID: <199608070146.VAA04336@norway.it.earthlink.net>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Tue Aug 06 20:53:31 1996
A couple of weeks ago Hal mentioned Ross Anderson's Eternity
Service paper (URL: http://www.cl.cam.ac.uk:80/users/rja14/#Lib).

As Hal described it at the time:

>The goal of the Eternity service is to make published information
>permanently and ineradicably available, despite efforts on the part of
>powerful attackers to destroy it.  The attack model explicitly
>includes governments.  This has obvious relevance to current
>controversies involving copyright, trade secrets, etc.

[. . . .]

>Anderson's basic concept is of a network of storage servers in widely
>scattered jurisdictions.  He uses cryptography so that although the
>servers store data, no single computer knows exactly what is stored in
>the encrypted files it holds.  Keys to the data are spread across the
>network using secret sharing techniques, with mutual cooperation among
>the servers being necessary to decrypt files.  (I believe the files
>themselves are redundantly stored on individual servers, but they are
>encrypted with keys which are split.)  Anonymous communications are
>used among the network of computers to reply to requests, so that
>attackers can't tell which computer produced a requested document.

At the time I thought this sounds quite interesting and filed the 
information away for a time when I would have an opportunity to
get the paper and read it.  I finally created that opportunity
recently only to find the paper at the above URL in a format I have
a *lot* of difficulty reading.  I'm a little embarrassed to ask such a
thing, but does anyone know a location where this paper resides in
plain-vanilla ASCII?

Many thanks.

AR

#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#
"The road to tyranny, we must never forget, begins with the
destruction of the truth." -- Bill Clinton, Oct. 15, 1995
at the University of Connecticut.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Quis custodiet ipsos custodes?
Allen Robinson.........................sebago at earthlink.net
PGP public key FE4A0A75     available from major keyservers
fingerprint 170FBC1F7609B76F 967F1CC8FCA7A41F

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgf3H3sdZ07+Sgp1AQHEYQP/cthh/U8MwguYjuDJkrMNScwCaLrBm+rv
7SJS5Oogln7ItVfMDCUGISVNABCg4gr4taqW8OnStmegZxqsYJevLu5qYVTPvdWG
wPDbBu2rHfHc6aHS1am727Vv9EJTb452tlDkXQuQApH4TUh9mYUe6oIxVenKSxNC
jbPGgzxgvvo=
=qhoi
-----END PGP SIGNATURE-----






From iang at cs.berkeley.edu  Wed Aug  7 04:34:02 1996
From: iang at cs.berkeley.edu (Ian Goldberg)
Date: Wed, 7 Aug 1996 19:34:02 +0800
Subject: Fixes to loop.c et al. for DES,IDEA,stego now done
Message-ID: <199608062350.QAA10693@abraham.cs.berkeley.edu>


-----BEGIN PGP SIGNED MESSAGE-----

As I mentioned before, the hooks to DES (and IDEA; with Nicholas Leon's
patches) in loop.c and {mount,losetup}(8) are horribly broken.
For example, the DES key you type in is totally ignored, and only the first
byte of the IDEA key you enter is relevant.  As well, the DES code was using
PCBC mode, and IDEA was using ECB mode.

I've fixed the key management (the key is based on a SHA1 hash of the pass
phrase you enter), and changed both DES and IDEA to use CBC mode.

Adding other encryption methods (Blowfish, for example) should be
straightforward.  In fact, I'm planning to add a facility for dynamically
adding and removing general data transformation modules (maybe for 2.1...).

In addition, I've implemented steganography (hiding a filesystem in the low
bits of, say, an audio file), and fixed some assorted bugs in loop.c
(incorrect variables were being used in some places, and a deadlock was fixed
having to do with making a loop device on top of another loop device).

The patches are available from:

ftp://ftp.csua.berkeley.edu/pub/cypherpunks/filesystems/linux/index.html

Since that site seems to be down a lot, there's an alternate site:

ftp://csclub.uwaterloo.ca/pub/linux-stego/index.html

Note that there's one file that contains crypto that users outside of the
US and Canada must not download.  See below for further details and
instructions.

Attached is the text version of index.html.  Share and enjoy.

   - Ian

- -----------------8<--------------------8<----------------
Encryption and Steganography for Linux

This directory contains patches to the Linux kernel to enable encryption and
steganography of filesystems. Encryption allows you to have a scrambled
partition or file that, with the proper pass phrase, you can mount, just
like a normal filesystem. Steganography allows you to hide a filesystem in
the low bits of, say, an audio file. You can even combine these two to hide
a scrambled filesystem in the low bits of an audio file (see the example,
below).

Installation instructions

  1. Get a fresh copy of linux-2.0.11.tar.gz from your favourite site.
  2. Patch it with the loopfix-2.0.11.patch file found in this directory.
     This fixes some bugs in the loop block device driver, and adds
     steganography support to it. Hopefully this will go into the standard
     kernel soon.
  3. Now you want to add cryptography support. Due to a strange US
     regulation, this has to be split up into two pieces. The first piece,
     export-2.0.11.patch, doesn't actually contain any cryptograhy; it just
     contains the changes to the Makefiles and documentation, etc. to
     reflect the eventual presence of cryptography. You should get this file
     and patch it into the result of step 2.
  4. If the site you are downloading these files from is in the US or
     Canada, you may only download the second piece, crypto-2.0.11.patch, if
     you are also in the US or Canada. If you are not, here's what's in the
     file, and where to get it:
        o The file contains the files drivers/block/idea.c, kernel/des.c,
          include/linux/idea.h and include/linux/des.h.
        o To get these files, go visit
          http://www.binary9.net/nicholas/linuxkernel/patches/ and get the
          patches des-1.0.patch and idea-1.0.patch.
        o Edit these patches and remove everything in them that isn't
          related to one of the four files listed above.
        o What you have left should be functionally equivalent to
          crypto-2.0.11.patch.
  5. Take either crypto-2.0.11.patch or what you got from outside the US,
     and patch it into the result of step 3.
  6. You now have a complete kernel. Compile as usual.

You will also need an updated version of the mount and losetup commands in
order to use this. To get these, download mount-2.5k from
ftp://ftp.win.tue.nl/pub/linux/util/mount-2.5k.tar.gz. Then get the patch
mount-2.5k.patch from this directory, and patch it into the sources. Compile
and install.

It would be really good if these patches to the kernel and to mount for
steganography and encryption were made standard, and enabled by default. The
reason for this is that it would be more suspicious for someone to have a
"special" kernel with stego capabilities than to just have a regular kernel,
configured in the default way.

Sample encrypted and stego'd filesystem

In this directory are two audio files. Alice-Bob.orig.au is a file I
downloaded from http://www.iro.umontreal.ca/labs/theorique/Alice-Bob.html.
The other file, Alice-Bob.au, is the same, except that it has an encrypted
filesystem hidden in the low bit of each byte. You can listen to each of
them, and see how much difference there is (it's just in the noise). To see
the filesystem, get a new kernel and mount/losetup as descibed above. Also
make sure you have loop devices in /dev/loop*, as described below. Then:

# losetup -e stego /dev/loop0 Alice-Bob.au
Use the low bits of each (b)yte, (s)hort, or (l)ong?
(Use lowercase letters for little-endian; uppercase for big-endian.)
b/s/l/B/S/L: [b]
# mount /dev/loop0 /mnt -oloop,encryption=idea
Pass phrase: What are we going to do tomorrow night, Brain?
# ls -al /mnt
total 220
drwxr-xr-x   3 root     root         1024 Aug  4 10:47 ./
drwxr-xr-x  23 root     root         1024 Aug  4 01:50 ../
drwxr-xr-x   2 root     root        12288 Aug  4 10:46 lost+found/
- -rw-r--r--   1 root     root           71 Aug  4 10:47 passwords
- -rw-------   1 root     root       208247 Aug  4 10:47 world_domination_plans
# umount /mnt
# losetup -d /dev/loop0

Usage instructions

First, make sure you have devices called /dev/loop0, /dev/loop1, ...,
/dev/loop7. If not, make them as follows:

# cd /dev
# for i in 0 1 2 3 4 5 6 7; do mknod loop$i b 7 $i; done
# chgrp disk /dev/loop[0-7]
# chmod 660 /dev/loop[0-7]

A note on choosing pass phrases: Pass phrases can be up to 128 characters
long. It's in your best interests to choose a good one. Make it long, and
hard to guess. There are FAQs out there on how to choose a good pass phrase,
I think.

Finally, here is a copy of the file
Documentation/filesystems/loop_crypt.txt:

Encryption and Steganography for Linux
- --------------------------------------

The "loop" block device driver allows you to "hide" a filesystem in
a disk partition or in a regular file, either using encryption (scrambling
the data) or steganography (hiding the data in the low bits of, say,
a sound file).

To use this, you will need updated versions of the "mount" and "losetup"
commands.  They are both in the mount-2.5k, which you can get from

 ftp://ftp.win.tue.nl/pub/linux/util/mount-2.5k.tar.gz

but you will need to patch it with the changes from

 ftp://ftp.csua.berkley.edu/pub/cypherpunks/filesystems/linux/mount-2.5k.patch

Also, if you want to use DES or IDEA encryption and not just XOR (which,
encryptionwise, is really terrible), you'll need to get the crypto patches
to the kernel.  If you're in the US or Canada, you can get them from

 ftp://ftp.csua.berkley.edu/pub/cypherpunks/filesystems/linux/crypto.patch

Otherwise, check

 ftp://ftp.csua.berkley.edu/pub/cypherpunks/filesystems/linux/index.html

to see how to get them.

How to use it
- -------------

Here are a number of examples:

To create an encrypted floppy (using IDEA):

Put a floppy in drive 0.
# dd if=/dev/urandom of=/dev/fd0 bs=1k seek=8
# losetup -e idea /dev/loop0 /dev/fd0
Pass phrase: (type a pass phrase here, up to 128 characters)
# mke2fs /dev/loop0
# losetup -d /dev/loop0

To use it again:
# mount /dev/fd0 /mnt -text2 -oloop,encryption=idea
Pass phrase: (type the same pass phrase)
# cd /mnt
(use the disk)
# cd /
# umount /mnt

To make a DES-encrypted filesystem in a regular file:

Decide on a filename and how big you want your encrypted filesystem to be.
Suppose you choose /root/private/rndseed as your filename, and you want
it to be 10MB (10240K).  Create it as follows:

# dd if=/dev/urandom of=/root/private/rndseed bs=1k count=10240
# losetup -e des /dev/loop0 /root/private/rndseed
Pass phrase: (type a pass phrase here, up to 128 characters)
# mke2fs /dev/loop0
# losetup -d /dev/loop0

To use it:
# mount /root/private/rndseed /mnt -text2 -oloop,encryption=des
Pass phrase: (type the same pass phrase)
# cd /mnt
(use the disk)
# cd /
# umount /mnt

There is an additional "feature" (well, _I_ think it's a feature) by
which you could mount the above filesystem on /root/private, even though
a file in that directory is being used to store the filesystem itself.
(Note of course that the encrypted file won't be visible when the
filesystem is mounted, and that only loop files don't count as "usage";
if you're _in_ that directory, or some process has any file in that
directory open, the mount won't work.)

To hide an IDEA-encrypted filesystem in the low bits of an audio file:

Let "penguin.au" be your sound file.
# losetup -e stego /dev/loop0 penguin.au
Use the low bits of each (b)yte, (s)hort, or (l)ong?
(Use lowercase letters for little-endian; uppercase for big-endian.)
b/s/l/B/S/L: [b]  (.au files store 1-byte samples, so say "b" here)
# dd if=/dev/urandom of=/dev/loop0 bs=1k seek=8
# losetup -e idea /dev/loop1 /dev/loop0
Pass phrase: (type a pass phrase here, up to 128 characters)
# mke2fs /dev/loop1
# losetup -d /dev/loop1
# losetup -d /dev/loop0

And to use it:
# losetup -e stego /dev/loop0 penguin.au
Use the low bits of each (b)yte, (s)hort, or (l)ong?
(Use lowercase letters for little-endian; uppercase for big-endian.)
b/s/l/B/S/L: [b]  (.au files store 1-byte samples, so say "b" here)
# mount /dev/loop0 /mnt -text2 -oloop,encryption=idea
Pass phrase: (type a pass phrase here, up to 128 characters)
# cd /mnt
(read secret info from files here)
# cd /
# umount /mnt
# losetup -d /dev/loop0

Note: if you don't have /dev/urandom, do this:

# cd /dev
# mknod random c 1 8
# mknod urandom c 1 9
# chown root.root random urandom
# chmod 666 random urandom

Last update: 19960806 by Ian Goldberg <ian at cypherpunks.ca>

This work derives from work by a number of people, including:
Werner Almesberger <almesber at bernina.ethz.ch>
Andries Brouwer <Andries.Brouwer at cwi.nl>
Ian Goldberg <ian at cypherpunks.ca>
Nicholas J. Leon <nicholas at binary9.net>
Theodore Ts'o <tytso at athena.mit.edu>
Eric Young <eay at psych.psy.uq.oz.au>
- -----------------8<--------------------8<----------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgfZsEZRiTErSPb1AQGf9wP8Cu0h79vowZVME3dJGhCQM8AbelCOHEck
O51uZ6o5Fwv3mPsZ0E15IyYns1mLYT4slWQ2VY2vEoTsT6pM4og+45/ZP3aRJh5i
mBgNulbRvxf/eqlmDBT6433JFrdAVAWHwGcMFTUXewHQJZ3x4WyIzvk1hHv++OGo
jn96Pbr71Qs=
=13QI
-----END PGP SIGNATURE-----





From jya at pipeline.com  Wed Aug  7 04:35:36 1996
From: jya at pipeline.com (John Young)
Date: Wed, 7 Aug 1996 19:35:36 +0800
Subject: Apple people on the list
Message-ID: <199608062315.XAA27999@pipe5.t1.usa.pipeline.com>


I'd like to hear Tim, too, in this Big Apple. RealAudio, perhaps. 
 
 
Tim's views are far more substantial and worthwhile than those play-it-safe
Pro-Code dronings. 
 
 
And his pith should go out far and wide, around the world, not only out
there on its edge. 
 
 
Vinnie, Robert, All Appledom, do your global duty, don't miss this chance
to leapfrog the small-beans promoters of the crypto industry. 
 
 
What would you offer to set off Tim's simmering crypto-anarcho-volcano,
make it heard round the planet? 
 
 





From nozefngr at mail.apple.com  Wed Aug  7 04:50:54 1996
From: nozefngr at mail.apple.com (Christopher Hull)
Date: Wed, 7 Aug 1996 19:50:54 +0800
Subject: e$: Watching the MacRubble Bounce
Message-ID: <199608070210.TAA12996@scv1.apple.com>


>
>I, for one, would appreciate the chance to hear Tim May present
>"crypto-anarchy" and "crypto-privacy" -- in a much more coherent fashion
>
>Vinnie is putting the "Mac Crypto" conference together in his spare
>time using "borrowed" facilities in a way that stays below Apple's
>"radar horizon".

Ah, so I'm not the only one who makes nefarious use of R&D4 
(Burning Man, Mike Jittlov, and other pseudo-events) ;-)

Looking forward to it.

>
>As for the "Mac is dead," I'll leave that to another time and place.

The press is a little difficult to believe when they come out with 
nonsense like  "Apple is finally upgrading an aging product line".
Excuse me?  Yes, the last new Mac one could buy was the IIfx?

San Jose Mercury News, A Division of Microsoft Press.
(I wonder if I should extend the Shakespeare award beyond the net).

-Chris



..    But there *are* a million monkees on the net,
..    and I still aint seen no Shakespeare!             <me>
...
...    smtp: nozefngr at apple.com
..     page: 1.800.680.7351
..     http: http://virtual.net/Personal/nozefngr/
..     icbm: lat37*21'.lon121*5'
..
..  the kabuki project: http://remarque.berkeley.edu/kabuki/







From vinnie at webstuff.apple.com  Wed Aug  7 05:08:59 1996
From: vinnie at webstuff.apple.com (Vinnie Moscaritolo)
Date: Wed, 7 Aug 1996 20:08:59 +0800
Subject: Mac Crypto/ internet commerce workshop registration
Message-ID: <v03007811ae2db56cce13@[204.179.131.59]>


-----BEGIN PGP SIGNED MESSAGE-----BY SAFEMAIL 1.0-----

Attention:

I have setup a webpage to handle registrations for the Mac Crypto/ internet
commerce workshop.

http://webtuff.apple.com/~opentpt/crypto.html

please signup and book your airlines and hotel as soon as you can.

I am still looking for presenters,  if you plan to talk, please drop
me an outline, pronto

ciao

-----BEGIN PGP SIGNATURE-----BY SAFEMAIL 1.0-----
Version: 2.6.i

iQCVAwUBMggHRfMF2+rAU+UdAQEocwQAi347wC62qlgoV0E8nL2E57beK0Uo3fjo
0ZYSYSwu0zOdF9gqGyBfM0ZEHFGh9CEiJik3JCKww4B4Pl6HVWjm9Ay1DN4IqdOo
fvanrRRJXcBi00HnyaJmjq9jIrsGoH6nZ3sxM58yaldm/6iVuKezhgBprPF0WwOr
aq9NPOZaePg=
=Zm8+
-----END PGP SIGNATURE-----




Vinnie Moscaritolo
Apple Developer Tech Support
http://www.vmeng.com/vinnie/
Fingerprint: 4FA3298150E404F2782501876EA2146A







From stewarts at ix.netcom.com  Wed Aug  7 05:14:12 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Wed, 7 Aug 1996 20:14:12 +0800
Subject: Digital Telephony costs $2
Message-ID: <199608070602.XAA21713@toad.com>


At 11:34 PM 8/5/96 -0800, you wrote:
>What is unclear, however, is WHY they "had to" build a card that couldn't do 
>full-duplex.  I mean, would there have been a problem implementing that?  Or 
>was this just another one of those stupid design decisions which could have 
>been easily fixed if it had been realized in time?

1) Costs money - especially critical if you're trying to either
-  get a new product accepted by the market (when they were becoming popular) or
-  compete in a me-too market (after they became popular and costs came way
down.)
2) DSPs tend to be really tight on resources, especially RAM,
   which you need to do multiple programs at once.  $5-10 DSPs are 
   especially tight.  They're starting to come with mini operating systems.
3) They probably didn't think of Internet Telephony as a market
-  They were PC folks, and while _we_ all knew about the Internet,
   it was probably 1/4 as big as now and earlier on the hype curve
-  It's only been recently that soundcards have been ubiquitous enough
   for people to assume they're there for a product like Internet phone
-  28.8 modems are fast enough.  14.4 are marginal.  9.6 is _really_ marginal.
4) Most of their market wants other things - MIDI, game noises,
   talking applications, occasional recording and sound processing.
   Voice crunching is mostly used for answering machines and 
   fancy voice-response telephony units "Press 1 if you want to Press 2."

>> It also has the advantage
>>that the data is being moved through your CPU, so encryption is
>>an easy add-on, rather than having one combined modem/voiceblaster
>>card which doesn't have any hooks for crypto or other processing.
>Well, I assume that if implemented as a new type of modem card, the 
>processor can be used to do the data transfer.

If you're doing the voice crunching and A/D conversion and telephony
all on the modem card, with everything tightly integrated
to fit in your tiny cache, why put in hooks for the processor to intervene?

>>Given that the "3KHz" is almost universally transmitted over 64kbps
>>digital channels, there's really no point in pushing past 33.6 with
>>analog-based coding; better to just do ISDN. 
>
>The local phonecos still want to overcharge for ISDN, however.  Major 
>bigtime problem.  ISDN looked great back in about 1980 when the fastest 
>common modem was 300 baud, but it's lost much of its lustre competing 
>against 33.6 kbps.  Maybe if ISDN were available at a premium of $5 per 
>month or so...

Depends on the telco.  Here in PacBell's fiefdom, home ISDN costs only
a bit more than two voice lines, and you get two lines out of it.
Local calls are a penny or four a minute daytime, free at night.
This may change soon - the telco is appalled to find out that
computer people think "it's free at night" means "it's free at night" :-)

There's getting to be enough ISDN support that an ISDN-based 
phone program might find some market - especially if it can use
higher sampling rates and ADPCM compression to get better sound out of
56-64 kbps than a regular phone can, and maybe you could support a
shared-whiteboard program as well.  Still need to do something about
echo control, though.  However, I wouldn't recommend writing a free
encrypted ISDN telephone program, though - you wouldn't be able
to export that on the Internet.  But a phone program that lets users plug in
their own algorithms for echo control, with an API that supports
exchanging parameters - now _that_ would be a phone program.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From pjn at nworks.com  Wed Aug  7 05:14:32 1996
From: pjn at nworks.com (pjn at nworks.com)
Date: Wed, 7 Aug 1996 20:14:32 +0800
Subject: SSNs (was Re: Interna
Message-ID: <TCPSMTP.16.8.6.-13.10.32.2645935021.659902@.nworks.com>


 (There is a really good joke in my response. Try to figure it out.
  Be the first one on your block to realize what the numbers mean)

 
 In> Anyone know  what J. Edgar Hoover's SSN was?


 Yeah, 276-77-3737


 P.J.
 pjn at nworks.com

... Hey, Worf! I hooked Data up to a modem... Wanna see?

___ Blue Wave/QWK v2.20 [NR]







From stewarts at ix.netcom.com  Wed Aug  7 05:24:07 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Wed, 7 Aug 1996 20:24:07 +0800
Subject: Stealth cookies
Message-ID: <199608070259.TAA17434@toad.com>



At 03:48 PM 8/5/96 -0400, Anne Eisenberg <aeisenb at duke.poly.edu> wrote:
>All of the discussion on the list to do with
>cookies is related to Netscape.  Does this mean that if one switches to
>Microsoft Explorer one can avoid the problem?  Many thanks.

MSIE also does cookies.  Netscape 3.0b5 has a nice option to let you
choose whether to accept a cookie or not.  However, what's the problem
you're trying to solve?  Sites have several ways to find out information
about you, which they can use immediately or coordinate with other things
0) Stuff the site knows about itself, like contents and time
1) Stuff you tell them by filling in forms
2) Your IP address (not always very useful...)
3) Information your browser sends (somewhat adjustable.)
4) Information your browser sends that a site asked you to keep for it
        (i.e. cookies.)

For the most part, this doesn't leak a lot of information;
even cookies can only pass things the sites already knew between sessions.
The cookie spec is well-designed, only allowing cookies to be retrieved
by the machine or domain that set them in the first place.

However, there's a way to cheat the cookie spec; I don't know
if this was intentional, but it was realized quickly by the market :-)
The issue is that your browser sends along an HTTP_REFERRER variable,
which points to the last page you visited before the current page.
It's useful for sites to find out where their pages are being referenced,
and they may (legitimately) want to only give out information if you're
coming from one of their previous pages.  This does also mean that
a page (www.alice.com/interesting.html) can hand its name to another page
or program (www.bob.com/cgi/count-stuff.pl)  by including an inline reference
to it.  But that site can send your browser a cookie marked bob.com, which is 
accessible by _it_, not by the referring page.  This means that 
if you later connect to www.carol.com/foo.html, which references bob's
count-stuff program, bob.com can retrieve the bob.com cookie that 
has information about your connection to alice.com.  If alice.com and
bob.com store some identifying information (e.g. alice.com records
a connection from 192.9.200.1 at 12:34:59 UTC, and bob.com records 
a connection from 192.9.200.1 at 12:35:01 UTC, and bob.com stores a reference
to that in the cookie (either storing the information directly, or more
likely, storing a record-id number referencing a database entry,
and carol.com and bob.com similarly share a reference, then alice, bob,
and carol can coordinate what happened in the two sessions.
Maybe Bob just knows that there's market correlation between viewers of
Alice's Brownie Company and Carol's Congressional Consulting, or maybe
they also share the credit card number, flavors, and addresses you gave
alice.com
with the search criteria you gave carol.com to find you've been donating
special brownies to that congresscritter you've been lobbying.
Without the cookie hack, the ability to correlate is limited to the
common information that you've given the two sites, which tells
them that some Netcom user with Mozilla 3.2b7.7 did it,
which isn't enough to run a targeted campaign donation request
or send out the FBI or whatever.

Doubleclick.com is the site that's wellknown for exploiting the feature,
and their web site is interesting.  If you're using 3.0b5, try
different combinations of accepting or rejecting cookie requests....

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From rah at shipwright.com  Wed Aug  7 05:27:39 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Wed, 7 Aug 1996 20:27:39 +0800
Subject: Phill's evil twin Skippy
In-Reply-To: <199608062350.QAA18315@web.azstarnet.com>
Message-ID: <v03007801ae2dad9e03f0@[206.119.69.46]>


At 7:50 PM -0400 8/6/96, David M. Rose wrote:
> Oh goody! Another Hallam-Baker-generated p*ssing contest.  Perhaps you
> fellows should settle your differences with a bet. Oops, I forgot. The good
> "Doc" dishonors his wagers with a series of fantastic and infantile
> "misunderstandings".


The weirdest thing happened to me today. (Nooo, not *that* wierd thing,
something *else*.) A gentleman proporting to be Phill Hallam-Baker (at
least his check said so, and they actually *do* clear...) showed up at the
DCSB meeting and had lunch. Very pleasant guy.  Quite civil, if a little
bit statist, and way too Hegelian for my blood...

Frankly, I think someone's *spoofing* Dr. Hallam-Baker, on the net or in
person. I can't figure out which one's which.

Anyone have some theories on this? Does he have an evil twin Skippy? The
world wants to know.

Will the real Phillip Hallam-Baker please stand up and thottle your evil twin?

Cheers,
Bob Hettinga




-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From shamrock at netcom.com  Wed Aug  7 05:33:40 1996
From: shamrock at netcom.com (Lucky Green)
Date: Wed, 7 Aug 1996 20:33:40 +0800
Subject: Apple people on the list
Message-ID: <v02120d03ae2db5810751@[192.0.2.1]>


At 16:15 8/6/96, John Young wrote:

>What would you offer to set off Tim's simmering crypto-anarcho-volcano,
>make it heard round the planet?

Bottle o' Scotch (my private stash). Free Ecash account.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From janee at okway.okstate.edu  Wed Aug  7 05:35:29 1996
From: janee at okway.okstate.edu (Steve Coltrin)
Date: Wed, 7 Aug 1996 20:35:29 +0800
Subject: SSNs (was Re: Internal Passports)
Message-ID: <20758330@Okway.okstate.edu>


Simon Spero <ses at tipper.oit.unc.edu> wrote:

>one silly thought: lots of people use cypherpunks as the username and 
>password for all those websites that want an id. What about a cypherpunks 
>3-2-4 number for those cases where an SSN isn't appropriate. Anyone know 
>what J. Edgar Hoover's SSN was?


According to one of "George Hayduke"'s books, Richard Nixon's was 567-68-0515.

-spc





From tcmay at got.net  Wed Aug  7 05:41:24 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 7 Aug 1996 20:41:24 +0800
Subject: Talking about Crypto Anarchy
Message-ID: <ae2d4666190210046ce1@[205.199.118.202]>



I'm going to use John's comments as a jumping off point for some things I
probably should have said a while ago.

At 11:15 PM 8/6/96, John Young wrote:
>I'd like to hear Tim, too, in this Big Apple. RealAudio, perhaps.
>
>Tim's views are far more substantial and worthwhile than those play-it-safe
>Pro-Code dronings.
>
>And his pith should go out far and wide, around the world, not only out
>there on its edge.
>
>Vinnie, Robert, All Appledom, do your global duty, don't miss this chance
>to leapfrog the small-beans promoters of the crypto industry.
>
>What would you offer to set off Tim's simmering crypto-anarcho-volcano,
>make it heard round the planet?

As I think I made clear, there is little either Vinnie or Bob have "failed"
to do. I'll explain this below. It is true that I am not much of a fan of
Bob's writing style, with nuggets of truth buried in bloviations about
sacks of grenades, rubber rafts, shaking trees, pieces of the true cross,
ad nauseum, but, then, "style" is something I tend to react to perhaps more
than most. (Not the variations in style of the hundreds of folks who post
here, but the florid excesses so common in "neo-journalism," where it seems
the writers are paid by the word--as perhaps they are--and wrap their few
nuggets in stock phrases and cutesy pastiches of Chandler, Wolfe, Gibson,
Joyce, and the whole Sick Crew.

Back to important issues. Let me summarize:

1. A while back there was an announcement (I thought by Vinnie, but he
denied it to me) of a "Mac Crypto" mailing list. This announcement, which I
no longer have (not in my own archives, and not in the few CP archives that
seem to still be reachable on the Web) mentioned that the list would focus
on "real" cryptography, and _not_ on political issues (including,
presumably, the main topics that have motivated my contributions for the
past several years, and longer).

Fair enough, as the owner/maintainer of a list is free to set his policies.
I of course did not join this list, as I don't think a list which only
discussed quadratic residues and elliptic curve methods is exactly my cup
of tea...there are plenty of textbooks and other lists for this.

2. So, when Vinnie sent me his "Mac Crypto Needs You!" mini-rant, my
natural conservatism toward such things kicked in. I am not, as must be
clear now, one of those "Rah rah rah! We need to evangelize crypto!" folks.
I take a neo-Calvinist position on such things. Hustling memes is
distasteful to me. (Some will say my posts here are an attempt to sell my
ideas. Fair enough, but this is a forum I find acceptable.)

3. I told Vinnie I was not interested, that giving a "pep talk" to Mac
developers is not my thing, and that if my views on politics, crypto
anarchy, the undermining of governments, money-laundering as a tool of
liberation, etc., were not deemed acceptable for his list, then I would not
feel welcome at Apple Computer talking about the same. (In his reply, he
said he'd never said any such thing about politics not being welcome on Mac
Crypto....I could have sworn I saw such a thing, but, like I said, I can't
find this message anywhere I've looked.)

4. Blah blah blah. That is, you saw my longer article I sent to Vinnie,
explaining why I was not too interested. I won't repeat the points here.

5. I thought the subject was closed, as Vinnie then said that perhaps I was
_not_ the right person after all. I agree with this. I am not an
"evangelist," at least not one in the mold of the ever-bubbly Guy Kawasaki.
Nor am I in the mold of a Robert Hettinga. Maybe I'm more like H.L.
Mencken, or, at least I'd like to be.

Evangelists disgust me. I can't read anything Kawasaki gibbers about, nor
can I read the neo-journalism of "Spencer Katt," "Mac the Knife," or
"Robert X. Cringely."

(If you don't recognize these names, these are the terminally-hip gossip
columnists and "rumormongers" of the three leading trade rags. The style is
pretty similar to that used by Brock Meeks, Robert Hettinga, and the like.)

Now on the the Big Issue.

6. I've given up on discussing crypto anarchy in short talks because nearly
nobody in the audiences I've done it for has the foggiest notions of what
I'm talking about, and I've found no short, sweet, simple methods of
getting across the implications. Many audiences have no idea of how public
key encryption even works, let alone how digital money might work.

(Thus, panel discussions on "cryptography" bog down almost immmediately on
basic issues. There's no way to get to the "juicy" stuff when 20 minutes is
spent trying to educate an audience about what a prime number is!)

Consider how long it takes a new subscriber on this list, one who
presumably heard about this list from a background of some familiarity with
the idea of encryption, to get to the point of understanding what the terms
and phrases in my sig mean. I'd say it takes at least several weeks, with
detours into Schneier to read up on the basics, and some mental effort to
think through how anonymous remailers work, what digital money might mean
for tax collection, etc.

Even at the Hacker's Conference, which I last attended in 1993, the
discussions of cryptography were deeply unsatisfying to me. My panel, on
crypto, bogged down in trying to get across to a technically pretty
competent audience the implications of strong crypto. Clearly, the hour or
so we had was not enough, and people could only get the barest glimpses.

7. In several radio talk shows I have done, the same is true. Given that
there just isn't enough time for a careful explication of the necessary
background, the discussion and the questions from callers to the show stay
at the most basic level. While I am not dismissing the importance of basic
questions, it's clear that the discussion can never move on.

Thus, discussions tend to never get beyond the "think of crypto as
envelopes...would you want your messages all on postcards?" level. (This
envelope-postcard analogy is of course due to Phil Z., and he seems more
comfortable than I in giving this kind of talk over and over again.)

8. Even articles in "Liberty" and "Reason" magazines (plus more obscure
magazines like "Extropy") have to spend most of the article explaining the
basics, ending with a glimpse into a few topics of more recent vintage.
Mostly, it is hopeless to get into "crypto anarchy," when the article is
about how public key encryption works.

(Note: This observation is part of a larger issue about the difficulties of
building on past work. It is why so many fractious debates never get beyond
the opening salvos...over and over again. The debate over nuclear power (or
gun rights, or...) comes to mind, and I have, as with crypto anarchy, given
up on trying to "convince" groups of the truth of my views: nearly everyone
I talk to is so ignorant of the basics of radiation, containment, half
lives, ionizing radiation damage, alternatives, etc., that all discussions
bog down at the most basic of levels. When I used to have the energy--and
the foolishness--to bend someone's ear about nuclear power for a couple of
hours, I could _sometimes_ see the glimmerings of a change in positions,
the flicker of a change in preconceived notions. Mostly there was only
blankness and hostility. I get the same reaction when I try to explain the
techno-libertarian implications of strong cryptography.)

9. So, while John Young and others might want like that my "pith should go
out far and wide, around the world, not only out there on its edge," the
plain fact is that it can't go out in a talk lasting only a few hours, or,
much more likely, lasting less than an hour.

Certain after dinner speakers are adept at getting one or maybe two simple
points across in a talk--usually with some judicious humor to drive the
point home--but I am not one of them. Maybe one of you is, but not me. In
any case, getting "one or two ideas across" is not of much interest to me.

(I've also seen David Chaum struggle to just get the basic idea of
"credentials without identity" across to a tecnical audience...even when he
concentrates on only getting a single facet of his ideas across, the light
bulbs just don't go off in the heads of the audience members...at least
this was what I witnessed.)

I know there are some lawyers and law professors on this list, so the
analogy to law might be useful. To wit, can a lawyer or professor be
expected to really explain to a lay audience some complicated subject? Or
is a series of ground-laying lectures needed first? While there are
presumably lawyers willing to give pleasant after-dinner speeches on, say,
"tort reform," I suspect that very little information is conveyed to lay
audiences. (And, as I've said, I am not a talented dinner speaker.)

10. Finally, I am not a "motivational coach." I don't give pep talks to
people at companies to help them save their companies, or their platforms.
Thus, I am not interested in giving a "go out and win one for the Gipper!"
pep talk at Apple.

I hope this makes things clearer. And bear in mind that I actually _did_
spend a vast amount of my time putting together a compendium of my thoughts
and ideas in my "Cyphernomicon." [ URL:
http://www.oberlin.edu/~brchkind/cyphernomicon/ ] At more than a megabyte,
and with various chapters on crypto anarchy, anonymous markets, remailers,
and all sorts of implications, it is the fullest embodiment of my thinking
extant in any one place. Some say it would make for a start on a book, but
I can't see any publishers rushing to publish such a book (one publisher
asked me to "submit a proposal" for a book on how to use PGP...this is the
level of what publishers want from me...needless to say, I discarded his
business card immediately).

And so it goes. I'm not interested in giving a pep talk to Apple or its
developers, I outlined my reasons in other messages. And I don't believe
there's any way to adequately explain the collection of ideas I call
"crypto anarchy" in much less than a lecture series. Even if someone were
to sponsor or arrange such a lecture series, as has been done for things
like nanotechnology, I'd have to think long and hard about committing to
this. My inclination is to tell those who ask for such a talk or lecture
series to "RTFM."

Regards,

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From frissell at panix.com  Wed Aug  7 05:43:31 1996
From: frissell at panix.com (Duncan Frissell)
Date: Wed, 7 Aug 1996 20:43:31 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <2.2.32.19960806235136.0092c204@panix.com>


At 05:16 PM 8/5/96 -0400, hallam at Etna.ai.mit.edu wrote:

>Making that argument defeats your case. Irespective of the framers
>of the constitution nobody in Congress or the Administration believes
>that you have a right to take up arms against the government.

Have you checked with Helen Chenoweth (R-Idaho) or B1-Bob Dornan (R-Orange
County) about this assertion.  Not to mention our former black radical
friend from Oakland in Congress.  I bet you could find a fair number of
supporters for the concept of the "right of revolution" in Congress and
other parts of the government.  Better hunting on Usenet, of course.

When former Idaho congressman and senator Steve Syms was first running for
Congress, his slogan was "Traditionally, Americans have had three means of
preserving their freedoms.  The jury box, the ballot box and -- when those
failed -- the cartridge box."

In addition it seems to me that a certain "Mobe" leader and campus
revolutionary made it as far as the White House (or was he just spying for
the Company at the time?).  (Mobe = Student Mobilization Committee to End
the War in Vietnam)

Try not to say "no one believes X".  That statement can always be falsified
and usually with thousands of counter examples.

DCF

"Article 1 Section 1 of the Constitution of the State of Oregon - All power
is inherent in the people and it is their right to alter or abolish the
government whenever they believe it necessary or appropriate to do so."
>From memory but that's the substance of what it says.






From hal9001 at panix.com  Wed Aug  7 05:51:43 1996
From: hal9001 at panix.com (Robert A. Rosenberg)
Date: Wed, 7 Aug 1996 20:51:43 +0800
Subject: TrustBucks
In-Reply-To: <htrb56rmj9@nowhere.com>
Message-ID: <v03007801ae2c8542fd2d@[166.84.220.80]>


At 19:11 -0500 8/3/96, TrustBuckFella wrote:

>I'll explain Private Currency and why it's good and bad. In Private
>Currency you don't "buy the [money] someplace". You mint it when paying.

IOW Electronic IOUs/Markers.

>Restraint on double-spending: Each participant publishes a list of the
>    ID and value all outstanding TrustBucks of their own variety. Value
>    of the notes can be obscured so it can only be verified by someone
>    who has seen the note itself.
>
>    What if some participant doesn't publish a complete list? Well, who
>    are they robbing? People who directly trusted them for that amount
>    and now won't ever again.

If the value is obscured there is still no verification of how much they
have outstanding. So long as all of the TrustBucks are listed (with the
amounts listed correctly but obscured), there is no way to verify that the
claimed total is accurate unless you monitor their list before the swap and
after it and there is only one new TrustBuck listed (with the correct
amount added to the outstanding total). Listing phony $0 notes on the list
and removing them later (and dropping the claimed outstanding balance)
would be possible. With this method, anyone who I give my note to will see
the correct amount in THOSE notes as well as seeing the outstanding balance
go up the correct amount but that amount can be manipulated (as I stated)
due to there being no complete disclosure of the amounts.







From jimbell at pacifier.com  Wed Aug  7 05:55:53 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 7 Aug 1996 20:55:53 +0800
Subject: Censorship through proxy
Message-ID: <199608070331.UAA03775@mail.pacifier.com>


At 06:12 PM 8/6/96 -0700, Timothy C. May wrote:
>Sing Sing (the country is now a prison, so...) is one of the states we
>should think about targetting for "special attention." Not in the sense of
>violence, but in the sense of offering help to freedom fighters, those who
>want to use stego, web proxies, etc.
>
>I wonder what would happen if "Computers, Freedom, and Privacy '98" was
>held in Sing Sing?


A friend of mine, who occasionally visits Singapore on business, told me 
this Singaporean joke:

"Singapore is a fine place.  There's a fine for this, and a fine for that,..."

Jim Bell
jimbell at pacifier.com





From stewarts at ix.netcom.com  Wed Aug  7 06:00:56 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Wed, 7 Aug 1996 21:00:56 +0800
Subject: Internal Passports
Message-ID: <199608070259.TAA17424@toad.com>


At 07:37 PM 8/5/96 -0700, you wrote:
>Personally, I don't care. In fact, when employing gardeners and yard works
>I prefer Mexicans. But the law says, these days, that I must verify the
>legality of workers *if* they appear to be dark-skinned, Mexican, Latin, or
>the like. I say "if" because there are no requirements in general for
>white-skinned, Anglo workers....no work permits, no proofs of citizenship
>(such a document is currently lacking in the American pantheon...I, a mixed
>descendant of Mayflower colonist and Scandinavian immigrants, lack such
>"proof").

If you're _employing_ Anglos, you're currently required to disrespect their
honesty and demand proof that their papers are in order to fill out the I-9
form.
There's a list of "one from column A or one from columns B and C"
of acceptable papers, such as passports, birth certificates,
driver's licenses, US Military ID, etc., which the government uses
to determine whether they want to give you permission to hire them
and give them permission to work.  If you don't have these, 
you can join the Army, and they'll give you some papers.
I hope you weren't Un-American enough to be born at home, though -
without that government-issued birth certificate, the Army
won't be able to verify your age.

None of that is really proof of citizenship - after all, you could 
have renounced your US citizenship and become stateless or joined 
a foreign government.  But President Buchanan's loyalty oath requirements
should take care of that, as well as help with the problem of all these
immigrant Brits and Irish and Canadians flooding our shores - I mean,
look around you, they're everywhere.  Y'all can't walk into a 7-11 these days
without some clerk speaking funny-soundin' English at you.

And the reason you can't legally just hire contractors and not have them
count as employees has a lot to do with Senator Frank Lautenberg (D-NJ),
who made a lot of money running ADP, a computer-services bodyshop,
that wanted to preserve its advantages against more flexible competition.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From dlv at bwalk.dm.com  Wed Aug  7 06:08:40 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Wed, 7 Aug 1996 21:08:40 +0800
Subject: Internal Passports
In-Reply-To: <2.2.32.19960806103803.0090e254@panix.com>
Message-ID: <RDo0RD45w165w@bwalk.dm.com>


Duncan Frissell <frissell at panix.com> writes:
> At 12:06 AM 8/6/96 -0700, Marshall Clow wrote:
>
> >I have found that promising to provide the necessary docs, and then failing
> to do so, is the least confrontational and most effective way around this.
> >
> >"Delay is the deadliest form of denial"
>
> Works for me as well.  Likewise, self employment.

That's the key word here - I don't think you need I-9 if you get paid on 1099
or equivalent. However for W-4 employment, the emplyer must send a signed I-9
to los federales. Otherwise the computer will flag this situation and they'll
get a letter asking why they pay wages to someone whose I-9 isn't on file.
I suppose when the person is "obviously" U.S.-born, the h.r. people might lie
and say on I-9 that they saw a document. Then again, I've seen folks who looked
and spoke more American (or German-Swiss, or Romanian) than most natives. :-)

By the way, another advantage of 1099 is that if you have your corporation,
you give its EIN, not your SSN to the clients, whom you don't necessarily
want to know your SSN.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From sunder at dorsai.dorsai.org  Wed Aug  7 06:10:50 1996
From: sunder at dorsai.dorsai.org (Ray Arachelian)
Date: Wed, 7 Aug 1996 21:10:50 +0800
Subject: "lite" version of cpunks available?
In-Reply-To: <Pine.BSF.3.91.960805181131.186A-100000@bitbucket.edmweb.com>
Message-ID: <Pine.SUN.3.91.960806124219.8876B-100000@dorsai>


On Mon, 5 Aug 1996, Steve Reid wrote:

> Are there any filtered versions of the Cypherpunks mailing list available? 
> I'm currently subscribed to cypherpunks-d at gateway.com, but that machine is
> down and I haven't received anything in the past few days. 


Yes, I run one of them.  To subscribe send a message to sunder at dorsai.org 
with the subject "fcpunx subscribe" (no quotes.)  Do not reply to this 
message as the perl scripts that handle these tasks ignore messages from 
mailing lists.

For more info see: http:/www.dorsai.org/~sunder/crypto.html 

==========================================================================
 + ^ + |  Ray Arachelian |FL|       KAOS KERAUNOS KYBERNETOS      |==/|\==
  \|/  |sunder at dorsai.org|UL|__Nothing_is_true,_all_is_permitted!_|=/\|/\=
<--+-->| --------------- |CG|What part of 'Congress shall make no |=\/|\/=
  /|\  | Just Say "No" to|KA|law abridging the freedom of speech' |==\|/==
 + v + | Janet Reno & GAK|AK|        do you not understand?       |=======   
===================http://www.dorsai.org/~sunder/=========================
 Key Escrow Laws are the mating calls of those who'd abuse your privacy!






From jfricker at vertexgroup.com  Wed Aug  7 06:29:30 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Wed, 7 Aug 1996 21:29:30 +0800
Subject: Stealth cookies
Message-ID: <2.2.32.19960806171618.00a52aec@vertexgroup.com>


At 12:10 AM 8/6/96 -0700, you wrote:
>John F. Fricker wrote:
>> Solution?
>> 
>> 1) Don't put your name in the netscape configuration (d'oh)
>
>  No, no, no.  Netscape navigator does not reveal your name or
>put it into cookies.  The only way to get your name or other
>personal information about you into a cookie is for you to type
>it into a web site, and have that site send you back a cookie.
>
>  The only time we reveal your name is in e-mail headers, and
>when doing anonymous FTP when you have manually disabled the default
>of sending 'mozilla@' as the anon ftp password.
>
>	--Jeff
>

Oh I was just being paranoid I guess. There used to be JavaScript that would
automatically send email from a page. something like 

<html>
<body onLoad="document.mailme.submit()">
<form method=post name="mailme"
action="mailto:john at vertexgroup.com?subject=user address">
<input type=hidden name="userAddress" value="done">
</form>
</body>
</html>

But even if that still works it would be a good trick to associate it with a
cookie.







From nobody at REPLAY.COM  Wed Aug  7 06:31:11 1996
From: nobody at REPLAY.COM (Anonymous)
Date: Wed, 7 Aug 1996 21:31:11 +0800
Subject: Corporate e-mail policy
Message-ID: <199608070312.FAA27390@basement.replay.com>


I used to work for a company which had a surprisingly liberal policy about e-mail.The gist of it was:

    "Private e-mail will not be read by anyone other than the recipient. The
    only exceptions to this are:
        1) Systems personnel may examine mail messages to determine if the mail
           system is working correctly; [e.g., checking mail logs against users'
           mailbox contents to verify delivery]
        2) [basically said e-mail would be treated like any other system files
           in the event of a criminal investigation, etc.]"

The policy specifically required authorization from the line VP for either of these actions, and reinforced that the systems people were to treat the e-mail as administratively confidential data.

The only time I heard of anyone even asking for e-mail was when a project manager wanted a copy of a message that a sponsor sent to one of his subordinates, who was on vacation. The systems folks cited the policy, the line VP backed them up, and the manager went away empty-handed. (He wound up calling the subordinate at her hotel and browbeating her into authorizing the computer center folks to forward a copy of the message to the manager. But that's another story.)







From sandfort at crl.com  Wed Aug  7 06:31:31 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Wed, 7 Aug 1996 21:31:31 +0800
Subject: THAT BRIT AGAIN
Message-ID: <Pine.SUN.3.91.960806182429.21834B-100000@crl4.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Phillll came up with an excellent weasel this time.  He's offered
to "bet" on the Foresight Exchange.  The relevant part of their
FAQ says:

	How is FX different from a bookie?
          Besides the obvious fact that FX isn't real money,
	  it differs from placing bets with a bookie in that FX
          is a market.

In other words, it really isn't a bet at all.

Instead of putting his money where his mouth is, Phillll has
decided to put his mouth where his mouth is once again.  Nice
try guy.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From dlv at bwalk.dm.com  Wed Aug  7 06:33:54 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Wed, 7 Aug 1996 21:33:54 +0800
Subject: Internal Passports
In-Reply-To: <2.2.32.19960806044723.01073e4c@vertexgroup.com>
Message-ID: <ygN9RD39w165w@bwalk.dm.com>


jfricker at vertexgroup.com (John F. Fricker) writes:
> Hmmm. Actually a long time ago I lost my job with Greenpeace out of refusal
> to sign an I-9 which was in '86 the Department of Justice's form to exhibit
> eligibility to work in the US. The form required that I present two pieces
> of photo identification or a driver's license to be authenticated by my
> employer. Maybe it's a CA state law that adds an additional skin tone
> criterium to for the filing of an I-9.

I-9 lists the documents that can be accepted as 1) proof of identity, 2)
proof of the right to work in the U.S. A U.S. passport can be used for both.
When I need to fill out the I-9, I simply present my passport. (Before I
had the passport, I used to present my naturaliation certificate, which is
also acceptable.)

A driver's licence is not sufficient because it only proves your identify,
but doesn't prove that you're allowed to have a job. There are classes of
aliens who are allowed to drive, but aren't allowed to work - e.g.,
students on J-1 visa.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From declan at eff.org  Wed Aug  7 06:37:41 1996
From: declan at eff.org (Declan McCullagh)
Date: Wed, 7 Aug 1996 21:37:41 +0800
Subject: Internal Passports
In-Reply-To: <199608060439.VAA25581@netcom22.netcom.com>
Message-ID: <Pine.SUN.3.91.960806044601.9565C-100000@eff.org>


Mike's post reminds me of the latest maneuvering here in DC.

The Hatch simulated "child porn" bill was reported out of the Senate
judiciary committee favorably, with the addition of language making it a
felony to *attempt* to view child porn. This wording is aimed at the Net:
  "Click Here to see Young Girls in Lust." 

-Declan


On Mon, 5 Aug 1996, Mike Duvos wrote:

> 
> The producers of the geriatric porn film "Grandma Does Grandpa",
> and the popular sequel, "Grandma Does Grandpa II", must show at
> the beginning of the film the address where the legally required
> affidavits proving that Grandma and Grandpa are over 18 years of
> age are available for inspection.
> 
> If they fail to do this, of course, they are child pornographers,
> and may fork over many decades of their lives and hundreds of
> thousands of their dollars towards the official government
> crusade to protect our nation's youth from exploitation.
> 
> The fact that Grandma and Grandpa are obviously within mere
> months of buying the farm does nothing to mitigate their offense,
> should they decide that the law is not worth bothering with.
> 
> "What are you in for?"
> 
> "Child Porn."
> 
> "How old were the kids?"
> 
> "In their mid 70s."
> 
> "Ewwwwwww.  That's sick man!  You're disgusting."
> 
> :)
> 
> --
>      Mike Duvos         $    PGP 2.6 Public Key available     $
>      mpd at netcom.com     $    via Finger.                      $
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From sunder at amanda.dorsai.org  Wed Aug  7 06:45:52 1996
From: sunder at amanda.dorsai.org (Ray Arachelian)
Date: Wed, 7 Aug 1996 21:45:52 +0800
Subject: "lite" version of cpunks available?
In-Reply-To: <Pine.BSF.3.91.960805181131.186A-100000@bitbucket.edmweb.com>
Message-ID: <Pine.SUN.3.91.960806190453.7806A-100000@amanda>


On Mon, 5 Aug 1996, Steve Reid wrote:

> Are there any filtered versions of the Cypherpunks mailing list available? 
> I'm currently subscribed to cypherpunks-d at gateway.com, but that machine is
> down and I haven't received anything in the past few days. 

Um, I saw that you attempted to subscribe, however you have to put 
"fcpunx subscribe" in the SUBJECT, not the body of the message.  I'm not 
running majordomo. :)

==========================================================================
 + ^ + |  Ray Arachelian |FL|       KAOS KERAUNOS KYBERNETOS      |==/|\==
  \|/  |sunder at dorsai.org|UL|__Nothing_is_true,_all_is_permitted!_|=/\|/\=
<--+-->| --------------- |CG|What part of 'Congress shall make no |=\/|\/=
  /|\  | Just Say "No" to|KA|law abridging the freedom of speech' |==\|/==
 + v + | Janet Reno & GAK|AK|        do you not understand?       |=======   
===================http://www.dorsai.org/~sunder/=========================
 Key Escrow Laws are the mating calls of those who'd abuse your privacy!






From frissell at panix.com  Wed Aug  7 06:48:40 1996
From: frissell at panix.com (Duncan Frissell)
Date: Wed, 7 Aug 1996 21:48:40 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
Message-ID: <2.2.32.19960807101317.00928848@panix.com>


At 07:38 PM 8/6/96 -0400, hallam at Etna.ai.mit.edu wrote:

>which such a claim was made. As for the UK laws, there is 
>practically no defense against a libel claim that one can
>file in court. There is absolutely no basis on which to 
>justify them. This is why the Singapore government uses them
>as a form of censorship.

There was a recent US appeals court decision in which an attempt to enforce
a UK libel judgment was rejected on First Amendment grounds.  The court
refused to allow the application of UK law here.

DCF






From stewarts at ix.netcom.com  Wed Aug  7 07:25:14 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Wed, 7 Aug 1996 22:25:14 +0800
Subject: Anonymous Remailers at work
Message-ID: <199608070405.VAA19000@toad.com>


One of the big problems with remailers is getting them deployed widely.
How can we create a demand for the service that will encourage
people to both (a) deploy them and (b) think of them as good rather than bad?
Aside from cypherpunks, spammers, and everyone using anon.penet.fi, 
there aren't really a lot of people familiar with them.

I've recently run into a couple of business problems at work
that could be solved by (slightly modified) remailers.

1) Manager performance review, suggestion boxes, and questions to
visiting honchos - there are several departments that are using
"email to the secretary who'll take your name off and forward it"
to handle this problem.  Remailers are an obvious solution.
   (More obvious if we weren't using (gack, phfft!) Microsoft Mail :-)
It would probably be worth modifying the remailer to use a permit-list
as well as a block-list for destinations and maybe sources, 
so that companies don't get surprised by outside spammers,
and people can get used to using the things at work.
Distribute the thing as an OmbudsKit or whatever.
You'd obviously want the default to be non-logging.

2) Sending sensitive email across the real Internet - between
customers, and for those days that the departmental dialup
mail server or remote LAN access isn't working and you need to 
send something from home or on the road.  A standard remailer would
do the job, though you'd probably want to add a permit-list,
and you might want to add logging and/or return receipts.
Mail to pgprelay at foobar.com and it distributes it....
(Requires putting a key somewhere well-known, like in DNS
or on the key servers.)

(Hmmm - an alternative implementation is to use a CGI script
to do the mailing and use SSL; some companies may find
this easier to deploy, depending on their firewall 
configurations.)

(Does it make sense to deploy something like this as a 
standard feature of an IPSP gateway system like John's?)

Any other reasons to install anonymous remailers at work,
and things you'd do to make them more attractive or
less scary to corporate network administrative types?

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From hallam at Etna.ai.mit.edu  Wed Aug  7 07:26:20 1996
From: hallam at Etna.ai.mit.edu (hallam at Etna.ai.mit.edu)
Date: Wed, 7 Aug 1996 22:26:20 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <Pine.SUN.3.91.960806152235.17794B-100000@crl4.crl.com>
Message-ID: <9608062338.AA01808@Etna.ai.mit.edu>



>One of the ways UK and US laws differ is in regard to defamation.
>In the US, truth is a defense.  In the UK it is not.  Phill may
>have a tough time prevailing with such a suit.

In the first place cypherpunks is distributed in the UK. That
means I can issue a writ in the UK.  Secondly I deny Alan's claim
that I have contravened the US imigration laws. Since I am not
a public figure the burden of proof is upon Alan to prove his
claim.

I know an awful lot about the US libel laws after having spent
time assisting in a complicated criminal investigation during
which such a claim was made. As for the UK laws, there is 
practically no defense against a libel claim that one can
file in court. There is absolutely no basis on which to 
justify them. This is why the Singapore government uses them
as a form of censorship.


	Phill





From schryver at radiks.net  Wed Aug  7 07:29:49 1996
From: schryver at radiks.net (Scott Schryvers)
Date: Wed, 7 Aug 1996 22:29:49 +0800
Subject: No Subject
Message-ID: <199608071019.FAA15721@sr.radiks.net>


NBC News at Sunrise has just announced the discovery of alien life on the 
planet Mars.  The lifeform that became extinct more than 2 billion years
ago was found as a fossil in a meteor that originated from mars and landed
on earth.  The fossil found was a primitive germ life form.

PGP encrypted mail preferred.  
E-Mail me for my key.
Scott J. Schryvers <schryver at radiks.net>






From frissell at panix.com  Wed Aug  7 07:41:19 1996
From: frissell at panix.com (Duncan Frissell)
Date: Wed, 7 Aug 1996 22:41:19 +0800
Subject: Freeh slimes again: Digital Telephony costs $2 billion now   ...
Message-ID: <2.2.32.19960807110349.0090e5f4@panix.com>


At 07:59 PM 8/6/96 -0700, Bill Stewart wrote:

>I haven't been able to find the reference, but a month or two ago
>there was an article on the net or in a newspaper about the targets
>of wiretapping - how many wiretaps were for drugs, gambling, tax evasion,
>and of course terrorism.  The number of wiretaps for bombs and guns
>was something low like 80 in the last 5-10 years - about 1/10%. 
>        (Did anybody else see this article??)

Gilmore has a chart on wiretap use in various crimes in his Brain Tennis
match on Wired:

http://www.hotwired.com/braintennis/96/32/index0a.html

DCF








From frissell at panix.com  Wed Aug  7 07:44:14 1996
From: frissell at panix.com (Duncan Frissell)
Date: Wed, 7 Aug 1996 22:44:14 +0800
Subject: Censorship through proxy
Message-ID: <2.2.32.19960807101315.0091e068@panix.com>


At 06:12 PM 8/6/96 -0700, Timothy C. May wrote:
>Sing Sing (the country is now a prison, so...) is one of the states we
>should think about targetting for "special attention." Not in the sense of
>violence, but in the sense of offering help to freedom fighters, those who
>want to use stego, web proxies, etc.

I've been thinking of starting a "How to Defeat a Government page to pull
together some of the anti-Sysadmin resources on the Net.  "Your government
-- just a rouge sysadmin."

>I wonder what would happen if "Computers, Freedom, and Privacy '98" was
>held in Sing Sing?

It would be smaller going out than coming in.  Singapore's retired president
tried to get William Safire into town for a "debate" about whether he was
still running the place via his son.  Safire didn't take the bait.  He joked
about it in his column.  

DCF






From blizzard at odin.nyser.net  Wed Aug  7 07:59:18 1996
From: blizzard at odin.nyser.net (Christopher Blizzard)
Date: Wed, 7 Aug 1996 22:59:18 +0800
Subject: Internal Passports
In-Reply-To: <Pine.SUN.3.91.960805162736.4762C-100000@tipper.oit.unc.edu>
Message-ID: <199608061308.JAA24021@odin.nyser.net>


In message <Pine.SUN.3.91.960805162736.4762C-100000 at tipper.oit.unc.edu>, Simon 
Spero writes:
:I've been using by british passport as photo-id for years, and I haven't 
:had any major problems- you can get your checks printed with your 
:passport number on them instead of a drivers licence, which will makes 
:things much easier.
:

There are a lot of retail stores that will complain if you don't use a 
driver's license when paying with checks.  Most check collection agencys 
track people by that number.

--Chris

:Simon
:
:---
:Cause maybe  (maybe)		      | In my mind I'm going to Carolina
:you're gonna be the one that saves me | - back in Chapel Hill May 16th.
:And after all			      | Email address remains unchanged
:You're my firewall -    	      | ........First in Usenet.........
-------------------------------------------------------------------
Christopher Blizzard   | "The truth knocks on the door and you say
blizzard at nysernet.org  | 'Go away.  I'm looking for the truth,' and
NYSERNet, Inc.         | so it goes away."  --Robert Pirsig
-------------------------------------------------------------------





From janee at okway.okstate.edu  Wed Aug  7 08:48:43 1996
From: janee at okway.okstate.edu (Steve Coltrin)
Date: Wed, 7 Aug 1996 23:48:43 +0800
Subject: SSNs (was Re: Internal Passports)
Message-ID: <207582f0@Okway.okstate.edu>


Simon Spero <ses at tipper.oit.unc.edu> wrote:

>one silly thought: lots of people use cypherpunks as the username and 
>password for all those websites that want an id. What about a cypherpunks 
>3-2-4 number for those cases where an SSN isn't appropriate. Anyone know 
>what J. Edgar Hoover's SSN was?


According to one of "George Hayduke"'s books, Richard Nixon's was 567-68-0515.

-spc





From dlv at bwalk.dm.com  Wed Aug  7 08:49:52 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Wed, 7 Aug 1996 23:49:52 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <3207B8DD.794B@ai.mit.edu>
Message-ID: <7No0RD46w165w@bwalk.dm.com>


Phil Hallam-Baker <hallam at ai.mit.edu> writes:
> Alan Horowitz wrote:
>
> >   I have added you to my computerized list of individuals who advocate
> > the violent overthrow of the US Constitution.
> >
> > I am going to go to the law library and see what my options are, with
> > respect to filing a petition to have you deported out of the United
> > States.
> >
> > This is not a rhetorical statement.
>
> First off Alan posted private mail to the list. In this case mail
> that was more than simply personal.
>
> Secondly unless Alan withdraws his allegations I will bring proceedings
> against him for libel. While I accept his right to free speech I do
> not accept that he has a right to attempt to restrict mine with his
> threats of deportation.

Alan, look at (3)(A)(iii) of the relevant statute. (3)(B) might also apply.

Section 212 (a) of the Immigration and Nationality Act (8 U.S.Code 1001, et
seq., as amended by Public Law 101-549 of November 29, 1990), reads as follows:

Classes of Excludable Aliens - Except as otherwise provided in this Act, the
following describes classes of excludable aliens who are ineligible to receive
visas and who shall be excluded from admission into the United States.

(1) HEALTH - RELATED GROUNDS.--
 (A) IN GENERAL. -- Any Alien--
  (i)   who is determined (in accordance with regulations prescribed by the
        Secretary of Health and Human Services) to have a communicable disease
        of public health significance,
  (ii)  who is determined (in accordance with regulations prescribed by the
        Secretary of Health and Human Services in consultation with to Attorney
        General)--
   (I)   to have a physical or mental disorder and behavior associated with
         the disorder that may pose, or has posed, a threat to the property,
         safety, or welfare of the alien or others, or
   (II)  to have a physical or mental disorder and a history of behavior
         associated with the disorder which behavior has posed a threat to the
         property, safety, or welfare of the alien or others and which
         behavior is likely  to recur or to lead to other harmful behavior or
  (iii) who is determined (in accordance with regulations prescribed by the
        Secretary of Health and Human Services) to be a drug abuser or addict,
      is excludable.
 (B) WAIVER AUTHORIZED.--
  For provisions authorizing waiver of certain clauses of subparagraph (A),
  see subsection (g).

(2) CRIMINAL AND RELATED GROUNDS.--
 (A) CONVICTION OF CERTAIN CRIMES.--
  (i)   IN GENERAL.-- Except as provided in a clause (ii), any alien convicted
        of, or who admits having committed, or who admits acts which constitute
        the essential elements of--
   (I)   a crime involving moral turpitude (other than a purely political
         offense), or
   (II)  a violation of (or a conspiracy to violate) any law or regulation of a
         State, the United States, or a foreign country relating to a
         controlled substance (as defined in section 102 of the Controlled
         Substances Act (21 U.S.C. 802)),
        is excludable.
  (ii)  EXCEPTION.-- clause (i)(I) shall not apply to an alien who committed
        only one crime if--
   (I)   the crime was committed when the alien was under 18 years of age and
         the crime was committed (and the alien released from any confinement
         to a prison or correctional institution imposed for the crime) more
         than 5 years before the date of application for visas or other
         documentation and the date of application for admission to the United
         States, or
   (II)  the maximum penalty possible for the crime of which the alien was
         convicted (or which the alien admits having committed or of which the
         acts that the alien admits having committed constituted the essential
         elements) did not exceed imprisonment for one year and, the alien was
         not sentenced to a term of imprisonment in excess of 6 months
         (regardless of the extent to which the sentence was ultimately
         executed).
 (B) MULTIPLE CRIMINAL CONVICTIONS.-- Any alien convicted of 2 or more offenses
     (other than purely political offenses), regardless of whether the
     conviction was in a single trial or whether the offenses arose from a
     single scheme of misconduct and regardless of whether the offenses
     involved moral turpitude, for which the aggregate sentences to confinement
     actually imposed were 5 years or more is excludable.
 (D) PROSTITUTION AND COMMERCIALIZED VICE.-- Any alien who--
  (i)   is coming to the United States solely, principally, or incidentally to
        engage in prostitution, or has engaged in prostitution within 10 years
        of the date of application for a visa, entry, or adjustment of status,
  (ii)  directly or indirectly procures or attempts to procure, or (within 10
        years of the date of application for a visa, entry, or adjustment of
        status) procured or attempted to procure or to import, prostitutes or
        persons for the purpose of prostitution, or receives or (within such
        10-year period) received, in whole or in part, the proceeds of
        prostitution, or
  (iii) is coming to the United States to engage in any other unlawful
        commercialized vice whether or not related to prostitution,
     is excludable.
 (E) CERTAIN ALIENS INVOLVED IN SERIOUS CRIMINAL ACTIVITY WHO HAVE ASSERTED
     IMMUNITY FROM PROSECUTION.--Any alien--
  (i)   who has committed in the United States at any time a serious criminal
        offense (as defined in section 101(h)),
  (ii)  for whom immunity from criminal jurisdiction was exercised with
        respect to that offense,
  (iii) who as a consequence of the offense and exercise of immunity has
        departed from the United States, and
  (iv)  who has not subsequently submitted fully to the jurisdiction of the
        court in the United States having jurisdiction with respect to that
        offense,
     is excludable.
 (F) WAIVER AUTHORIZED.-- For provisions authorizing waiver of certain
     subparagraphs of this paragraph, see subsection (h).

(3) SECURITY AND RELATED GROUNDS.--
 (A) IN GENERAL.-- Any alien who a consular officer or the Attorney General
     knows, or has reasonable ground to believe, seeks to enter the United
     States to engage solely, principally, or incidentally in--
  (i)   any activity to violate any law of the United States relating to
        espionage or sabotage or to violate or evade any law prohibiting the
        export from the United States of goods, technology, or sensitive
        information,
  (ii)  any other unlawful activity, or
  (iii) any activity a purpose of which is the opposition to, or the control or
        overthrow of, the Government of the United States by force, violence,
        or other unlawful means,
     is excludable.
 (B) TERRORIST ACTIVITIES. --
  (i)   IN GENERAL.-- Any alien who--
   (I)   has engaged in terrorist activity, or
   (II)  a consular officer of the Attorney General knows, or has reasonable
         ground to believe, is likely to engage after entry in any terrorist
         activity (as defined in clause (iii)),
        is excludable.
        An alien who is an officer, official, representative, or spokesman of
        the Palestine Liberation Organization is considered, for purpose of
        this Act, to be engaged in a terrorist activity.
  (ii)  TERRORIST ACTIVITY DEFINED.-- As used in this Act, the term 'terrorist
        activity' means any activity which is unlawful under the laws of the
        place where it is committed (or which, if committed in the United
        States, would be unlawful under the laws of the United States or any
        State) and which involves any to the following:
   (I)   The hijacking or sabotaging of any conveyance (including aircraft,
         vessel, or vehicle).
   (II)  The seizing or detaining, and threatening to kill, injure, or continue
         to detain, another individual in order to compel a third person
         (including a governmental organization) to do or abstain from doing
         any act as an explicit or implicit condition for the release of the
         individual seized or detained.
   (III) A violent attack upon an internationally protected person (as defined
         in section 1116 (b)(4) of title 18, United States Code) or upon the
         liberty of such a person.
   (IV)  An assassination.
   (V)   The use of any--
    (a)   biological agent, chemical agent, or nuclear weapon or device, or
    (b)   explosive or firearm (other than for mere personal monetary gain),
          with the intent to endanger, directly or indirectly, the safety of
          one or more individuals or to cause substantial damage to property.
   (VI)  A threat, attempt, or conspiracy to do any of the foregoing.
  (iii) ENGAGE IN TERRORIST ACTIVITY DEFINED.-- As used in this Act, the term
        `engage in terrorist activity' means to commit, in an individual
        capacity or as a member of an organization, an act which the actor
        knows or reasonably should know, afford material support to an
        individual organization or government in conducting a terrorist
        activity at any time, including any of the following acts;
   (I)   The preparation or planning of a terrorist activity.
   (II)  The gathering of information on potential targets for terrorist
         activity.
   (III) The providing of any type of material support, including a safe house,
         transportation, communications, funds, false identification, weapons,
         explosives, of training, to any individual the actor knows or has
         reason to believe has committed or plans to commit a terrorist
         activity.
   (IV)  The soliciting of funds or other things of value for terrorist
         activity or for any terrorist organization.
   (V)   The solicitation of any individual for membership in a terrorist
         organization, terrorist government, or to engage in a terrorist
         activity.

A bunch of other stuff not relevant to Phil deleted. Note: I generally like
what Phil says, but I don't like people who threaten libel lawsuits over
something said on the Internet.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From amehta at giasdl01.vsnl.net.in  Wed Aug  7 09:05:40 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Thu, 8 Aug 1996 00:05:40 +0800
Subject: Phone tapping in India
Message-ID: <1.5.4.32.19960807114112.002e8fa4@giasdl01.vsnl.net.in>


"The Pioneer" headlined on August 6, 96:
"CBI can tap at whim -- Agency has 6 bugging machines"

(The CBI is effectively the Indian equivalent of the FBI)

Apparently, these machines costing Rs. 7.5 million = $200,000 each, 
can each tap 7 phones in a 25-km radius, and were bought from a 
Hyderabad-based company, Fidelity Systems. Apparently, all that is 
needed to tap a phone is for the sleuths to dial the number through
 the machine, which then automatically starts and stops recording
all conversations carried out with that number, as well the numbers 
dialled by the target.

As it is, the law on wiretapping is draconian in India: on the occurrence
 of an emergency, or for "public safety", a designated government 
officer can direct that "any message or class of messages to or from
 any person or class of persons, or relating to any particular subject, 
brought for transmission by or transmitted or received by any telegraph,
 shall not be transmitted, or shall be intercepted or detained or shall be 
disclosed to the government." (This is from the Indian Telegraph Act 
of 1885(!), and applies to e-mail and BBSes as well). But with these 
new machines,  even this designated officer can be bypassed.

Under a box titled "Beware of blank calls", the newspaper mentions that 
when the sleuths ring your number to start tapping, you get a "blank" call 
(which one is quite used to here -- if that were enough evidence, the whole 
of India is being tapped!)

What technology is this? If it indeed works this way, what is to prevent any
large company or rich person from procuring the same hardware?

Apparently, the purchase was authorised by former prime minister Rao,
who is now complaining that his own phone is being tapped (serves him right).

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From roger at coelacanth.com  Wed Aug  7 10:51:19 1996
From: roger at coelacanth.com (Roger Williams)
Date: Thu, 8 Aug 1996 01:51:19 +0800
Subject: Censorship through proxy
In-Reply-To: <2.2.32.19960807101315.0091e068@panix.com>
Message-ID: <rogern307ntie.fsf@sturgeon.coelacanth.com>


>>>>> "Duncan" == Duncan Frissell <frissell at panix.com> writes:

  > "Your government -- just a rouge sysadmin."
                               ^^^^^
No, no -- that would be *China*, not Singapore ;-)

-- 
Roger Williams                         finger me for my PGP public key
Coelacanth Engineering        consulting & turnkey product development
Middleborough, MA           wireless * DSP-based instrumentation * ATE
tel +1 508 947-8049 * fax +1 508 947-9118 * http://www.coelacanth.com/






From wb8foz at nrk.com  Wed Aug  7 10:59:37 1996
From: wb8foz at nrk.com (David Lesher)
Date: Thu, 8 Aug 1996 01:59:37 +0800
Subject: Internal Passports
In-Reply-To: <199608070259.TAA17424@toad.com>
Message-ID: <199608071335.JAA02403@nrk.com>


> If you're _employing_ Anglos, you're currently required to disrespect their
> honesty and demand proof that their papers are in order to fill out the I-9
> form.

At one time, I worked in a position requiring all kinds of
clearances - TS, SCI, {xxx} etc.

We hired a bunch of new engineers. They'd all been through the
wringer before we brought them on board. This takes 6 months or
so; Full Field Investigation, etc.......

They showed up all ready to work for Uncle Sam.  The very first
form they encountered was the I9 "Prove you are a citizen..."

-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From reagle at rpcp.mit.edu  Wed Aug  7 11:10:42 1996
From: reagle at rpcp.mit.edu (Joseph M. Reagle Jr.)
Date: Thu, 8 Aug 1996 02:10:42 +0800
Subject: ****Developer Recants Hostile Java Applet Story 08/06/96
Message-ID: <9608071339.AA16478@rpcp.mit.edu>



  	  				 
SAN FRANCISCO, CALIFORNIA, U.S.A., 1996 AUG 6 (NB) --  
By Patrick McKenna. Finjan Software of Israel, which earlier said its 
Java security software detected what the company called a publicly 
available hostile Java applet at a game site on the World Wide Web, 
has issued a statement changing its earlier claims. 

In the first story on the Java applet labeled "hostile" by Finjan,  
Newsbytes reported early Tuesday that the Java applet in question is 
part of a game available on the Web and connected to America Online. 
Shmulik Suhami, spokesperson for Finjan, told Newsbytes at the time, 
"We were contacted by one of our users who detected a hostile Java 
applet and we have confirmed the user's experience." 

Newsbytes reported Sun Microsystems' JavaSoft division reply as saying,  
"This issue is totally and completely bogus. Security features built 
into Java do not allow an applet to read or write to another computer 
without issuing a warning message and this applet in question is not a 
hostile Java applet. An individual at AT&T, acting independently of the 
company, developed the applet. We suspect a file for the applet was 
placed on a second system and that is probably why Finjan's software 
incorrectly read it as a hostile application. Actually, this is a flaw 
in Finjan's software. There is no bug or hostile application at all." 

In its early story, Newsbytes also quoted a JavaSoft spokesperson  
as saying, "What is going on is that the person's applet called an 
audio file from a second machine and Java's security features are so 
strong and restrictive that an exception is raised whenever a second 
machine is called. Finjan's software appears to have read the call to 
the second machine as a hostile bug." 

In recanting its initial claims, Finjan released the following  
statement: "We want to issue a clarification on the media alert we sent 
out yesterday describing a potentially suspicious Java applet. We were 
perhaps mistaken to describe the applet discovered as a 'hostile 
applet,' since we did not know if it did anything damaging to a 
person's system. The activity of applet described was harmless. We 
misunderstood the extent of the security exception based on information 
we received. Though in principal the way the app was created could 
constitute a risk, in practice this was a relatively harmless breech 
of security, which the Java Security Manager dealt with appropriately." 

(19960805/Press Contact: Mary Jo Wagner, Successful Marketing  
Strategists,  tel 510-644-3837; E-mail Address: maryjo at successful.com; 
or Paul Karr, KVO, 415-961-1550) 
  	   	





From clopez at nayar.uan.mx  Wed Aug  7 11:52:08 1996
From: clopez at nayar.uan.mx (Carlos L. Mariscal)
Date: Thu, 8 Aug 1996 02:52:08 +0800
Subject: THE WORLD IS SCREWD UP
In-Reply-To: <3207C10E.60AF@earthlink.net>
Message-ID: <Pine.SUN.3.91.960807084034.3785A-100000@nayar.uan.mx>


On Tue, 6 Aug 1996, Michael Cortes wrote:

> THIS WORLD IS SREWED UP i hate my life so mue hobbeys makeing time pipe 
> bommbs so what is this all about huh what the fuck "anti terrisiom bill" 
> damn sad ok so what does  this mean FREE COUNTRY hahahaha i laugh when i 
> hear that term there is no free country and we never have a wright to 
> privesy u know man this sux so much....... oh and to the government u can 
> kiss my ass
> 
	Ok, I get your point. BTW, ever heard about punctuation?

		clopez	





From ichudov at algebra.com  Wed Aug  7 12:00:47 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Thu, 8 Aug 1996 03:00:47 +0800
Subject: your mail
In-Reply-To: <199608071019.FAA15721@sr.radiks.net>
Message-ID: <199608071423.JAA24819@manifold.algebra.com>


Scott Schryvers wrote:
> 
> NBC News at Sunrise has just announced the discovery of alien life on the 
> planet Mars.  The lifeform that became extinct more than 2 billion years
> ago was found as a fossil in a meteor that originated from mars and landed
> on earth.  The fossil found was a primitive germ life form.

did these life forms use cryptography?

	- Igor.





From jya at pipeline.com  Wed Aug  7 12:02:55 1996
From: jya at pipeline.com (John Young)
Date: Thu, 8 Aug 1996 03:02:55 +0800
Subject: Mena
Message-ID: <199608071506.PAA13182@pipe1.t1.usa.pipeline.com>


   The Washington Post, August 7, 1996, p. A6. 
 
 
   CIA Probed in Alleged Arms Shipments 
 
      Reports Claim Agents Involved in Arkansas-Nicaragua Drug 
      Swaps 
 
   By Susan Schmidt 
 
 
   The CIA's inspector general is investigating claims that 
   U.S. intelligence agencies were involved in illegal arms 
   shipments and drug smuggling at an isolated airstrip in 
   Mena, Ark., during the years Bill Clinton was governor. 
 
   A spokesman for the CIA said Inspector General Frederick P. 
   Hitz is preparing a report on allegations that the CIA was 
   involved in arms shipments from Mena to the Nicaraguan 
   rebels during the 1980s, and that pilots hired by the 
   agency brought back large shipments of cocaine. 
 
   CIA spokesman Mark Mansfield said the inspector general 
   will report on possible contacts between the agency and 
   Arkansas state officials during the 1980s. His report also 
   will deal with allegations that the CIA attempted to 
   influence or curtail law enforcement investigations of 
   Mena. 
 
   Hitz was asked to investigate the Mena airport by CIA 
   Director John M. Deutch, who was acting on a request from 
   House Banking Committee Chairman Jim Leach (R-Iowa). 
   Leach's panel is looking into the possible laundering of 
   drug money generated at Mena. 
 
   Leach's Banking Committee staff has been looking a variety 
   of claims about Mena emanating from a collection of 
   Arkansas law enforcement officials and various figures 
   operating in the shadowy netherworld on contract with 
   intelligence agencies. 
 
   One congressional investigator likened sorting through the 
   allegations to being trapped in "a hall of mirrors." 
 
   Congressional sources said Leach made the request to the 
   CIA about six months ago and expects a report from Hitz in 
   late summer or early fall. 
 
   The latest Mena claims are contained in "Boy Clinton," a 
   book by American Spectator Editor R. Emmett Tyrrell 
   published this week. In it, Tyrrell asserts that Clinton 
   knew about CIA operations and cocaine smuggling at Mena. 
 
   He cites as sources Arkansas state troopers, including one 
   on the governor's security detail who says he was also a 
   contract employee for the CIA during the mid-1980s and 
   informed Clinton of what was going on at Mena. 
 
   Clinton has said he had nothing to do with any activities 
   at Mena. "Mena is the darkest backwater of the right wing 
   conspiracy industry," said White House spokesman Mark 
   Fabiani. "The allegations are as bizarre as they are 
   false." 
 
   [End] 
 
 





From wb8foz at nrk.com  Wed Aug  7 12:07:54 1996
From: wb8foz at nrk.com (David Lesher)
Date: Thu, 8 Aug 1996 03:07:54 +0800
Subject: your mail
In-Reply-To: <199608071019.FAA15721@sr.radiks.net>
Message-ID: <199608071442.KAA02713@nrk.com>


schryver at radiks.net:

> NBC News at Sunrise has just announced the discovery of alien life on the 
> planet Mars.  The lifeform that became extinct more than 2 billion years
> ago was found as a fossil in a meteor that originated from mars and landed
> on earth.  The fossil found was a primitive germ life form.

Sternlight?



-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From wb8foz at nrk.com  Wed Aug  7 12:26:03 1996
From: wb8foz at nrk.com (David Lesher)
Date: Thu, 8 Aug 1996 03:26:03 +0800
Subject: Freeh slimes again: Digital Telephony costs $2 billion now
In-Reply-To: <199608070259.TAA17442@toad.com>
Message-ID: <199608071504.LAA02808@nrk.com>


> I haven't been able to find the reference, but a month or two ago
> there was an article on the net or in a newspaper about the targets
> of wiretapping - how many wiretaps were for drugs, gambling, tax evasion,
> and of course terrorism.  The number of wiretaps for bombs and guns
> was something low like 80 in the last 5-10 years - about 1/10%. 
>         (Did anybody else see this article??)

The WashPost article that JYA covered, perhaps?


-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From haystack at cow.net  Wed Aug  7 12:26:31 1996
From: haystack at cow.net (Bovine Remailer)
Date: Thu, 8 Aug 1996 03:26:31 +0800
Subject: Message
Message-ID: <9608071435.AA11662@cow.net>


http://upside.master.com:8080/print/july96/ww9607.html


w a s h i n g t o n   w a t c h

The Coming Internet Wars

Michael C. Maibach

There's a very real danger that for the first time both the PC and the Internet will be 
regulated and taxed. The PC industry policy landscape has never been so dynamic, as 
telecom deregulation and technology convergence take hold. Being on the cutting edge of 
technology places us at the leading edge of public policy. Here's what's coming.

In Washington
A group of U.S. long-distance resellers has petitioned the Federal Communications 
Commission to outlaw (yes, outlaw) Internet telephony software. Their view is that the 
unregulated Net should not compete with regulated carriers. The PC industry's position is 
that the FCC doesn't have the authority to outlaw this or any software. A much more 
significant threat is a possible RBOC petition asking the FCC to levy access charges on 
all "enhanced services," such as the Internet. They seem to object to ISPs moving data, 
e-mail, graphics and calls outside of the current "universal service" monopoly established 
by the 1934 Communications Act.

The PC industry's number one telecom goal is competition in the local loop. Such 
competition should drive more bandwidth at a lower cost. Only the Net offers a 
modicum of competition to local service. If the FCC pulls the Net into the archaic 
telecom regulatory system, access charges could chill use of the most important telecom 
medium in the world.

The FCC must also set advanced digital TV broadcast standards. As TVs move into the 
digital PC world, let's make sure that broadcast signals over public airwaves are both 
PC- and TV-compatible.

And speaking of consumer electronics, digital videodiscs (DVDs), with 10 times the 
capacity of a CD-ROM and studio-quality output, are on the way. The motion picture 
and consumer electronics industries drafted legislation to protect content while enabling 
this new market. Unfortunately, their bill would inadvertently outlaw PCs as illegal copy 
devices! PC hardware and software makers have a vested interest in the success of 
DVD technology because it allows the copying of data and images. We, perhaps more 
than any other industry, want DVD technology to advance. But legal protections and 
private standards must make this a technology as open to PC users as it is to movie 
buffs.

Finally, Washington is considering measures to strengthen copyright protection of 
material moved on the Internet, require closed captioning on PCs that pick up TV 
broadcast signals and forbid software exports that have strong encryption protections in 
the name of national security. An industry that has grown up with private standard-setting 
in an open, unregulated environment now faces the kind of intense regulatory pressures 
one is accustomed to seeing in the railroad or drug industries. This is spurred on by the 
convergence of FCC-regulated industries with PC markets, products and technologies.

In State Capitals
Action in many U.S. state capitals reflects themes developing in Washington. 
Long-distance resellers have asked state public utility commissions (PUCs) to outlaw 
Internet telephony software, for example. Florida and California are considering taxing 
"digital commerce" they fear may bypass state sales tax regimes. And a few RBOCs 
have actually petitioned state PUCs to allow increases in ISDN installation and usage 
fees. Members of the PC industry, working with consumer groups and Internet warriors, 
have successfully challenged such rate hikes. Lower ISDN prices and easier hookup 
should drive huge volume increases in this market, benefiting local phone companies and 
PC users.

Around the World
So far, activity abroad is less robust than in the U.S., but it's just a matter of time. The 
European Union recently reclassified PCs with CD-ROM drives as "consumer 
electronics devices," tripling their import tariffs. Moreover, Europe is considering a "TV 
without borders" policy that would impose domestic content requirements on TV 
programming. Since movies are a type of software, will proposals to limit the sale of 
"foreign" PC software follow? And governments in Europe, Canada and Australia are 
considering a "bit tax" on digital commerce.

The old world of analog TV and telecom regulation must not spill over into the new 
world of competitive, open and digital markets. Governments must adopt the PC model 
of innovation and govern accordingly. In the U.S., the FCC must evolve into a Federal 
Competition Commission, and Congress should carefully guard digital commerce 
technologies that are changing the way we work, learn, consume and communicate.

Michael C. Maibach is vice president for government affairs at Intel Corp. in 
Washington, D.C.
----------------------------------------------------------------------

Home | Upside Magazine | Entrepreneur Forum | Upside Locator | About Upside

Comments and suggestions for this site are welcome via e-mail to: feedback at upside.com

Copyright �1996 Upside Publishing Company. All rights reserved.
Powered by Thunderstone.





From jbugden at smtplink.alis.ca  Wed Aug  7 12:53:00 1996
From: jbugden at smtplink.alis.ca (jbugden at smtplink.alis.ca)
Date: Thu, 8 Aug 1996 03:53:00 +0800
Subject: Internal Passports
Message-ID: <9607078394.AA839443151@smtplink.alis.ca>



I've seen the same problem in a department store in Ottawa. They would not
accept a Canadian Passport as identification for payment by cheque but would
accept various credit cards and similar devices.

My conclusion was that they wanted something that would show my friend's credit
worthiness, not prove his identity.

James

Declan McCullagh <declan at eff.org>
>I had the same problems when I was working at Xerox in Webster, NY. 
>Supermarkets just plain didn't want to accept my passport as valid ID.

>> At 15:48 8/4/96, Bill Stewart wrote:
>> 
>> A US passport is not considered valid ID by the State of Oregon. If
>> somebody here doesn't belive this, send someone who looks like he
>> might be under 21 into any liquor store in Oregon with just an US
>> passport.






From gary at systemics.com  Wed Aug  7 13:31:39 1996
From: gary at systemics.com (Gary Howland)
Date: Thu, 8 Aug 1996 04:31:39 +0800
Subject: Censorship through proxy
In-Reply-To: <ae2d3ca1160210042150@[205.199.118.202]>
Message-ID: <3208B9AB.794BDF32@systemics.com>


Timothy C. May wrote:
> 
> Sing Sing (the country is now a prison, so...) is one of the states we
> should think about targetting for "special attention." Not in the sense of
> violence, but in the sense of offering help to freedom fighters, those who
> want to use stego, web proxies, etc.

A few questions spring to mind:

	Is encryption legal in singapore?

	Is the list of blacklisted sites available?

	If encrypted proxy software were available,
	how many sites would be prepared to run these
	proxies?

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From David.K.Merriman at toad.com  Wed Aug  7 13:33:50 1996
From: David.K.Merriman at toad.com (David.K.Merriman at toad.com)
Date: Thu, 8 Aug 1996 04:33:50 +0800
Subject: Cookies on Microsoft Explorer?
Message-ID: <199608071547.IAA07691@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: alano at teleport.com, cypherpunks at toad.com
Date: Wed Aug 07 10:46:25 1996
> At 09:14 AM 8/6/96 -0700, David.K.Merriman.-.webmaster at cygnus.com,
>  wrote:
> 
> >I have IE3 configured to ask me for permission to accept a cookie. Yes,
> >some sites send (n!)+1 cookies during a session. If they send too many,
>  I 
> >personally move on to another site, after sending them email (!).
> 
> If the site sends you *LOTS* of cookies with no expire date, then they
>  have
> probibly compiled their Apache server with the mod_cookie module.  The
> cookies are only used by the log files and i am willing to bet that
>  most
> people who have that option compiled in do not even read the logs.

Whatever the conditions/causes for the cookiefest, I make it known to them 
that the volume of cookies gives me electronic diabetes, and move on. I 
suspect that there will eventually be enough people that dislike being 
force-fed cookies and complaining about it that such sites will either 
fold, or get a klew.

Dave

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome and encouraged. Visit my web site at
         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAi3uZ2MAAAEEALWQtxX77SZSaFls6cVbPp+fZS4MNyKK3ZFYQo0qWyj+0tMq
YgRTPRJRaCQixo63RttknogfPp514qdVMZw5iPeOXmD+RxrmTTwlbGqA7QUiG1x5
LG2Zims5zk4U6/rt8hwLh0/8E4lIb9r5d31qc8L1A9Twk/cmN8VrTvyYOzAZAAUR
tBg8bWVycmltYW5AYW1hb25saW5lLmNvbT60KURhdmlkIEsuIE1lcnJpbWFuIDxt
ZXJyaW1hbkBtZXRyb25ldC5jb20+iQCVAwUQLqwCX5IDOImWiDcFAQHFfwP/Tm5v
3zoijU9oYmAO1WVsw4+HamN0HdBKkDxPtuGeCmxNuiDPsucVjqctMfbh1WzCfNEb
NfZdg3YVdDNgsQqlu4k8XznrbQSoQm3t5ySQNKvQx0KisJnee0caVpEgQ4bwSfuv
81TG08lJt4A0fIpXSllMnRkXenvXIBmgJTUklaiJAJUDBRAupxG0qWOYkEirxV0B
AUUJBACJ0FYXTlR9ncd0tNnYGOGSLO1scgt8IxUDMyQ2htEsfSNxD6jg303LuAA/
Zset5p0JhACLLHbgtZlpYH4uQbjy9Ve9JrVm/6SysSnX1TfSNF5NoMcxGDYgNDRL
tP/5jKRZ/hzH8vjHSWXnnN9Pb1MdYdWql4DjDQ+dIEm5sywbqIkAlQIFEC3uaE3F
a078mDswGQEBbI8D/0FiwDcbfeNyDVJ+7EIWHjIxVkIGu+ArYUEllR3GSBHVZ9Vh
7n8bNXeNHMnG5cZ23TLMVvweyhxFS+cDi+I7omeDNr6x65z500LxfUvLK5bSuSiB
VkTp2z+/iojY/662JwKHzEEunuJ4CO8Yhxy11CdeszEX7DpXzRxLL92rEmO2
=QZRc
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMggDg8VrTvyYOzAZAQE6cQP+JE18wLLTHDsmId+zFHh3Q5x7wA2oyS3/
7FWxE5zWGipUxNT/tlRF/jdinMoLkg27Q7iQ1uoI4TDa5VE9pV6uGilCHN2naM0y
A9Tvebxr/pHUj+hr0jYUCWzY6VQ2+q5icG11DHm3/iXhAF1SJHJJj2xi9zx4PRCv
zINv8AXkFmg=
=ps5w
-----END PGP SIGNATURE-----






From David.K.Merriman at toad.com  Wed Aug  7 13:35:43 1996
From: David.K.Merriman at toad.com (David.K.Merriman at toad.com)
Date: Thu, 8 Aug 1996 04:35:43 +0800
Subject: The Solution: 20 Beautiful women
Message-ID: <199608071547.IAA07707@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: accessnt at ozemail.com.au, cypherpunks at toad.com
Date: Wed Aug 07 10:46:46 1996

> I pat myself on the head.  I am extremely brilliant.
> 

Modest, too :-)

> She who is most luscious
> ___
> Mark Neely - accessnt at ozemail.com.au 
> Lawyer, Internet Consultant, Professional Cynic
> Author: Australian Beginner's Guide to the Internet (2nd Ed.)
>       Australian Business Guide to the Internet
>       Internet Guide for Teachers, Students & Parents
> WWW: http://www.ozemail.com.au/~accessnt
> 
> 

Dave Merriman
"I am not conceited. Conceit is a downfall, and I have none."

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome and encouraged. Visit my web site at
         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAi3uZ2MAAAEEALWQtxX77SZSaFls6cVbPp+fZS4MNyKK3ZFYQo0qWyj+0tMq
YgRTPRJRaCQixo63RttknogfPp514qdVMZw5iPeOXmD+RxrmTTwlbGqA7QUiG1x5
LG2Zims5zk4U6/rt8hwLh0/8E4lIb9r5d31qc8L1A9Twk/cmN8VrTvyYOzAZAAUR
tBg8bWVycmltYW5AYW1hb25saW5lLmNvbT60KURhdmlkIEsuIE1lcnJpbWFuIDxt
ZXJyaW1hbkBtZXRyb25ldC5jb20+iQCVAwUQLqwCX5IDOImWiDcFAQHFfwP/Tm5v
3zoijU9oYmAO1WVsw4+HamN0HdBKkDxPtuGeCmxNuiDPsucVjqctMfbh1WzCfNEb
NfZdg3YVdDNgsQqlu4k8XznrbQSoQm3t5ySQNKvQx0KisJnee0caVpEgQ4bwSfuv
81TG08lJt4A0fIpXSllMnRkXenvXIBmgJTUklaiJAJUDBRAupxG0qWOYkEirxV0B
AUUJBACJ0FYXTlR9ncd0tNnYGOGSLO1scgt8IxUDMyQ2htEsfSNxD6jg303LuAA/
Zset5p0JhACLLHbgtZlpYH4uQbjy9Ve9JrVm/6SysSnX1TfSNF5NoMcxGDYgNDRL
tP/5jKRZ/hzH8vjHSWXnnN9Pb1MdYdWql4DjDQ+dIEm5sywbqIkAlQIFEC3uaE3F
a078mDswGQEBbI8D/0FiwDcbfeNyDVJ+7EIWHjIxVkIGu+ArYUEllR3GSBHVZ9Vh
7n8bNXeNHMnG5cZ23TLMVvweyhxFS+cDi+I7omeDNr6x65z500LxfUvLK5bSuSiB
VkTp2z+/iojY/662JwKHzEEunuJ4CO8Yhxy11CdeszEX7DpXzRxLL92rEmO2
=QZRc
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMggDmMVrTvyYOzAZAQFIRgP/daZBRoJrHSGHFgUR3s5ofjrhF49yp3Wh
OxyhrjZ1oPFCz1n7Nzii18JXFlaCCRzppgBYcr6/t777bhHVs3PeLpQNHW5q4xLD
U+mOo9J0UF1TMVcAiYD9b4wVlLlcU+qa0PVYcuRLw3QbWd3g7eqABKpwKWyWibI4
CVUttLIzwX4=
=yCpo
-----END PGP SIGNATURE-----






From perry at piermont.com  Wed Aug  7 13:47:12 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 8 Aug 1996 04:47:12 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <19960805204130906.AAB148@maverick>
Message-ID: <199608071538.LAA08433@jekyll.piermont.com>



Phill writes
> Given the number of gun related homicides in the
> US it is not unreasonable to require each individual cartridge
> to be stamped with a serial number and for gun dealers to be 
> required to record each individual purchase.

Phill, as usual, displaying your ignorance?

Many of my friends reload spent brass. I realize that you might not
get this idea, but guns are a technology that hasn't advanced
significantly since 1900 or so, other than maybe lightening things
with plastic stocks. (The few innovations that have been tried, like
trounds and caseless ammo, haven't ever taken off). The result of this
is that a heavy fraction of the people who own guns have the ability
to LOAD THEIR OWN AMMUNITON. Indeed, anyone who wants to can do it!
Even without a PhD!

In fact, lots of cheapskates who like to shoot a lot regularly go out
to ranges and sweep up other people's spent brass. If you open up a
good magazine for those of us who aren't scared of guns, you will see
ads for dozens of inexpensive devices to help you trim and fix cases
in a semi-automated way, and to load ammo mostly by turning a crank.

BTW, such devices are trivial to make yourself, and plans are readily
available. Its all low technology.

Were you not totally ignorant of how guns are used, this wouldn't be
news to you.

Now, on top of that, our ignorant socialist friend seems to forget
that brass is not immutable -- that is, that it would take about
thirty seconds and an awl would get rid of any serial number you cared
to stamp. On an empty case, its even easier.

The real key here is of course that idiots going crazy and killing 20
people in a schoolyard kill fewer people than slippery wet floors, and
the whole thing is so insignificant that it can be ignored. The drug
related killings would go away were drugs legalized, as would a heavy
fraction of the petty crime, and most of the rest of the abuses of
guns are so tiny in comparison to the legitimate uses as to be
insignificant.

(Oh, and by the way, Dr. Hallam-Baker -- I consider suicide, which is
counted in the HCI "statistics" on gun deaths, to be a perfectly
legitimate use of a weapon. Its every person's right to off themselves
any time they like by my way of thinking, and you have no right to
force people to live against their will any more than you have the
right to force them into slavery.)


Perry





From charlee at netnet.net  Wed Aug  7 13:47:19 1996
From: charlee at netnet.net (kickboxer)
Date: Thu, 8 Aug 1996 04:47:19 +0800
Subject: cookie monster
Message-ID: <199608071600.LAA03014@netnet1.netnet.net>


        Does anybody have any information on the "Cookie Monster" technology
that Netscape and Microsoft are soon going to incorperate in their internet
browsers?  All I know is that they take cookies and "eat" (destroy) them.  
                                                                               






From gary at systemics.com  Wed Aug  7 14:18:51 1996
From: gary at systemics.com (Gary Howland)
Date: Thu, 8 Aug 1996 05:18:51 +0800
Subject: Phone tapping in India
In-Reply-To: <1.5.4.32.19960807114112.002e8fa4@giasdl01.vsnl.net.in>
Message-ID: <3208C12F.15FB7483@systemics.com>


Arun Mehta wrote:
>  
> Under a box titled "Beware of blank calls", the newspaper mentions that
> when the sleuths ring your number to start tapping, you get a "blank" call
> (which one is quite used to here -- if that were enough evidence, the whole
> of India is being tapped!)
> 
> What technology is this? If it indeed works this way, what is to prevent any
> large company or rich person from procuring the same hardware?

Do telephones have "caller control" in India? (ie. if you call
someone, can the callee not hang you up?).  If they do, then the
technology is quite straightforward, being a device that emulates
the exchange and proxies on calls.

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From gary at systemics.com  Wed Aug  7 16:02:18 1996
From: gary at systemics.com (Gary Howland)
Date: Thu, 8 Aug 1996 07:02:18 +0800
Subject: appropriate algorithm for application
In-Reply-To: <2.2.32.19960806232209.006e2c84@gonzo.wolfenet.com>
Message-ID: <3208DD65.237C228A@systemics.com>


Cerridwyn Llewyellyn wrote:
> 
> I need an algorithm/protocol that is capable of encrypting numerous
> files with separate keys, but there also needs to be a master key
> that will be able to decrypt all of them.  Is there such a system
> that is relatively secure?  I'd prefer the system to be as secure
> as possible, but in this application, security is secondary to
> functionality.  Thanks... //cerridwyn//

Are you after a working program, or just a design?

You could always use an escrowed public key generator (discussed on
sci.crypt some time ago), where the keys all have a factor of 'N'
embedded in 'N', but encrypted with the master key.

(I'd be prepared to write the code that generates the keys, if
someone does the "master decrypt" side of things).

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From mpd at netcom.com  Wed Aug  7 16:15:08 1996
From: mpd at netcom.com (Mike Duvos)
Date: Thu, 8 Aug 1996 07:15:08 +0800
Subject: Wee Beasties on Mars
In-Reply-To: <199608071442.KAA02713@nrk.com>
Message-ID: <199608071634.JAA06580@netcom13.netcom.com>


> schryver at radiks.net:

> > NBC News at Sunrise has just announced the discovery of alien life on the 
> > planet Mars.  The lifeform that became extinct more than 2 billion years
> > ago was found as a fossil in a meteor that originated from mars and landed
> > on earth.  The fossil found was a primitive germ life form.

NASA is holding a news conference today to discuss the find.  I must 
admit I am curious as to how they determined the meteor's origin.  
Most material in the solar system is similar in composition.  

Definitely a news story worth following, however. 

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $






From jfricker at vertexgroup.com  Wed Aug  7 16:17:05 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Thu, 8 Aug 1996 07:17:05 +0800
Subject: Oregen Vehicle Database on the Net
Message-ID: <2.2.32.19960807175027.002beffc@vertexgroup.com>


Aaron Nabil has purchased the entire Oregen Vehicle Registration database
($220) and put it on the Web. Did some oregonian piss you off on the
highway? snail flame their arse!

http://www.spiritone.com/cgi-bin/plates






From perry at piermont.com  Wed Aug  7 16:44:08 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 8 Aug 1996 07:44:08 +0800
Subject: PGP public key servers are NOT useful!
In-Reply-To: <199608060552.WAA04209@abraham.cs.berkeley.edu>
Message-ID: <199608071637.MAA08532@jekyll.piermont.com>



John Anonymous MacDonald writes:
> The problem with the PGP public key servers is that
> one has absolutely no control over what gets uploaded there in one's
> own name.

Thats why people are supposed to use the web of trust to check the
keys. You claim to make your key available by finger. How do you know
that Mallet isn't switching the bits as they go down the wire to your
correspondants? The only way to verify a key is to check known good
signatures on it. Because of this, no security is needed on key
storage facilities per se -- you aren't supposed to trust keys without
signatures.

Geesh. I thought this was obvious. I guess not.

Perry





From vinnie at webstuff.apple.com  Wed Aug  7 16:52:35 1996
From: vinnie at webstuff.apple.com (Vinnie Moscaritolo)
Date: Thu, 8 Aug 1996 07:52:35 +0800
Subject: Apple people on the li
Message-ID: <v03007807ae2e9c91b674@[204.179.128.38]>


At 11:15 PM 8/6/96 GMT, John Young wrote:
>I'd like to hear Tim, too, in this Big Apple. RealAudio, perhaps.

>What would you offer to set off Tim's simmering crypto-anarcho-volcano,
>make it heard round the planet?

I can't offer much that would satify Tim's needs,  he would have to look
elsewhere for that (I will restrain my comment about a size 12 boot)

The  Mac crtpyo workshop http://webstuff.apple.com/~opentpt/crypto.html is
just that,  a workshop:  a guerilla effort focused at Mac developers who
write code to start including crypto in thier code. I am also sponsering an
effort among developers to do keychain management on the Mac, In a manner
similar to the popular Internet Config. Developers get together, talk,
hack, and go home with plans to write stuff.

What I offer developers is much more important to me right now. people
complain about email apps not having built in crypto, I am trying to do
something about it.  So are folks like Olivier Merenne who does SafeMail
http://www.highware.com/highware/safemail/safemail.htm . these are the
kinds of people that I want to help.

The workshop us not a forum for the very people that Tim complains about,
to rant about how great the Mac is or isnt. or why crypto is good or bad, I
will leave that to the wired.coms  and other non-tech forums out there.

I agree with Tim, If you really want to hear tim talk, you cant ead his
rants on cp or I have a better idea, maybe you can send him some bucks and
he'll send you a cassette tape or something (I would suggest he makes a
quicktime movie and put it on your webpage or do a webcast, but that
requires you buy into the Apple world doesnt it, so maybe you can do the
windoze equiv)

nuff said,
cp


Vinnie Moscaritolo
Apple Developer Tech Support
http://www.vmeng.com/vinnie/
Fingerprint: 4FA3298150E404F2782501876EA2146A







From peter.allan at aeat.co.uk  Wed Aug  7 16:57:58 1996
From: peter.allan at aeat.co.uk (Peter M Allan)
Date: Thu, 8 Aug 1996 07:57:58 +0800
Subject: Anonymous Remailers at work
Message-ID: <9608071713.AA13368@clare.risley.aeat.co.uk>



> Date: Tue, 06 Aug 1996 21:05:24 -0700
> To: cypherpunks at toad.com
> From: Bill Stewart <stewarts at ix.netcom.com>
> Subject: Anonymous Remailers at work

> I've recently run into a couple of business problems at work
> that could be solved by (slightly modified) remailers.

> 1) Manager performance review, suggestion boxes, and questions to
> visiting honchos - there are several departments that are using
> "email to the secretary who'll take your name off and forward it"
> to handle this problem.  Remailers are an obvious solution.

>  It would probably be worth modifying the remailer to use a permit-list
>  as well as a block-list for destinations and maybe sources, 

>  Any other reasons to install anonymous remailers at work,
>  and things you'd do to make them more attractive or
>  less scary to corporate network administrative types?


I have a very crude + simple remailer using shell scripts.
There is re-ordering and a standard message size.
There is no scope for receipts or replies.

I limit messages to 1kb to make it harder to send images.
(There was once a management complaint about images- nothing
to do with me or the remailer which hadn't started then.)

It can only send and receive mail INSIDE the company.

I have not advertised it widely, for fear of a management veto.
It carries a warning to be sensible, and I'd be able to read
the mail log following complaints.

There is a short banned list, intended only to stop looping.






In another message Bill said:
> immigrant Brits and ...  speaking funny-soundin' English at you.

Um, some of us really do speak English.  To the point where we struggle
to make out Larry King and guest both mumbling away at high speed.







From adam at homeport.org  Wed Aug  7 17:13:49 1996
From: adam at homeport.org (Adam Shostack)
Date: Thu, 8 Aug 1996 08:13:49 +0800
Subject: Internal Passports
In-Reply-To: <RDo0RD45w165w@bwalk.dm.com>
Message-ID: <199608071729.MAA15197@homeport.org>


Dr.Dimitri Vulis KOTM wrote:
| Duncan Frissell <frissell at panix.com> writes:
| > At 12:06 AM 8/6/96 -0700, Marshall Clow wrote:
| >
| > >I have found that promising to provide the necessary docs, and then failing
| > to do so, is the least confrontational and most effective way around this.
| > >
| > >"Delay is the deadliest form of denial"
| >
| > Works for me as well.  Likewise, self employment.
| 
| That's the key word here - I don't think you need I-9 if you get paid on 1099
| or equivalent. However for W-4 employment, the emplyer must send a signed I-9

	This is correct; you don't need an I-9 to work when your wages
are reported via a 1099.

| to los federales. Otherwise the computer will flag this situation and they'll
| get a letter asking why they pay wages to someone whose I-9 isn't on file.

The privacy act statement on the I-9 instructions claims that the form
will be kept on file by the employer, who can be asked for it by the
INS.  This 'we keep it on file' was confirmed by a contracting firm
with whom I did some work recently.  It also has some newspeak that
has to be read to be believed.

ADam



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From amehta at giasdl01.vsnl.net.in  Wed Aug  7 17:24:14 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Thu, 8 Aug 1996 08:24:14 +0800
Subject: Censorship through proxy
Message-ID: <1.5.4.32.19960807174810.002b773c@giasdl01.vsnl.net.in>


At 18:12 06/08/96 -0700, Timothy C. May wrote:
>At 4:23 PM 8/6/96, Joel McNamara wrote:
>>http://www.singnet.com.sg/cache/sbareg.html
>
>Sing Sing (the country is now a prison, so...) is one of the states we
>should think about targetting for "special attention."

Yes, that would be great, and a trial run for the Big Prize, China.

At the site mentioned above, they have a form to fill out, which only
people from Singapore are supposed to respond to, which asks a 
lot of questions, including how much censorship users consider
appropriate! If there is some way of making them think the response
is coming from within Singapore when actually it isn't, maybe we 
could flood them with responses saying we want no censorship?

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From tcmay at got.net  Wed Aug  7 17:24:58 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 8 Aug 1996 08:24:58 +0800
Subject: e$: Watching the MacRubble Bounce
Message-ID: <ae2e146d0002100492fe@[205.199.118.202]>


At 5:15 PM 8/7/96, Vinnie Moscaritolo wrote:
>Man,
> you guys have way, WAY to much time on your hands. CP is starting to sound
>more like a bunch of bickering old ladies than the usual bickering group of
>old ladies (uh I mean crytpo anarchists) . I would have responded and put a
>round through the head of this discussion a few days ago, but my digest
>feed to cp died a few days ago.

"Put a round through the head of this discussion"?

One of the most common conceits on this list is summarized by this comment:
"I've said what I want to say, so now it's time for us to move on to other
things."

Or the charming equivalent: "You've heard my views, now can't we move on to
some _real_ cryptography?"

And then there's the old chestnut of claiming others have too much time on
their hands.

Learn to use the "delete" key for discussions you don't like.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From mab at crypto.com  Wed Aug  7 17:40:34 1996
From: mab at crypto.com (Matt Blaze)
Date: Thu, 8 Aug 1996 08:40:34 +0800
Subject: appropriate algorithm for application
In-Reply-To: <2.2.32.19960806232209.006e2c84@gonzo.wolfenet.com>
Message-ID: <199608071703.NAA07097@crypto.com>



>
>I need an algorithm/protocol that is capable of encrypting numerous
>files with separate keys, but there also needs to be a master key
>that will be able to decrypt all of them.  Is there such a system 
>that is relatively secure?  I'd prefer the system to be as secure
>as possible, but in this application, security is secondary to 
>functionality.  Thanks... //cerridwyn//
>


If you need this "master key" feature embedded in the cryptosystem
itself, you're probably out of luck - such a cipher would be at least
as slow as a public key cryptosystem.  See Blaze, Feigenbaum, Leighton,
"Master-Key Cryptosystems", CRYPTO '96 rump session, available at
ftp://research.att.com/dist/mab/mkcs.ps .

However, you could simulate the function of such a system by
selecting a different key for each file and then encypting each unique
file key with the master encryption key (which could be a public
key or a symmetric key, depending on whether the application that
encrypts the files is trusted to know the master decryption key).
This has the disadvantage, however, of requiring that you store
the encrypted file key with each file, which may or may not be
an issue for you.

-matt





From sandfort at crl.com  Wed Aug  7 17:41:23 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Thu, 8 Aug 1996 08:41:23 +0800
Subject: STEGO GUNS
Message-ID: <Pine.SUN.3.91.960807101421.20235A-100000@crl14.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

The following is from USA Today of last Friday:

	In a comprehensive study that may reshape the 
	gun control debate, researchers have found that 
	letting people carry concealed guns appears to
	sharply reduce killings, rapes and other violent
	crimes.

	The nationwide study [from the University of
	Chicago] found that violent crime fell after
	states made it legal to carry concealed handguns:
	*   Homicide, down 8.5%.
	*   Rape, down 5%.
	*   Aggravated assault, down 7%.
	...
	The drop isn't primarily caused by people 
	defending themselves with guns, says John Lott,
	the study's author.  Rather, criminals seem to 
	alter their behavior to avoid coming into contact
	with a person who might have a gun.

The official release of the study is scheduled for tomorrow.  
The study took two years and was peer reviewed.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From jimbell at pacifier.com  Wed Aug  7 17:42:26 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 8 Aug 1996 08:42:26 +0800
Subject: Digital Telephony costs $2
Message-ID: <199608071650.JAA05697@mail.pacifier.com>


At 11:00 PM 8/6/96 -0700, Bill Stewart wrote:
>At 11:34 PM 8/5/96 -0800, you wrote:
>>What is unclear, however, is WHY they "had to" build a card that couldn't do 
>>full-duplex.  I mean, would there have been a problem implementing that?  Or 
>>was this just another one of those stupid design decisions which could have 
>>been easily fixed if it had been realized in time?

>2) DSPs tend to be really tight on resources, especially RAM,
>   which you need to do multiple programs at once.  $5-10 DSPs are 
>   especially tight.  They're starting to come with mini operating systems.

I wasn't aware that sound cards made appreciable use of DSP's.  Unlike 
modems, which inherently must massage large amounts of signal to get the 
data, I assumed that sound cards were more like straight A/D/A systems.



>>> It also has the advantage
>>>that the data is being moved through your CPU, so encryption is
>>>an easy add-on, rather than having one combined modem/voiceblaster
>>>card which doesn't have any hooks for crypto or other processing.
>>Well, I assume that if implemented as a new type of modem card, the 
>>processor can be used to do the data transfer.
>
>If you're doing the voice crunching and A/D conversion and telephony
>all on the modem card, with everything tightly integrated
>to fit in your tiny cache, why put in hooks for the processor to intervene?

You'd put in a hook because it would be easily done, and to fail to do so 
would be a serious mistake.  It could also be bypassed by a hardware switch, 
I suppose, or a software-controlled switch, to make processor intervention 
unnecessary.


Jim Bell
jimbell at pacifier.com





From vinnie at webstuff.apple.com  Wed Aug  7 17:51:13 1996
From: vinnie at webstuff.apple.com (Vinnie Moscaritolo)
Date: Thu, 8 Aug 1996 08:51:13 +0800
Subject: e$: Watching the MacRubble Bounce
Message-ID: <v03007803ae2e770bd71e@[204.179.128.38]>


Man,
 you guys have way, WAY to much time on your hands. CP is starting to sound
more like a bunch of bickering old ladies than the usual bickering group of
old ladies (uh I mean crytpo anarchists) . I would have responded and put a
round through the head of this discussion a few days ago, but my digest
feed to cp died a few days ago.

Since all this  crap seems to center around a conversation between me and
Tim , and really should have stayed that way, (Bob, consider this a rap on
the nose with a rolled up newspaper) lets just clear up a few points nad
then please move on to the next subject.

By developer demand I am hosting a technical workshop for Mac Crypto
developers <http://webstuff.apple.com/~opentpt/crypto.html> and asked Tim
if he would like to speak, I though that since he has so much interesting
stuff to say on the net that he might want to share it with some folks who
write code for a living.

Tim declined. no problem, normaly that would have ended it there, but Tim
went on to state that I excluded him from the Mac Crypto list, I replied
that I did no such thing and that I inherited the list (and hence any guilt
I guess), He went on further deriding the Mac.

I have been on the net long enough to no longer care about religious wars
about "how long who's pull down menu was", BUT, I belive that Tim was a bit
out of line with some of his comments about Mac Developers and Apple
employees. I have a problem with that. We emailed a bit and came to the
agreement that Tim would not be an appropriate speaker for a Mac technical
workshop. fine, end of story,lets move on.

But then Bob comes along and does his rant, the point was not so much to
pick on Tim, which I belive he didnt name, but more to point out why the
Mac is an important platform for crypto. Tim reacted and the pissing
started. Lets just end it now. I am sure you all have better things to do.

What I am concerned with is that in all the noise the following points are
being lost in the fog of war.

1) there a a LOT of Mac clients on the Net. windoze might be popular in the
corporate office, but Macs are still easier to configure (prove me wrong),
and hence do have a place in this world.

1a) The Mac also has one of the best networking environment available for
the desktop platform, OpenTransport IS very fast. And do me a favor dont
complain about opendoc until youve tryed and write code with OLE.

2) Apple is nowhere near dead, anyone who says this is either smoking
something harsh or lives in media painted world. The same people that say
Macs are dead are the same uneducated liberal buttheads who write in the
San Jose Merc Pravda about how a disarmed populus is a free(h)er one.

3) If you want strong crypto to get to the masses then you better start
paying attention to genetic deversity or as I like to call it Watership
Down syndrome, If you put all your crypto eggs in Bill's basket then don't
complain when you find that the MicroSoft CAPI only supports escrowed keys.

so lets all grow a little thicker skin and move on with it. while you all
piss and moan, your rights are being stolen away, If you want to help
crypto suceed then you have to care about Macs, just as much as windoze or
Sun or Be or whatever platform.

Back to work.





Vinnie Moscaritolo
------------------
"friends come and friends go..but enemies accumulate."
http://www.vmeng.com/vinnie/
Fingerprint: 4FA3298150E404F2782501876EA2146A







From anonymous-remailer at shell.portal.com  Wed Aug  7 17:56:31 1996
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Thu, 8 Aug 1996 08:56:31 +0800
Subject: F2 hash?
Message-ID: <199608072029.NAA29976@jobe.shell.portal.com>



Does anyone have a descriptoin of the F2 hash?
F2 is a secret hash from SecurityDynamics, and is used in
their client software.  (Its not the hash in the cards, but
if anyone has a copy of that, it might be fun.)

I'd be very interested in seeing source code in the public
domain to try out a few hacks...

Anyone?  Anyone?  Bueller?

Bueller?






From mccoy at communities.com  Wed Aug  7 18:03:43 1996
From: mccoy at communities.com (Jim McCoy)
Date: Thu, 8 Aug 1996 09:03:43 +0800
Subject: Wee Beasties on Mars [NOISE]
Message-ID: <v02140b02ae2ebc31d032@[204.179.131.165]>


> > schryver at radiks.net:
>
> > > NBC News at Sunrise has just announced the discovery of alien life on the
> > > planet Mars.  The lifeform that became extinct more than 2 billion years
> > > ago was found as a fossil in a meteor that originated from mars and landed
> > > on earth.  The fossil found was a primitive germ life form.
>
> NASA is holding a news conference today to discuss the find.  I must
> admit I am curious as to how they determined the meteor's origin.
> Most material in the solar system is similar in composition.

Using the same methods that geologists use to determine whether or not
certain meteorites are from the moon, by chemical composition.  Material from
within the solar system actually has varied composition mainly determined by
the distance of the body from the Sun (there are various theories as to why
this is, an intro cosmology book will describe them all in detail), the
actual percentages of various elements and compounds can be used to make a
reasonable guess as to whether or not a particular meteorite was knocked off
of a planet or moon to which we have sent a probe.  For example, it is
possible to buy fragments of "moon rocks" which are not actually samples
returned from Apollo missions (which are all owned by the U.S. government)
but are from meteorites which match the exact chemical and physical
composition of the returned lunar samples.  Such determinations are a lot
easier for planets/moons which do not have active vulcanism or other events
which significantly mix up the composition of the planet.

At the news conference given this afternoon the fact that the meteorite was
Martian in origin was probably the least controversial.  It seems that
exobiology may no longer be a field without a subject :)  If the results are
confirmed what I think will end up being the most interesting fallout of this
will be in the creationism/evolution debate.  It seems that life may have
been independantly generated at multiple locations, barring a "space seed"
debate flaring up again, and the "impossible odds" argument has become pretty
weak...

jim







From jims at MPGN.COM  Wed Aug  7 18:28:24 1996
From: jims at MPGN.COM (James C. Sewell)
Date: Thu, 8 Aug 1996 09:28:24 +0800
Subject: Corporate e-mail policy
Message-ID: <2.2.32.19960807211735.006c0ac4@tansoft.com>


At 01:05 PM 8/5/96 -0700, Timothy C. May wrote:
>At 5:34 PM 8/5/96, James C. Sewell wrote:
>
>This comparison breaks down completely. The police are not involved, so the
>language of "probable cause" is inappropriate. 

  Then use the language "good reason as defined by the company's policy".

>Imagine Alice operates a courier service and owns and operates several
>delievery vehicles . 

  Here your example breaks down.  Email is not like the courier company's
  vehicle at all.  Bob didn't create the truck, he didn't think of it at
  any time as his, and he is not intending to use it to deal with someone 
  else on a personal level.

  A better example would be that a letter sent through that courier company
  that is from Bob.  If he pays for it to be delivered then he should have
  the right to privacy.  If, however, the service is offered free to all
  employees, or if the paper/envelope/time was from the company then we
  would have the same problem... is it business-related, thus open to the
  whims of the employer, or is it private and off-limits?

  The whole question comes down to this:  
      Is a collection of words written from an employee to another
      individual property of the company when it was written, edited,
      and transmitted by company equipment.

  The problem?  There's no agreement on the answer to this.

>(If anyone suggests that landlords cannot barge into tenant's apartments,
>this is a different situation. For one thing, there are usually terms and
>conditions spelled out in a contract about when and under what
>circumstances a landlord may enter the premises.)

  There are often terms and conditions spelled out in employment
  contracts as well.  I have had such contracts in every job I have
  held.  They all went to the point of saying, in essence, anything
  I create on company time/equipment belongs to the company.


>>  Just remember, as was said, once you make a policy it becomes precedence
>>and will stick with you forever... longer if it's a bad one.
>>
>
>Alice the Courier Service is of course perfectly free to announce new
>policies, so your point is incorrect.

  Granting that I meant precedent rather than prescedence I submit the
  following:

  precedent - n 1a. An act or instance used as an example in dealing with
                    subsequent similar cases.  
                2.  Custom or convention.

  They may change their policy at will, but the fact is that the decisions
  made today will "taint" or "shape" (depending on your point of view) the
  policies made tomorrow.

  
Jim Sewell - jims at tansoft.com    Tantalus Incorporated - Key West, FL






From proff at suburbia.net  Wed Aug  7 18:28:28 1996
From: proff at suburbia.net (Julian Assange)
Date: Thu, 8 Aug 1996 09:28:28 +0800
Subject: STEGO GUNS
In-Reply-To: <Pine.SUN.3.91.960807101421.20235A-100000@crl14.crl.com>
Message-ID: <199608072128.HAA28140@suburbia.net>


> C'punks,
> 
> The following is from USA Today of last Friday:
> 
> 	In a comprehensive study that may reshape the 
> 	gun control debate, researchers have found that 
> 	letting people carry concealed guns appears to
> 	sharply reduce killings, rapes and other violent
> 	crimes.
> 
> 	The nationwide study [from the University of
> 	Chicago] found that violent crime fell after
> 	states made it legal to carry concealed handguns:
> 	*   Homicide, down 8.5%.
> 	*   Rape, down 5%.
> 	*   Aggravated assault, down 7%.
> 	...
> 	The drop isn't primarily caused by people 
> 	defending themselves with guns, says John Lott,
> 	the study's author.  Rather, criminals seem to 
> 	alter their behavior to avoid coming into contact
> 	with a person who might have a gun.
> 
> The official release of the study is scheduled for tomorrow.  
> The study took two years and was peer reviewed.
> 
> 
>  S a n d y

Correlation != causation. What are the figures on other crimes? I
presume they would have to have gone up, since the criminal element has
been deprived of it's "revenue" in this manner. Perhaps they simply
didn't have time for killing, raping and assulting; being too busy
lugging around their legally concealed handguns and pointing them at
shop-keepers.

-- 
"Of all tyrannies a tyranny sincerely  exercised for the good of its victims  
 may be the most  oppressive.  It may be better to live under  robber barons  
 than  under  omnipotent  moral busybodies,  The robber baron's  cruelty may  
 sometimes sleep,  his cupidity may at some point be satiated; but those who  
 torment us for own good  will torment us  without end,  for they do so with 
 the approval of their own conscience."    -   C.S. Lewis, _God in the Dock_ 
+---------------------+--------------------+----------------------------------+
|Julian Assange RSO   | PO Box 2031 BARKER | Secret Analytic Guy Union        |
|proff at suburbia.net   | VIC 3122 AUSTRALIA | finger for PGP key hash ID =     |
|proff at gnu.ai.mit.edu | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 |
+---------------------+--------------------+----------------------------------+





From declan at well.com  Wed Aug  7 18:29:29 1996
From: declan at well.com (Declan McCullagh)
Date: Thu, 8 Aug 1996 09:29:29 +0800
Subject: G7 Threat Alert from international Net-coalition (8/7/96)
Message-ID: <v01510108ae2ebee4255a@[204.62.128.229]>





Date: Wed, 7 Aug 1996 12:27:21 -0500
To: fight-censorship at vorlon.mit.edu
From: declan at well.com (Declan McCullagh)
Subject: G7 Threat Alert from international Net-coalition (8/7/96)
Sender: owner-fight-censorship at vorlon.mit.edu

[Redistribute widely. Add'l info at http://www.eff.org/~declan/global/ --Declan]



======================================================================
   ALERT FROM A COALITION OF ONLINE CIVIL LIBERTIES ORGANISATIONS

            G7 THREAT TO ONLINE FREE SPEECH AND PRIVACY

      IN THE NAME OF COMBATING TERRORISM THE G7 IS PLANNING TO
     CURB THE FREE SPEECH RIGHTS AND PRIVACY OF INTERNET USERS

                           7 AUGUST 1996

   PLEASE REDISTRIBUTE THIS DOCUMENT WIDELY WITH THIS BANNER INTACT
 REDISTRIBUTE ONLY IN APPROPRIATE PLACES & ONLY UNTIL 30 SEPTEMBER 96

______________________________________________________________________
IN THIS ALERT:
  Summary
  Background
  What You Can Do
  Where Can I Learn More?
  Organisations

______________________________________________________________________
SUMMARY

On July 30th the G7 group of nations met in Paris to discuss terrorism.
Among other responses the G7 have endorsed a number of restrictions and
controls on the Internet.  These include the prohibition or censorship
of sources that may contain "dangerous" information, restrictions on
the electronic speech of unpopular political organisations, and the
imposition of "key escrow" or other means of allowing governments to
violate privately encrypted correspondence.

This particularly serious threat, which originates from recent events
such as a bombing at the Atlanta Olympics and the crash of TWA Flight
800, is another case in a long list of attempts to restrict freedom of
speech in electronic networks, of which there are alarming examples in
many countries including Australia, Belgium, China, France, Germany,
Saudi Arabia, Singapore, the USA and Vietnam, under a variety of
pretexts ranging from "pornography" to "terrorism" and incorrect
political opinion.

* The "offensive" material being targeted is no different from similar
material available in libraries and bookshops.  *What is legal offline
must also be legal online*.  If material cannot be censored at the
newsstand or the university library, it must not be censored in the
online newsstands and libraries of our future.

* Legislators and agency officials are pushing for speedy passage of
censorious and privacy-harming laws, capitalising on fear of terrorism
to exclude meaningful public input in the process and substance of
these regulations.

* Because the Internet is global, and every culture has its own rules
about what is and is not permissible, the open nature of the Internet
must be protected.  No local jurisdiction should be allowed to impose
its rules on the rest of the world.

______________________________________________________________________
BACKGROUND

This alert is being issued by a coalition of online civil liberties
organisations that support online privacy, freedom of speech and human
rights.  The organisations are listed at the end of this alert along
with contact details.

Since its inception the Internet has more than doubled in size every
year.  If this growth continues, more than one billion people will be
using the Internet by the turn of the century.  Each of these users can
as easily publish material as they can read it.  The Internet has the
potential vastly to improve the workings of democratic government and
to spread liberty across the globe.

In light of recent bombings in the US and elsewhere, there are again
calls to ban from the Internet information on explosives, as well as
any other issues that can be related to "terrorism".  Anti-terrorist
hysteria has become the excuse for governmental attempts to circumvent
online freedom of expression, guaranteed by constitutions, laws, and
the UN Declaration of Human Rights.

Information on how to make bombs, as well as other things that would be
"banned", is widely available, often from the very governments pushing
for censorship.  Banning such publications from the Internet won't
make it any less widely available.  However it could become the tool
for the censorship of any debate or opinion which happens to displease
the authorities, or "pressure groups" that do not share those opinions.
This is a pure and simple violation of free speech, no matter how it
is disguised.

Currently, communicating via the Internet is like sending messages on
postcards.  Anyone between the sender and receiver can read the
message.  Encryption (data scrambling) technology can be used to ensure
the privacy of communications.  It's like placing  messages in
envelopes.  Although widely available the technology has not yet become
a part of the Internet because of pressures from the "intelligence" and
law enforcement agencies.

Some countries, such as the United States, treat cryptography as if
were a weapon, like missile or a machine gun, and ban its export.
Other countries, such as France, have an outright ban on cryptography.
Such policies threaten to undermine information infrastructure not only
locally, but globally, leaving computer networks open to industrial
espionage, and as we are seeing in recent news of electronic spying on
the European Parliament, even governmental espionage, as well as
criminal exploitation.

What the G7 have called for is a way to read all messages sent by
terrorists.  The only way they can achieve this is to have some way of
reading messages sent by anyone.  What the G7 are demanding is that the
privacy of all communications be compromised in the name of protection
from terrorism.  However, no real terrorist is going to use such a
compromised system when uncrackable alternatives already exist and are
freely available.  Effectively G7 are demanding that we all compromise
the privacy of our communications - for NO benefit.

______________________________________________________________________
WHAT YOU CAN DO

1. Be alert to what your government is doing or planning.  Contact your
   law-makers and urge them to protect privacy and free speech on the
   Internet.  Write to or call publications in your area and suggest
   that they report on any anti-freedom government action you hear
   about.

2. Join an online civil liberties organisation.  See the end of this
   release for contact information for several such organisations.

3. If there isn't an online civil liberties organisation in your
   country, why not start one?   Some suggestions on how to start an
   online civil liberties organisation are available at:

   http://pobox.com/~mbaker/creating.html

   and

   http://www.well.com/~jonl/bonfire.html

______________________________________________________________________
WHERE CAN I LEARN MORE?

Further details on the G7 meeting and its effect on the Net can be
found in a press release from the Global Internet Liberty Coalition:

  http://www.aclu.org/gilc/index1.html

For a summary of efforts around the world to censor the Internet see
the "10 May 96 Silencing the Net" report on the Human Rights Watch
gopher site:

  gopher://gopher.igc.apc.org:5000/11/int/hrw/general

For background on global efforts to muzzle the Net see these web sites:

  http://www.eff.org/~declan/global/
  http://www.eff.org/~declan/fight-censorship/
  http://www.io.org/~sherlock/doom/threat.html

For information on global and international online freedom issues see
the Electronic Frontier Foundation web site:

  http://www.eff.org/pub/Global/

Translations of this alert will be available as follows:

  Catalan:  http://www.lander.es/~jlmartin/
  French:   pforsans at in-net.inba.fr
  Italian:  http://www.nexus.it/alcei.html
  Spanish:  http://www.lander.es/~jlmartin/

________________________________________________________________________
ORGANISATIONS

The following organisations have issued this alert:

ALCEI - Electronic Frontiers Italy * http://www.nexus.it/alcei.html
CITADEL - Electronic Frontier France * pforsans at in-net.inba.fr
EFF-Austin (Texas) * http://www.eff-austin.org
Electronic Frontier Foundation (USA) * http://www.eff.org
Electronic Frontier Canada * http://www.efc.ca/
Electronic Frontier Ireland * http://www.efi.ie/
Electronic Frontiers Australia * http://www.efa.org.au
Elektronisk Forpost Norge (Electronic Frontier Norway) *
  http://www.sn.no/~efn
Fronteras Electronicas Espan~a (Electronic Frontiers Spain) *
  http://www.lander.es/~jlmartin/
HotWired * http://www.hotwired.com/
Human Rights Watch * http://www.hrw.org
Reporters sans frontieres * http://www.calvacom.fr/rsf/

Press Contacts:

Please choose an organisation above and visit their web site for contact
information.

________________________________________________________________________
                           End Alert
========================================================================







From jbugden at smtplink.alis.ca  Wed Aug  7 18:29:38 1996
From: jbugden at smtplink.alis.ca (jbugden at smtplink.alis.ca)
Date: Thu, 8 Aug 1996 09:29:38 +0800
Subject: Internal Passports
Message-ID: <9607078394.AA839458951@smtplink.alis.ca>




----------
From:   John Deters <jad at dsddhc.com>
Sent:   Wednesday, August 07, 1996 3:35 PM
To:     James Bugden
Subject:        RE: Internal Passports

At 11:39 AM 8/7/96 EST, jbudgen at alis.com wrote:
>
>I've seen the same problem in a department store in Ottawa. They would not
>accept a Canadian Passport as identification for payment by cheque but would
>accept various credit cards and similar devices.
>
>My conclusion was that they wanted something that would show my friend's credit
>worthiness, not prove his identity.

John Deters <jad at dsddhc.com> wrote:
>On the whole, though, I have been finding that people ascribe all sorts of
>paranoid evils to all sorts of organizations, when the ultimate truth
>usually starts out more like a Dilbert cartoon.  Internally, I can usually
>spot the truly evil corporate deception practices.  Externally, though,
>people can only make guesses based on actions that they've become party to.
>And who can blame someone for that?

In the case cited above, I confirmed with the store's credit department that a
Canadian passport was not considered a valid piece of ID. I suggested that this
was due to credit concerns but they denied this. For obvious reasons, I did not
believe them.

My opinion is that a rule that stated "two pieces of ID that showed credit
worthiness" was either too complicated or too unpalatable to use. Instead, the
rule is "two pieces of ID" with the definition of ID tacitly restricted to items
that indicate credit status. Either that, or Canadian passports are too easy to
get forged in Ottawa.

This "keep it simple stupid" approach showed itself this week when I attempted
to order replacement cheques from my bank over the phone. I was told that they
needed my signature, but a signed fax request would be sufficient. I remarked
that it was trivial to apply a forged signature to a fax. The response from the
person was - wait for it - that I would then have to come in and sign for it in
person. It was impossible to convince them that this was not just a problem with
my fax machine, but a problem in general.

Eventually, I typed up a fax request in Word, pasted in my previously scanned
signature, and sent this to the bank. This made them happy, but I might be
changing banks soon.

In the physical world, a big lock or a steel door can indicate good security.
Most people can evaluate the strength of this type of security fairly well.
Until we have good analogies for the equivalent types of digital security, we
will continue to face real problems.

James






From sunder at dorsai.dorsai.org  Wed Aug  7 18:30:51 1996
From: sunder at dorsai.dorsai.org (Ray Arachelian)
Date: Thu, 8 Aug 1996 09:30:51 +0800
Subject: crypto CD source
In-Reply-To: <199608060504.GAA00115@server.test.net>
Message-ID: <Pine.SUN.3.91.960807140506.3525A-100000@dorsai>


On Tue, 6 Aug 1996, Adam Back wrote:

> 
> Cypherpunks archive?
> 
> 	http://infinity.nus.sg/cypherpunks/
> 
> The earlier archives were at www.hks.net, try mailing cactus at hks.net.


I've a bunch of .gz files for the filtered cypherpunks list I run, they 
should contain stuff as far back as last year.  How would I get these to 
ya?

==========================================================================
 + ^ + |  Ray Arachelian |FL|       KAOS KERAUNOS KYBERNETOS      |==/|\==
  \|/  |sunder at dorsai.org|UL|__Nothing_is_true,_all_is_permitted!_|=/\|/\=
<--+-->| --------------- |CG|What part of 'Congress shall make no |=\/|\/=
  /|\  | Just Say "No" to|KA|law abridging the freedom of speech' |==\|/==
 + v + | Janet Reno & GAK|AK|        do you not understand?       |=======   
===================http://www.dorsai.org/~sunder/=========================
 Key Escrow Laws are the mating calls of those who'd abuse your privacy!






From sandfort at crl.com  Wed Aug  7 18:35:31 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Thu, 8 Aug 1996 09:35:31 +0800
Subject: STEGO GUNS
In-Reply-To: <199608072128.HAA28140@suburbia.net>
Message-ID: <Pine.SUN.3.91.960807150329.28064G-100000@crl3.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 8 Aug 1996, Julian Assange wrote:

> Correlation != causation. What are the figures on other crimes?

I'm waiting for the official study itself, but the article did
say that the study showed a shift from violent crimes to property
offenses.  If so, that's a trade I'll make any day.  

I'll see if I can get a copy of the study when it is released.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From jk at stallion.ee  Wed Aug  7 18:36:08 1996
From: jk at stallion.ee (=?ISO-8859-1?Q?J=FCri_Kaljundi?=)
Date: Thu, 8 Aug 1996 09:36:08 +0800
Subject: F2 hash?
In-Reply-To: <199608072029.NAA29976@jobe.shell.portal.com>
Message-ID: <Pine.GSO.3.93.960808011718.28847G-100000@nebula.online.ee>


 Wed, 7 Aug 1996 anonymous-remailer at shell.portal.com wrote:

> F2 is a secret hash from SecurityDynamics, and is used in
> their client software.  (Its not the hash in the cards, but
> if anyone has a copy of that, it might be fun.)

As I have to deal with SecurID tokens in the nearest future, I would like
to hear more opinions about these cards. IMHO a proprietary algorithm like
used in those cards is a bad thing and I would like an open approach much
more, I still believe SecurID OTP cards are much better then usual
passwords.

At Defcon this year they promised to tell about some security flaws in
SecurID tokens, anyone know more about that?

Personally I believe that Security Dynamics should come out with some kind
of new systems in the nearest future, now that they own RSA. 

J�ri Kaljundi
AS Stallion
jk at stallion.ee






From alanh at infi.net  Wed Aug  7 18:40:50 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 8 Aug 1996 09:40:50 +0800
Subject: Internal Passports
In-Reply-To: <RDo0RD45w165w@bwalk.dm.com>
Message-ID: <Pine.SV4.3.91.960807181525.13468G-100000@larry.infi.net>


You can act through a corportion; if you are using it as a true "alter 
ego", it will be put aside by the courts and you will be assessed back 
taxes, interest, and penalties. The employer will also.

If the person who pays you, has the _right_ (exercised or not) to tell 
you how to do the work.... you are his employee. This is a summary, but a 
good one.





From jimbell at pacifier.com  Wed Aug  7 18:49:56 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 8 Aug 1996 09:49:56 +0800
Subject: Wee Beasties on Mars
Message-ID: <199608072246.PAA25637@mail.pacifier.com>


At 09:34 AM 8/7/96 -0700, Mike Duvos wrote:
>> schryver at radiks.net:
>
>> > NBC News at Sunrise has just announced the discovery of alien life on the 
>> > planet Mars.  The lifeform that became extinct more than 2 billion years
>> > ago was found as a fossil in a meteor that originated from mars and landed
>> > on earth.  The fossil found was a primitive germ life form.
>
>NASA is holding a news conference today to discuss the find.  I must 
>admit I am curious as to how they determined the meteor's origin.  
>Most material in the solar system is similar in composition.  

I've only seen a few vague news items on TV about this.  I believe they said 
that gases in pores in the rock matched the constituents of the Martian 
atmosphere.  

Also, they said that the rock was a bit less than the size of a football, 
and was found in Antarctica.  It's fairly "clean" there, at least from the 
standpoint of organic contamination.  Also, while I've heard nothing of its 
exact physical location, if it is in the middle of a large ice sheet that 
pretty much excludes terrestrial origin, because there is a limit to how far 
a volcano on Earth can blow a rock.  In any case, the kind of rocks 
typically ejected from volcanoes are well known.

Once it's agreed to be from "out there," the question is where.  If it had 
been possible to bring back rock from the landers that have analyzed Mars, a 
direct comparison would have been possible.  (of course, if that had been 
possible, we'd have heard about it already...)    The moon is excludable, 
since it has no atmosphere and apparently never had one.  (as well as the 
fact that we have samples of the moon to compare.)  Venus is highly 
unlikely, because it has such a thick atmosphere that material would 
probably not escape were a meteor to hit.  Mercury is even more unlikely, 
because it would probably take way too much energy to raise the 
sun-gravitational potential of a fragment of Mercury to that of the earth.

Jupiter, Saturn, Uranus and Neptune are basically liquified gases, so there 
would be no rocky material to eject.  Jupiter's moons are a different issue.

Anyway, I've got to get back to reviewing some episodes of "My Favorite 
Martian", just in case...


 

Jim Bell
jimbell at pacifier.com





From alanh at infi.net  Wed Aug  7 19:29:13 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 8 Aug 1996 10:29:13 +0800
Subject: SSNs (was Re: Internal Passports)
In-Reply-To: <Pine.SUN.3.94.960806122909.10763A-100000@polaris>
Message-ID: <Pine.SV4.3.91.960807175404.13468C-100000@larry.infi.net>


Furthermore, one's ten years of required FICA contributions for 
eligibility to collect Social Security or Disability, are a statutory 
proviso, not an administgrative "favor" that the SS Administration grants us.

That is to say, even if their computer doesn't show you as having enough 
contributions to be eligible, you are still entitled to make your own 
independent showing of the fact that you made the payments. It is NOT 
required that they have been "credited" to your account all along.

There are many many many ways to document for posterity, payment of 
funds. We don't have to depend upon subversive foreign nationals who 
think they are hot shit because they work at building bigger and 
better computer surveillance-state systems.





From alanh at infi.net  Wed Aug  7 19:56:38 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 8 Aug 1996 10:56:38 +0800
Subject: your mail
In-Reply-To: <199608071019.FAA15721@sr.radiks.net>
Message-ID: <Pine.SV4.3.91.960807190454.13468N@larry.infi.net>


No, they announced that some organic substances had been found which 
_coul have_ derived a lifeform. There are natural means by which the 
substances could have arisen.

I shouldn't have been surprised by the speed with which the pop 
media/cartoon news networks have jumped all over this. Shit, even William 
Jefferson Can't-keep-his-pants-zipped has gotten into the soundbites on 
this one.





From jad at dsddhc.com  Wed Aug  7 20:50:29 1996
From: jad at dsddhc.com (John Deters)
Date: Thu, 8 Aug 1996 11:50:29 +0800
Subject: Internal Passports
Message-ID: <2.2.32.19960807194053.0096f9ac@labg30>


At 11:39 AM 8/7/96 EST, jbugden at smtplink.alis.ca wrote:
>
>I've seen the same problem in a department store in Ottawa. They would not
>accept a Canadian Passport as identification for payment by cheque but would
>accept various credit cards and similar devices.
>
>My conclusion was that they wanted something that would show my friend's credit
>worthiness, not prove his identity.

Being employed by a department store, and working closely with our trainers
and our loss prevention people, for the last ten years has given me a pretty
good vantage point into seeing what actually happens on the sales floor as
well as what goes into the policy manual.

I'd suggest that it's probably an oversight by their training department.
Their trainers are just humans that looked around one day and said, "we need
to define what an ID is."  They Xeroxed a couple of dummied-up driver's
licenses and provincial ID cards, pasted them in a book, and said, "there,
that looks like all the acceptable ID I've ever seen around here."  Using
passports as internal ID is not a common occurrance, and this usage probably
simply didn't occur to the trainers.  It almost certainly was not the
"fault" of the person on the sales floor; they're usually trained to look at
these pretty pictures in a procedures book, and deny anything else.

That said, it certainly *could* be true that their loss prevention or credit
or audit departments decided that only "credit-worthy" people should be able
to write checks.

On the whole, though, I have been finding that people ascribe all sorts of
paranoid evils to all sorts of organizations, when the ultimate truth
usually starts out more like a Dilbert cartoon.  Internally, I can usually
spot the truly evil corporate deception practices.  Externally, though,
people can only make guesses based on actions that they've become party to.
And who can blame someone for that?

John
--
J. Deters  "Captain's log, stardate 25970-point-5.  I am nailed to the hull."
+-------------------------------------------------------+
| NET:   jad at dsddhc.com (work)    jad at pclink.com (home) |
| PSTN:  1 612 375 3116 (work)    1 612 894 8507 (home) |
| ICBM:  44^58'33"N by 93^16'42"W Elev. ~=290m (work)   |
| PGP Key ID:  768 / 15FFA875                           |
+-------------------------------------------------------+






From TrustBuckFella at nowhere.com  Wed Aug  7 22:30:11 1996
From: TrustBuckFella at nowhere.com (TrustBuckFella)
Date: Thu, 8 Aug 1996 13:30:11 +0800
Subject: TrustBucks
Message-ID: <65tr6crmj9@nowhere.com>


-----BEGIN PGP SIGNED MESSAGE-----
 
"Robert A. Rosenberg" <hal9001 at panix.com> writes:
>I fail to see why/how the initial swap of  TrustBucks(Alice) for
>TrustBucks(Bob) followed by Alice returning the TrustBucks(Bob) [as
>supposed payment] differs from her just paying with the TrustBucks(Alice)
>in the first place [ie: He is willing to accept the TrustBucks(Alice) as
>payment for the TrustBucks(Bob) that she will use to pay off her debt]. The
>net result is the same - Bob has the same amount of TrustBucks(Bob) in
> circulation and has an amount of TrustBucks(Alice) equal to Alice's payment
> [the back and forth of the TrustBucks(Bob) is just playing "Right
> Pocket/Left Pocket"].
 
I admit, my analysis is probably flawed and I appreciate you challenging
me on it. But I think it's more complex than the net result of single
transactions.
 
The way I figure it, if Bob could accept / not accept any variety of
TrustBucks, then he can manipulate what varieties he reports being able
to give in order to escape debts or manipulate what varieties he reports
being able to accept in order to keep debts unpaid (for interest,
foreclosure, etc.)
 
    For instance, Alice is paying off her credit card, which pays Bob a
    big 17% interest. Bob would rather not let her off early. "Nope, we
    aren't accepting TrustBucks( Carol ) this week. TrustBucks( Dave )?
    Let me see.... hmm... nope, sorry ma'am."
 
    For instance, Alice has just eaten at Le Cafe Bob, and is about to
    leave. Presented with the cybercheck, she "discovers" that she
    hasn't got anything Bob is willing to accept. "Sorry 'bout that,
    Bob. Ooh, hafta run! Bye bye."
 
 
So it seems to me that the simplest course is to allow payment in
exactly one variety, the payee's own. Bob can't credibly claim to not
trust himself.
 
You might object that the same problem is incurred anyways in
TrustBucks. If Bob refuses to trade TrustBucks( Bob ) for TrustBucks(
Carol ), isn't it the same thing as refusing TrustBucks( Carol )?
 
I think it's subtly different, though. If Bob can accept other people's
currency, he need not issue any himself. He can credibly refuse early
payment, since no TrustBucks( Bob ) even exist. If Bob can only accept
TrustBucks( Bob ), then Alice, who reports having no TrustBucks( Bob ),
can't "innocently" incur debts she finds she cannot pay.
 
 
 
 
>If the value is obscured there is still no verification of how much they
>have outstanding. So long as all of the TrustBucks are listed (with the
>amounts listed correctly but obscured), there is no way to verify that the
>claimed total is accurate unless you monitor their list before the swap and
>after it and there is only one new TrustBuck listed (with the correct
 
As I said, my mechanisms are probably suboptimal and possibly flawed.
That's why initially I presented TrustBucks without extraneous
mechanisms until that was objected to.
 
However, in this case the information that is wanted is whether a
certain note is outstanding or not. The sum of the list is not needed.
Indeed, one could have multiple lists for multiple identities. Or so it
seems to me.
 
Come to think of it, including the value doesn't do much.
 
 
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
 
iQCVAwUBMgkhuJi7GCxryNrZAQGD+wP/QuVPojsniRdqsiqSC/vnXqBp91cJIiEl
p5cyd1dKfEvMcqW0BKB0sFq3dqFh7dEBsbDZeh17gfJnQ7oBvQgXRqhEHst0UOCd
r3+tzE5jLr7OnW1fhxo1Q2529EcEJgDA23Rp/92j7WTjJEYkb1uu2v61Uo3x00j0
XpHdq2x9jhM=
=6Onp
-----END PGP SIGNATURE-----





From mch at squirrel.com  Wed Aug  7 22:39:24 1996
From: mch at squirrel.com (Mark C. Henderson)
Date: Thu, 8 Aug 1996 13:39:24 +0800
Subject: Internal Passports
In-Reply-To: <199608070259.TAA17424@toad.com>
Message-ID: <9608071707.TE12105@squirrel.com>


On Aug 6, 19:59, Bill Stewart wrote:
> Subject: Re: Internal Passports
> At 07:37 PM 8/5/96 -0700, you wrote:
> If you're _employing_ Anglos, you're currently required to disrespect their
> honesty and demand proof that their papers are in order to fill out the I-9
> form.
> There's a list of "one from column A or one from columns B and C"
> of acceptable papers, such as passports, birth certificates,
> driver's licenses, US Military ID, etc., which the government uses
>... 
> None of that is really proof of citizenship - after all, you could 
> have renounced your US citizenship and become stateless or joined 
> a foreign government.

Driver's licence and social security card are currently enough.

Before 1989 (or so, I'm not sure about the cutoff) the SSA issued 
unrestricted social security cards to people on temporary visas who 
had authorization to work for some period (e.g. students on an F-1 
visa could then work on campus - and the SSA would issue an ordinary 
unrestricted social security card). After 1989, I understand, that social 
security cards issued under these circumstances are marked "not 
valid for employment without INS documentation" or something similar. 

So, it is perfectly possible to have a social security card and a 
driver's licence without having the right to work in the U.S. The I-9 
documentation doesn't prove anything. 

I note that California requires some sort of documentation (birth 
cert, INS documentation etc.) for a new driver's licence. Don't know
about other states.  

probably related story:
This might explain why in 1994 when I was travelling back home to 
Vancouver B.C. from Europe via the states (cheap ticket), the U.S. 
immigration officer asked me "Do you have a social security number?". 
I said yes. She then asked "do you have your social security card 
with you?" I didn't have it, and said so. She asked to see my ticket 
on to Vancouver, and that was it. I thought it was weird at the time 
as I'm used to various questions, and hearing one that I didn't 
expect at least made the experience mildly interesting. 

-- 
Mark Henderson -- mch at squirrel.com, henderso at netcom.com, markh at wimsey.bc.ca
ViaCrypt PGP Key Fingerprint: 21 F6 AF 2B 6A 8A 0B E1  A1 2A 2A 06 4A D5 92 46
unstrip for Solaris, Wimsey crypto archive, TECO, computer security links,
change-sun-hostid, Sun NVRAM/hostid FAQ - http://www.squirrel.com/squirrel/





From sandfort at crl.com  Wed Aug  7 22:53:12 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Thu, 8 Aug 1996 13:53:12 +0800
Subject: CONCEALED GUN STUDY
Message-ID: <Pine.SUN.3.91.960807171805.3165A-100000@crl3.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

A list member was kind enough to send me the URL for the Chicago 
University study.  I was thoughtless enough to immediately forget
who our benefactor is.  Sorry, friend.  Anyway, the URL is:

	http://www.lib.uchicago.edu/~llou/guncont.html

Below, I have reproduced the abstract of the study.  I will read
it in detail when I can carve out some time.  


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Abstract

Using cross-sectional time-series data for U.S. counties
from 1977 to 1992, we find that allowing citizens to carry
concealed weapons deters violent crimes and it appears to
produce no increase in accidental deaths. If those states
which did not have right-to-carry concealed gun provisions
had adopted them in 1992, approximately 1,570 murders; 4,177
rapes; and over 60,000 aggravate assaults would have been
avoided yearly. On the other hand, consistent with the
notion of criminals responding to incentives, we find
criminals substituting into property crimes involving
stealth and where the probabilities of contact between the
criminal and the victim are minimal. The largest population
counties where the deterrence effect on violent crimes is
greatest are where the substitution effect into property
crimes is highest. Concealed handguns also have their
greatest deterrent effect in the highest crime counties.
Higher arrest and conviction rates consistently and
dramatically reduce the crime rate. Consistent with other
recent work (Lott, 1992b), the results imply that increasing
the arrest rate, independent of the probability of eventual
conviction, imposes a significant penalty on criminals. The
estimated annual gain from allowing concealed handguns is at
least $6.214 billion.






From JonWienk at ix.netcom.com  Wed Aug  7 23:12:41 1996
From: JonWienk at ix.netcom.com (JonWienk at ix.netcom.com)
Date: Thu, 8 Aug 1996 14:12:41 +0800
Subject: STEGO GUNS
In-Reply-To: <Pine.SUN.3.91.960807150329.28064G-100000@crl3.crl.com>
Message-ID: <199608080121.SAA20077@dfw-ix9.ix.netcom.com>



On Wed, 7 Aug 1996, Sandy Sandfort <sandfort at crl.com> wrote:
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                          SANDY SANDFORT
> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
>
>C'punks,
>
>On Thu, 8 Aug 1996, Julian Assange wrote:
>
>> Correlation != causation. What are the figures on other crimes?
>
>I'm waiting for the official study itself, but the article did
>say that the study showed a shift from violent crimes to property
>offenses.  If so, that's a trade I'll make any day.  
>
>I'll see if I can get a copy of the study when it is released.
>
>
> S a n d y
>
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In 1981, the city of Kennesaw, GA suffered 17 violent crimes and 55 burglaries. 
In 1982, Kennesaw passed an ordinance requiring all city residents to own a 
firearm, and there was only 1 violent crime and 19 burglaries. In 1983, Kennesaw 
experienced 3 violent crimes and 9 burglaries. I think that the cause-effect 
relationship is obvious.

Jonathan Wienke

"A conservative is a liberal who got mugged last night."
--Lee Rodgers

Key fingerprint =  30 F9 85 7F D2 75 4B C6  BC 79 87 3D 99 21 50 CB






From EALLENSMITH at ocelot.Rutgers.EDU  Wed Aug  7 23:13:58 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 8 Aug 1996 14:13:58 +0800
Subject: Alien life
Message-ID: <01I805OF0QJ49JD2RG@mbcl.rutgers.edu>


From:	IN%"schryver at radiks.net"  "Scott Schryvers"  7-AUG-1996 11:08:59.39

>NBC News at Sunrise has just announced the discovery of alien life on the 
>planet Mars.  The lifeform that became extinct more than 2 billion years
>ago was found as a fossil in a meteor that originated from mars and landed
>on earth.  The fossil found was a primitive germ life form.

	A: This is not cypherpunks material. I am replying to try to prevent
urban legend formation (of the UFO suppression type). B: You are quite
thoroughly misinformed, as is NBC News if it is claiming the same thing. What
have been found are some molecules, of the type known as polycyclic
hydrocarbons (same sort as makes up cholesterol, in essence), that _may_ have
been produced by a lifeform. Other, unliving chemical processes, such as
combustion under the proper conditions (see buckyballs & buckytubes), can
produce the same thing. Yes, it _may_ be from life, but we aren't certain yet.
It is most certainly not a fossil, and the type of life form that it _may_ have
come from is as yet not possible to determine.
	-Allen, Ph.D. graduate student in microbiology and molecular genetics





From alano at teleport.com  Wed Aug  7 23:14:33 1996
From: alano at teleport.com (Alan Olsen)
Date: Thu, 8 Aug 1996 14:14:33 +0800
Subject: [Noise] Mars Needs Lifeforms
Message-ID: <2.2.32.19960807201915.00b01754@mail.teleport.com>


At 05:20 AM 8/7/96 -0500, Scott Schryvers wrote:
>NBC News at Sunrise has just announced the discovery of alien life on the 
>planet Mars.  The lifeform that became extinct more than 2 billion years
>ago was found as a fossil in a meteor that originated from mars and landed
>on earth.  The fossil found was a primitive germ life form.

But did it use encryption?
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From charlee at netnet.net  Wed Aug  7 23:15:13 1996
From: charlee at netnet.net (kickboxer)
Date: Thu, 8 Aug 1996 14:15:13 +0800
Subject: your mail
Message-ID: <199608080343.WAA16449@netnet1.netnet.net>


this really is not my mail (hey, isnt this a GREAT example of a SPAM?  keep
this for reference, so you can tell what other spams look like!)
                                                                               






From ddt at lsd.com  Wed Aug  7 23:35:57 1996
From: ddt at lsd.com (Dave Del Torto)
Date: Thu, 8 Aug 1996 14:35:57 +0800
Subject: [STEGO] Your_Name in This Space
Message-ID: <v03007802ae2ebaf0056b@[194.24.161.216]>


-----BEGIN PGP SIGNED MESSAGE-----

fellow 'punks,

An artist named Zolt�n Szegedy-Masz�k is doing some interesting work for an
organiztion named "C3" (the "3" is a superscript and it's pronounced
"see-cubed") in Budapest, Hungary. C3 is an arts/culture/net.communication
organization funded by the Soros Foundation, SGI and Matav (the Hungarian
telephone company). They have a nice little Silicon Lab with an Onyx and a
few Indy's, PC and Macs, and Zoltan has a page up on one of the Indy that
demonstrates his "Cryptogram" generator:

   <http://lucida.c3.hu/cryptogram/>

This project takes ASCII text strings and converts them into 3D models by
assigning vertex coordinate values based on the ASCII codes encrypted by
what I'll call a "key model." Essentially, it's a simple 3D steganography
engine. It's rather intriguiging from a cryptographic perspective (pun
intended). Zoltan sees it as a way of transferring .wrl fies among VRML
afficionados, but also as a way of embedding messages. Definitely worth a
peek: try your own name in VRML, light sources and all. :)

Also check out C3's main site at: <http://www.c3.hu/>.

   dave

___________________________________________________________________
Cryptography is the entertainment branch of the computing industry.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv
Comment: Verbum sapienti satis est.

iQCVAwUBMgkRo6HBOF9KrwDlAQEjygP9GnnyGNPO8pIjgEnQaU//VIUh/DUANB1L
67XcAZ2dzTZ4/fGrDrTjaj/9AGH2Hx7R6szqDX5CLhP1fP+wUevBkKKvAqVoP8vU
kRWb55iX3vsHN43jS0e4npKhil+HsXD8m7+tIFXIrPBRGcE+V1nbPaQpTG7LkBbO
tFWREzxX+U8=
=P7oA
-----END PGP SIGNATURE-----







From raksha at brainlink.com  Wed Aug  7 23:37:57 1996
From: raksha at brainlink.com (It Is I Raksha Who Answer)
Date: Thu, 8 Aug 1996 14:37:57 +0800
Subject: FCPUNX:DoubleClick: Does is track browsing across multiple sites?
In-Reply-To: <199608072158.AA15664@dorsai.dorsai.org>
Message-ID: <Pine.SUN.3.91.960807192728.330B-100000@beast.brainlink.com>



On Tue, 6 Aug 1996, Anne Eisenberg wrote:

> *Does anyone know whether DoubleClick really is tracking browsing patterns
> across multiple sites?  They claim to be able to do this; is it just
> advertising hype, or does anyone have knowledge of its actually doing so?
> Many thanks.
> 
> Anne Eisenberg
> aeisenb at duke.poly.edu

Hi Anne, nice to see you again. :-)

I was involved in the setup of the DoubleClick system while contracting
out to Poppe Tyson, who are partnered with them and located in the same
building. Poppe Tyson hosts many web sites for their advertising accounts.

When I was there, they were carrying T. Rowe Price; Chrysler; Pepsi; 
Siemens; Valvoline; LensCrafters; and the list goes on. Because the two
networks are located in the same building and the two firms working
together, it is very possible for DoubleClick to be able to scan the sites 
that poppe.com supports. 

--
                                ()()()()()   "The ubiquitous cut, the
    Self possession is   ]{      |BTCOMH|-|  exotic join..." -- J. Valley
 -=======================]O\\\{O | (tm) | |  "This life I LEAD! This job I
      9/10 of the law    ]{      |______|-|  *DO*! This...ENGLAND!" -- Ray





From EALLENSMITH at ocelot.Rutgers.EDU  Wed Aug  7 23:39:16 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 8 Aug 1996 14:39:16 +0800
Subject: Washington Post -- "Block but Verify"
Message-ID: <01I80894N1WU9JD2RG@mbcl.rutgers.edu>


From:	IN%"frissell at panix.com"  "Duncan Frissell" 18-JUL-1996 06:17:23.58

>          57.  The CyberNOT list contains approximately 7000
>sites in twelve categories.  The software is designed to enable
>parents to selectively block access to any or all of the twelve
>CyberNOT categories simply by checking boxes in the Cyber Patrol
>Headquarters (the Cyber Patrol program manager).  These
>categories are:

>         Racism/Ethnic Impropriety:  Prejudice or discrimination
>          against any race or ethnic culture.  Ethnic or racist
>          jokes and slurs.  Any text that elevates one race over
>          another.

	In other words, if I say that there's something wrong with a culture
that doesn't encourage education (e.g., the "acting white" name-calling in
American lower-class black subcultures), the entire Cypherpunks list archives
would be banned by their standards by any parents who didn't want their
children seeing KKK literature? TCMay has also said things of that nature (and
I agree). This definition is way overly PC.
	-Allen





From harka at nycmetro.com  Wed Aug  7 23:45:20 1996
From: harka at nycmetro.com (harka at nycmetro.com)
Date: Thu, 8 Aug 1996 14:45:20 +0800
Subject: Corporate e-mail poli
Message-ID: <TCPSMTP.16.8.7.-12.51.0.2780269260.1222007@nycmetro.com>


 * Carbons sent to: In: jims at mpgn.com

 -=> Quoting In:jims at mpgn.com to Harka <=-

 In> The whole question comes down to this:  
 In> Is a collection of words written from an employee to another
 In> individual property of the company when it was written, edited,
 In> and transmitted by company equipment.


I think, a 'collection of words', especially when exchanged on a personal level should be regarded as 'intellectual property' and thus should be protected from outsiders.
The technical means of physically creating (i.e. writing) and transmitting the words are secondary for above all they are thoughts, that are meant to be exchanged from one mind to another. It is too natural a thing to be subjected to invasion.

Harka

... Not tonight, dear.  I have a modem.
___ Blue Wave/386 v2.30 [NR]







From adam at homeport.org  Wed Aug  7 23:52:19 1996
From: adam at homeport.org (Adam Shostack)
Date: Thu, 8 Aug 1996 14:52:19 +0800
Subject: F2 hash?
In-Reply-To: <Pine.GSO.3.93.960808011718.28847G-100000@nebula.online.ee>
Message-ID: <199608080339.WAA17283@homeport.org>


=?ISO-8859-1?Q?J=FCri_Kaljundi?= wrote:

|  Wed, 7 Aug 1996 anonymous-remailer at shell.portal.com wrote:
| 
| > F2 is a secret hash from SecurityDynamics, and is used in
| > their client software.  (Its not the hash in the cards, but
| > if anyone has a copy of that, it might be fun.)
| 
| As I have to deal with SecurID tokens in the nearest future, I would like
| to hear more opinions about these cards. IMHO a proprietary algorithm like
| used in those cards is a bad thing and I would like an open approach much
| more, I still believe SecurID OTP cards are much better then usual
| passwords.

	I happen to run a mailing list, sdadmin, for folks to talk
about SDTI technologies.  Talk to majordomo at jabberwocky.bbnplanet.com.
There are a number of cards out there.  I've been looking at
CryptoCard & SNK recently, as well as V-One's smartmouse & virtual
smart card technologies. 

	I'd be very interested in seeing the algorithims come out,
especially F2.  I have a few attacks that look very nice on paper that
I'd like to try out.

| At Defcon this year they promised to tell about some security flaws in
| SecurID tokens, anyone know more about that?

	My understanding is that the guy who was going to give the
talk had nda difficulties.  Vin?  Did you make it out?  The talk was
going to be on race conditions, denial of service attacks, and the
like.


| Personally I believe that Security Dynamics should come out with some kind
| of new systems in the nearest future, now that they own RSA.=20

This should be interesting, if they can find people to make things
happen before 2000.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From unicorn at schloss.li  Wed Aug  7 23:57:23 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Thu, 8 Aug 1996 14:57:23 +0800
Subject: Stop the presses -- Anti-terrorism bill not that bad
In-Reply-To: <199608071538.LAA08433@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.94.960807211650.23269B-100000@polaris>


On Wed, 7 Aug 1996, Perry E. Metzger wrote:

> (Oh, and by the way, Dr. Hallam-Baker -- I consider suicide, which is
> counted in the HCI "statistics" on gun deaths, to be a perfectly
> legitimate use of a weapon. Its every person's right to off themselves
> any time they like by my way of thinking, and you have no right to
> force people to live against their will any more than you have the
> right to force them into slavery.)

Concur, as long as the estate is charged the cleaning bill.

If you off yourself with a gun, please put down plastic.
It's simple, it's effective, and it's considerate.

> 
> Perry
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From ichudov at algebra.com  Wed Aug  7 23:57:53 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Thu, 8 Aug 1996 14:57:53 +0800
Subject: Anonymous Remailers at work
In-Reply-To: <9608071713.AA13368@clare.risley.aeat.co.uk>
Message-ID: <199608080410.XAA29450@manifold.algebra.com>


Peter M Allan wrote:
> > From: Bill Stewart <stewarts at ix.netcom.com>
> > I've recently run into a couple of business problems at work
> > that could be solved by (slightly modified) remailers.
> 
> > 1) Manager performance review, suggestion boxes, and questions to
> > visiting honchos - there are several departments that are using
> > "email to the secretary who'll take your name off and forward it"
> > to handle this problem.  Remailers are an obvious solution.

It is a little funny solution. What prevents me from writing five positive
performance reviews about myself, anonymizing them and sending to my boss?

What prevents someone from writing a very negative performance review
about someone else and forwarding it to their bosses (has been done
numerously:)?

A system analogous to anonymized voting may be useful in this case.
Simplified for a real-life office, it may be the following. Suppose we
have N workers. The secretary's program generates N random numbers and
publishes ONLY their SHA hash values. It also prints the numbers
themselves on separate pieces of paper. Secretary puts these pieces into
a hat so that the numbers are not visible.

Workers take one number each. Since they witness the procedure of taking
numbers they know that they have their anonymity.

Then they send the reviews of their peers to the management or publish
them in internal newsgroups, of course anonymously, attaching the 
numbers given to them for verification.

Since the list of checksums is (or may be) publicly known, there is
little way to cheat by double voting, and there is little way to find out
who wrote what.

Of course in their peer reviews workers should beware of using
cliches such as "Mr. X is a lying homosexual Sovok forger". :)

	- Igor.





From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  8 00:09:41 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 8 Aug 1996 15:09:41 +0800
Subject: Job Opportunity - Distributed Document Work
Message-ID: <01I807S4ULZ69JD2RG@mbcl.rutgers.edu>


	I can see some cryptographic implications to distributed
documents, such as the relatively obvious one of making sure your competitor
can't tap into them.
	-Allen

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message was forwarded through the Red Rock Eater News Service (RRE).
Send any replies to the original author, listed in the From: field below.
You are welcome to send the message along to others but please do not use
the "redirect" command.  For information on RRE, including instructions
for (un)subscribing, send an empty message to  rre-help at weber.ucsd.edu
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Date: Wed, 17 Jul 1996 04:04:00 PDT
From: Allan_MacLean.Cambridge at RXRC.XEROX.COM
Subject: Research Position at Rank Xerox Research Centre, Cambridge

Research Position in Distributed Document Technologies at Rank Xerox Research
Centre, Cambridge


Rank Xerox Research Centre, Cambridge Laboratory is part of an expanding
European based research centre which includes a second site in Grenoble.  The
Cambridge Laboratory carries out interdisciplinary research in the development
and use of technologies for supporting distributed organisations, with a strong
emphasis on the human and organisational aspects of technology in use.  The
laboratory has close links with a number of divisions of Xerox and Rank Xerox,
and collaborates with other research groups in the UK, continental Europe and
the US.

Our research programme (Studies of Technology, Organisations and Work) combines
social science and technical perspectives on the design of systems for use in
the workplace. Our current research projects are examining the boundaries
across which distributed document work is conducted. In formulating our
long-term research strategy we are focusing on investigating these in terms of
personal; inter- and intra- organisational; work-practice; cultural; temporal,
and geographical boundaries, and developing ways to take account of their
implications for system design.

We are seeking a research scientist to play a major role in developing new
approaches to distributed document technology from this perspective. The
appointee is likely to have a background in computer science or a related
discipline, with an understanding of distributed and collaborative
technologies. Applicants are expected to have a keen interest not only in the
infrastructural issues of distributed systems, but also in incorporating
social, organisational and psychological dimensions of work into the design and
development of novel networked systems. The appointed person will take primary
responsibility for the technological component of our programme and will join a
multi-disciplinary team involving computer science, pychology and sociology.

(Applicants for the recently advertised post in Requirements for Distributed
Services need not re-apply as they will automatically be considered for this
position.)


Informal enquiries may be made to:
   Graham Button (button at cambridge.rxrc.xerox.com), +44 1223 341500
   Allan MacLean (maclean at cambridge.rxrc.xerox.com), +44 1223 341517

Applicants should submit a Curriculum Vitae to:
   Sian Wicklow (ref. S1)
   Rank Xerox Research Centre
   61 Regent Street,
   Cambridge  CB2 1AB,
   U.K.

   wicklow at cambridge.rxrc.xerox.com
   Tel:+44 1223 341553
   Fax: +44 1223 341510

http://www.xerox.com/RXRC/






From bdolan at use.usit.net  Thu Aug  8 00:09:54 1996
From: bdolan at use.usit.net (Brad Dolan)
Date: Thu, 8 Aug 1996 15:09:54 +0800
Subject: Mena
In-Reply-To: <199608071506.PAA13182@pipe1.t1.usa.pipeline.com>
Message-ID: <Pine.SOL.3.91.960808002459.23122A-100000@use.usit.net>


Wall Street Journal, 5/3/94:

"Our sources agree ... on a number of things:  
There was most likely a CIA-sponsored Contra operation run out of Mena, 
as well as a huge parallel cocaine-smuggling operation, money laundering 
and a Justice Department coverup.  Much of this happened on Mr. Clinton's 
watch as governor."

[...]

"Mr. Clinton was asked by a state prosecutor for help to pursue the case ...
Help was promised but never arrived."

[...]

"Mena is a perplexing and difficult story.  There is a trail - tens of 
millions of dollars in cocaine profits, and we don't know where it 
leads.  It is a trail that has been blocked by the National Security 
Council."

- letter from Bill Plante, CBS News Correspondent and
              Michael Singer, Producer, CBS News



On Wed, 7 Aug 1996, John Young wrote:

>    The Washington Post, August 7, 1996, p. A6. 
>  
>  
>    CIA Probed in Alleged Arms Shipments 
>  
>       Reports Claim Agents Involved in Arkansas-Nicaragua Drug 
>       Swaps 
[...]
>  
>    Clinton has said he had nothing to do with any activities 
>    at Mena. "Mena is the darkest backwater of the right wing 
>    conspiracy industry," said White House spokesman Mark 
>    Fabiani. "The allegations are as bizarre as they are 
>    false." 
>  
>    [End] 
>  
>  
> 





From rah at shipwright.com  Thu Aug  8 00:11:01 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Thu, 8 Aug 1996 15:11:01 +0800
Subject: Mondex security
Message-ID: <v0300782fae2f173dc847@[206.119.69.46]>



--- begin forwarded text


Date: Thu, 08 Aug 1996 09:11:16 +0900
From: Yuji Sakata <sakata at open.rd.nttdata.jp>
To: www-buyinfo at allegra.att.com
Subject: Mondex security
Mime-Version: 1.0
Status: U

once,I asked you violation of Mondex security.
now ,I hear more information about this rumor.
it is very ambiguous info,
it is ..
Mondex ask some universities to try to violate Mondex IC card security
unofficialy.
and every univ can do that or show how to do that.
Mondex don't reveal this fact.
please give me some infomation about this rumor,if you know.

/// Yuji SAKATA(NTT Data Corporation)         ///
/// Voice:+81-3-5546-9571 Fax:+81-3-5546-9572 ///
/// E-mail:sakata at open.rd.nttdata.jp          ///


--- end forwarded text



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From amehta at giasdl01.vsnl.net.in  Thu Aug  8 00:11:47 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Thu, 8 Aug 1996 15:11:47 +0800
Subject: FAA to require transponders on all aircraft passengers
Message-ID: <1.5.4.32.19960808023248.002efc00@giasdl01.vsnl.net.in>


At 00:49 06/08/96 -0500, Robert A. Rosenberg wrote:

>They better hold off loading the containers with the luggage until they
>lock down/up the plane so they can verify who got on (and can pull any
>unaccompanied luggage). It is either that or unloading the plane if there
>is a missing passenger.

Many airports (e.g. Zurich) require you to identify your baggage on the way
to the plane. If somebody merely keeps watch to ensure that you don't run 
away after identifying your baggage, the system works. There are problems 
that can be solved without computers :-)

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  8 00:27:46 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 8 Aug 1996 15:27:46 +0800
Subject: South Korean ID Card
Message-ID: <01I807XIOJLY9JD2RG@mbcl.rutgers.edu>


From: Phil Agre <pagre at weber.ucsd.edu>

[I have enclosed, with the author's permission, a letter from Joohoan Kim
<sjokim at icg.stwing.upenn.edu> raising alarms about a proposed national
electronic identification card in South Korea.  JK encourages you to repost
the information where appropriate.]

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message was forwarded through the Red Rock Eater News Service (RRE).
Send any replies to the original author, listed in the From: field below.
You are welcome to send the message along to others but please do not use
the "redirect" command.  For information on RRE, including instructions
for (un)subscribing, send an empty message to  rre-help at weber.ucsd.edu
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

[I don't have the original header.]

Hi, all,

I would like to alarm you that another Big-Brother is coming with its most
ambitios dream in South Korea: The Electronic Identification Card, which
will be issued to every citizen as a mandatory within a year or so.

The Electronic Identification Card project is a part of South Korean
government's ultra-speed communication network building project. Managed by
the Ministry of Domestic Affairs, the US $413 million project is being
carried out in cooperation with the Korea Computer Institute. Once the
project is completed in 1997, every Koreans of 18 years or older will be
assigned a single integrated circuit (IC) card which will include photo
and all kinds of personal digitized information: current universal ID card
(currently every adult Korean has a photo ID issued by the Government),
driver's license, medical insurance card, national pension card, proof
of residence, and scanned fingerprints (!) among other things.
(I don't know how many "demoratic" governments are collecting fingerprints of
their whole citizens.)

DACOM, a big telecommunication company in Korea, which won the bidding
for the project, describes it as following:

"As 8,000 characters worth of information can be stored on the single
credit card-sized card, personal information needed for issuing official
documents and certificates can be accessed promptly by public offices,
institutions, companies, and banks or other organizations. The Ministry
of Domestic Affairs has announced that the new cards will be distributed
starting in January 1997. Full implementation is scheduled to be
completed by early 1998. While there are some nations in which drivers'
licenses are used in place of ID cards, this project will be the first
system in the world which combines multiple functions onto one card.
Once distribution is completed, the card will greatly boost efficiency,
saving the government US$1.3 billion and enabling it to eventually
reduce its work force by 5,000 employees."

(Quoted from: http://bora.dacom.co.kr/bora/dacom/news-clips.html)

As you can see, they have no concerns about protection of personal
information and privacy. True, they are a company making money from that
project, and probably we shouldn't expect any criticism against the Project.
The problem is, however, that almost all of the South Korean news media
are talking the same thing about it: the "efficiency" and the "convenience"
that the Electronic Identification Card might bring about.

I tried to find critical arguments against the project via a comprehensive
news data base in Korea, but I could not find any.  I also checked many web
sites of non-governmental organizations and socio-progressive groups in
Korea, but none of them have raised the issue yet. They do not seem to
realize the suspending dangers of their own privacy and human rights.
Despite obvious and serious danger in protecting personal information and
privacy , there is just no social discourse concerning the issue.

I have also checked relevant laws (especially newly approved
communication-related laws) through the database of the Korean
Government, but there seems to be no clear legal basis for the project. The
project has been mentioned only in the "10 Plans for Efficient National
Informatization," announced by the Ministry of Information and
Communication. But the City of Seoul already started to issue the Card
as a "test" in March. The Ministry of Domestic Affairs said, as they
were issuing the "test" version of the Card to 1,000 citizens, "we will
prepare relevant laws and regulations," implying that they are doing the
project "before" (and probably "above") the law.

Currently, I am writing columns and news stories for "Sisa Jouranl," the
weekly news magazine in South Korea, which decided to deal with the Card
project as a special topic as I suggested. To write a critical article
against the Project, I am starting to gather info about the similar cases,
if there is any. And I hope to hear from you about some theoretical and
practical knowledge about the similar issues; I would like to quote your
opinions in my article, if you allow me to do so.

Right after the publication of the news article, I will try to contact
various NGO's in South Korea to inform them of the importance of the issue.
And I will try to organize an anti-electronic ID Card movement in the
cyberspace, if that is necessary.

I am very happy to meet you in the cyberspace, who really concerns the
privacy issues in the computerized age.

Thank you very much.
Sincerely,
Joohan


******************************************
Joohoan Kim
Ph.D. Candidate
3620 Walnut Street
Annenberg School for Communication
University of Pennsylvania
Philadelphia, PA 19104
sjokim at icg.stwing.upenn.edu
http://www.cis.upenn.edu/~sjokim/home.html






From jamesd at echeque.com  Thu Aug  8 00:33:46 1996
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 8 Aug 1996 15:33:46 +0800
Subject: ****Tacoma, Washington Starts Taxing Internet Access 07/30/96
Message-ID: <199608080454.VAA04870@dns2.noc.best.net>


At 05:08 AM 8/7/96 GMT, Brian C. Lane wrote:
>  A slight correction. They are imposing a 6% tax on the Gross receipts of
> all Internet Providers who have customers in Tacoma. This includes AOL,
> Compu$erve, and my local favorites - aa.net and eskimo.com

So if someone has six thousand customers, one of whom is in Tacoma, they
want six percent of his gross on the other 5999 customers?
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From dlv at bwalk.dm.com  Thu Aug  8 00:35:20 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Thu, 8 Aug 1996 15:35:20 +0800
Subject: e$: Watching the MacRubble Bounce
In-Reply-To: <v03007803ae2e770bd71e@[204.179.128.38]>
Message-ID: <sBsBsD51w165w@bwalk.dm.com>


Vinnie Moscaritolo <vinnie at webstuff.apple.com> writes:
> 2) Apple is nowhere near dead, anyone who says this is either smoking
> something harsh or lives in media painted world. The same people that say
> Macs are dead are the same uneducated liberal buttheads who write in the
> San Jose Merc Pravda about how a disarmed populus is a free(h)er one.

Apple computer is dead, for all intents and purposes. It will be "officially"
dead (bankrupt) within a couple of years. Writing any sort of software for the
Mac - crypto or otherwise - is a waste of time.

> so lets all grow a little thicker skin and move on with it. while you all
> piss and moan, your rights are being stolen away, If you want to help
> crypto suceed then you have to care about Macs, just as much as windoze or
> Sun or Be or whatever platform.

Please don't waste valuable resources writing software for a dead platform.
Mac crypto software is as useless as CP/M or Apple ][ crypto software.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  8 00:36:10 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 8 Aug 1996 15:36:10 +0800
Subject: Babble about universal service
Message-ID: <01I807LCWIHW9JD2RG@mbcl.rutgers.edu>


	I wish that people (like Phil Agre, who claims to be in favor of
democracy on the Net) might get it through their heads that many - probably
most - of those already on the Net have no desire to see every redneck on the
planet on here, much less pay for the privilege of their being able to send
inane messages to us.
	-Allen

From:	IN%"rre at weber.ucsd.edu" 17-JUL-1996 23:08:46.62
From: Phil Agre <pagre at weber.ucsd.edu>

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message was forwarded through the Red Rock Eater News Service (RRE).
Send any replies to the original author, listed in the From: field below.
You are welcome to send the message along to others but please do not use
the "redirect" command.  For information on RRE, including instructions
for (un)subscribing, send an empty message to  rre-help at weber.ucsd.edu
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Date: 2 Jul 1996 17:03:29 GMT
From: rh120 at columbia.edu (Ronda Hauben)
Organization: Columbia University


Report 1

I just returned from a fascinating week in Montreal, Canada where I
attended the INET '96 conference held by the Internet Society. I will
try to write some reports about what happened at the Conference in the
next week or two as it would be good to have the online community
discuss some of the issues that were raised at the Conference.

What became clear at the conference was that this is an important 
time in the development of the Internet. People from around the 
world attended the conference and most expressed the desire that
the Internet be made available in their countries for education
and scientific and other uses. Some of the focus of the conference
was on business uses of the Internet, but it seemed that there was
a great concern among the people I spoke to that the Internet be
available for educational and scientific and government and 
community purposes, not just for business uses.

I want to start this report however, with the last talk that was
given at the conference. The final talk was to be given by Reed Hunt
of the U.S. Federal Communications Commission. He didn't attend
however, and instead the talk was given by Blair Levin, Chief of 
Staff at the FCC instea.

A version of the talk is available at the FCC www site. 

The talk was a surprise as it seemed uninformed both about the 
history and importance of the Internet and of the important public
policy considerations that need to be taken into account when making
any rules for regulating the Internet. 

At the beginning of the talk, there was the statement that Reed Hunt
was the first FCC Chairman to have a computer on his desk, but that 
he asked his staff to explain how the Internet works. So instead
of a commitment to learn about how the Internet developed and the 
significant impact it is having on the world, the speech presented
us with the glib "the Internet gives us the opportunity to change
all our communications policies."

The problem with this is that the FCC is therefore starting from
scratch, throwing out all the lessons that have helped the Internet
to grow and develop, and instead, creating its own models.

In his talk Blair Levin listed five principles. They were:

1) How can public policy promote expansion of band width?
2) What rules can we get rid of or have?
3) The concern with pricing.
4) How to make sure it reaches everyone, especially kids in schools.
5) How to make sure it reaches across the globe.

The problem with this was that it took universal service as the 4th
point, and then basically substituted access by kids in schools for
the principle of universal service.

During the talk Blair described how the NTIA (the National
Telecommunications Information Administration) had submitted an
important paper to the FCC on the issue of voice over the Internet.

This made clear that the NTIA has not submitted any paper to the FCC
on the issue of universal service, despite the fact that they held an
online hearing on several issues, including universal service and the
Internet, in November 1994 and the NTIA has done nothing to act on the
broad expression of sentiment for universal service that was expressed
during that online public meeting.

When asked about that online meeting, Blair said that the FCC knew of
the meeting. However, it seems to have had no effect on their
deliberations, or on the request of people that the FCC open up their
decision making process so that the people who are being affected by
their decisions have a means of providing input into those decisions.

In response to a question about the need for universal service Blair
responded that that was the obligation of other branches of the
U.S. government like the Department of Education.

He said this despite the fact that at the current moment the FCC is
supposedly making rules to provide for the universal service
provisions of the Telecommunications Act passed by the U.S. Congress
in Feb. 1996.

Also, he claimed to welcome submissions into their process, but when
told that it would cost over $50 to pay postage costs for a submission
since there were over 35 people who had to be served (and postage on a
minimal submission was $1.45), he said to see Kevin Werbach a lawyer
at the FCC, who had come with him. Kevin Werbach offered no means of
dealing with the high cost of making a submission.

Many people at the Internet Society Conference applauded in response
to the question about the lack of concern by the FCC for the principle
of universal service to the Internet. At the Internet Society
conference many people spoke up about the need in their countries,
whether that be Canada, or Norway, or Ghana, etc. for the Net to be
more widespread and available to the public for educational and
community purposes. Many were concerned about the lack of ability of
the so called "market forces" to provide networking access to other
than corporate or well to do users. Yet here was a talk being given in
the name of the Chairman of the regulatory body in the U.S. charged
with making the rules to provide for universal service, and the talk
was unconcerned with the important issues and problems that issue of
providing universal service to the Internet raises.

It is unfortunate that Reed Hunt didn't come to the conference and
take the challenge to learn what the real concerns of people around
the world are with regard to access to the Internet. Isolated in
Washington, with no access to him possible for most people (though
someone from one company told me that he was told to send him email
whenever he had a concern), it seems difficult for the rules process
to be able to produce any helpful outcome. There need to be open
meetings and sessions where people who are concerned with these issues
are invited to be heard and to discuss these issues with the
FCC. Instead the process is going on behind the same closed doors that
the crafting of the Telecommunications Act was created by the
U.S. Congress.

It is a tribute to the Internet Society that they did make an effort
to invite government officials like Reed Hunt to the conference.

The FCC will be setting an example for the rest of the world by the
telecommunications policy rules it creates. Will the policy be one
that recognizes that the so called "market" cannot provide the free or
low cost access to the Internet that is necessary to make such
universal service a reality? Will the rules created be based on
looking back at how time sharing and the the ARPANET and the Internet
developed so it can build on those lessons?  To have those rules be
based on firm lessons from the past and firm principles that can make
them fruitful, it is necessary that the FCC process creating those
rules be much more open than it is at present. If the FCC could learn
from the experience of the Internet and set up newsgroups and real
email access to the officials involved that would demonstrate a
commitment to a more equitable access to the Internet and to the fcc
rulemaking that is needed to make the Internet available to all. But
from the recent talk by the FCC official presented at INET '96, there
seems little indication that the need for an open process and a many
to many means of communication is recognized among those at the FCC
and thus there is even less evidence that the FCC is capable of making
rules to apply the principle of universal service to make Internet
access available to all.
 ----------------------------------------------------------------------
Michael Hauben 			Teachers College Dept. of Communication
Amateur Computerist Newsletter  http://www.columbia.edu/~hauben/acn/
WWW Music Index			http://www.columbia.edu/~hauben/music/
Netizens Netbook                http://www.columbia.edu/~hauben/netbook/
 Netizens Cyberstop






From amnesia at chardos.connix.com  Thu Aug  8 00:47:15 1996
From: amnesia at chardos.connix.com (Amnesia Anonymous Remailer)
Date: Thu, 8 Aug 1996 15:47:15 +0800
Subject: PGP public key servers are NOT useful!
In-Reply-To: <199608071637.MAA08532@jekyll.piermont.com>
Message-ID: <199608080315.XAA28868@comet.connix.com>


"Perry E. Metzger" <perry at piermont.com> writes:

> John Anonymous MacDonald writes:
> > The problem with the PGP public key servers is that
> > one has absolutely no control over what gets uploaded there in one's
> > own name.
> 
> Thats why people are supposed to use the web of trust to check the
> keys. You claim to make your key available by finger. How do you know
> that Mallet isn't switching the bits as they go down the wire to your
> correspondants? The only way to verify a key is to check known good
> signatures on it. Because of this, no security is needed on key
> storage facilities per se -- you aren't supposed to trust keys without
> signatures.
> 
> Geesh. I thought this was obvious. I guess not.
> 
> Perry

The web of trust just certifies that the key belongs to someone.  If
you'd read to the end of the message, you would have seen that I was
not complaining about the key certification process in PGP.  At issue is
NOT whether a key can be trusted to belong to someone, but whether or
not random people should be able to tag others' PGP keys with crap.

What I want to prevent is some person I dislike uploading his
signature on my key (particularly if he adds another ID to my key and
signs that).

How would you like it if I added a new ID to your key containing sort
of insult, certified that ID, and uploaded the new signature to the
key servers.  Alternatively, what if I uploaded 5 "vanity" keys in
your name to the PGP key servers.  Most software would download one
key, fail to certify the signature, and therefore not allow someone to
communicate with you even if that person could have verified your real
key.

I don't understand what the purpose of a centralized key server is,
when the owner of a public key should be the one to control what
certificates and tags are given out with his/her PGP key.






From roger at coelacanth.com  Thu Aug  8 00:48:05 1996
From: roger at coelacanth.com (Roger Williams)
Date: Thu, 8 Aug 1996 15:48:05 +0800
Subject: Wee Beasties on Mars [NOISE]
In-Reply-To: <v02140b02ae2ebc31d032@[204.179.131.165]>
Message-ID: <rogerafw6ockb.fsf@sturgeon.coelacanth.com>


>>>>> Jim McCoy <mccoy at communities.com> writes:

  > ... the most interesting fallout of this will be in
  > the creationism/evolution debate.  

Perhaps, but I doubt it.

  > It seems that life may have
  > been independantly generated at multiple locations, barring a
  > "space seed" debate flaring up again, and the "impossible odds"
  > argument has become pretty weak...

I doubt if it weakens the Creationists' stand, though.  After all, if
God created life on Earth, she could have created it anywhere else she
wanted, without having to ask permission of the inhabitants of the
"third rock from the sun".  [As you're no doubt aware, this has been,
in part, the premise of several moderately-successful SF novels.]

ObCrypto?  Are you kidding -- cryptogamology, maybe...

-- 
Roger Williams                         finger me for my PGP public key
Coelacanth Engineering        consulting & turnkey product development
Middleborough, MA           wireless * DSP-based instrumentation * ATE
tel +1 508 947-8049 * fax +1 508 947-9118 * http://www.coelacanth.com/






From sam at wwa.com  Thu Aug  8 00:50:28 1996
From: sam at wwa.com (Scott Marquardt)
Date: Thu, 8 Aug 1996 15:50:28 +0800
Subject: DoubleClick: Does is track browsing across multiple sites?
Message-ID: <01BB849E.E98494E0@pool12-010.wwa.com>


Yo, some bozo subsribed me to this thing. Who's the administrator? I want off (no offense; I'm sure it's an interesting forum, but I don't like being mail-bombed by way of forgery). Whoever administers this thing, I'd be glad of a copy of the headers on the message that subscribed me.

Thanks --

Scott Marquardt






From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  8 00:57:18 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 8 Aug 1996 15:57:18 +0800
Subject: New domains, Internic, etcetera
Message-ID: <01I809WUXS5S9JD2US@mbcl.rutgers.edu>


	Given previous discussion on here about Internic and their policies,
the below URLs may be of interest:

http://www.iiia.org/lists/newdom/
ftp://ietf.cnri.reston.va.us/internet-drafts/draft-postel-iana-itld-admin-01.txt

	The former is the list archive for a list discussing getting more
internet domains & equivalents of Internic.
	-Allen





From dlv at bwalk.dm.com  Thu Aug  8 01:11:20 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Thu, 8 Aug 1996 16:11:20 +0800
Subject: Internal Passports
In-Reply-To: <Pine.SV4.3.91.960807181525.13468G-100000@larry.infi.net>
Message-ID: <1XsBsD52w165w@bwalk.dm.com>


Alan Horowitz <alanh at infi.net> writes:

> You can act through a corportion; if you are using it as a true "alter
> ego", it will be put aside by the courts and you will be assessed back
> taxes, interest, and penalties. The employer will also.
>
> If the person who pays you, has the _right_ (exercised or not) to tell
> you how to do the work.... you are his employee. This is a summary, but a
> good one.

Alan, if you have access to Usenet, check out the draft misc.jobs.*
conventional wisdom FAQ that I posted a few days ago... It's probably
unexpired in sci.research.careers at most sites. Look for the 'IRS 20
questions'.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From stewarts at ix.netcom.com  Thu Aug  8 01:13:36 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 8 Aug 1996 16:13:36 +0800
Subject: Public report of the EU crack.
Message-ID: <199608080520.WAA29193@toad.com>


>Hallam-Baker wrote:
>>I consider the political dimension of this affair to 
>>be more significant that the technical. This brings the
>>US and the French into the same category of anti-crypto
>>government with a habit of poking its nose into other
>>people business and getting caught.

Phill - do you know if the French ever got caught actively
breaking computers or telecomm equipment outside their country,
or have they only been hit for eavesdropping and breakins
on their subjects and foreigners within their boundaries?
It seems like the US government, if they really did this,
has gone a step beyond even France's level of tackiness,
as well as exceeding the "legitimate needs of law enforcement"
that Louis Freeh has been ranting about.  Is this some campaign
to reinforce Clinton's call for protecting the National Information
Infrastructure, or have they decided that voluntary key escrow
is too slow so they'll steal what they can now?

The technically interesting part is just that there are bugs
in routers and SNMP can be used to attack them.  We've seen
bugs before, and we've seen bugs used to bug people.


At 02:20 PM 8/5/96 -0700, drose at AZStarNet.com (David M. Rose) wrote:

>>
>>		Phill
>
>Say what?  John Young I can understand; this blather?
>
>Att: "Doc" Baker/Mr. Hyde, err, Hallam: any rudimentary text on
>diction/grammer/syntax might be helpful to you.
>
>Sheesh!  At least Sternlight seemed to be acquainted with the English language.
>

David - It's good form, if you _must_ flame people's spelling and
grammar on the net, to spell grammar correctly.
Understanding grammar well enough to recognize correct English
when you see it is a fine point mainly noticed by people whose
abilities run beyond the capability of running a spellchecker;
Phill's is fine (except a missing 's), if lacking JYA's obscure poetic touch.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From jimbell at pacifier.com  Thu Aug  8 01:37:15 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 8 Aug 1996 16:37:15 +0800
Subject: STEGO GUNS
Message-ID: <199608080544.WAA20087@mail.pacifier.com>


At 07:28 AM 8/8/96 +1000, Julian Assange wrote:

>> 
>> 	The nationwide study [from the University of
>> 	Chicago] found that violent crime fell after
>> 	states made it legal to carry concealed handguns:
>> 	*   Homicide, down 8.5%.
>> 	*   Rape, down 5%.
>> 	*   Aggravated assault, down 7%.
>> 	...
>> 	The drop isn't primarily caused by people 
>> 	defending themselves with guns, says John Lott,
>> 	the study's author.  Rather, criminals seem to 
>> 	alter their behavior to avoid coming into contact
>> 	with a person who might have a gun.

>Correlation != causation. What are the figures on other crimes? I
>presume they would have to have gone up, since the criminal element has
>been deprived of it's "revenue" in this manner. Perhaps they simply
>didn't have time for killing, raping and assulting; being too busy
>lugging around their legally concealed handguns and pointing them at
>shop-keepers.

I think this is relevant, albeit in an indirect way, to cypherpunks.  We're 
all familiar with some of the various ways that government tries to justify 
intrusion based on arguments which look superficially plausible.  The 
nationwide 55 mph speed limit is one, which was first supported based on the 
claim that it saved gas, but later the justification changed to saving 
lives.  Yet recently studies have shown an actual decrease in accidents in 
states which raised the speed limit.  

The other big correlation (which turns out to be an anti-correlation!) is 
the idea that allowing people to carry concealed handguns leads to greater 
numbers of deaths.  By this study, that claim is shown to be false as well.

The reason this is all relevant is that cryptography is currently under 
attack by the US government, under the guise of ITAR, with the implicit 
claim that the availability of good crypto will somehow help "terrorists, 
drug dealers, child pornographers, and Jim Bell"  (oops!  sorry about that 
one...)

We, on the other hand, recognize that the advent of good cryptography will 
protect us far more than it might arguably harm us.  All of us on CP 
(except, probably, Sternlight) would gladly accept a world where 
unrestricted crypto is ubiquitous.

By showing previous examples of how government makes false claims and 
misuses (or ignores) statistics to support its actions, we can challenge any 
presumptions it makes regarding crypto.


Jim Bell
jimbell at pacifier.com





From tcmay at got.net  Thu Aug  8 01:48:15 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 8 Aug 1996 16:48:15 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <ae2ed55000021004bcce@[205.199.118.202]>



Cypherpunks make the news again.

I'm watching the LA NBC news channel, and they report that the Oregon "look
up any license plate" Web site is causing a flap. Though apparently legal,
the critics admit, the Governor wants the material removed.

(Sounds like a good time to mirror it on some other sites, pronto!)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jya at pipeline.com  Thu Aug  8 02:34:11 1996
From: jya at pipeline.com (John Young)
Date: Thu, 8 Aug 1996 17:34:11 +0800
Subject: Tim's Mac Tales
Message-ID: <199608072350.XAA09867@pipe6.t1.usa.pipeline.com>


Finger your delete key: 
 
 
What caught my eye in Tim's remarks about Apple was his continued use of
Macs. Why was that enticing? 
 
 
It has to do with what hard-headed physicists know about hardware that
soft-headed coders don't. 
 
 
So my curiosity: does Tim know Intel intel that we don't know, and can't
tell it? More generally, do chip physicists know what crypto coders don't,
about the covert features of those world-pervasive chips inside? 
 
 
Would Tim tell, could Tim disclose intel, what the world doesn't know about
Intel, about what Intel's hard-headed Moore, the immigrant physicist,
whispers in utmost secrecy to Microsoft's soft-headed Gates, the
American-way coder? Is soft-hearted OS code the front for cold-hearted
hardware spying? 
 
 
Maybe the most that Tim can tell without exposing Intel is that Tim uses
Macs. 
 
 
Still, is Motorola more trustworthy than Intel, and if so, for whom? What
do Apple insiders know that the world needs to know about the deals of
Intel insiders, are they working with inside the Beltwayers, gobbling
world-markets, gobbling intel chip by chip? Is Motorola doing the same with
its adorable cellulars and satellites and boards and hardware galore, using
benign code to conceal hardware malice? 
 
 
Dreamy, maybe, but hard-hearted Tellers did it to the Oppenheimers, and
everyone knows that physicists truly enjoy playing dice with God. 
 
 
(Hold on, Tim, this is the way I write after thirty years of grinding out
grim technical reports.) 
 





From grafolog at netcom.com  Thu Aug  8 02:48:56 1996
From: grafolog at netcom.com (jonathon)
Date: Thu, 8 Aug 1996 17:48:56 +0800
Subject: STEGO GUNS
In-Reply-To: <199608080121.SAA20077@dfw-ix9.ix.netcom.com>
Message-ID: <Pine.SUN.3.95.960808070140.18519C-100000@netcom4>


On Wed, 7 Aug 1996 JonWienk at ix.netcom.com wrote:

> In 1981, the city of Kennesaw, GA suffered 17 violent crimes and 55 
> burglaries. 
> In 1982, Kennesaw passed an ordinance requiring all city residents to own a 

	Said ordinance being passed, as a protest against Elk Grove, IL
	passing an orinance, banning handguns.  Anybody know when Elk
	Grove revoked their ordinance?  Crime went down for six months
	there [ Elk Grove ] after the ban was passed, then it went up
	--- far surpassing previous crime levels, for all types of
	crime. 

        xan

        jonathon
        grafolog at netcom.com



	Illiterate: adj.  Inability to read write or speak five 
	or fewer languages.
	Funksioneel Ongeleerd:  a.  Die wat kon nee elf or meer tale 
	lees, skryf and gesprek. 







From deviant at pooh-corner.com  Thu Aug  8 02:52:00 1996
From: deviant at pooh-corner.com (The Deviant)
Date: Thu, 8 Aug 1996 17:52:00 +0800
Subject: Internal Passports
In-Reply-To: <9608071707.TE12105@squirrel.com>
Message-ID: <Pine.LNX.3.94.960808070101.346A-100000@switch.sp.org>


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 7 Aug 1996, Mark C. Henderson wrote:
> 
> I note that California requires some sort of documentation (birth 
> cert, INS documentation etc.) for a new driver's licence. Don't know
> about other states.  
> 

Hrmm... North Carolina requires 2 forms of ID, which can be an older
Driver's license, a SS card, a military ID, a birth certificate, or
(you'll love this one)...   "A filled in job application"... It doesn't
even have to be signed by the company, or any of that shit.  I can walk
over to RatShack, ask for an application, fill it out as "J. E. Hoover",
and its a valid form of ID at the DMV.

> probably related story:
> This might explain why in 1994 when I was travelling back home to 
> Vancouver B.C. from Europe via the states (cheap ticket), the U.S. 
> immigration officer asked me "Do you have a social security number?". 
> I said yes. She then asked "do you have your social security card 
> with you?" I didn't have it, and said so. She asked to see my ticket 
> on to Vancouver, and that was it. I thought it was weird at the time 
> as I'm used to various questions, and hearing one that I didn't 
> expect at least made the experience mildly interesting. 
> 

Hrmm.. that is a bit odd, isn't it?

 --Deviant
THE MAGIC WORDS ARE SQUEAMISH OSSIFRAGE


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgmRsDAJap8fyDMVAQEZiAf/UFv/5SyUbKbz/L9/kz/qRKfp5ba/31wE
O29E7NTV7uDayVjr8ofiZ70PRk7HWM1hqnalHGywO+W4eM3g5GfBa/m13Pqg0Lhm
9SOGMPiZSjALyhBfGkxOm8pMt7ex9X6VyQaS+ogyRyjLXfR0XzngIe21SOrfntn0
JWCk/SzsZ8G0ouP/u1CzbXcgE2YVoXR2diK6o9rE0NKVFmr3lyC2HrP2ECoqXVaG
y+IZrpD0Zz5p6Bp4nMT0Pn+8+u9fH/Sse5VtbHqTmDKDIZm7NtQiHG6cZUcyYCyR
5oLT1vPCSYT1dax3/Ym8jUnNmLDk87ZoWJ15EQOFJopHEsjKRsb8ww==
=aDJy
-----END PGP SIGNATURE-----






From tcmay at got.net  Thu Aug  8 03:04:09 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 8 Aug 1996 18:04:09 +0800
Subject: Tim's Mac Tales
Message-ID: <ae2ed87a020210047b34@[205.199.118.202]>


At 11:50 PM 8/7/96, John Young wrote:

>What caught my eye in Tim's remarks about Apple was his continued use of
>Macs. Why was that enticing?

I have no idea why it would be enticing, inasmuch as I've covered this a
bunch of times. Though John is asking this as a joke, I'll pretend he's
serious. At least for a few paragraphs.

>It has to do with what hard-headed physicists know about hardware that
>soft-headed coders don't.

Amongst other things, an _operating system_ is not the same as a _CPU_. The
Macintosh OS happens to run, for historical reasons, on Motorola
processors, and DOS happens to run, for historical reasons, on Intel
processors. Other operatings systems, such as Unix, tend to run on various
processors.

Had history evolved slightly differently, a DOS-like OS could have been
dominant on Motorola CPUs, a Macintosh-like OS could have been dominant on
Intel CPUs (indeed, many would say this is what Windows 3.x and later are),
and so forth. Quibblers may jump in with the usual religious arguments
about segmented architectures, the orthogonality of the 68000 instruction
set, etc., but these points are tangential to the simple decisions about
Seattle Computer and Microsoft coming up with a CP/M-like OS for Intel
processors, and Apple committing to the Motorola family. (And recall that
windowing systems _did_ exist for the Intel CPU even back in the 80s...Unix
systems, including Sun's OS, ran on Intel CPUs.)

As several of my messages over the years have explained, including the one
sent out yesterday, the Macintosh visual metaphor was the closest to the
LISP machine I had been using while at Intel. I did buy an IBM PC in '83
(and an S-100 Sol in '78), running DOS. I even bought Windows 1.0, a truly,
totally, completely awful product! (Steve Ballmer of Microsoft admitted as
much in his interview on "Revenge of the Nerds.")

I looked closely at the Lisa in '83, but it was too expensive. The
Macintosh in '84 was priced better, but also lacked a few key things. But
by the time the Mac Plus arrived, I was ready to buy. That the CPU was a
$40 chip from Motorola rather than a $40 chip from Intel was not even a
consideration. (Intel bought Macs to do various graphics arts things, just
as I'm sure Motorola bought PCs to do various things.)

>
>So my curiosity: does Tim know Intel intel that we don't know, and can't
>tell it? More generally, do chip physicists know what crypto coders don't,
>about the covert features of those world-pervasive chips inside?

>
>Would Tim tell, could Tim disclose intel, what the world doesn't know about
>Intel, about what Intel's hard-headed Moore, the immigrant physicist,
>whispers in utmost secrecy to Microsoft's soft-headed Gates, the
>American-way coder? Is soft-hearted OS code the front for cold-hearted
>hardware spying?

I'm having my usual problems trying to parse this? Is this some sort of
rhyme, a la "a horse is a horse of course"?

Gordon Moore is not an immigrant physicist, not even an immigrant into
California. He was born about 40 miles north of where I now live.


>Maybe the most that Tim can tell without exposing Intel is that Tim uses
>Macs.

Indeed, I use Macs because Intel chips have those special NSA instructions
in them, like the Cray did. (Funny, we haven't had this thread here that I
can recall...it used to be a staple of sci.crypt in the late 80s.)

>
>(Hold on, Tim, this is the way I write after thirty years of grinding out
>grim technical reports.)
>

I suspected as much, John. Your TRs must be doozies. (TRP, he of The Whole
Sick Crew, used to hide from his officemates by placing a large sheet of
blueprint paper over his head as he did engineering drawing work at
Boeing.)

--Tyrone Slothrope







From deviant at pooh-corner.com  Thu Aug  8 03:07:38 1996
From: deviant at pooh-corner.com (The Deviant)
Date: Thu, 8 Aug 1996 18:07:38 +0800
Subject: Wee Beasties on Mars [NOISE]
In-Reply-To: <rogerafw6ockb.fsf@sturgeon.coelacanth.com>
Message-ID: <Pine.LNX.3.94.960808071954.346B-100000@switch.sp.org>


-----BEGIN PGP SIGNED MESSAGE-----

On 7 Aug 1996, Roger Williams wrote:
> 
> I doubt if it weakens the Creationists' stand, though.  After all, if
> God created life on Earth, she could have created it anywhere else she
> wanted, without having to ask permission of the inhabitants of the
> "third rock from the sun".  [As you're no doubt aware, this has been,
> in part, the premise of several moderately-successful SF novels.]
> 

But, on the other hand, it _could_ be used to strengthen the Evolution
argument (which has been scientificly proven, so its not really an
argument).  If carbon can randomly be arranged here, why not on Mars?
Same process, different rock.

Personally, I can't see why some people refuse to accept that the to
"theories" could very easily fit together... i.e. "God" made the world,
and let the puzzle solve itself. (of course, this is assuming there is a
"God", but...

 --Deviant
        "Evil does seek to maintain power by suppressing the truth."
        "Or by misleading the innocent."
                -- Spock and McCoy, "And The Children Shall Lead",
                   stardate 5029.5.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgmV+DAJap8fyDMVAQF8Hwf+IbwmZaTXqogQAyGEgr0CjbeAfdl7HZBW
0XMKizZeMEu6IRW1Gh18hQLJYL7DuiJg//ymTAkIJFjPByiwhOe26pkgMAdtw632
wwWuWMI9h+X20U9vKvxtvjjKz2PScWJqiOC1kZex+V2qXdYuW2EF7oE+VYwl57dY
cCtk10yUaHuwYMk6jZMMTY5KeF13u+NX2zLrpKRAa//gXNcaNtzOfHJhSaTzoR1D
/cnej5j6E5pLRKolgyGLc0jZAyGMWS8t+QYWcVg6PHA1au12rmwdc2po7WoQnNyQ
DbD+6PZrKAKOTnwiU4ytqgMQFnfRcVaxzB48MPn+TipaCPKl990hQg==
=2h24
-----END PGP SIGNATURE-----






From bryce at digicash.com  Thu Aug  8 03:12:13 1996
From: bryce at digicash.com (bryce at digicash.com)
Date: Thu, 8 Aug 1996 18:12:13 +0800
Subject: Scientists discover evidence of life on Macs!
Message-ID: <199608080807.KAA23561@digicash.com>



-----BEGIN PGP SIGNED MESSAGE-----

Okay, I'll stop.


Bryce



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2

iQB1AwUBMgmgKUjbHy8sKZitAQGH+AMAgUBwBqkZCbHw21xUwiarJe+Gzo+7yDqs
gvX0Tos+/YdMSjl2fMbV8480qvbTz+r6izqh8y6D4Fv0sbM12PCUq2AoeJo35naI
GWNV3yybBj2N0YsuOmvhQvcE/lDyVesF
=kx/N
-----END PGP SIGNATURE-----





From alano at teleport.com  Thu Aug  8 03:17:41 1996
From: alano at teleport.com (Alan)
Date: Thu, 8 Aug 1996 18:17:41 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <ae2ed55000021004bcce@[205.199.118.202]>
Message-ID: <Pine.SUN.3.92.960808002142.18399B-100000@linda.teleport.com>


On Wed, 7 Aug 1996, Timothy C. May wrote:

> Cypherpunks make the news again.
>
> I'm watching the LA NBC news channel, and they report that the Oregon "look
> up any license plate" Web site is causing a flap. Though apparently legal,
> the critics admit, the Governor wants the material removed.

It also hit the front page of the Oregonian (Portland's most stogy
newspaper).  They had a quote from the person who put up the page claiming
his reasons behind it was "that he did not like all those anonymous drivers
out there able to act however they wanted".

It will be interesting to see the state come out on the side of all those
anonymous drivers.







From tcmay at got.net  Thu Aug  8 03:23:38 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 8 Aug 1996 18:23:38 +0800
Subject: ****Tacoma, Washington Starts Taxing Internet Access
Message-ID: <ae2ed788010210044257@[205.199.118.202]>


At 8:05 PM 8/7/96, James A. Donald wrote:
>At 05:08 AM 8/7/96 GMT, Brian C. Lane wrote:
>>  A slight correction. They are imposing a 6% tax on the Gross receipts of
>> all Internet Providers who have customers in Tacoma. This includes AOL,
>> Compu$erve, and my local favorites - aa.net and eskimo.com
>
>So if someone has six thousand customers, one of whom is in Tacoma, they
>want six percent of his gross on the other 5999 customers?

...and California wants 8.25%, Virgina wants 7.5%, ....., France wants 37%,
Iraq wants it all, and Singapore wants it shut down.

This is the flip side of regulatory arbitrage, I guess.

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jwz at netscape.com  Thu Aug  8 03:44:08 1996
From: jwz at netscape.com (Jamie Zawinski)
Date: Thu, 8 Aug 1996 18:44:08 +0800
Subject: e$: Watching the MacRubble Bounce
In-Reply-To: <v03007803ae2e770bd71e@[204.179.128.38]>
Message-ID: <3209A1D4.7566@netscape.com>


Dr.Dimitri Vulis KOTM wrote:
> 
> Apple computer is dead, for all intents and purposes. It will be "officially"
> dead (bankrupt) within a couple of years. Writing any sort of software for the
> Mac - crypto or otherwise - is a waste of time.

If you accept that, then doesn't that make writing crypto software for
any Unix platform *even more* of a waste of time?  Because last time I
checked, there were way more Macs on mom-and-pop's desks than Unix
machines, counting *all* vendors.

Even if Apple folded *tomorrow*, those machines wouldn't vaporize.
If you put easy-to-use strong crypto on a significant fraction of
those desks six months from now, your work could easily have a lifetime
of a year and a half even in your worst case scenario.

(PS, I haven't used a Mac since 1985, so that's not why I say this.)


-- 
Jamie Zawinski    jwz at netscape.com   http://www.netscape.com/people/jwz/
``A signature isn't a return address, it is the ASCII equivalent of a
  black velvet clown painting; it's a rectangle of carets surrounding
  a quote from a literary giant of weeniedom like Heinlein or Dr. Who.''
                                                         -- Chris Maeda





From rp at rpini.com  Thu Aug  8 03:46:23 1996
From: rp at rpini.com (Remo Pini)
Date: Thu, 8 Aug 1996 18:46:23 +0800
Subject: CryptoCD
Message-ID: <32099C37.4A15@rpini.com>


If your interested in the upcoming CryptoCD, check out:
http://www.rpini.com/crypto/cryptocd.html
If you'll get one, once it's finished, mail to:
mailto:cryptocd at rpini.com
<hr>
see you,
remo pini





From jk at stallion.ee  Thu Aug  8 03:56:54 1996
From: jk at stallion.ee (=?ISO-8859-1?Q?J=FCri_Kaljundi?=)
Date: Thu, 8 Aug 1996 18:56:54 +0800
Subject: F2 hash?
In-Reply-To: <199608080339.WAA17283@homeport.org>
Message-ID: <Pine.GSO.3.93.960808112837.12351D-100000@nebula.online.ee>


 Wed, 7 Aug 1996, Adam Shostack wrote:

> J�ri Kaljundi wrote:
> 
> | At Defcon this year they promised to tell about some security flaws in
> | SecurID tokens, anyone know more about that?
> 
> 	My understanding is that the guy who was going to give the
> talk had nda difficulties.  Vin?  Did you make it out?  The talk was
> going to be on race conditions, denial of service attacks, and the
> like.

This is something that seems to be a little problematic to me. Considering
the 3-minute time slot, it seems fairly easy to somehow block the SecurID
server at the time a user is sending his username/passcode, steal that
information and allow a malicious user to enter that information into the
server. Or have I misunderstood some security aspects?

J�ri Kaljundi
AS Stallion
jk at stallion.ee






From dlv at bwalk.dm.com  Thu Aug  8 07:07:33 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Thu, 8 Aug 1996 22:07:33 +0800
Subject: e$: Watching the MacRubble Bounce
In-Reply-To: <3209A1D4.7566@netscape.com>
Message-ID: <N90BsD55w165w@bwalk.dm.com>


Jamie Zawinski <jwz at netscape.com> writes:
> Dr.Dimitri Vulis KOTM wrote:
> >
> > Apple computer is dead, for all intents and purposes. It will be "officiall
> > dead (bankrupt) within a couple of years. Writing any sort of software for
> > Mac - crypto or otherwise - is a waste of time.
>
> If you accept that, then doesn't that make writing crypto software for
> any Unix platform *even more* of a waste of time?  Because last time I
> checked, there were way more Macs on mom-and-pop's desks than Unix
> machines, counting *all* vendors.

Irrelevant. Unix boxes are multi-user.

> Even if Apple folded *tomorrow*, those machines wouldn't vaporize.
> If you put easy-to-use strong crypto on a significant fraction of
> those desks six months from now, your work could easily have a lifetime
> of a year and a half even in your worst case scenario.

Scenario 1: writing a multi-platform comm program with strong crypto, and
including a Mac port (like Mac PGP, or clients for various tcp/ip protocols)
is only a minor waste of time.

Scenario 2: writing an encrypted filesystem for the Mac is a minor waste.

Scenario 3: Writing a comm program that lets Macs talk to each other with
no consideration that some Mac users may wish to talk to other platform
(or any other Mac-only software) is a major waste of time.

Of course, Apple is pushing #3. They're worse than Microsoft.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From jk at stallion.ee  Thu Aug  8 07:34:09 1996
From: jk at stallion.ee (=?ISO-8859-1?Q?J=FCri_Kaljundi?=)
Date: Thu, 8 Aug 1996 22:34:09 +0800
Subject: F2 hash?
In-Reply-To: <199608081150.GAA18566@homeport.org>
Message-ID: <Pine.GSO.3.93.960808141621.22194A-100000@nebula.online.ee>


 Thu, 8 Aug 1996, Adam Shostack wrote:

> This doesn't work as of version 1.3(?) and later.  There is a time
> delay before the 'ok' message is sent by the server.  If it gets two
> correct login attempts in the delay period (1-5 seconds, default 2),
> it assumes an attack is underway and rejects them both.

Yes but what if you are able to block the correct user and only the bad
boy gets a chance to log in? Shouldn't be so hard thing to do.

J�ri Kaljundi
AS Stallion
jk at stallion.ee






From adam at homeport.org  Thu Aug  8 08:48:00 1996
From: adam at homeport.org (Adam Shostack)
Date: Thu, 8 Aug 1996 23:48:00 +0800
Subject: F2 hash?
In-Reply-To: <Pine.GSO.3.93.960808112837.12351D-100000@nebula.online.ee>
Message-ID: <199608081150.GAA18566@homeport.org>


This doesn't work as of version 1.3(?) and later.  There is a time
delay before the 'ok' message is sent by the server.  If it gets two
correct login attempts in the delay period (1-5 seconds, default 2),
it assumes an attack is underway and rejects them both.

Adam


=?ISO-8859-1?Q?J=FCri_Kaljundi?= wrote:
|  Wed, 7 Aug 1996, Adam Shostack wrote:
| > J=FCri Kaljundi wrote:

| > | At Defcon this year they promised to tell about some security flaws in
| > | SecurID tokens, anyone know more about that?

| > =09My understanding is that the guy who was going to give the
| > talk had nda difficulties.  Vin?  Did you make it out?  The talk was
| > going to be on race conditions, denial of service attacks, and the
| > like.
| 
| This is something that seems to be a little problematic to me. Considering
| the 3-minute time slot, it seems fairly easy to somehow block the SecurID
| server at the time a user is sending his username/passcode, steal that
| information and allow a malicious user to enter that information into the
| server. Or have I misunderstood some security aspects?
| 
| J=FCri Kaljundi
| AS Stallion
| jk at stallion.ee



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From declan at eff.org  Thu Aug  8 09:01:51 1996
From: declan at eff.org (Declan McCullagh)
Date: Fri, 9 Aug 1996 00:01:51 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <ae2ed55000021004bcce@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.960808055257.29528C-100000@eff.org>


Looks like we're a little late. However, we can still grab the tape from 
Oregon's DMV for $220. It would be an interesting excercise to try to get 
these tapes from each state with similar provisions and put them all 
online.

Anyone want to donate server space?

-Declan


http://www.spiritone.com/cgi-bin/plates

   Service has been temporarily suspended.
   Don't panic, I just want to think about the situation for a while.    
   Stay tuned. --Aaron

---

   There is a very real chance that it will be turned off. That's becuase
   all of the people who hate it call the TV and Radio stations, the DMV,
   and their elected representitives. All of the people who love it send
   me email. As much as I appreciate hearing from all of you, sending me
   email doesn't let anyone else know how you feel. If you want to keep
   this service going, make your voices heard.



On Wed, 7 Aug 1996, Timothy C. May wrote:

> 
> Cypherpunks make the news again.
> 
> I'm watching the LA NBC news channel, and they report that the Oregon "look
> up any license plate" Web site is causing a flap. Though apparently legal,
> the critics admit, the Governor wants the material removed.
> 
> (Sounds like a good time to mirror it on some other sites, pronto!)
> 
> --Tim May
> 
> Boycott "Big Brother Inside" software!
> We got computers, we're tapping phone lines, we know that that ain't allowed.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
> Licensed Ontologist         | black markets, collapse of governments.
> "National borders aren't even speed bumps on the information superhighway."
> 
> 
> 
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From declan at eff.org  Thu Aug  8 10:02:33 1996
From: declan at eff.org (Declan McCullagh)
Date: Fri, 9 Aug 1996 01:02:33 +0800
Subject: Babble about universal service
In-Reply-To: <01I807LCWIHW9JD2RG@mbcl.rutgers.edu>
Message-ID: <Pine.SUN.3.91.960808053450.29528B-100000@eff.org>


I also wonder why universal service is such a Good Thing. It also, 
unfortunately, is on the agendas for the G-7-type meetings of information 
ministers from participating countries. http://www.eff.org/~declan/global/

(My objections to universal service are perhaps not surprising. It
devolves more power into the hands of the DC bureaucrats such as the FCC,
and provides a slippery slope on which we can slide down towards more and
more government regulation. By concentrating regulatory authority in the
Federal government, it also makes decisions more subsceptible to
special-interest lobbying and political patronage. But I recall Ronda has
been arguing for universal service for some time now, including on the
netizens mailing list.)

-Declan



On Wed, 7 Aug 1996, E. ALLEN SMITH wrote:

> 	I wish that people (like Phil Agre, who claims to be in favor of
> democracy on the Net) might get it through their heads that many - probably
> most - of those already on the Net have no desire to see every redneck on the
> planet on here, much less pay for the privilege of their being able to send
> inane messages to us.
> 	-Allen
> 
> From:	IN%"rre at weber.ucsd.edu" 17-JUL-1996 23:08:46.62
> From: Phil Agre <pagre at weber.ucsd.edu>
> 
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> This message was forwarded through the Red Rock Eater News Service (RRE).
> Send any replies to the original author, listed in the From: field below.
> You are welcome to send the message along to others but please do not use
> the "redirect" command.  For information on RRE, including instructions
> for (un)subscribing, send an empty message to  rre-help at weber.ucsd.edu
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> 
> Date: 2 Jul 1996 17:03:29 GMT
> From: rh120 at columbia.edu (Ronda Hauben)
> Organization: Columbia University
> 
> 
> Report 1
> 
> I just returned from a fascinating week in Montreal, Canada where I
> attended the INET '96 conference held by the Internet Society. I will
> try to write some reports about what happened at the Conference in the
> next week or two as it would be good to have the online community
> discuss some of the issues that were raised at the Conference.
> 
> What became clear at the conference was that this is an important 
> time in the development of the Internet. People from around the 
> world attended the conference and most expressed the desire that
> the Internet be made available in their countries for education
> and scientific and other uses. Some of the focus of the conference
> was on business uses of the Internet, but it seemed that there was
> a great concern among the people I spoke to that the Internet be
> available for educational and scientific and government and 
> community purposes, not just for business uses.
> 
> I want to start this report however, with the last talk that was
> given at the conference. The final talk was to be given by Reed Hunt
> of the U.S. Federal Communications Commission. He didn't attend
> however, and instead the talk was given by Blair Levin, Chief of 
> Staff at the FCC instea.
> 
> A version of the talk is available at the FCC www site. 
> 
> The talk was a surprise as it seemed uninformed both about the 
> history and importance of the Internet and of the important public
> policy considerations that need to be taken into account when making
> any rules for regulating the Internet. 
> 
> At the beginning of the talk, there was the statement that Reed Hunt
> was the first FCC Chairman to have a computer on his desk, but that 
> he asked his staff to explain how the Internet works. So instead
> of a commitment to learn about how the Internet developed and the 
> significant impact it is having on the world, the speech presented
> us with the glib "the Internet gives us the opportunity to change
> all our communications policies."
> 
> The problem with this is that the FCC is therefore starting from
> scratch, throwing out all the lessons that have helped the Internet
> to grow and develop, and instead, creating its own models.
> 
> In his talk Blair Levin listed five principles. They were:
> 
> 1) How can public policy promote expansion of band width?
> 2) What rules can we get rid of or have?
> 3) The concern with pricing.
> 4) How to make sure it reaches everyone, especially kids in schools.
> 5) How to make sure it reaches across the globe.
> 
> The problem with this was that it took universal service as the 4th
> point, and then basically substituted access by kids in schools for
> the principle of universal service.
> 
> During the talk Blair described how the NTIA (the National
> Telecommunications Information Administration) had submitted an
> important paper to the FCC on the issue of voice over the Internet.
> 
> This made clear that the NTIA has not submitted any paper to the FCC
> on the issue of universal service, despite the fact that they held an
> online hearing on several issues, including universal service and the
> Internet, in November 1994 and the NTIA has done nothing to act on the
> broad expression of sentiment for universal service that was expressed
> during that online public meeting.
> 
> When asked about that online meeting, Blair said that the FCC knew of
> the meeting. However, it seems to have had no effect on their
> deliberations, or on the request of people that the FCC open up their
> decision making process so that the people who are being affected by
> their decisions have a means of providing input into those decisions.
> 
> In response to a question about the need for universal service Blair
> responded that that was the obligation of other branches of the
> U.S. government like the Department of Education.
> 
> He said this despite the fact that at the current moment the FCC is
> supposedly making rules to provide for the universal service
> provisions of the Telecommunications Act passed by the U.S. Congress
> in Feb. 1996.
> 
> Also, he claimed to welcome submissions into their process, but when
> told that it would cost over $50 to pay postage costs for a submission
> since there were over 35 people who had to be served (and postage on a
> minimal submission was $1.45), he said to see Kevin Werbach a lawyer
> at the FCC, who had come with him. Kevin Werbach offered no means of
> dealing with the high cost of making a submission.
> 
> Many people at the Internet Society Conference applauded in response
> to the question about the lack of concern by the FCC for the principle
> of universal service to the Internet. At the Internet Society
> conference many people spoke up about the need in their countries,
> whether that be Canada, or Norway, or Ghana, etc. for the Net to be
> more widespread and available to the public for educational and
> community purposes. Many were concerned about the lack of ability of
> the so called "market forces" to provide networking access to other
> than corporate or well to do users. Yet here was a talk being given in
> the name of the Chairman of the regulatory body in the U.S. charged
> with making the rules to provide for universal service, and the talk
> was unconcerned with the important issues and problems that issue of
> providing universal service to the Internet raises.
> 
> It is unfortunate that Reed Hunt didn't come to the conference and
> take the challenge to learn what the real concerns of people around
> the world are with regard to access to the Internet. Isolated in
> Washington, with no access to him possible for most people (though
> someone from one company told me that he was told to send him email
> whenever he had a concern), it seems difficult for the rules process
> to be able to produce any helpful outcome. There need to be open
> meetings and sessions where people who are concerned with these issues
> are invited to be heard and to discuss these issues with the
> FCC. Instead the process is going on behind the same closed doors that
> the crafting of the Telecommunications Act was created by the
> U.S. Congress.
> 
> It is a tribute to the Internet Society that they did make an effort
> to invite government officials like Reed Hunt to the conference.
> 
> The FCC will be setting an example for the rest of the world by the
> telecommunications policy rules it creates. Will the policy be one
> that recognizes that the so called "market" cannot provide the free or
> low cost access to the Internet that is necessary to make such
> universal service a reality? Will the rules created be based on
> looking back at how time sharing and the the ARPANET and the Internet
> developed so it can build on those lessons?  To have those rules be
> based on firm lessons from the past and firm principles that can make
> them fruitful, it is necessary that the FCC process creating those
> rules be much more open than it is at present. If the FCC could learn
> from the experience of the Internet and set up newsgroups and real
> email access to the officials involved that would demonstrate a
> commitment to a more equitable access to the Internet and to the fcc
> rulemaking that is needed to make the Internet available to all. But
> from the recent talk by the FCC official presented at INET '96, there
> seems little indication that the need for an open process and a many
> to many means of communication is recognized among those at the FCC
> and thus there is even less evidence that the FCC is capable of making
> rules to apply the principle of universal service to make Internet
> access available to all.
>  ----------------------------------------------------------------------
> Michael Hauben 			Teachers College Dept. of Communication
> Amateur Computerist Newsletter  http://www.columbia.edu/~hauben/acn/
> WWW Music Index			http://www.columbia.edu/~hauben/music/
> Netizens Netbook                http://www.columbia.edu/~hauben/netbook/
>  Netizens Cyberstop
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From reagle at rpcp.mit.edu  Thu Aug  8 10:03:43 1996
From: reagle at rpcp.mit.edu (Joseph M. Reagle Jr.)
Date: Fri, 9 Aug 1996 01:03:43 +0800
Subject: ****CyberWatch Security With Face Recognition 08/07/96
Message-ID: <9608081407.AA01011@rpcp.mit.edu>



  	  				 
WELLESLEY, MASSACHUSETTS, U.S.A., 1996 AUG 7 (NB) -- By Bob Woods.  
A person's face may become much more valuable than providing good 
looks to everyone who sees him or her. That's because Miros Inc. 
has developed a new software product that uses face recognition 
to access secured areas on a network. 

Miros' "TrueFace CyberWatch" is described as the first product of its  
kind that controls access to secured data by using facial lines. The 
technology is based on neural networks technology invented by Miros 
President Michael Kuperstein and the company's Dr. James Kottas, 
and developed at the Massachusetts Institute of Technology (MIT). 

Variability of people's faces is overcome in determining whether an  
actual face is the same or different than a face image that was 
previously stored. 

TrueFace CyberWatch uses Miros' software and a small video camera on  
top of the computer monitor to verify computer users when they 
try to access protected data. TrueFace "snaps" a picture of the current 
computer operator and compares it to images in a database of authorized 
users. Continued spot checks are taken to ensure the same user is 
at the computer. 

Some of the information that can be protected includes medical,  
financial, criminal, or military records, officials said. The system 
requires no training, is fast to use, and cannot be fooled by holding 
up a photo of a person. 

This technology has been used in other situations, including the  
securing of buildings or special areas, officials said. 

TrueFace CyberWatch is compatible with PC client/server standards and  
can be used alone or with other security programs, officials said. 

The client runs on Windows 95 and Windows NT operating systems, and  
costs $199. A bundle package, which includes a Connectix camera and 
the software, is priced at $298. Both products will be shipping 
within the next two months, officials said. 

(19960807/Press Contact: Christine Sheroff, Sheroff & Associates,  
508-435-3306) 
  	   	





From sbryan at maroon.tc.umn.edu  Thu Aug  8 10:20:45 1996
From: sbryan at maroon.tc.umn.edu (Steve Bryan)
Date: Fri, 9 Aug 1996 01:20:45 +0800
Subject: e$: Watching the MacRubble Bounce
In-Reply-To: <v03007803ae2e770bd71e@[204.179.128.38]>
Message-ID: <v03007800ae2fa2da571a@[202.1.1.5]>


>Apple computer is dead, for all intents and purposes. It will be "officially"
>dead (bankrupt) within a couple of years. Writing any sort of software for the
>Mac - crypto or otherwise - is a waste of time.

Considering the fact that exactly this sort of advice has been offerred and
has been wrong for over a decade, why should this oracular statement be any
more accurate? Note that there is excellent crypto software available for
the Mac (CryptDisk, PGPFone, and MacPGP for example). Vinnie's effort is a
welcome attempt to arrange the "plumbing" so that crypto software is even
more accessible on the most accessible OS. Sniping from the cheap seats is
the last thing he should have to endure.







From ceridwyn at wolfenet.com  Thu Aug  8 11:21:34 1996
From: ceridwyn at wolfenet.com (Cerridwyn Llewyellyn)
Date: Fri, 9 Aug 1996 02:21:34 +0800
Subject: F2 hash?
Message-ID: <2.2.32.19960808143045.006ce858@gonzo.wolfenet.com>



>| At Defcon this year they promised to tell about some security flaws in
>| SecurID tokens, anyone know more about that?
>
>	My understanding is that the guy who was going to give the
>talk had nda difficulties.  Vin?  Did you make it out?  The talk was
>going to be on race conditions, denial of service attacks, and the
>like.

According to Mudge (who gave the talk), he *was* going to speak specifically
on SecurID, but they were harassing him or something, and was afraid of a
libel suit if he spoke on it.  Instead, he chose to speak on S/Key flaws,
many of which are the same as SecurID flaws.  All of the attacks were on
the stupidity of the implementations and protocols, not on the cryptographic
algorithms.   Some stuff can be found at http://www.l0pht.com/~mudge .
//cerridwyn//






From jimbell at pacifier.com  Thu Aug  8 11:51:11 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 9 Aug 1996 02:51:11 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <199608081508.IAA11479@mail.pacifier.com>


At 11:16 PM 8/7/96 -0700, Timothy C. May wrote:
>
>Cypherpunks make the news again.
>
>I'm watching the LA NBC news channel, and they report that the Oregon "look
>up any license plate" Web site is causing a flap. Though apparently legal,
>the critics admit, the Governor wants the material removed.
>
>(Sounds like a good time to mirror it on some other sites, pronto!)
>
>--Tim May

No rush, Tim.  I've got the whole thing on CDROM.  In fact, the person who 
put the thing on the net got the data from me...through a friend.  I bought 
it from a person who's been selling CDROM's of this data for a couple of 
years.  The most recent revision (and the one that's on the 'net) is about 4 
months old.  

So far, what's been put on the net is merely the "license plate # to 
address" lookup.  We also have the "name to address" data...


Jim Bell
jimbell at pacifier.com





From alexf at iss.net  Thu Aug  8 12:05:46 1996
From: alexf at iss.net (Alex F)
Date: Fri, 9 Aug 1996 03:05:46 +0800
Subject: A Global Village, or the future of porn on the net
Message-ID: <199608081530.LAA21406@phoenix.iss.net>


> At 10:00 24/07/96 +0000, Alex F wrote:

> Java classes for males and females corresponding to VRML
> objects. The class methods might include kissing, hugging,
> spanking, restraining...
> 
> A female object might be  initialized with Hillary Clinton's face, Evangelista's
> body... 

The thing is that most people who are into this stuff would probably 
view VRML graphics as too primitive to hold their interest for the 
sake of "stimulation."  I would suspect that the people who would end 
up getting involved in putting Hillary/Evangelista in, ummm, 
compromising positions would probably do it for the humor value (not 
that the censor mongers won't have a fit over this anyway).  When 
your CPU becomes the bottleneck in net connections and not the actual 
bandwidth, *then* some people might decide to spend the time 
rendering such things.  However, w/ the state of things today I have 
yet to see a totally realistic looking rendering.  You can usually 
tell a photo from a rendering.
 

> many pornographic stories on Usenet, it won't be long before
> famous personalities
> routinely get violated in cyberspace. Talk about copyright: do
> you have the right
> to prevent someone from doing this to you?
> 

I suppose slander would be some recourse, or you could copyright your 
likeness and use copyright violations as well.  Many TV/Movie stars 
do this.

Alex F
=-=-=-=-=-=-=-=-=-=-=-=-=-
Alex F    alexf at iss.net
Marketing Specialist
Internet Security Systems
=-=-=-=-=-=-=-=-=-=-=-=-=-





From pclow at pc.jaring.my  Thu Aug  8 12:08:35 1996
From: pclow at pc.jaring.my (peng-chiew low)
Date: Fri, 9 Aug 1996 03:08:35 +0800
Subject: F2 hash?
In-Reply-To: <2.2.32.19960808142120.006c075c@gonzo.wolfenet.com>
Message-ID: <320A1A48.5A93@pc.jaring.my>


Cerridwyn Llewyellyn wrote:

> Have you seen Mudge's white paper on S/Key?  

Any ideas how I can get my hands on this paper?

Thanks.





From joelm at eskimo.com  Thu Aug  8 12:16:58 1996
From: joelm at eskimo.com (Joel McNamara)
Date: Fri, 9 Aug 1996 03:16:58 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <199608081523.IAA15512@mail.eskimo.com>


Not all states (Washington and California, for example) will sell their DMV
lists.

There is a gentleman that goes by the handle of Bootleg, that does sell
CD-ROM versions of said listings (my guess where the Web site got the data
from).  Last heard, he had Oregon, Texas, and Florida.  Oregon was the
bargain around $220, Florida and Texas were about $500.

Try 503-325-0861 for voice (don't know if that's still current).  He may be
on the Net, but I don't have an address.

Joel

At 05:57 AM 8/8/96 -0700, Declan McCullagh wrote:
>Looks like we're a little late. However, we can still grab the tape from 
>Oregon's DMV for $220. It would be an interesting excercise to try to get 
>these tapes from each state with similar provisions and put them all 
>online.
>
>Anyone want to donate server space?
>
>-Declan
>
>
>http://www.spiritone.com/cgi-bin/plates
>
>   Service has been temporarily suspended.
>   Don't panic, I just want to think about the situation for a while.    
>   Stay tuned. --Aaron
>
>---
>
>   There is a very real chance that it will be turned off. That's becuase
>   all of the people who hate it call the TV and Radio stations, the DMV,
>   and their elected representitives. All of the people who love it send
>   me email. As much as I appreciate hearing from all of you, sending me
>   email doesn't let anyone else know how you feel. If you want to keep
>   this service going, make your voices heard.
>
>
>
>On Wed, 7 Aug 1996, Timothy C. May wrote:
>
>> 
>> Cypherpunks make the news again.
>> 
>> I'm watching the LA NBC news channel, and they report that the Oregon "look
>> up any license plate" Web site is causing a flap. Though apparently legal,
>> the critics admit, the Governor wants the material removed.
>> 
>> (Sounds like a good time to mirror it on some other sites, pronto!)
>> 
>> --Tim May
>> 
>> Boycott "Big Brother Inside" software!
>> We got computers, we're tapping phone lines, we know that that ain't allowed.
>> ---------:---------:---------:---------:---------:---------:---------:----
>> Timothy C. May              | Crypto Anarchy: encryption, digital money,
>> tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
>> W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
>> Licensed Ontologist         | black markets, collapse of governments.
>> "National borders aren't even speed bumps on the information superhighway."
>> 
>> 
>> 
>> 
>
>
>// declan at eff.org // I do not represent the EFF // declan at well.com //
>
>
>
>






From rah at shipwright.com  Thu Aug  8 12:24:21 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Fri, 9 Aug 1996 03:24:21 +0800
Subject: Babble about universal service
In-Reply-To: <01I807LCWIHW9JD2RG@mbcl.rutgers.edu>
Message-ID: <v03007800ae2fb873cef2@[206.119.69.46]>


> I also wonder why universal service is such a Good Thing. It also,
> unfortunately, is on the agendas for the G-7-type meetings of information
> ministers from participating countries. http://www.eff.org/~declan/global/

My thinking on this is, fine. Let them do it. It'll be like a python trying
to eat a water buffalo. One which grows exponentially upon being eaten.

To paraphrase Kipling,

Kaa-blooie!

:-).

Cheers,
Bob Hettinga



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From minow at apple.com  Thu Aug  8 12:30:16 1996
From: minow at apple.com (Martin Minow)
Date: Fri, 9 Aug 1996 03:30:16 +0800
Subject: e$: Watching the MacRubble Bounce
In-Reply-To: <3209A1D4.7566@netscape.com>
Message-ID: <v03007802ae2fbc0d6cdf@[17.219.102.169]>


> Dr.Dimitri Vulis KOTM wrote:
>Scenario 3: Writing a comm program that lets Macs talk to each other with
>no consideration that some Mac users may wish to talk to other platform
>(or any other Mac-only software) is a major waste of time.
>
>Of course, Apple is pushing #3. They're worse than Microsoft.
>

Actually, we're not "pushing" this, we shipped it last year. It's available
for all Macintosh (that have enough memory) computers in System 7.5.3
at no additional cost.

For cypherpunks, it has two limitations:

-- It requires a mutually-trusted nameserver.
-- It is limited to 40-bit encryption to comply with ITAR.
-- A version that does not encrypt the data channel is provided
   for countries with crypto import restrictions.

On the other hand, it preserves authentication and is protected
against replay attacks. The API's are published (and we provide
sample code), so "any" Mac application can use the protocols to
talk to "any" other application.

Martin Minow
minow at apple.com








From svmcguir at syr.edu  Thu Aug  8 13:33:48 1996
From: svmcguir at syr.edu (Scott McGuire)
Date: Fri, 9 Aug 1996 04:33:48 +0800
Subject: appropriate algorithm for application
In-Reply-To: <3208DD65.237C228A@systemics.com>
Message-ID: <ML-2.2.839513101.7349.scott@homebox.>


> Cerridwyn Llewyellyn wrote:
> > 
> > I need an algorithm/protocol that is capable of encrypting numerous
> > files with separate keys, but there also needs to be a master key
> > that will be able to decrypt all of them.  Is there such a system
> > that is relatively secure?  I'd prefer the system to be as secure
> > as possible, but in this application, security is secondary to
> > functionality.  Thanks... //cerridwyn//
> 
> Are you after a working program, or just a design?
> 
> You could always use an escrowed public key generator (discussed on
> sci.crypt some time ago), where the keys all have a factor of 'N'
> embedded in 'N', but encrypted with the master key.
> 
> (I'd be prepared to write the code that generates the keys, if
> someone does the "master decrypt" side of things).
> 
> Gary
> --
> pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
> Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
> ^S
> ^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T
> 
> 

Why not just encrypt the files with regular, single key encryption and only use
the public-key encryption on a master file holding a copy of all the individual
keys?  This would be faster right?

Scott






From perry at piermont.com  Thu Aug  8 14:01:41 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 9 Aug 1996 05:01:41 +0800
Subject: PGP public key servers are NOT useful!
In-Reply-To: <199608080452.AAA08047@comet.connix.com>
Message-ID: <199608081351.JAA14923@jekyll.piermont.com>



Amnesia Anonymous Remailer writes:
> The web of trust just certifies that the key belongs to someone.  If
> you'd read to the end of the message, you would have seen that I was
> not complaining about the key certification process in PGP.  At issue is
> NOT whether a key can be trusted to belong to someone, but whether or
> not random people should be able to tag others' PGP keys with crap.

You still don't get it, do you?

It doesn't matter what random idiots tag onto your key so long as
there is no trust path between the user of the key and the idiot who
tagged stuff on. If someone signs "grand wizard of the KKK" onto your
key, what do you care if no one trusts the signator who attached the
crap?

> What I want to prevent is some person I dislike uploading his
> signature on my key (particularly if he adds another ID to my key and
> signs that).

Why do you care?

> How would you like it if I added a new ID to your key containing sort
> of insult, certified that ID, and uploaded the new signature to the
> key servers.

I wouldn't give a flying rat's buttocks, because unless the signatures
are widely trusted the information is noise.

Perry





From sandfort at crl.com  Thu Aug  8 14:12:44 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Fri, 9 Aug 1996 05:12:44 +0800
Subject: ****CyberWatch Security With Face Recognition 08/07/96
In-Reply-To: <9608081407.AA01011@rpcp.mit.edu>
Message-ID: <Pine.SUN.3.91.960808083741.14499I-100000@crl5.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 8 Aug 1996, Joseph M. Reagle Jr. wrote:

> TrueFace CyberWatch uses Miros' software and a small video
> camera on top of the computer monitor to verify computer users
> when they try to access protected data. TrueFace "snaps" a
> picture of the current computer operator and compares it to
> images in a database of authorized users. Continued spot checks
> are taken to ensure the same user is at the computer...and
> cannot be fooled by holding up a photo of a person. 
 
How about substituting a video tape of an authorized user for 
the camera input?  (Hey, it worked on the old Mission Impossible
show and a whole slew of movies.)


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From nobody at REPLAY.COM  Thu Aug  8 14:13:31 1996
From: nobody at REPLAY.COM (Anonymous)
Date: Fri, 9 Aug 1996 05:13:31 +0800
Subject: Thank you.
Message-ID: <199608081616.SAA01670@basement.replay.com>


I forgot the name of the person who wrote the patches
to the Linux kernel for stego.

They work perfectly, and I had no problems setting it up.

Many thanks.






From ceridwyn at wolfenet.com  Thu Aug  8 14:32:53 1996
From: ceridwyn at wolfenet.com (Cerridwyn Llewyellyn)
Date: Fri, 9 Aug 1996 05:32:53 +0800
Subject: F2 hash?
Message-ID: <2.2.32.19960808142120.006c075c@gonzo.wolfenet.com>


At 01:27 AM 8/8/96 +0300, you wrote:

>As I have to deal with SecurID tokens in the nearest future, I would like
>to hear more opinions about these cards. IMHO a proprietary algorithm like
>used in those cards is a bad thing and I would like an open approach much
>more, I still believe SecurID OTP cards are much better then usual
>passwords.
>
>At Defcon this year they promised to tell about some security flaws in
>SecurID tokens, anyone know more about that?
>
>Personally I believe that Security Dynamics should come out with some kind
>of new systems in the nearest future, now that they own RSA. 

Have you seen Mudge's white paper on S/Key?  It isn't specifically regarding
SecurID, but many of the flaws he discusses are fundamental to the nature of
both S/Key and SecurID (and other OTP schemes), so apply to SecurID as
well...   
//cerridwyn//






From jfricker at vertexgroup.com  Thu Aug  8 14:58:59 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Fri, 9 Aug 1996 05:58:59 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <2.2.32.19960808154452.00c70514@vertexgroup.com>


Have bandwidth, will travel.

Server space available here. www.vertexgroup.com/dmv/ is good to go.
Database front ends a speciality.






At 05:57 AM 8/8/96 -0700, Declan McCullagh wrote:
>Looks like we're a little late. However, we can still grab the tape from 
>Oregon's DMV for $220. It would be an interesting excercise to try to get 
>these tapes from each state with similar provisions and put them all 
>online.
>
>Anyone want to donate server space?
>
>-Declan
>
>
>http://www.spiritone.com/cgi-bin/plates
>
>   Service has been temporarily suspended.
>   Don't panic, I just want to think about the situation for a while.    
>   Stay tuned. --Aaron
>
>---
>
>   There is a very real chance that it will be turned off. That's becuase
>   all of the people who hate it call the TV and Radio stations, the DMV,
>   and their elected representitives. All of the people who love it send
>   me email. As much as I appreciate hearing from all of you, sending me
>   email doesn't let anyone else know how you feel. If you want to keep
>   this service going, make your voices heard.
>
>
>
>On Wed, 7 Aug 1996, Timothy C. May wrote:
>
>> 
>> Cypherpunks make the news again.
>> 
>> I'm watching the LA NBC news channel, and they report that the Oregon "look
>> up any license plate" Web site is causing a flap. Though apparently legal,
>> the critics admit, the Governor wants the material removed.
>> 
>> (Sounds like a good time to mirror it on some other sites, pronto!)
>> 
>> --Tim May
>> 
>> Boycott "Big Brother Inside" software!
>> We got computers, we're tapping phone lines, we know that that ain't allowed.
>> ---------:---------:---------:---------:---------:---------:---------:----
>> Timothy C. May              | Crypto Anarchy: encryption, digital money,
>> tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
>> W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
>> Licensed Ontologist         | black markets, collapse of governments.
>> "National borders aren't even speed bumps on the information superhighway."
>> 
>> 
>> 
>> 
>
>
>// declan at eff.org // I do not represent the EFF // declan at well.com //
>
>
>






From byrd at acm.org  Thu Aug  8 15:13:40 1996
From: byrd at acm.org (Jim Byrd)
Date: Fri, 9 Aug 1996 06:13:40 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <2.2.32.19960808174142.006cb648@super.zippo.com>


This appeared on AP today:
-------
PORTLAND, Ore. (AP) - A computer consultant who put a
      state list of motor vehicle records on the Internet
      suspended access to the site today after he was
      bombarded by complaints the service invaded people's
      privacy. 






From pgut001 at cs.auckland.ac.nz  Thu Aug  8 15:19:08 1996
From: pgut001 at cs.auckland.ac.nz (pgut001 at cs.auckland.ac.nz)
Date: Fri, 9 Aug 1996 06:19:08 +0800
Subject: An SSL implementation weakness?
Message-ID: <83952437618205@cs26.cs.auckland.ac.nz>


The following weakness seems very obvious, I've got a partial writeup of this 
but before I turn it into a paper or something and arrange a demonstration of 
how it would work I thought I'd check to make sure (a) someone else hasn't 
mentioned it before, and (b) it is actually possible (it seems too simple to 
be true):
 
1. Using DNS spoofing, stage a hostile takeover of an address (for example 
   using bogus referrals set yourself up as the delegated server for a DNS 
   subtree).
2. Get a Verisign certificate for an arbitrary company and set up a bogus site 
   at the stolen address.
 
Lets say you steal www.megafoobarcorp.com.  People connect to this site (which 
is actually your bogus site), Netscape (for example) displays the blue line 
and non-broken key (which is actually for your J.Random certificate rather 
than the real megafoobarcorp one) to show the connection is secure, and you've 
just subverted their site.  
 
The problem is that unless the user on the client side checks their 
certificates (which noone does), all they're told is "A secure link is 
established", not who the secure link is established to.  Even if browsers did 
pop up a dialog to tell them who the secured connection was to, after about 
the third time people would click on the "Never show this incredibly annoying 
dialog again" option and never look at it again.     
 
This effectively reduces an attack on an SSL-enabled server to an attack on 
the DNS.  Is this as simple as it seems, and is it worth doing a writeup on?
 
Peter.






From warrior at tateonline.com  Thu Aug  8 17:34:52 1996
From: warrior at tateonline.com (Warrior)
Date: Fri, 9 Aug 1996 08:34:52 +0800
Subject: AOL crashes and burns
Message-ID: <199608082016.PAA26169@ford.socomm.net>


Great news, eh?






From svmcguir at syr.edu  Thu Aug  8 18:09:31 1996
From: svmcguir at syr.edu (Scott McGuire)
Date: Fri, 9 Aug 1996 09:09:31 +0800
Subject: appropriate algorithm for application
In-Reply-To: <320A29E7.13728473@systemics.com>
Message-ID: <ML-2.2.839536845.7349.scott@homebox.>


-----BEGIN PGP SIGNED MESSAGE-----

>Scott McGuire wrote
>>

... stuff deleted ...

>>
>> 
>> Why not just encrypt the files with regular, single key encryption and only
use
>> the public-key encryption on a master file holding a copy of all the
individual
>> keys?  This would be faster right?
>
>The main reason is so that anyone can generate new keys as and when
>they please. The master key is not required for key generation, which
>makes it more secure (ie. it spends more of its time in the safe) and
>practical (the master key may be in a different building).
>
>Gary
>--
>pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
>Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
>^S
>^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T

If the master file (or say master directory with one keyfile for each
encrypted file) is encrypted with public key encryption, than anyone with the
master public key can add a new encrypted file key but only the person with
the master private key can remove one of those keys.

Now that I think about it, this is like having each user encrypt their file
with a conventional key and sending a PGP encrypted message with the key they
used to the maintainer of the master file.  Of course if you don't trust the
users to give up a copy of the key, you would need to automate the procedure.

Scott

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv

iQCVAwUBMgpQiN7xoXfnt4lpAQEBfwQAuHXSGhgWXr1S7gEKWH9iygLlSrioGjoz
/4+kqXKW/Q1ygDub0W3Tdr54uHaltAD8V/uk539i2ToTA0HQwaQ/jQq4eyRWrASl
bW1e5VWkJrKOm3J1qDSfIcoD7ACygwMb2Fxmp1w0GQ5uOOwjH8bow7YGMVPZKa/C
pDLIbjT36bM=
=18an
-----END PGP SIGNATURE-----






From nobody at zifi.genetics.utah.edu  Thu Aug  8 18:11:52 1996
From: nobody at zifi.genetics.utah.edu (Anonymous)
Date: Fri, 9 Aug 1996 09:11:52 +0800
Subject: Freedom vs. US-Citizens
Message-ID: <199608081847.MAA13959@zifi.genetics.utah.edu>


http://www.yahoo.com/headlines/960808/news/stories/crashpoll_1.html

Thursday August 8 1:14 PM EDT 

Terrorism Fears Prompt Support for Limits

LOS ANGELES (Reuter) - Most U.S. citizens are willing to give up some civil liberties in order to fight terrorism, according to a poll published Thursday. 

A nationwide survey conducted by the Los Angeles Times after the explosion of TWA Flight 800 and the bombing at Atlanta's Centennial Olympic Park also
showed that Americans favored economic sanctions over military action against countries involved in terrorism. 

It found that 65 percent of those surveyed were somewhat or very concerned that the fight against terrorism could bring restrictions on civil liberties but 58 percent
said they would be willing to give up some liberties to help curb terrorism. 

Government and aviation officials have indicated that increased security measures at airports around the country could mean more thorough and time-consuming
inspections of luggage, questioning of travelers and higher fares. 

Of those polled, 66 percent said they strongly favoured more secure airports, even at such costs, while 17 percent said they ``somewhat favoured'' such measures. 

Asked what action, in addition to trying those individuals responsible, the United States should take if the TWA crash is linked to another country, 40 percent
favoured economic sanctions against that nation, 14 percent opted for military action, 10 percent thought both should be used and 8 percent thought no action
should be taken apart from a trial. 

The telephone survey of 1,572 adults was conducted from Aug. 3 through Aug. 6 and had a margin of error of plus or minus three percentage points. 






From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  8 18:15:03 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 9 Aug 1996 09:15:03 +0800
Subject: Anonymous Remailers at work
Message-ID: <01I81GCO6IQ49JD3GI@mbcl.rutgers.edu>


	I've been trying to encourage the scientific ethics people to have an
email address for tips + information about using anonymous remailers. As can be
seen by the first part (lack of an email address), I haven't gotten very far as
yet...
	-Allen





From richieb at teleport.com  Thu Aug  8 18:41:55 1996
From: richieb at teleport.com (Rich Burroughs)
Date: Fri, 9 Aug 1996 09:41:55 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <Pine.SUN.3.91.960808055257.29528C-100000@eff.org>
Message-ID: <Pine.SUN.3.92.960808094648.21717A-100000@linda.teleport.com>


On Thu, 8 Aug 1996, Declan McCullagh wrote:

> Looks like we're a little late. However, we can still grab the tape from
> Oregon's DMV for $220. It would be an interesting excercise to try to get
> these tapes from each state with similar provisions and put them all
> online.

This information has been available in Oregon for at least a couple of
years on CD.  I've always been concerned about the privacy implications of
that service -- perhaps that's the upside of this story?  That people do
give a rat's ass about their privacy?

I do think that the information should be able to be disseminated on the
Net as long as it's legal.


Rich
______________________________________________________________________
Rich Burroughs  richieb at teleport.com  http://www.teleport.com/~richieb
See my Blue Ribbon Page at http://www.teleport.com/~richieb/blueribbon
New EF zine "cause for alarm" - http://www.teleport.com/~richieb/cause






From David.K.Merriman at toad.com  Thu Aug  8 19:00:06 1996
From: David.K.Merriman at toad.com (David.K.Merriman at toad.com)
Date: Fri, 9 Aug 1996 10:00:06 +0800
Subject: PGP Mailer for the masses ?
Message-ID: <199608081721.KAA17992@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com, provos at wserver.physnet.uni-hamburg.de
Date: Thu Aug 08 12:20:42 1996
> Hi!
> 
> Due to the possibility of governments prohibiting strong cryptography
> the idea to provide an easy to use mailer with addressbook
> and pgp functions arose on the german krypto mailinglist. The availabilty
> of an easy to use product would greatly enhance the use of cryptography
> on the internet and thus getting us nearer to the point of noreturn,
>  that
> is the point where a prohibtion of cryptography is not any longer
> possible.
> 

I can testify to the integration and effectiveness of Pronto Secure 
(Windows version), which I've changed over to from Eudora Pro. As near as I 
can tell, PGP interface is seamless. Don't know if that's what you're 
looking for.

Dave Merriman

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome, encouraged, and PREFERRED. Visit my web
site at         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
I use Pronto Secure (tm) PGP-fluent Email software for Windows
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMglrIsVrTvyYOzAZAQEXIgP/eGi+VScrDU4laIc9HHRjBTGG09Et8yHb
tPpXzQrvNsmmLsKqDxstUYm8K5UrmBAO0yBARueVuees4wH8zd5gh42kDjbkWa7g
owR5ivjX6BEzAw4m07XlFSrhkCG+Or+/By0AM36y5G6gkgTcHBv8wj1pN+IZLPxY
INbU+SmIikA=
=RMrj
-----END PGP SIGNATURE-----






From ichudov at algebra.com  Thu Aug  8 19:19:43 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Fri, 9 Aug 1996 10:19:43 +0800
Subject: An SSL implementation weakness?
In-Reply-To: <83952437618205@cs26.cs.auckland.ac.nz>
Message-ID: <199608082324.SAA05497@manifold.algebra.com>


pgut001 at cs.auckland.ac.nz wrote:
>  
> Lets say you steal www.megafoobarcorp.com.  People connect to this site (which 
> is actually your bogus site), Netscape (for example) displays the blue line 
> and non-broken key (which is actually for your J.Random certificate rather 
> than the real megafoobarcorp one) to show the connection is secure, and you've 
> just subverted their site.  
>  
> The problem is that unless the user on the client side checks their 
> certificates (which noone does), all they're told is "A secure link is 
> established", not who the secure link is established to.  Even if browsers did 
> pop up a dialog to tell them who the secured connection was to, after about 
> the third time people would click on the "Never show this incredibly annoying 
> dialog again" option and never look at it again.     
>  
> This effectively reduces an attack on an SSL-enabled server to an attack on 
> the DNS.  Is this as simple as it seems, and is it worth doing a writeup on?

I do not know much about how SSL works, but SSH (Secure Shell) has
a nice safety built in. It creates  a database of known hosts and
for each connection it matches the current host certificate (public
key) with the old public key from the ssh's database of known
hosts. If the keys mismatch, a warning is issued.

It actually works. Maybe the same logic should be used in SSL?

	- Igor.





From nozefngr at mail.apple.com  Thu Aug  8 19:21:03 1996
From: nozefngr at mail.apple.com (CTH)
Date: Fri, 9 Aug 1996 10:21:03 +0800
Subject: Basic Unix Hacking
Message-ID: <199608082320.QAA17952@scv2.apple.com>



Is there a way to get a .plan file to execute shell script when
it is read by finger??

I'm sure this is an old question, but it seems there must
be a way.

echo \"date\"  or some damn thing that will execute as opposed
to printing.


The fingerD I am working with does not seem to call
a .fingerrc file.

-Chris



..    But there *are* a million monkeys on the net,
..    and I still aint seen no Shakespeare!             <me>
...
...    smtp: nozefngr at apple.com
..     page: 1.800.680.7351
..     http: http://virtual.net/Personal/nozefngr/
..     icbm: lat37*21'.lon121*5'
..
..  the kabuki project: http://remarque.berkeley.edu/kabuki/







From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  8 19:23:30 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 9 Aug 1996 10:23:30 +0800
Subject: Blurring the Chains of Causation
Message-ID: <01I81HNSD4YG9JD3GI@mbcl.rutgers.edu>


From:	IN%"tcmay at got.net"  1-AUG-1996 18:22:25.80

>Many of the proposed restrictions seek to further blur this chain of
>causation, by making someone who provides access to materials which _may_
>later be used in a crime, or which may "inspire" someone to crime, a kind
>of criminal.

[...]

>People who actually commit real crimes are the criminals, not those who
>sold them Hostess Twinkies without first checking their blood sugar level.
>Not those who let a library patron look at a "dangerous" book. And not
>those who provided strong cryptographic tools which _might_ be used by
>terrorists, pedophiles, and money launderers.

	Quite. One analogy that should bring things a bit closer to home to
liberal types is that of zoning laws and restrictive covanents. The
(unfortunately legally accepted) justification, as I understand it, for many
zoning laws is that they prevent reductions in property values. Restrictive
covanents, such as against blacks or AIDS patients, have the same argument for
them, if one accepts the logic of the proposed restrictions. Blacks/whoever
moving in causes racists (or people anticipating the actions of racists) not to
want to move in or causes them to sell; this reduces local property values. By
the logic of the proposed restrictions, that means blacks/whoever should be held
responsible for the decrease in property values and barred or fined.
	Obviously, this whole idea is nonsense... only if you're the last
_person_ in a chain of causation are you the person making a decision for which
you should be blameable. (By person I refer to that people are the only beings
capable of making such a choice. I neither treat cows as having rights/choices
nor do I hold a bull criminally responsible for goring someone. Rights mean
responsibility; choices mean consequences.) Otherwise, someone else has the
chance to make their own decision and avert the negative results.... or not.
	-Allen





From tcmay at got.net  Thu Aug  8 19:24:00 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 9 Aug 1996 10:24:00 +0800
Subject: AOL crashes and burns
Message-ID: <ae2fcae8050210047014@[205.199.118.202]>


At 8:16 PM 8/8/96, Warrior wrote:
>Great news, eh?

No big deal, as I see it.

The only reason the AOL outage made the headlines is because of market
share. My own local ISP goes out at times, sometimes for more than a day.
And judging by the comments of others here (e.g, "my connection has been
flaky," "My ISP was down for the past few days," "Could someone mail me the
last 3 days worth of traffic?"), I suspect this is common.

Market share is what generates headlines.

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  8 19:31:42 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 9 Aug 1996 10:31:42 +0800
Subject: Stealth cookies
Message-ID: <01I81GMK7QGY9JD3GI@mbcl.rutgers.edu>


From:	IN%"stewarts at ix.netcom.com"  "Bill Stewart"  7-AUG-1996 06:58:56.42

>However, there's a way to cheat the cookie spec; I don't know
>if this was intentional, but it was realized quickly by the market :-)
>The issue is that your browser sends along an HTTP_REFERRER variable,
>which points to the last page you visited before the current page.
>It's useful for sites to find out where their pages are being referenced,
>and they may (legitimately) want to only give out information if you're
>coming from one of their previous pages.

	Does www.anonymizer.com filter out cookies and their requests? I'd also
be curious if an alternate means of specifying the url (without having to
manually type it in) is possible such that people would have problems doing a
search for all pages connecting to a page. I.e., currently, I can search for
pages connecting to a particular page through the anonymizer via doing an
AltaVista search for link:/page/in/which/i'm/interested.html. If the person had
to realize that, say, they had to do a search for
page__in__which__i'm__interested.html, that could make unfriendly tracing of
backlinks - sensitive backlinks if you're using the anonymizer - more difficult.
	-Allen

P.S. The problem with blank pages from the anonymizer seems to be fixed, or at
least I haven't run into it recently - thanks.





From unicorn at schloss.li  Thu Aug  8 19:38:31 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Fri, 9 Aug 1996 10:38:31 +0800
Subject: ****CyberWatch Security With Face Recognition 08/07/96
In-Reply-To: <Pine.SUN.3.91.960808083741.14499I-100000@crl5.crl.com>
Message-ID: <Pine.SUN.3.94.960808175801.852A-100000@polaris>


On Thu, 8 Aug 1996, Sandy Sandfort wrote:

> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                           SANDY SANDFORT
>  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
> 
> C'punks,
> 
> On Thu, 8 Aug 1996, Joseph M. Reagle Jr. wrote:
> 
> > TrueFace CyberWatch uses Miros' software and a small video
> > camera on top of the computer monitor to verify computer users
> > when they try to access protected data. TrueFace "snaps" a
> > picture of the current computer operator and compares it to
> > images in a database of authorized users. Continued spot checks
> > are taken to ensure the same user is at the computer...and
> > cannot be fooled by holding up a photo of a person. 
>  
> How about substituting a video tape of an authorized user for 
> the camera input?  (Hey, it worked on the old Mission Impossible
> show and a whole slew of movies.)

Or a very accurate movie style mask?

> 
>  S a n d y
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From jfricker at vertexgroup.com  Thu Aug  8 19:43:24 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Fri, 9 Aug 1996 10:43:24 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <2.2.32.19960808234932.00902f58@vertexgroup.com>


My main concern regarding access to this information rests in the fact that
this database has always been available to anyone who understood how to get
it and use it. Recently I received a letter from some credit card company
offering to provide me with my credit report, social security history, and
insurance related records  on a regular basis (for a fee of course). How
about my police, fbi, school, and dating records while we're at it. How much
is already available only to those that know the ropes.

Well today AP ran another story about the reaction surrounding Aaron's
actions. Nice picture of the back of Aaron's head. They didn't print is
lisense plate number either.

ObCypherpunks: How many people do you know that are working on a day to day
basis with medical records systems, the District Attorney's computers, your
doctor's computers, state Department of Health, and so on. I'm sure it's
come up before but isn't this an obvious of application of encryption and
PAK (Public Access to Keys)? Any legislation currently to _require_ that
medical records and such be encrypted with access restricted. 

Something like: Alice (my primary care giver) and I each have the key to the
records that Alice stores. Bob (my dentist) has a legitimate need to these
records so I issue Alice and Bob a new key. With that key, the software
allows Alice to make a replicate (synchonizable at that) of the record and
transfer it to Bob who uses his key to access the data. It may even be that
_any_ time, any of the replicas are to be accessed _my_ private key must be
employed although one may argue that in times of tragedy it would be prudent
to get my medical history immediately. I would say there is little in those
records that would help an emergency room doctor make life saving desisions.
That anything that the ER should know about me to save my life should be on
a Medical Emergency Bracelet. I guess it would not matter if you encrypted
with a key short enough to mumble from the back of an ambulance.

The market for encryption enabled applications is just about to take off. 

--j

At 03:25 PM 8/8/96 -0700, Rich Graves wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>I agree that this project needed to be done to educate the public, but I
>must say I'm glad my name isn't attached to it. 
>
>To answer legitimate concerns about abuse, perhaps version 2 could make the
>relevant http logs publicly available? So in addition to checking the
>governor's son's driving record, you could check which other IP addresses
>have been looking at the governor's son's driving record. Spider detection
>and retaliation would also be nice.
>
>(Of course this would have the side effect of increasing the visibility of
>the anonymizer/canadianizer/exonizer services, which would not be a bad
>thing.)
>
>- -rich
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.2
>
>iQBVAwUBMgppM5NcNyVVy0jxAQFjFwIAyio1QMkAC7/sH3PdVbGXuTImey+1ewg2
>Nxl7bZlZe/YvYlk2yomKW24bgZJ5Vjiecc7g35SM+jveLRWA0xgbkg==
>=yDFP
>-----END PGP SIGNATURE-----
>
>






From iang at cs.berkeley.edu  Thu Aug  8 19:49:22 1996
From: iang at cs.berkeley.edu (Ian Goldberg)
Date: Fri, 9 Aug 1996 10:49:22 +0800
Subject: Fixes to loop.c et al. for DES,IDEA,stego now done
In-Reply-To: <199608062350.QAA10693@abraham.cs.berkeley.edu>
Message-ID: <4ue0dk$2g4@abraham.cs.berkeley.edu>


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.LNX.3.91.890918054255.204A-100000 at HellSpawn>,
Damien Lucifer  <root at hellspawn.Berkeley.EDU> wrote:
>
>
>On Tue, 6 Aug 1996, Ian Goldberg wrote:
>> This directory contains patches to the Linux kernel to enable encryption and
>> steganography of filesystems. Encryption allows you to have a scrambled
>> partition or file that, with the proper pass phrase, you can mount, just
>> like a normal filesystem. Steganography allows you to hide a filesystem in
>> the low bits of, say, an audio file. You can even combine these two to hide
>> a scrambled filesystem in the low bits of an audio file (see the example,
>> below).
>
>
<snip>
>So the question on my mind, is can the loop device(s) be 
>multi-threaded? I decided to be clever one evening and moved all my home 
>directories to cfs directories.. unfortunatly when two instances of the 
>same user try to hit their CFS home directory at once, the whole machine 
>goes flubflub and and needs to be rebooted. Single threading didnt seem 
>like such a terrible thing when I installed cfs, but lately its become 
>rather restrictive and ugly to deal with. Please tell me theres a better 
>way. :) 

Well, unlike CFS, loop.c is part of the Linux kernel, which is single-threaded,
so I guess loop.c is also single-threaded.  However, I took care that deadlocks
be avoided (mounting a loop device as another loop device (for example,
hiding an encrypted filesystem as stego) caused me to think a bit, but I'm
fairly confident that it works now).

   - Ian

[For those that missed it, the URL is

ftp://ftp.csua.berkeley.edu/pub/cypherpunks/filesystems/linux/index.html

mirror site:

ftp://csclub.uwaterloo.ca/pub/linux-stego/index.html
]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgqEI0ZRiTErSPb1AQGI2gP+Pxq4auOpMSqVvCT9a/LRuj8fUhbmoG95
3hdYYRn/GWRZTK1IcdyUpVnIcHfS6SUz+0l39q/guMKfGGgPOOsWYMpL7rRcffZB
ZzZ8lWxO0JCOTPE8NIEuvdI3T+8bnVROeQ9u/YjRPnhMMQaOTUoCclt2fUt2+6YD
td9FWFl7Pvc=
=d1Am
-----END PGP SIGNATURE-----





From rich at c2.org  Thu Aug  8 20:09:28 1996
From: rich at c2.org (Rich Graves)
Date: Fri, 9 Aug 1996 11:09:28 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <2.2.32.19960808234932.00902f58@vertexgroup.com>
Message-ID: <Pine.GUL.3.95.960808172010.7089C-100000@Networking.Stanford.EDU>


On Thu, 8 Aug 1996, John F. Fricker wrote:

> ObCypherpunks: How many people do you know that are working on a day to day
> basis with medical records systems, the District Attorney's computers, your
> doctor's computers, state Department of Health, and so on. I'm sure it's
> come up before but isn't this an obvious of application of encryption and
> PAK (Public Access to Keys)? Any legislation currently to _require_ that
> medical records and such be encrypted with access restricted. 

"Require"?

Wouldn't do shit. It's a social problem more than a technological problem.

-rich






From vznuri at netcom.com  Thu Aug  8 20:14:56 1996
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Fri, 9 Aug 1996 11:14:56 +0800
Subject: visual programming
Message-ID: <199608081912.MAA29522@netcom14.netcom.com>



"cpunks write code". the whole concept of writing code may 
fundamentally shift in the future to something that is far more
visually oriented. I tend to think so and think that this idea
will be particularly fruitfully explored relative to virtual 
reality. I believe that in the future, code will be written
neither with "code" nor with "writing", so to speak.

this is a blurb out of Xeroc Parc, the same organization that
brought you the revolutionary wysiwyg GUI, the mouse, the file/folder 
analogy, etc.

imagine that as a programmer, you could see an animated presentation
of your code operation at all times. it would be an incredible
development and debugging tool. it is quite a few years away, but
I think it is inevitable.

what is interesting is that visual programming is not necessarily
a replacement for computer languages. it could be seen as just
another layer of abstraction on top of source code, i.e. a means
of generating source code, which could be in any language du-jour
such as Java. in fact I think this is the way visual languages
will first make their way into commercial environments-- by meshing
with all the existing language baggage.


------- Forwarded Message

Newsgroups: ba.seminars,comp.human-factors,comp.cog-eng,comp.groupware
Subject: BayCHI (Aug 13) - Programming as a Video Game, plus Exploring the World of a Product
Date: 6 Aug 1996 01:23:33 GMT
Organization: Usability Adventures

                                  BayCHI,
                   the San Francisco Bay Area ACM SIGCHI
          (Special Interest Group on Computer-Human Interaction),
                        announces its August meeting:

                          Tuesday, August 13, 1996
                               7:30 - 9:30 pm


                         Programming as a Video Game
                                    or
               ToonTalk -- A Video Game for Creating Programs

                         Ken Kahn, Animated Programs

                                     +

   Exploring the World of a Product: the Light Switch Exploration Project
                     Sam Hecht, IDEO Product Development



                           Xerox PARC Auditorium
                           3333 Coyote Hill Road
                           Palo Alto, CA 94304

 
         <BayCHI meeting attendance is free & open to the public.>

                   <BayCHI programs are not videotaped,
                 and taping by attendees is not permitted.>


Abstract of "Programming as a Video Game or ToonTalk -- A Video Game for 
Creating Programs":

Seymour Papert once described the design of the Logo programming language
as
taking the best ideas in computer science about programming language
design
and "child engineering" them.  Twenty-five years after Logo's birth,
there has
been tremendous progress in programming language research and in
computer-human interfaces.  Programming languages exist now that are very
expressive and mathematically very elegant and yet are difficult to learn
and
master.  We believe the time is now ripe to attempt to repeat the success
of
the designers of Logo by child engineering one of these modern languages.

When Logo was first built, a critical aspect was taking the computational
constructs of the Lisp programming language and designing a child friendly
syntax for them.  Lisp's "CAR" was replaced by "FIRST", "DEFUN" by "TO",
parentheses were eliminated, and so on.  Today there are totally visual
languages in which programs exist as pictures and not as text.  We believe
this is a step in the right direction, but even better than visual
programs
are animated programs.  Animation is much better suited for dealing with
the
dynamics of computer programs than static icons or diagrams.  While there
has
been substantial progress in graphical user interfaces in the last
twenty-five
years, we chose to look not primarily at the desktop metaphor for ideas
but
instead at video games.  Video games are typically more direct, more
concrete,
and easier to learn than other software.  And more fun too.
 
We have constructed a general-purpose concurrent programming system,
ToonTalk
(TM), in which the source code is animated and the programming
environment is
a video game.  Every abstract computational aspect is mapped into a
concrete
metaphor.  For example, a computation is a city, an active object or
agent is
a house, birds carry messages between houses, a method or clause is a
robot
trained by the user and so on.  The programmer controls a "programmer
persona"
in this video world to construct, run, debug and modify programs.  We
believe
that ToonTalk is especially well suited for giving children the
opportunity to
build real programs in a manner that is easy to learn and fun to do.

A live demo of ToonTalk will be given.  (See http://www.toontalk.com.)

                                 ----- o -----

Abstract of "Exploring the World of a Product: the Light Switch
Exploration 
Project":

Initiated by IDEO industrial designers in San Francisco, the Light Switch 
exploration is the first in a series of projects which explore the world
of 
a product.  The benefits, other than those which are delivered within
each 
design, is to expand each designer's mind, but formulated within a group.
 
The group deliberately chose the humblest of product interfaces for 
exploration, asking that the test was in the using.  It was felt strongly 
that this type of project would be able to indirectly inspire some of the 
more complex products that IDEO usually works with, and which the layman 
eventually has to operate.  The approach taken was rooted heavily in both
a 
large vocabulary of materials and the appraisal of a light switch within
its 
environment.

The group started the project by examining the history and context of a
light 
switch and discovered that it was praticularly easy to move away from 
preconceptions which seem to have plagued many earlier attempts by
designers. 
This was further achieved by the group developing contextual platforms
for 
particular scenarios based on the relationships between object and light; 
control and light; the manipulation of light; and the interaction with a 
switch.  The root in material also inspired totally new ways of both 
manufacturing and operating a light switch.  It would be wrong to suggest
that 
these designs are anything more than concepts, but because they were
created 
within an environment that is populated by Human Factors, Engineering,
and 
Interaction Design, they hold many of the concerns which are evoked by
these 
professions.

The group extended the concept of "using" by creating working prototypes.
These were exhibited as part of the "Mutant Materials in Design"
exhibition 
at the Museum of Modern Art in New York.  Here, the public were able to 
interact with each switch in its proper context; that being to turn a
light 
bulb on and off.  New surprises were observed - such as people stroking a 
switch that only required the slightest of contact.  What was happening,
of 
course, was that relationships were being created between object and user.

The exploration was awarded the 1995 annual design award for concepts and
the 
CHI'96 video award for design, and was part of the International Design 
Yearbook for 1996.


Biographies:

ToonTalk was designed and built by KEN KAHN <kahn at csli.stanford.edu> who, 
after earning a doctorate in computer science from MIT, spent more than
15 
years as a researcher in programming languages, computer animation, and 
programming systems for children.  He has been a faculty member at MIT, 
University of Stockholm, and Uppsala University.  For over eight years he 
was a researcher at Xerox PARC.  During the 1970s he made several
animated 
films which were shown in film festivals, theaters, and cable TV.  In
1992, 
Ken founded Animated Programs whose mission is to make computer
programming 
child's play.  His patent application covering the underlying technology
of 
ToonTalk has recently been approved by the US Patent Office.  David,
Ken's 
11 year-old son, will be running the demos during the talk.

                                 ----- o -----

SAM HECHT joined IDEO in 1994 after working in the areas of interior
design, 
architecture, industrial design, and graphic design.  He has worked in
the 
studios of David Chipperfield in London, Studia design group in Tel-Aviv, 
IDEO product development in San Francisco, and now currently as a senior 
industrial designer at IDEO in Tokyo.  In San Francisco, he created
designs 
for large corporations in the fields of furniture for Steelcase America, 
computer monitors for NEC Japan, and recently telephones for AT&T of
America.

After graduating from the Royal College of Art in London, he started to 
investigate the border between object and environment, which he exercised
in 
a number of interiors.  This interest was furthered with the designs of
the 
offices of IDEO in both San Francisco and Tokyo, which challenge our
thinking 
of the office environment - layered with the philosophy of
multi-disciplinary 
team working that IDEO employs.  He is also responsible for curating the
IDEO 
design explorations that occur each year.

In Tokyo, he is currently focusing on the design of objects of a smaller 
scale.  His work has won several awards; has been exhibited in Europe, 
America, and Asia; and has been published in leading journals throughout
the 
world.

************************************************************************
************************************************************************

                        NOTES OF SPONSORSHIP & THANKS

BayCHI thanks Jock MacKinlay and Stu Card of Xerox PARC for sponsoring
our use of the Xerox PARC auditorium for BayCHI monthly meetings.

************************************************************************

                  BayCHI's September meeting: September 10

                 location: Xerox PARC Auditorium, Palo Alto

************************************************************************

About BayCHI

BayCHI, the San Francisco Bay Area chapter of ACM's Special Interest
Group on Computer-Human Interaction, brings together systems designers,
human factors engineers, computer scientists, psychologists, social
scientists, users, software engineers, product managers, ... from
throughout the Bay Area to hear and to exchange ideas about
computer-human interaction and about the design and evaluation of user
interfaces.

To join BayCHI, which will get you added to the mailing list for the
newsletter, enable your access to the jobbank, enable your listing in
the consultants directory, get you a copy of the directory of BayCHI
members, ..., send a note to cstreeter.chi at xerox.com or to BayCHI,
PO Box 25, Menlo Park, CA 94026, and we will send you a printed
membership form.  Membership forms are also available at the BayCHI
meetings; plus, a membership form is appended to this announcement.

Additional information about BayCHI is available at BayCHI's evolving
World Wide Web site: http://www.baychi.org/.

For program updates and to leave messages, call 408-235-9244.

************************************************************************

                         BayCHI Steering Committee

The BayCHI steering committee meetings are open to anyone who is
interested in attending.  The meetings are generally held the first
Tuesday of the month at 7:30 p.m.  Please contact any member of the
committee for directions to the meeting.

Chair                  Bob Weissman        weissman.chi at xerox.com
Vice Chair             Clark Streeter      cstreeter.chi at xerox.com
Treasurer              Fred Jacobson       jacobson.chi at xerox.com

Program Chair          Richard Anderson    rianderson.chi at xerox.com
Membership Chair       Don Patterson       patterson.chi at xerox.com
Newsletter Editor      Fred Jacobson       jacobson.chi at xerox.com

Dinner Coordinator     Diane Cerra         dcerra at mkp.com
Webmistress            Christina Gibbs     cgibbs.chi at xerox.com
Job Bank               Mark Fernandes      mark_fernandes.chi at xerox.com

Publicity Chair        Christina Gibbs     cgibbs.chi at xerox.com
Tutorial Chair         David Rowley        rowley.chi at xerox.com
CHI Calendar           Megan Eskey         eskey.chi at xerox.com

Consultants Directory  Dave Salvator       salvator.chi at xerox.com
Strng Comm Mtg Host    Ulrike Creach       creach.chi at xerox.com
Newsletter Distr.      Joseph Jarosz       jarosz.chi at xerox.com

Volunteer Coordinator  Clark Streeter      cstreeter.chi at xerox.com
Elections Chair                  (open position)
SIGCHI Liaison         Don Patterson       patterson.chi at xerox.com

International Liaison  Susan Wolfe         wolfe.chi at xerox.com
BAHFES Liaison         Robert Kaplan       kaplan.chi at xerox.com
Xerox PARC host        Jock Mackinlay      mackinlay.chi at xerox.com
 
Past Chair ('95-'96)   David Rowley        rowley.chi at xerox.com
Past Chair ('93-'95)   Ellen Francik       francik.chi at xerox.com
Past Chair ('92-'93)   Richard Anderson    rianderson.chi at xerox.com

At-large               Allison Hansen      ahansen.chi at xerox.com
At-large               Howard Tamler       htamler.chi at xerox.com
At-large               Mike Van Riper      vanriper.chi at xerox.com


             BayCHI -- P.O. Box 25 -- Menlo Park, CA -- 94026
 
 
************************************************************************

                           DIRECTIONS TO XEROX PARC
 
>From Highway 280, take the Page Mill Road exit. Go east one mile to
Coyote Hill Road (no light) and turn right. Go 1/2 mile and PARC will
be on your left. Follow the signs to the auditorium.

>From 101, take the Oregon Expressway exit west 2 miles to El Camino
Real.  Oregon Expressway becomes Page Mill Road at El Camino Real.
Follow Page Mill Road 1.7 miles to Coyote Hill Road (no light) and turn
left.  Coyote Hill Road is just past the intersection with Foothill
Expressway. Go 1/2 mile and PARC will be on your left. Follow the signs
to the auditorium.

For a map, see http://www.parc.xerox.com/images/maptoparc.gif.

************************************************************************

                  O /                                \ O
        -----------X------------ Cut Here ------------X-----------
                  O \                                / O

BayCHI Membership Form                         (Version: 8 February 1996)
- ----------------------

Name: ________________________ ____________ _____________________________
      (First)                  (MI)         (Last)

Nickname (optional): _________________________
(for Membership Card/Badge name if other than above)

Preferred Email:_________________________________________________________

Secondary Email:_________________________________________________________

Web Address (URL):_______________________________________________________


Home Contact Information
     Address: ___________________________________________________________

              ____________________, _______  __________________  ________
              City                  State    Postal / City Code  Country

     Phone: (_____)____________________  FAX: (_____)___________________

Business Contact Information
     Company / Affiliation: _____________________________________________

                Department: _____________________________________________

     Address: ___________________________________________________________

              ____________________, _______  __________________  ________
              City                  State    Postal / City Code  Country

     Phone: (_____)____________________  FAX: (_____)___________________


Preferred Mailing Address (circle one):   Home      Business      Email
Only

Newsletter delivery via (circle one):     Email     Surface

Check if you DO NOT want to be included in the Membership Directory? ____

Check if you want to receive Job Bank postings: ____

Interests and Expertise (for Membership Directory listing - up to 90 char)




Circle if member of:     ACM      SIGCHI

ACM Member Number: _________________________________


Membership Fees:  $15.00 for New Members         $10.00 for Renewing
Members


Payment Enclosed :   $_______       Date:  __________

Payment by (circle one): Cash    Personal Check    Business Check    Other


Please mail this form, along with a check payable to BayCHI, to:
Don Patterson, 757 Avalon Way, Livermore, CA 94550
************************************************************************

------- End of Forwarded Message






From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  8 20:18:09 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 9 Aug 1996 11:18:09 +0800
Subject: Edited Edupage, 1-Aug-1996
Message-ID: <01I81HBZJJWK9JD3GI@mbcl.rutgers.edu>


From:	IN%"educom at educom.unc.edu"  1-AUG-1996 17:11:49.07
To:	IN%"edupage at elanor.oit.unc.edu"  "EDUCOM Edupage Mailing List"

>*****************************************************************
>Edupage, 1 August 1996.  Edupage, a summary of news about information
>technology, is provided three times a week as a service by Educom,
>a Washington, D.C.-based consortium of leading colleges and universities
>seeking to transform education through the use of information technology.
>*****************************************************************

[...]

>CELLULAR PHONE COMPANIES FIGHT CLONING
>To fight the illegal practice called "cloning," cellular telephone carriers
>will be adopting new "smart phone" technology intended to foil high-tech
>criminals by matching calls with encoded passwords.  In cloning, pirates
>use portable scanners and computers to intercept the cellular phone user's
>phone and serial numbers as they are being broadcast to a transmitting
>tower or "cell site."   The new digital phones will contain a non-clonable
>''smart cards'' that encrypt the identifying information to prevent
>scanners from eavesdropping or cloning the customer's telephone number. 
>(San Jose Mercury News 1 Aug 96)

	It sounds like the "smart cards" will have some chip oddities to try
to prevent reading them - something in TCMay's department. I do wonder whether
they're going to have one key for all of them, or differing keys for each user.
If the former, then cracking one (which I get the impression is quite possible)
equals cracking all, of course.

>G7 LEADERS & THE INTERNET
>Experts on electronic communications said ideas presented by G7 leaders for
>fighting terrorism  by restricting access to the Internet are "naive and
>probably unworkable" because there are too many ways to circumvent
>censorship on the Net to believe regulation could prevent terrorists from
>using the technology for communications.  (Toronto Globe & Mail 1 Aug 96
>A4)

	Yes... although it could be rather inconvenient.

>CANADIAN SERVICE PROVIDERS TACKLE OBJECTIONABLE MATERIAL
>Canadian access providers are developing guidelines for dealing with
>potentially objectionable material and have set up a code of conduct
>committee, with goals that include establishing guidelines members can use
>to determine if information stored on their servers is illegal.  (Toronto
>Globe & Mail 1 Aug 96 B1)

[...]

>CERTIFIED WEB SITES
>The National Computer Security Association in Carlisle, PA., will certify
>that a Web site meets minimum security specifications, including the
>presence of firewalls, use of passwords, and encryption of sensitive data
>transmission.  Certifications costs $8500 a year and requires that the site
>submit to remote tests, an NCSA site visit, and random compliance audits. 
>(Computerworld 29 Jul 96 p2)

	One hopes that the level of encryption will be required to be above
single DES, at least...

>Edupage is written by John Gehl <gehl at educom.edu> & Suzanne Douglas
><douglas at educom.edu>.  Voice:  404-371-1853, Fax: 404-371-8057.  

>Technical support is provided by Information Technology Services at the
>University of North Carolina at Chapel Hill. 

>***************************************************************
>Edupage ... is what you've just finished reading.  To subscribe to Edupage:
>send mail to: listproc at educom.unc.edu with the message:  subscribe edupage 
>Gene Fullmer  (if your name is Gene Fullmer;  otherwise, substitute your
>own name).  ...  To cancel, send a message to: listproc at educom.unc.edu with
>the message: unsubscribe edupage.   (If you have subscription problems,
>send mail to manager at educom.unc.edu.)





From omega at bigeasy.com  Thu Aug  8 20:18:57 1996
From: omega at bigeasy.com (Omegaman)
Date: Fri, 9 Aug 1996 11:18:57 +0800
Subject: PGP public key servers are NOT useful!
Message-ID: <199608082044.PAA00861@betty.bigeasy.com>



> What I want to prevent is some person I dislike uploading his
> signature on my key

Yes, that's unpreventable.  It still does not change the fact that it 
is up to the person using your public key to determine if you are 
indeed that actual owner of that key.
 
> How would you like it if I added a new ID to your key containing sort
> of insult, certified that ID, and uploaded the new signature to the
> key servers.

RTFM.  Look, go into PGP and try to change your key ID.  You will 
note that PGP asks you to provide the passphrase to your secret key 
before allowing an id change.  Someone could not get your public key 
off of a keyserver and change the id of the key.  The need both your 
secret key and your passphrase to do that.

Now someone could create a key-pair themselves and  falsely assign 
your e-mail address and some miscellaneous crap as the ID.  They 
could then upload the"rogue" public key portion of this keypair to 
the servers.

However, the falsity of this "rogue" public key can be easily 
determined by you and anyone who is trying to communicate securely 
with you.  All of this is explained with great clarity in the PGP 
documentation.

Think about this...
Suppose I knew who you were and knew your e-mail address.  What's to 
stop me from creating a "rogue" key-pair with your address as the 
e-mail id and uploading it to the keyservers?  Just because you don't 
utilize the keyservers, doesn't mean your public key can't be placed 
there.  "Controlling" the distribution of your public key is giving 
you a false sense of security where none is really needed.

Ponder: why is a public key called a "public" key?

"Controlling" the distribution of you public key is a pointless 
exercise.  Controlling authentication is what you and those who 
communicate securely with you whould be concerned about.

me
--------------------------------------------------------------
 Omegaman <omega at bigeasy.com>
 PGP Key fingerprint =  6D 31 C3 00 77 8C D1 C2  
                        59 0A 01 E3 AF 81 94 63 
Send a message with the text "get key" in the 
"Subject:" field to get a copy of my public key.
--------------------------------------------------------------





From gary at systemics.com  Thu Aug  8 20:20:36 1996
From: gary at systemics.com (Gary Howland)
Date: Fri, 9 Aug 1996 11:20:36 +0800
Subject: appropriate algorithm for application
In-Reply-To: <ML-2.2.839513101.7349.scott@homebox.>
Message-ID: <320A29E7.13728473@systemics.com>


Scott McGuire wrote:
> 
> > Cerridwyn Llewyellyn wrote:
> > >
> > > I need an algorithm/protocol that is capable of encrypting numerous
> > > files with separate keys, but there also needs to be a master key
> > > that will be able to decrypt all of them.  Is there such a system
> > > that is relatively secure?  I'd prefer the system to be as secure
> > > as possible, but in this application, security is secondary to
> > > functionality.  Thanks... //cerridwyn//
> >
> > Are you after a working program, or just a design?
> >
> > You could always use an escrowed public key generator (discussed on
> > sci.crypt some time ago), where the keys all have a factor of 'N'
> > embedded in 'N', but encrypted with the master key.
> >
> > (I'd be prepared to write the code that generates the keys, if
> > someone does the "master decrypt" side of things).
> >
> >
> 
> Why not just encrypt the files with regular, single key encryption and only use
> the public-key encryption on a master file holding a copy of all the individual
> keys?  This would be faster right?

The main reason is so that anyone can generate new keys as and when
they please. The master key is not required for key generation, which
makes it more secure (ie. it spends more of its time in the safe) and
practical (the master key may be in a different building).

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From harka at nycmetro.com  Thu Aug  8 20:22:50 1996
From: harka at nycmetro.com (harka at nycmetro.com)
Date: Fri, 9 Aug 1996 11:22:50 +0800
Subject: .mil links
Message-ID: <TCPSMTP.16.8.8.13.36.40.2780269260.1222868@nycmetro.com>


Somebody e-mailed me a nice collection of military/intelligence sites. I'll forward it to the list in case anybody is interested. (Note: I haven't checked the links myself yet)

Harka

== Forwarded Message Follows =========================================

MILITARY SCIENCES AND DEFENSE SITES:

Advanced Information Technology
          Current research aimed at developing and implementing
          cutting edge hardware and software solutions for Navy
          problems. Also pointers to US Navy information, Washington
          DC Area Information and more.
http://www.ait.nrl.navy.mil:80/home.html

Advanced Research Projects Agency
          Provides selected information about the activities and
          programs of the Advanced Research Projects Agency(ARPA).
http://ftp.arpa.mil/

Air Intelligence Agency
          This World Wide Web home page is your gateway to information
          about the U.S. Air Force's Air Intelligence Agency, a Field
          Operating Agency headquartered at Kelly Air Force Base in
          San Antonio, Texas.
http://tecnet2.jcte.jcs.mil:8000/cybrspke/aialink.html

Armament Research Development and Engineering Center (ARDEC),
Picatinny Arsenal, NJ
          Access to staff directories, ARDEC information sources and
          remote non-technical information.
http://www.pica.army.mil/

Army Research Laboratory
          Allow scientist from government, academia, and industry to
          discover information about current Army research.
http://info.arl.army.mil/

Bosnia Link
          BosniaLINK, is the official Department of Defense
          information system about U.S. military activities in
          Operation JOINT ENDEAVOR, the NATO peace keeping mission in
          Bosnia.
http://www.dtic.dla.mil/bosnia/

Brooks Air Force Base, Human Systems Center
          Brooks AFB organizations, information by topic and local
          interest, publications, weather and keyword searches are
          available.
http://www.brooks.af.mil/

Central Intelligence Agency
          The Central Intelligence Agency (CIA) supports the
          President, the National Security Council, and all who make
          and execute US national security policy.
http://www.odci.gov/cia/

Defense Information Systems Agency Center for Standards
          Access to the DISA CFS Information Technology Standards
          Libary, Bulletin Board System and the Department of Defense
          Electronic Commerce/Electronic Data Interchange Standards
          Repository.
http://www.itsi.disa.mil/

Defense Information Systems Agency Server
          The Defense Information Systems Agency (DISA) mission is to
          Plan, Engineer, Develop, Test, Manage Programs, Acquire,
          Implement, Operate and Maintain Information Systems for C4I
          and Mission Support Under all conditions of Peace and War.
http://www.disa.mil/

Defense Intelligence Agency
          The Defense Intelligence Agency (DIA) is a Combat Support
          Agency and the senior military intelligence component of the
          U.S. Intelligence Community.
http://www.dia.mil/

Defense Logistics Service Center
          Provides logistics information products and services to all
          military and civilian government services and agencies.
          Server provides information on full range of DLSC products
          and services including LOGRUN, MEDALS, CAGE, FEDLOG, GIRDER,
          AMLS, Customer Service and FOI.
http://www.dlsc.dla.mil/

Defense Research and Engineering Network
          Information about the Defense Research and Engineering
          Network(DREN), the networking component of the DoD High
          Performance Computing Modernization Program.
http://www.arl.mil/HPCMP/DREN/index.html

Defense Technical Information Center
          Provides access to and transfer of scientific and technical
          information for DoD personnel, DoD contractors and other US
          government agencies.
http://www.dtic.mil/

DefenseLINK
          Access to DoD news releases, contract awards, briefing
          transcripts and related information. Postings are normally
          made within 20 minutes of official release. A search feature
          provides easy access to past releases.
http://www.dtic.mil/defenselink/

Hydromechanics Directorate, Naval Surface Warfare Center
          Navy lab responsible for the research, development, testing,
          and evaluation of ships, submarines and other marine
          technologies. Contains information on facilities, projects
          and technical reports.
http://www50.dt.navy.mil/

Intelligence Community Homepage
          The Intelligence Community is a group of 13 government
          agencies and organizations that carry out the intelligence
          activities of the United States government.
http://www.odci.gov/ic/

National Defense University
          Information on professional military education. NDU is home
          to several colleges and institutions dedicated to military
          education, research, executive skills training, public
          policy information resource management, and more. Also
          contains a library.
http://www.ndu.edu/

National Security Agency
          The National Security Agency (NSA) is responsible for the
          centralized coordination, direction, and performance of
          highly specialized technical functions in support of U.S.
          Government activities to protect U.S. information systems
          and produce foreign intelligence information.
http://www.nsa.gov:8080/

Naval Command, Control and Ocean Surveillance Center (NCCOSC)
          Information about the three subordinate commands of NCCOSC
          as well as pointers to other naval resources.
http://www.nosc.mil/

Naval Surface Warfare Center, Carderock Division
          Contains information pertaining to CALS in the Navy. All
          certified Navy DTDs and FOSIs are available on the
          Repository for downloading.
http://navysgml.dt.navy.mil/

NavyOnLine
          Gateway to the Department of Navy online resources. Access
          to the Navy News Service, Naval Postgraduate School, Navy
          Public Affairs Library, Naval Research Laboratory, Space and
          Naval Warfare Systems Command and more.
http://www.navy.mil/

Office of the Director of Information Systems for Command, Control,
Communications and Computers (ODISC4)
          Provides up to date information on the ODSIC4 and the Army's
          Information Mission Area.
http://www.army.mil/disc4-pg/disc4.htm

Office of Naval Research
          The Office of Naval Research (ONR) coordinates, executes,
          and promotes the science and technology programs of the
          United States Navy and Marine Corps through universities,
          government laboratories, and nonprofit organizations.
http://www.onr.navy.mil/

Office of Strategic Phenomena
          The mission of the Office of Strategic Phenomena is to
          develop and maintain the means by which certain
          phenomenology data is to be archived, distributed, analyzed
          and used by the community of designers, experimenters,
          scientists, and wargamers working in the areas such as
          ballistic missile defense or in synthetic environments for
          more comprehensive DoD simulations.
http://vader.nrl.navy.mil/osp.html

The Pentagon
          Access the headquarters of the Department of Defense and get
          general information and tour schedules for the Pentagon.
http://www.dtic.mil/defenselink/pubs/pentagon/index.html

Persian Gulf War Illness Home Page
          Visit GulfLINK, the information system of the Persian Gulf
          War Veterans Illnesses Task Force. This service provides to
          the public information concerning the illnesses affecting
          Persian Gulf War veterans.
http://www.dtic.dla.mil/gulflink/

Space & Naval Warfare Systems Command
          Information about the resources at the Space and Naval
          Warfare Systems Command.
http://www.spawar.navy.mil/

U.S. Air Force
          The official web site of the U.S. Air Force. Contains news,
          fact sheets and photos of weapon systems, biographies and
          key leaders, the latest publications about the Air Force,
          and photos for current operations around the world. The site
          also lists more than 40 Air Force web sites around the
          world.
http://www.dtic.mil/airforcelink/

U.S. Army Center of Military History
          The U.S. Army Center of Military History provides
          information on past Wars and Army history in general.
http://www.army.mil/cmh-pg/default.htm

U.S. Army Homepage
          The Army Homepage is a central index for all U.S. Army Web
          sites. It is updated daily and has both Organizational and
          Subject lists. If you need to find a U.S. Army Homepage, you
          will find it here!
http://www.army.mil/

U.S. Marines Corp Homepage
          The official World Wide Web information service of the
          United States Marine Corps.
http://www.usmc.mil/

___ Blue Wave/386 v2.30 [NR]







From tcmay at got.net  Thu Aug  8 20:54:32 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 9 Aug 1996 11:54:32 +0800
Subject: Boom!
Message-ID: <ae2fd9c406021004edd7@[205.199.118.202]>


At 10:43 PM 8/8/96, Duncan Frissell wrote:
>So, if it turns out that TWA 800 was an accidental wing tank explosion, will
>they give us our civil liberties back?  If not, why not?
>

You must be kidding. Civil rights (the real ones, not the affirmative
action/antidiscrimination bullshit kind) only get constricted.

The government only tightens the noose, it never loosens it.

On a related note, it looks like Richard Jewell, the "Olympic Bomber," may
not be charged and may even receive a page 37B "letter of clarification"
from the Feds. No word on what the pack of 100 media vultures camped in his
apartment's driveway will say.

I suspect he will never live a normal life. Even if never charged, the
splashing of private photos from his apartment--such as him cradling an
AR-15 while dressed in camo--will stick in people's minds. What recourse
does he have that camera crews were invited in on the searches? (*)

(* In my local large city, San Jose, the cops used to invite the tabloid
t.v. crews in on busts of suspected drug dealers. Kickbacks were probably
involved. Anyway, the Fox network used to send camera crews in with the
cops who kicked down doors, getting juicy coverage for "reality t.v." shows
like "Cops." People in their underwear, people crying, people naked (Fox
covered up the naughty bits digitally). After a privacy invasion lawsuit
filed by one of the raided parties--I don't recall if they were ever found
guilty or not, not that it matters--the cops stopped inviting the camera
crews along. Judging by what I still see on t.v., other cities haven't
stopped the practice. Surely a raid by cops, justified or not, does not
give me, or you, or KCBS t.v. to tag along and enter a private home with
our tape recorders and cameras rolling.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From sparks at bah.com  Thu Aug  8 21:06:22 1996
From: sparks at bah.com (Charley Sparks)
Date: Fri, 9 Aug 1996 12:06:22 +0800
Subject: Fw: AOL crashes and burns
Message-ID: <199608090131.VAA02178@pop1.jmb.bah.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Thu Aug 08 21:28:04 1996

- -----Begin Included Message ----- 
I thought things were a bit faster there for a while.. They had just rolled 
out AOL 3.0 in time for Mac World ( county ??) when it burned.... Seems 
some new server software gagged it <GRIN>


Date: Thu, 8 Aug 1996 15:16:38 -0500
 From: Warrior <warrior at tateonline.com>
To: cypherpunks at toad.com
Cc: 

Great news, eh?



- ---- End of forwarded message ----
Charles E. Sparks<sparks at bah.com>    
In God we trust, all others we encrypt !
http:/www.clark.net/pub/charley/index.htm
    Public Key At 
http://www.clark.net/pub/charley/cp_1.htm
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCXAwUBMgqUJeJ+JZd/Y4yVAQGXpQQMC4HvZJDaHYOeSF/2nw4LEdSt6g+h5eZU
NYo594LK9VTogbOLG/XgLol3aZ/GtQLyWs3gzbHFUwgByzZzjdDq+UEwbj4wV7jb
XE3D1EJ5zCg3k7+Pbj4LKqag4VngD/0yd38bx7Okcvi3pfuwaPjIjNy/IStxZjV8
L6tHPzdlbwwa2g==
=CG8R
-----END PGP SIGNATURE-----






From snow at smoke.suba.com  Thu Aug  8 21:07:13 1996
From: snow at smoke.suba.com (snow)
Date: Fri, 9 Aug 1996 12:07:13 +0800
Subject: Internal Passports
In-Reply-To: <Pine.LNX.3.94.960808070101.346A-100000@switch.sp.org>
Message-ID: <Pine.LNX.3.93.960808101728.254H-100000@smoke.suba.com>


On Thu, 8 Aug 1996, The Deviant wrote:
> On Wed, 7 Aug 1996, Mark C. Henderson wrote:
> > I note that California requires some sort of documentation (birth 
> > cert, INS documentation etc.) for a new driver's licence. Don't know
> > about other states.  
> 
> Hrmm... North Carolina requires 2 forms of ID, which can be an older
> Driver's license, a SS card, a military ID, a birth certificate, or
> (you'll love this one)...   "A filled in job application"... It doesn't
> even have to be signed by the company, or any of that shit.  I can walk
> over to RatShack, ask for an application, fill it out as "J. E. Hoover",
> and its a valid form of ID at the DMV.

     You forgot "The Family Bible" at least that was in effect the last
time I was in N.C.

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From jimbell at pacifier.com  Thu Aug  8 21:12:49 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 9 Aug 1996 12:12:49 +0800
Subject: Why should we trust the system?
Message-ID: <199608090119.SAA20142@mail.pacifier.com>


When supporting plans like GAK ("key escrow") and wiretaps, you will 
frequently see the Denning-types justify them by claiming that there's 
protection from a requirement that a judge issue a search warrant.  It 
should be instructive, then, to present the Richard Jewell case as an 
excellent counter-example.  Richard Jewell, as you should all be aware, is 
the poor soul who happened to first see that pipe bomb at the Atlanta 
Olympics.  However, hours after it was publicly revealed that the Atlanta 
911 center screwed up, wasting 10 minutes looking up the address of 
"Centennial park," officialdom suddenly discovered they needed news to 
divert attention from their buffoonery.  They found it, as if on cue.

Tonight, I saw a national network news show say how Jewell is apparently 
quite innocent, and that the news media was quite willingly "used" by the 
government to convict Jewell in the press.  Great mea culpa, but that still 
leaves some serious questions.  Presumably, the government got warrants to 
search Jewell's apartment, correct?  Okay, what evidence did they use to 
support the granting of those warrants?

What, EXACTLY, did they tell the judge that ostensibly convinced him to 
grant a warrant?  Remember, police aren't supposed to get a warrant simply 
if they can't prove that a person is NOT a bomber.  The standard is suppose 
to work the other way around:  The police should get a warrant only if the 
amount of evidence of guilt (or, evidence of evidence) is sufficiently 
detailed to rise to a certain level of authority, known as "probable cause."

Evidence doesn't evaporate.  More precisely, the police had a responsibility 
to collect enough evidence together, POSITIVELY, to be able to show probable 
cause to believe that a crime had occurred, and that Jewell was guilty.  
Some of that evidence might, hypothetically, have initially appeared to show 
guilt and was later clarified, but that early evidence must still exist, to 
at least show the public that the cops didn't entirely fabricate the 
justifications they used to get the warrants.   So I ask again, did the 
police/FBI EVER have enough evidence to convince anyone by that "probable 
cause" standard?  Well, if they say they had it in the case of Richard 
Jewell, that isn't very reassuring.  

Okay, I'll admit that I _never_ believed that judges actually follow the 
standards they claim to.  But many other people of those who are more 
establishmentarian than I (I guess that group includes just about everybody, 
huh?) at least pretend to believe this, or hope this, and maybe a few 
suckers actually do. It should be their responsibity, then, to show that the 
granting of a search warrant occurs only when justified.  In Jewell's case, 
that was not the case.

If we allow this fiasco to die without a full analysis, particularly in 
light of the government's repeated assurances with regards to search 
warrants, we will be as incompetent as the police were.



 
Jim Bell
jimbell at pacifier.com





From pete at loshin.com  Thu Aug  8 21:16:18 1996
From: pete at loshin.com (Pete Loshin)
Date: Fri, 9 Aug 1996 12:16:18 +0800
Subject: driver license info, loss of liberty, etc.
Message-ID: <01BB8570.C231DE20@ploshin.tiac.net>


The furor over the Oregon DMV database seems a bit misplaced: this type of 
information is considered to be in the public domain.  You can buy it on 
tape/whatever for business purposes direct from the state.  There are lots 
of people who I don't want to have any information about me who can get 
what's on file down at the Mass Registry of Motor Vehicles.  That's the way 
it works.

Now, there's lots of times when it would have been nice to have access to 
that information myself.  Use your imagination.  Why should the public be 
denied the right to access this information when businesses have had that 
privilege for some time?  I wouldn't hold my breath waiting for it to be 
taken away from businesses, either, though I suppose the states will now 
pass laws prohibiting the public dissemination of this data.

BTW, has anyone heard about the Post Office now requiring that all airmail 
packages over 1 lb must now be posted in person (no mail drop boxes)? 
 Someone told me this, and it sounds just stupid and pointless enough to be 
true.  I won't have a chance to go to the PO until Monday, so I'd 
appreciate any updates.

regards,
-pl







From tcmay at got.net  Thu Aug  8 21:23:00 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 9 Aug 1996 12:23:00 +0800
Subject: "Thank you for not smoking" and other euphemisms
Message-ID: <ae2fe17707021004bcfc@[205.199.118.202]>



[Not to pick on Alan, but I clipped out 8 (eight) separate cc: copies
besides the main address! People, take a minute to trim the
ever-accumulating cc: list. If someone is subscribed to CP, they don't need
a separate copy. And so on.]

At 1:11 AM 8/9/96, Alan Horowitz wrote:
>Nrth Carolina Jury instructions also mention that petite jurors are
>"discouraged" from asking questions of the witness. I guess that means
>they are not forbidden to do so.

"Petite jurors" Is this a typo, or a special term of art in North Carolina?

But your "discouraged" point is well-taken, an all too common. Other
examples are:

"Thank you for not smoking" (Suggesting they'll thank me if I don't smoke,
but not actually forbid me from smoking. Of course, this euphemism means
"Smoking forbidden.")

"Donations suggested." This usually for leftist events, e.g., a speech by a
Nicaraguan freedom fighter. Of course, what they really mean is "admission
fee mandatory," but they call it a "suggested donation." I doubt one will
be arrested for barging through the door without paying the "suggested
donation," but this is a possibility, as they may deny admission.

(And then there's the "sliding scale donation suggested," say, from $5 to
$15. Presumably this is the embodiment of pure Marxist theory, "from each
according to his ability, to each according to his need." Be interesting to
see their reaction if one declined to make any donation.)

--Tim May





Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From rich at c2.org  Thu Aug  8 21:24:16 1996
From: rich at c2.org (Rich Graves)
Date: Fri, 9 Aug 1996 12:24:16 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <2.2.32.19960808154452.00c70514@vertexgroup.com>
Message-ID: <Pine.GUL.3.95.960808151724.6575A-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

I agree that this project needed to be done to educate the public, but I
must say I'm glad my name isn't attached to it. 

To answer legitimate concerns about abuse, perhaps version 2 could make the
relevant http logs publicly available? So in addition to checking the
governor's son's driving record, you could check which other IP addresses
have been looking at the governor's son's driving record. Spider detection
and retaliation would also be nice.

(Of course this would have the side effect of increasing the visibility of
the anonymizer/canadianizer/exonizer services, which would not be a bad
thing.)

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMgppM5NcNyVVy0jxAQFjFwIAyio1QMkAC7/sH3PdVbGXuTImey+1ewg2
Nxl7bZlZe/YvYlk2yomKW24bgZJ5Vjiecc7g35SM+jveLRWA0xgbkg==
=yDFP
-----END PGP SIGNATURE-----






From alanh at infi.net  Thu Aug  8 21:37:07 1996
From: alanh at infi.net (Alan Horowitz)
Date: Fri, 9 Aug 1996 12:37:07 +0800
Subject: Imprisoned for Not Having a Gun?
In-Reply-To: <ae2f8d2303021004ed0d@[205.199.118.202]>
Message-ID: <Pine.SV4.3.91.960808213912.6108M-100000@larry.infi.net>


Tim,

THe "must have a gun" was a political-art statement; a rhetorical device.

I realize that you didn't recognize it as such, because there is never 
any inflammatory or posturing rhetoric on this list.....





From djmortim at sprynet.com  Thu Aug  8 21:39:11 1996
From: djmortim at sprynet.com (Doug Mortimer)
Date: Fri, 9 Aug 1996 12:39:11 +0800
Subject: subscribing
Message-ID: <320A9782.2381@sprynet.com>


Please add my name to your list.

Thanks.

D. Mortimer
djmortim at sprynet.com





From EALLENSMITH at ocelot.Rutgers.EDU  Thu Aug  8 21:46:43 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 9 Aug 1996 12:46:43 +0800
Subject: Internal Passports
Message-ID: <01I81GQQLAL69JD3GI@mbcl.rutgers.edu>


From:	IN%"declan at eff.org"  "Declan McCullagh"  7-AUG-1996 10:15:54.28

>The Hatch simulated "child porn" bill was reported out of the Senate
>judiciary committee favorably, with the addition of language making it a
>felony to *attempt* to view child porn. This wording is aimed at the Net:
>  "Click Here to see Young Girls in Lust." 

	One wonders if someone could dig up pictures taken by some senators or
reps of their grandkids bathing in a pool... could be a nice publicity stunt.
	-Allen





From amehta at giasdl01.vsnl.net.in  Thu Aug  8 21:48:28 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Fri, 9 Aug 1996 12:48:28 +0800
Subject: Talking about Crypto Anarchy
Message-ID: <1.5.4.32.19960809011710.002ed7ec@giasdl01.vsnl.net.in>


At 20:12 06/08/96 -0700, Timothy C. May wrote:

>6. I've given up on discussing crypto anarchy in short talks because nearly
>nobody in the audiences I've done it for has the foggiest notions of what
>I'm talking about, and I've found no short, sweet, simple methods of
>getting across the implications.
..
>(I've also seen David Chaum struggle to just get the basic idea of
>"credentials without identity" across to a tecnical audience...even when he
>concentrates on only getting a single facet of his ideas across, the light
>bulbs just don't go off in the heads of the audience members...

I appreciate what you are saying, and I'm sure we all have felt this frustration
at some time or another. I've had lots of people, particularly
social scientists,
aghast at the thought that I could have spent 4 years on a PhD trying to get
a crane to reach its destination 2 seconds sooner -- after a while, you just
get tired, and reach for your beer.

However, policy that affects us is framed by people with little idea, and
*someone* with a clue has to educate them (as well as, maybe, educate
their constituents to bring the right kind of public pressure). Perhaps
people like Tim, who seem to be tired of this, could further the cause best
by "training the trainers." Which, I suppose, is what he is doing
on this list...

In closing, a short, simple story that's worth thinking about:

When Buddha attained enlightenment, the gods asked him to go forth and
spread his knowledge to the  world.

"Why should I?" he asked, "Those that know won't need it, those that need it
won't listen."

"Can you rule out," asked the gods, "that there might be people in between?
Those that with your teaching might learn, who otherwise wouldn't?"

Beware of binary thinking...

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From jimbell at pacifier.com  Thu Aug  8 22:11:54 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 9 Aug 1996 13:11:54 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <199608090231.TAA24652@mail.pacifier.com>


At 09:50 AM 8/8/96 -0700, Rich Burroughs wrote:
>On Thu, 8 Aug 1996, Declan McCullagh wrote:
>
>> Looks like we're a little late. However, we can still grab the tape from
>> Oregon's DMV for $220. It would be an interesting excercise to try to get
>> these tapes from each state with similar provisions and put them all
>> online.
>
>This information has been available in Oregon for at least a couple of
>years on CD.  I've always been concerned about the privacy implications of
>that service -- perhaps that's the upside of this story?  That people do
>give a rat's ass about their privacy?

Actually, the lesson to be learned is that the news media is filled with a 
bunch of hypocrites.  These people are supposed to be REPORTERS, for god's 
sake.  Are they trying to tell us that they've never gone to the DMV and 
forked over $4 to find out the owner of a car?  Can you say, "investigative 
reporting"?

I think they're just carrying water for their friends who work for government.

>I do think that the information should be able to be disseminated on the
>Net as long as it's legal.

While I think that the information should be disseminated on the net 
REGARDLESS of whether "it's legal" in any particular jurisdiction.  Or, 
perhaps more accurately, I think that this information shouldn't be 
collected at all.  Then it couldn't be abused.

Jim Bell
jimbell at pacifier.com





From mpd at netcom.com  Thu Aug  8 22:17:34 1996
From: mpd at netcom.com (Mike Duvos)
Date: Fri, 9 Aug 1996 13:17:34 +0800
Subject: Going Postal (Was: Boom!)
In-Reply-To: <2.2.32.19960808224330.00834cbc@panix.com>
Message-ID: <199608090050.RAA15679@netcom12.netcom.com>


DCF writes:

> So, if it turns out that TWA 800 was an accidental wing tank 
> explosion, will they give us our civil liberties back?  If not, 
> why not?

The Post Office has now jumped on the terrorist bandwagon by 
announcing that it will no longer be legal to drop any package
weighing over 16 ounces into a collection box. 

Larger packages will have to be presented in person at the 
Post Office, and I wouldn't be surprised if several forms of
ID were required.

Should wreak havoc with the mail order video tape rental business,
with those handy pre-paid 4th class labels you just slap on the 
tapes before dropping in the nearest mailbox. 

I suspect one could do a lot of damage to a mailbox with under 16
ounces of the proper explosive.  Perhaps one of our resident
Cypherpunks bomb experts could expand on this subject.

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $






From JonWienk at ix.netcom.com  Thu Aug  8 22:23:59 1996
From: JonWienk at ix.netcom.com (JonWienk at ix.netcom.com)
Date: Fri, 9 Aug 1996 13:23:59 +0800
Subject: STEGO GUNS
In-Reply-To: <Pine.SUN.3.95.960808070140.18519C-100000@netcom4>
Message-ID: <199608090145.SAA05012@dfw-ix2.ix.netcom.com>




On Thu, 8 Aug 1996, jonathon <grafolog at netcom.com> wrote:
>On Wed, 7 Aug 1996 JonWienk at ix.netcom.com wrote:
>
>> In 1981, the city of Kennesaw, GA suffered 17 violent crimes and 55 
>> burglaries. 
>> In 1982, Kennesaw passed an ordinance requiring all city residents to own a 
>
>	Said ordinance being passed, as a protest against Elk Grove, IL
>	passing an orinance, banning handguns.  Anybody know when Elk
>	Grove revoked their ordinance?  Crime went down for six months
>	there [ Elk Grove ] after the ban was passed, then it went up
>	--- far surpassing previous crime levels, for all types of
>	crime. 

First of all, you are talking about Morton Grove, not Elk Grove.  Second of all, 
the ban was mostly ignored--the first year it was in effect, only 17 guns were 
turned in. The Morton Grove gun ban was not a statistically significant event.

Jonathan Wienke

"Today Americans would be outraged if U.N. troops entered Los Angeles to restore 
order; tomorrow they will be grateful! This is especially true if they were told 
there was an outside threat from beyond, whether real or promulgated, that 
threatened our very existence. It is then that all peoples of the world will 
pledge with world leaders to deliver them from this evil. The one thing every 
man fears is the unknown. When presented with this scenarios, individual rights 
will be willingly relinquished for the guarantee of their well being granted to 
them by their world government."
--Henry Kissinger in an address to the Bilderberg organization meeting at Evian, 
France, May 21, 1992. Transcribed from a tape recording made by one of the Swiss 
delegates.

"A conservative is a liberal who got mugged last night."
--Lee Rodgers

Key fingerprint =  30 F9 85 7F D2 75 4B C6  BC 79 87 3D 99 21 50 CB






From alanh at infi.net  Thu Aug  8 22:41:12 1996
From: alanh at infi.net (Alan Horowitz)
Date: Fri, 9 Aug 1996 13:41:12 +0800
Subject: Internal Passports
In-Reply-To: <Pine.LNX.3.93.960808101728.254H-100000@smoke.suba.com>
Message-ID: <Pine.SV4.3.91.960808211021.6108E-100000@larry.infi.net>


Nrth Carolina Jury instructions also mention that petite jurors are 
"discouraged" from asking questions of the witness. I guess that means 
they are not forbidden to do so.





From proff at suburbia.net  Thu Aug  8 22:51:15 1996
From: proff at suburbia.net (Julian Assange)
Date: Fri, 9 Aug 1996 13:51:15 +0800
Subject: ****CyberWatch Security With Face Recognition 08/07/96
In-Reply-To: <9608081407.AA01011@rpcp.mit.edu>
Message-ID: <199608081731.DAA05628@suburbia.net>


> 
> Some of the information that can be protected includes medical,  
> financial, criminal, or military records, officials said. The system 
> requires no training, is fast to use, and cannot be fooled by holding 
> up a photo of a person. 
> 
> This technology has been used in other situations, including the  
> securing of buildings or special areas, officials said. 
> 
> TrueFace CyberWatch is compatible with PC client/server standards and  
> can be used alone or with other security programs, officials said. 
> 
> The client runs on Windows 95 and Windows NT operating systems, and  
> costs $199. A bundle package, which includes a Connectix camera and 
> the software, is priced at $298. Both products will be shipping 
> within the next two months, officials said. 

Useless system for any high security application. May be good for
low-security applications if you are dealing with people who are too
stupid to use tokens.

The reality is that people do not treat their faces like secret keys
(depending on sex, religous beliefs and how many warts they may have). A
regular photo may not fool the device, however one specifically developed
for the purpose may, or if the device has some sort of depth perception,
a hologram or modeled head - all of which can be obtained from publically
availabe data - your face.

-- 
"Of all tyrannies a tyranny sincerely  exercised for the good of its victims  
 may be the most  oppressive.  It may be better to live under  robber barons  
 than  under  omnipotent  moral busybodies,  The robber baron's  cruelty may  
 sometimes sleep,  his cupidity may at some point be satiated; but those who  
 torment us for own good  will torment us  without end,  for they do so with 
 the approval of their own conscience."    -   C.S. Lewis, _God in the Dock_ 
+---------------------+--------------------+----------------------------------+
|Julian Assange RSO   | PO Box 2031 BARKER | Secret Analytic Guy Union        |
|proff at suburbia.net   | VIC 3122 AUSTRALIA | finger for PGP key hash ID =     |
|proff at gnu.ai.mit.edu | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 |
+---------------------+--------------------+----------------------------------+





From tcmay at got.net  Thu Aug  8 22:57:23 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 9 Aug 1996 13:57:23 +0800
Subject: Imprisoned for Not Having a Gun?
Message-ID: <ae2f8d2303021004ed0d@[205.199.118.202]>


At 5:35 PM 8/8/96, talon57 at well.com wrote:
>Jonathon <grafolog at netcom.com> wrote:
>
>>Said ordinance being passed, as a protest against Elk Grove, IL
>>passing an orinance, banning handguns.  Anybody know when Elk
>>Grove revoked their ordinance?  Crime went down for six months
>>there [ Elk Grove ] after the ban was passed, then it went up
>>far surpassing previous crime levels, for all types of crime.
>
>Pardon me Jonathon, but I believe you are confusing Morton Grove
>with Elk Grove. I do not have the statistics for the crime rates
>there, but several friends who have moved from there insist the
>crime rate has continued upwards as you mentioned. Also there are
>a couple of other interesting facts.

Regarding that town nearby that passed a _requirement_ that all households
have a gun:

"Ma'm, I'm Deputy Uptite, of the Dork's Grove Sheriff's Department. I'm
here to check on reports that you haven't obtained a gun, as required by
law. Could I come in and take a look around?"

"But I don't like guns, and I don't want one in my house."

"I'm sorry, ma'm, but it's the law. According to the People's
Self-Protection Act of 1997, you _must_ have  a gun. Now what I'm going to
do is give you a break. Think of this as a "fix-it ticket." Take this down
to my cousin's gun store, right off of Main and 10th, and he'll get you set
up with a Glock 23 or maybe a nice little Beretta. Shouldn't cost you more
than $400, and it'll save you a 6-month stretch at the work farm. Have a
nice day. Oh, and be sure to spend at least an hour at the week at the
range...that's part of the law, too."

---

Pro-gun fascism is just as bad a anti-gun fascism.

I do recall that the "you must have a gun" town had some exemptions for
folks opposed to guns, blah blah, but it still is intensely revolting to me
that any town could ever pass such a law. Much as I think being armed is
useful and all that, allowing such a law to go unchallenged feeds into the
same approach that tries to ban guns...if guns can be required, they can be
banned. What part of the Second Amendment did they not understand? (Legal
quibblers will perhaps say the Second applies to _Congress_ (as in
"Congress shall make no law"), and not to states and communities. I
disagree. Can a town restrict free speech just because it is not the
Congress?)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Thu Aug  8 22:59:32 1996
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Fri, 9 Aug 1996 13:59:32 +0800
Subject: Suit filed to enjoin crypto provisions of the ITAR
Message-ID: <199608081921.PAA30963@pdj2-ra.F-REMOTE.CWRU.Edu>



[I have cross-posted this press release by my lawyers to several
mailing-lists. I am subscribed to all of them and I believe that this
information is relevant to all of them, but I apologize because you
may receive several copies.]

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu
		     URL:  http://samsara.law.cwru.edu


------------------------Press Release---------------------------------

Law Professor Sues Federal Government
Over Computer Privacy Issues

Federal Civil Rights Action Seeks Injunction Against 
State Department And National Security Agency

Cleveland Scholar Attacks Prohibition On Discussing 
Cryptographic Software With Foreign Students And Colleagues


For Immediate Release
Cleveland, Wednesday, August 7, 1996

For More Information Contact:
Raymond Vasvari  (216) 522-1925
Gino Scarselli  (216) 291-8601

More Information Will Be Available at:
URL: //http:/samsara.law.cwru.edu


     A Case Western Reserve University law professor filed suit today in
     federal court, challenging government regulations which restrict
     his ability to teach a course in computer law.  Peter Junger, a
     twenty-five year veteran of the law school faculty, will file a
     federal civil rights action this afternoon in the United States
     District Court in Cleveland.  The suit names the Department of
     State and the secretive National Security Agency, which administer
     federal regulations limiting Professor Junger's ability to teach.

     The case involves the International Traffic in Arms Regulations, or
     ITAR, federal regulations which restrict the export of military
     technology.  Under the ITAR, cryptographic computer software, which
     encodes text to preserve the privacy of messages on the Internet,
     is considered a "munition" and subject to strict export control.
     The regulations raise significant First Amendment questions by
     defining "export" to include discussing technical information about
     non-classified software with foreign nationals, such as students
     registered for Professor Junger's course.

     In recent months, the State Department has sent a series of letters
     threatening possible criminal action to a Florida man who posted a
     simple cryptographic algorithm to the "sci.crypt" Usenet Newsgroup,
     an Internet site popular with cryptography enthusiasts.  These and
     similar incidents have caused Professor Junger to limit his
     discussions of cryptographic material with foreign colleagues, for
     fear of violating the ITAR.  Penalties for unlicenced disclosure of
     cryptographic information are severe: federal law provides ten year
     prison terms and One Million Dollar fines for those convicted of
     violating the Arms Export Control Act, the legislation under which
     the ITAR was promulgated.

     Professor Junger, whose class at Case Western Reserve focuses on
     the legal aspects of computer use and software development, plans
     to turn away any foreign students who register for the course this
     fall, largely because the law is uncertain as to what he may teach,
     and to whom.

     The restrictions at issue are administered by the Department of
     State, in cooperation with the ultra-secret National Security
     Agency, the organization charged with eavesdropping on foreign
     governments.   Under the ITAR, Junger may not teach foreign
     students about even simple software capable of encoding messages.
     Such software is vital to maintaining the privacy of communications
     and financial transactions on the Internet, and Junger believes
     that lawyers need to understand how it works in order to prepare to
     practice in an increasingly technological world.

     The information that Junger wishes to disclose is widely available
     on the Internet and elsewhere.  "It's not as though we are talking
     about classified information,"  explained Gino Scarselli, one of
     three lawyers representing Junger in the case.  "The material at
     issue in this case can be found in any university library,  but the
     regulations make no exceptions for even the most basic software,"
     Scarselli noted.   The lawsuit does not challenge the government's
     right to restrict access to classified information.

     Junger is also represented by Raymond Vasvari and Kevin Francis
     O'Neill, two Cleveland attorneys with considerable experience in
     First Amendment issues.   As Vasvari explained, the suit presents
     important First Amendment questions about the government's ability
     to regulate academic life.  "These regulations allow the government
     to dictate what a professor may and may not teach, even though the
     material involved poses no threat to national security," Vasvari
     explained.

     The suit charges that by requiring Junger to apply for a federal
     license to discuss cryptography with foreigners, the government is
     violating a well-established First Amendment rule which prohibits
     the government from imposing prior restraints on expression without
     clear, narrowly drawn standards distinguishing prohibited
     expression from permissible speech.  The United States Supreme
     Court has consistently held that such prior restraints face a heavy
     burden in court, and that standardless licencing schemes allowing
     officials broad discretion in restriction speech are
     unconstitutional.

     Because computer cryptography is expected to play an important role
     in the economic development of the Internet, the case is being
     closely watched.  Scarselli has worked closely with attorneys
     affiliated with the San Francisco based Electronic Frontier
     Foundation in preparing the suit, and Junger and his lawyers have
     been in frequent contact with John Gilmore, formerly of Sun
     Microsystems, who has offered his assistance as a technical advisor
     in the case.  

     At issue is not only Junger's right to discuss cryptography with
     foreigners, but also his and other's right to publish and
     distribute such information both in traditional forms and on the
     internet.

     Professor Junger's suit seeks declaratory and injunctive relief,
     prohibiting the government from interfering with his, or any other
     person's, discussing non-classified cryptographic information with
     foreign persons or from publishing that information.  Lawyers for
     Junger have moved the court for a preliminary injunction.  Junger's
     course begins in the fall semester, later this month.






From dlv at bwalk.dm.com  Thu Aug  8 23:01:32 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Fri, 9 Aug 1996 14:01:32 +0800
Subject: For what it's worth...
Message-ID: <F20csD58w165w@bwalk.dm.com>


From: Erltsung Schang <etschang at zsu.edu.cn>
Subject: Could anyone feed me news?
Date: Thu, 08 Aug 1996 20:49:10 +0800
Organization: Network Center of Zhongshan University
Lines: 14
Message-ID: <3209E246.DE3 at zsu.edu.cn>
Reply-To: etschang at zsu.edu.cn
NNTP-Posting-Host: 202.96.129.2
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailer: Mozilla 3.0b5aGold (Win95; I)

Hi,

Could anyone help me to feed me news?

Thank you very much!

Erltsung Schang
Network Center of Zhongshan University
135, West Xin-gang Road
Guangzhou, GD 510275
China
Phone: 86-20-84184905
Fax: 86-20-84193772
E-mail: etschang at zsu.edu.cn





From ichudov at algebra.com  Thu Aug  8 23:01:46 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Fri, 9 Aug 1996 14:01:46 +0800
Subject: visual programming
In-Reply-To: <199608081912.MAA29522@netcom14.netcom.com>
Message-ID: <199608090337.WAA15456@manifold.algebra.com>


Vladimir Z. Nuri wrote:
> 
> imagine that as a programmer, you could see an animated presentation
> of your code operation at all times. it would be an incredible
> development and debugging tool. it is quite a few years away, but
> I think it is inevitable.
> 

I can see it in my brain anyway. Would not pay a $1 for such system.

igor





From jeremey at forequest.com  Thu Aug  8 23:08:01 1996
From: jeremey at forequest.com (Jeremey Barrett)
Date: Fri, 9 Aug 1996 14:08:01 +0800
Subject: An SSL implementation weakness?
In-Reply-To: <83952437618205@cs26.cs.auckland.ac.nz>
Message-ID: <Pine.BSI.3.93.960808145842.6124A-100000@descartes.forequest.com>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 9 Aug 1996 pgut001 at cs.auckland.ac.nz wrote:

> The following weakness seems very obvious, I've got a partial writeup of this 
> but before I turn it into a paper or something and arrange a demonstration of 
> how it would work I thought I'd check to make sure (a) someone else hasn't 
> mentioned it before, and (b) it is actually possible (it seems too simple to 
> be true):
>  
> 1. Using DNS spoofing, stage a hostile takeover of an address (for example 
>    using bogus referrals set yourself up as the delegated server for a DNS 
>    subtree).
> 2. Get a Verisign certificate for an arbitrary company and set up a bogus site 
>    at the stolen address.
>  
> Lets say you steal www.megafoobarcorp.com.  People connect to this site (which 
> is actually your bogus site), Netscape (for example) displays the blue line 
> and non-broken key (which is actually for your J.Random certificate rather 
> than the real megafoobarcorp one) to show the connection is secure, and you've 
> just subverted their site.  

The domain in the server's certificate will not match the domain on the url,
i.e. the certificate will say www.eve.com and the url will be
www.megafoobarcorp.com.  Netscape does and should complain about this,
and that particular warning cannot be turned off.  Now it is quite possible
that the user will ignore the warning or not fully understand it, and 
proceed, but if the user pays attention to those sort of warnings, the
switch will be detected.

Now maybe if you got a certificate for a very similar domain name, the user
might be more likely to ignore the warning.


- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Jeremey Barrett
Senior Software Engineer			jeremey at forequest.com 
The ForeQuest Company       			http://www.forequest.com/

   "less is more."
		-- Mies van de Rohe.

   Ken Thompson has an automobile which he helped design.  Unlike most
   automobiles, it has neither speedometer, nor gas gage, nor any of the
   numerous idiot lights which plague the modern driver.  Rather, if the
   driver makes any mistake, a giant "?" lights up in the center of the
   dashboard.  "The experienced driver", he says, "will usually know
   what's wrong."

		-- 'fortune` output

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgpmWy/fy+vkqMxNAQEZfQP8C69iVqCdXBudh8N2UIlLVew65Yi8lkad
Wjnsur/vsFbsGQZBOvh5IBshJkLBYPZPL2Q92Zi14Xcir8/Ld18N8kFShQ97id5l
npXMcY7ncFnfeohdwhIJdDgzaNYK9i/eVeb90JVPh/cV89xw9BnXv4h/7xW3ul+j
xp/m1oyRZ/w=
=Tsus
-----END PGP SIGNATURE-----






From talon57 at well.com  Thu Aug  8 23:08:41 1996
From: talon57 at well.com (talon57 at well.com)
Date: Fri, 9 Aug 1996 14:08:41 +0800
Subject: STEGO GUNS
Message-ID: <199608081735.KAA03397@well.com>



Jonathon <grafolog at netcom.com> wrote: 

>Said ordinance being passed, as a protest against Elk Grove, IL
>passing an orinance, banning handguns.  Anybody know when Elk
>Grove revoked their ordinance?  Crime went down for six months
>there [ Elk Grove ] after the ban was passed, then it went up
>far surpassing previous crime levels, for all types of crime. 

Pardon me Jonathon, but I believe you are confusing Morton Grove
with Elk Grove. I do not have the statistics for the crime rates
there, but several friends who have moved from there insist the
crime rate has continued upwards as you mentioned. Also there are
a couple of other interesting facts.

1) The city council exempted themselves from the handgun ban.

2) The wife of the Mayor reportedly purchased a handgun the day   
after the law was enacted.

Brian





From geeman at best.com  Thu Aug  8 23:36:50 1996
From: geeman at best.com (i am not a number!)
Date: Fri, 9 Aug 1996 14:36:50 +0800
Subject: Drive the SF Central Freeway, have your license plate photo'ed.
Message-ID: <320AC4B5.1E3@best.com>


CBS radio news this morning: 80,000 commuters traveling the central 
f'way in SF will have information mailed to them regarding the quake 
retrofit blah blah.

How?  Their license plates have been photographed.
... and the cheery "news" anchorwoman sweetly moved on to the next 
story.....





From jfricker at vertexgroup.com  Thu Aug  8 23:40:21 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Fri, 9 Aug 1996 14:40:21 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <2.2.32.19960809024936.00c79f48@vertexgroup.com>


At 05:32 PM 8/8/96 -0700, Rich Graves wrote:
>On Thu, 8 Aug 1996, John F. Fricker wrote:
>
>> ObCypherpunks: How many people do you know that are working on a day to day
>> basis with medical records systems, the District Attorney's computers, your
>> doctor's computers, state Department of Health, and so on. I'm sure it's
>> come up before but isn't this an obvious of application of encryption and
>> PAK (Public Access to Keys)? Any legislation currently to _require_ that
>> medical records and such be encrypted with access restricted. 
>
>"Require"?
>
>Wouldn't do shit. It's a social problem more than a technological problem.
>

Isn't that the role of legislation? To implement solutions that society
would not do on it's own?

The enabling technology is obviously off the self.

I think you may have misinterpretted my last sentence which was supposed to
have had a ? at the end. Where's the proof reader when you need one!



--j






From chrislee at sunspot.tiac.net  Thu Aug  8 23:40:28 1996
From: chrislee at sunspot.tiac.net (Chris Lee)
Date: Fri, 9 Aug 1996 14:40:28 +0800
Subject: PGP/Unix scripts, mail proggies?
Message-ID: <Pine.SUN.3.95.960808222342.27876A-100000@sunspot.tiac.net>


Hello all,

	I joined this list a while ago and am curious whether a there is a
simple way to encrypt/decrypt e-mail with PGP in a Linux(Unix)
enviroment...?  Sorry if this has been answered a thousand times, but it
would really make PGP a more viable option with my small ISP.

Thank you very much for any answers, please reply to me personally.

Chris Lee

PS Please don't suggest any Windows programs, excluding X-Windows of
course.  :)

	

===============================================================
|  chrislee at sunspot.tiac.net   |   Finger for PGP Public Key  |
|       "What color is a chameleon on a mirror?"  -BSD        |
|        WWW Page: http://www.tiac.net/users/chrislee         |
===============================================================







From jimbell at pacifier.com  Thu Aug  8 23:51:00 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 9 Aug 1996 14:51:00 +0800
Subject: driver license info, loss of liberty, etc.
Message-ID: <199608090359.UAA29690@mail.pacifier.com>


At 09:29 PM 8/8/96 -0400, Pete Loshin wrote:
>The furor over the Oregon DMV database seems a bit misplaced: this type of 
>information is considered to be in the public domain.  You can buy it on 
>tape/whatever for business purposes direct from the state.

Actually, in Oregon I don't think there is any restriction as to what purposes you ask 
for the information.  I've never filled out such a request before 
(preferring to get my data from a CDROM which tells no tales...) but as I 
understand it there's no restriction.  (Other than legality?!?)

> There are lots 
>of people who I don't want to have any information about me who can get 
>what's on file down at the Mass Registry of Motor Vehicles.  That's the way 
>it works.
>
>Now, there's lots of times when it would have been nice to have access to 
>that information myself.  Use your imagination.  Why should the public be 
>denied the right to access this information when businesses have had that 
>privilege for some time?  I wouldn't hold my breath waiting for it to be 
>taken away from businesses, either, though I suppose the states will now 
>pass laws prohibiting the public dissemination of this data.


I've pointed out elsewhere that our goal should be the elimination of the 
collection of this data by the state in the first place, an appropriately 
radical idea.


Jim Bell
jimbell at pacifier.com





From ichudov at algebra.com  Thu Aug  8 23:56:40 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Fri, 9 Aug 1996 14:56:40 +0800
Subject: Basic Unix Hacking
In-Reply-To: <199608082320.QAA17952@scv2.apple.com>
Message-ID: <199608090225.VAA10861@manifold.algebra.com>


CTH wrote:
> Is there a way to get a .plan file to execute shell script when
> it is read by finger??
> 
> I'm sure this is an old question, but it seems there must
> be a way.
> 
> echo \"date\"  or some damn thing that will execute as opposed
> to printing.

use a named pipe for your plan: 

$ cd $HOME
$ /bin/mv -f .plan .plan.old
$ mknod .plan p
$ (date > .plan) &
$ finger `whoami`@0

or use "masterplan" program available from the net.

But IMHO, all this activity is a WASTE of time.





From deviant at pooh-corner.com  Fri Aug  9 00:00:28 1996
From: deviant at pooh-corner.com (The Deviant)
Date: Fri, 9 Aug 1996 15:00:28 +0800
Subject: Internal Passports
In-Reply-To: <Pine.LNX.3.93.960808101728.254H-100000@smoke.suba.com>
Message-ID: <Pine.LNX.3.94.960809041326.653A-100000@switch.sp.org>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 8 Aug 1996, snow wrote:

> Date: Thu, 8 Aug 1996 10:18:07 -0500 (CDT)
> From: snow <snow at smoke.suba.com>
> To: The Deviant <deviant at pooh-corner.com>
> Cc: "Mark C. Henderson" <mch at squirrel.com>,
>     Bill Stewart <stewarts at ix.netcom.com>,
>     "Timothy C. May" <tcmay at got.net>, cypherpunks at toad.com
> Subject: Re: Internal Passports
> 
> On Thu, 8 Aug 1996, The Deviant wrote:
> > On Wed, 7 Aug 1996, Mark C. Henderson wrote:
> > > I note that California requires some sort of documentation (birth 
> > > cert, INS documentation etc.) for a new driver's licence. Don't know
> > > about other states.  
> > 
> > Hrmm... North Carolina requires 2 forms of ID, which can be an older
> > Driver's license, a SS card, a military ID, a birth certificate, or
> > (you'll love this one)...   "A filled in job application"... It doesn't
> > even have to be signed by the company, or any of that shit.  I can walk
> > over to RatShack, ask for an application, fill it out as "J. E. Hoover",
> > and its a valid form of ID at the DMV.
> 
>      You forgot "The Family Bible" at least that was in effect the last
> time I was in N.C.
> 

Ah.. yes.. I knew I was forgetting (repressing?) that I live in "The Bible
Belt"... What having a minister as a parent, its an easy thing to try and
repress...

 --Deviant
No one can guarantee the actions of another.
                -- Spock, "Day of the Dove", stardate unknown


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgq7PDAJap8fyDMVAQH9Wgf/UA41BvrNvNY2kEihtGm7XCgAtblb+6vv
i0CGAB83r0idDy+JVfAOOh//MflQLRImVO1LzGXCmpWZpcuWjQuW99T/cgDqkmi0
sER+kpZ779Yw3+Jn1vIxQevgeKMOBeJ5MmG27kbqSnBaD+kd3e/nFhbfjVM4KWdG
X0KByRNbKZJGGxkg5FYguaRr0DHlbqFXQCJY0LWPhL5+1gi41jSCNvXr0PL4h5FG
dwv2QO9wQ3UYGKLlb48EhC5WKkQa2qYx3qP8sHJewXxcVtAjyAzvmW87Y9fGwuwA
EjleCqGJBxMa4UckiRSRxxjZBN2gWP1szVzWSLMkioBVZgtd4xi9fw==
=7QMw
-----END PGP SIGNATURE-----






From grafolog at netcom.com  Fri Aug  9 00:03:21 1996
From: grafolog at netcom.com (jonathon)
Date: Fri, 9 Aug 1996 15:03:21 +0800
Subject: Imprisoned for Not Having a Gun?
In-Reply-To: <ae2f8d2303021004ed0d@[205.199.118.202]>
Message-ID: <Pine.SUN.3.95.960809045122.23081F-100000@netcom7>


	Tim:

On Thu, 8 Aug 1996, Timothy C. May wrote:

> >Pardon me Jonathon, but I believe you are confusing Morton Grove
> >with Elk Grove. I do not have the statistics for the crime rates

	Mea culpa.  Morton Grove is right.  

> Regarding that town nearby that passed a _requirement_ that all households
> have a gun:
	
	In the case of Kennesaw, if you had a personal objection 
	to having a handgun -- or any other weapon --- in your home,
	you were automatically exempt.  If federal, or state law 
	prohibited you from owning a weapon, you were also exempt.  

	Also note that the official city policy was to not enforce
	that specific law.  It was a purely symbolic thing, which
	did have some interesting side-effects.  

        xan

        jonathon
        grafolog at netcom.com



VapourWare is like the Tao,
Looked for it cannot be found,
Reached for it cannot be touched,
Waited for not even FedX can deliver;
            <Paid for it will not be refunded>







From EALLENSMITH at ocelot.Rutgers.EDU  Fri Aug  9 00:03:25 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 9 Aug 1996 15:03:25 +0800
Subject: Cybergangs?
Message-ID: <01I81T5ESZKS9JD3MN@mbcl.rutgers.edu>


From:	IN%"educom at educom.unc.edu"  8-AUG-1996 22:27:27.58
To:	IN%"edupage at elanor.oit.unc.edu"  "EDUCOM Edupage Mailing List"

>*****************************************************************
>Edupage, 8 August 1996.  Edupage, a summary of news about information
>technology, is provided three times a week as a service by Educom,
>a Washington, D.C.-based consortium of leading colleges and universities
>seeking to transform education through the use of information technology.
>*****************************************************************

>CYBERGANGS
>The head of the gang task force for the Arizona Department of Public Safety
>reports that a Web site established in Detroit offers a how-to guide for
>gangster wannabes and is urging gang members everywhere to unite under its
>umbrella to form the first cyberspace gang.  The official says:  "Now it's
>in your home, your living room, your den... Unfortunately, these guys can
>talk about anything they want and there's nothing law enforcement can do
>about it."  (Atlanta Journal-Constitution 8 Aug 96 F3)

	Umm... yes, it's called free speech. While organizational ability
might be a matter for concern, somehow I doubt that having them on the net
will do any real damage... being on a computer that mine is connected to hardly
puts them "in [my] home," even if my computer at home were connected to a phone
line. Bloody law enforcement paranoids...
	-Allen

>Edupage is written by John Gehl <gehl at educom.edu> & Suzanne Douglas
><douglas at educom.edu>.  Voice:  404-371-1853, Fax: 404-371-8057.

>Technical support is provided by Information Technology Services at the
>University of North Carolina at Chapel Hill.

>***************************************************************
>Edupage ... is what you've just finished reading.  To subscribe to Edupage:
>send mail to: listproc at educom.unc.edu with the message:  subscribe edupage
>Abraham Lincoln (if your name is Abraham Lincoln;  otherwise, substitute
>your own name).  ...  To cancel, send a message to: listproc at educom.unc.edu
>with the message: unsubscribe edupage.   (If you have subscription problems,
>send mail to manager at educom.unc.edu.)





From iang at cs.berkeley.edu  Fri Aug  9 00:05:50 1996
From: iang at cs.berkeley.edu (Ian Goldberg)
Date: Fri, 9 Aug 1996 15:05:50 +0800
Subject: Thank you.
In-Reply-To: <199608081616.SAA01670@basement.replay.com>
Message-ID: <4ue24a$2ov@abraham.cs.berkeley.edu>


-----BEGIN PGP SIGNED MESSAGE-----

In article <199608081616.SAA01670 at basement.replay.com>,
Anonymous <nobody at REPLAY.COM> wrote:
>I forgot the name of the person who wrote the patches
>to the Linux kernel for stego.
>
>They work perfectly, and I had no problems setting it up.
>
>Many thanks.
>
No problem.  I urge you to push (on linux-kernel at vger.rutgers.edu and/or
comp.os.linux.development.system) for its inclusion in the standard kernel
before 2.1 comes out.  Stego isn't that useful a feature, if the very fact
of having a modified kernel that supports it, is incriminating...

   - Ian

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgqLhkZRiTErSPb1AQFtaQP/c63xDJDKJ6T3FmgmswdPDX/Sw2zTiGdS
WiZyFvZmj2o1TgAcJI+TisvBD6DPatJWD6xdCnmJD04fvCB1UsYsJsVuNJv1WSCi
epgJ0o/FO0jM8ESj/z60XcllCQtHR7n1kQti9PFjZB2jpOTRRsERD6owwEnsNtIf
up0R5wTmxdQ=
=yxMM
-----END PGP SIGNATURE-----





From jimbell at pacifier.com  Fri Aug  9 00:12:28 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 9 Aug 1996 15:12:28 +0800
Subject: Boom!
Message-ID: <199608090359.UAA29693@mail.pacifier.com>


At 05:58 PM 8/8/96 -0700, Timothy C. May wrote:
>At 10:43 PM 8/8/96, Duncan Frissell wrote:
>>So, if it turns out that TWA 800 was an accidental wing tank explosion, will
>>they give us our civil liberties back?  If not, why not?
>>
>
>You must be kidding. Civil rights (the real ones, not the affirmative
>action/antidiscrimination bullshit kind) only get constricted.
>
>The government only tightens the noose, it never loosens it.

I've got a...oh, never mind.


Jim Bell
jimbell at pacifier.com





From tcmay at got.net  Fri Aug  9 00:13:16 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 9 Aug 1996 15:13:16 +0800
Subject: Going Postal (Was: Boom!)
Message-ID: <ae2fef91080210040d06@[205.199.118.202]>


At 12:50 AM 8/9/96, Mike Duvos wrote:

>
>The Post Office has now jumped on the terrorist bandwagon by
>announcing that it will no longer be legal to drop any package
>weighing over 16 ounces into a collection box.

Actually, CNN was reporting that this is for _airmail_ only. Which makes a
certain kind of sense, given the situation with bomb technology.

>Larger packages will have to be presented in person at the
>Post Office, and I wouldn't be surprised if several forms of
>ID were required.

The usual alternatives of UPS (cheaper) and FedEx (not so cheap) should
still be viable. This could actually boost their business.

I just had some Evil Smokeless Powder delivered to me via UPS. (The Post
Office people will not handle this stuff...it either violates their union
contracts or management is afraid the employees will use it to go postal
with.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From frissell at panix.com  Fri Aug  9 00:13:38 1996
From: frissell at panix.com (Duncan Frissell)
Date: Fri, 9 Aug 1996 15:13:38 +0800
Subject: Boom!
Message-ID: <2.2.32.19960808224330.00834cbc@panix.com>


So, if it turns out that TWA 800 was an accidental wing tank explosion, will
they give us our civil liberties back?  If not, why not?

DCF

"'It Takes a Village to Raise a Child' -- an unemployed hausfrau living in
public housing in Washington, D.C."






From sandfort at crl.com  Fri Aug  9 00:14:50 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Fri, 9 Aug 1996 15:14:50 +0800
Subject: Imprisoned for Not Having a Gun?
In-Reply-To: <ae2f8d2303021004ed0d@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.960808151142.29184B-100000@crl11.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 8 Aug 1996, Timothy C. May wrote:

> Regarding that town nearby that passed a _requirement_ that all
> households have a gun:
> ...
> Pro-gun fascism is just as bad a anti-gun fascism.
> 
> I do recall that the "you must have a gun" town had some
> exemptions for folks opposed to guns, blah blah, but it still
> is intensely revolting to me that any town could ever pass
> such a law...

I can't find the exact quote, but Will Rogers quipped that every
time Congress made a law, it was a joke.  And every time Congress
made a joke it was a law.  The town near Morton Grove was not
making a real requirement that every household have a gun, they
were just making a joke at Morton Grove's expense.  In addition
to the "exceptions," there was no penalty for violation of the
law, thus making sure it was unenforceable.  It was not a case
of "pro-gun fascism" but of rough American political humor.  At
the very least it kept the city council out of more serious 
mischief.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From shamrock at netcom.com  Fri Aug  9 00:19:46 1996
From: shamrock at netcom.com (Lucky Green)
Date: Fri, 9 Aug 1996 15:19:46 +0800
Subject: Going Postal (Was: Boom!)
Message-ID: <v02120d1bae3075c377c7@[192.0.2.1]>


At 17:50 8/8/96, Mike Duvos wrote:

>The Post Office has now jumped on the terrorist bandwagon by
>announcing that it will no longer be legal to drop any package
>weighing over 16 ounces into a collection box.
>
>Larger packages will have to be presented in person at the
>Post Office, and I wouldn't be surprised if several forms of
>ID were required.

We'll see the day.

>Should wreak havoc with the mail order video tape rental business,
>with those handy pre-paid 4th class labels you just slap on the
>tapes before dropping in the nearest mailbox.

A video tape weighs less than a pound.

>I suspect one could do a lot of damage to a mailbox with under 16
>ounces of the proper explosive.  Perhaps one of our resident
>Cypherpunks bomb experts could expand on this subject.

Sixteen ounces of C4 will do you right. It was only 12 ounces that brought
down the Pan Am flight over Scotland.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From deviant at pooh-corner.com  Fri Aug  9 00:19:46 1996
From: deviant at pooh-corner.com (The Deviant)
Date: Fri, 9 Aug 1996 15:19:46 +0800
Subject: An SSL implementation weakness?
In-Reply-To: <83952437618205@cs26.cs.auckland.ac.nz>
Message-ID: <Pine.LNX.3.94.960809045202.653D-100000@switch.sp.org>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 9 Aug 1996 pgut001 at cs.auckland.ac.nz wrote:

> Date: Fri, 9 Aug 1996 05:12:56 (NZST)
> From: pgut001 at cs.auckland.ac.nz
> To: cypherpunks at toad.com
> Subject: An SSL implementation weakness?
> 
> The following weakness seems very obvious, I've got a partial writeup of this 
> but before I turn it into a paper or something and arrange a demonstration of 
> how it would work I thought I'd check to make sure (a) someone else hasn't 
> mentioned it before, and (b) it is actually possible (it seems too simple to 
> be true):
>  
> 1. Using DNS spoofing, stage a hostile takeover of an address (for example 
>    using bogus referrals set yourself up as the delegated server for a DNS 
>    subtree).
> 2. Get a Verisign certificate for an arbitrary company and set up a bogus site 
>    at the stolen address.
>  
> Lets say you steal www.megafoobarcorp.com.  People connect to this site (which 
> is actually your bogus site), Netscape (for example) displays the blue line 
> and non-broken key (which is actually for your J.Random certificate rather 
> than the real megafoobarcorp one) to show the connection is secure, and you've 
> just subverted their site.  
>  
> The problem is that unless the user on the client side checks their 
> certificates (which noone does), all they're told is "A secure link is 
> established", not who the secure link is established to.  Even if browsers did 
> pop up a dialog to tell them who the secured connection was to, after about 
> the third time people would click on the "Never show this incredibly annoying 
> dialog again" option and never look at it again.     
>  
> This effectively reduces an attack on an SSL-enabled server to an attack on 
> the DNS.  Is this as simple as it seems, and is it worth doing a writeup on?
>  
> Peter.
> 

This certainly _looks_ like a viable hack on SSL...
of course, the other option is just hack Root on the _real_ server, and
steal their certificate (harder than I make it sound, but usually not to
complicated, assuming you can spoof IP and DNS, etc...)

 --Deviant
        "Evil does seek to maintain power by suppressing the truth."
        "Or by misleading the innocent."
                -- Spock and McCoy, "And The Children Shall Lead",
                   stardate 5029.5.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgrEWzAJap8fyDMVAQFhUwf9EanUPzCVnp1rawVKucnuG78GvwpRNZzA
Pu1LXIpfiCZeIsDOsLUMEHoyhukYuxnO8sZOS4CJdifU7ibdyofhxyBrxB+xOmny
2bnqSmOKl7qFocFFIEPUj7byThp22X4ynGuqgv4iBLuL7h2gaOuF7iz1mxacU0AJ
7QDsyiUJV/0mCOZeO+KEre/TLnsWOqbL5GGnsjM6JZ12LsqFUmXwQySWOkywbisq
OFt6jxo2JlfLDm5+XXyN5VTnTEsub4q/qaTf2bu9FLUfSic73YzusMyK9mmZ7nwu
0XEeV7zooQ16tCwD9XS2eoVHmqmUzrxiypZcrSmf9MvCwzFgVGxyYQ==
=Ckhu
-----END PGP SIGNATURE-----






From shamrock at netcom.com  Fri Aug  9 00:22:07 1996
From: shamrock at netcom.com (Lucky Green)
Date: Fri, 9 Aug 1996 15:22:07 +0800
Subject: Going Postal (Was: Boom!)
Message-ID: <v02120d1cae3078480f83@[192.0.2.1]>


At 19:22 8/8/96, Timothy C. May wrote:

>I just had some Evil Smokeless Powder delivered to me via UPS. (The Post
>Office people will not handle this stuff...it either violates their union
>contracts or management is afraid the employees will use it to go postal
>with.)

A while back, I ordered some "I love Explosives" bumper stickers from an
explosives dealer in New Mexico. They also ship black powder via UPS to
anyone. Twenty pounds maximum.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From wombat at mcfeely.bsfs.org  Fri Aug  9 00:24:33 1996
From: wombat at mcfeely.bsfs.org (Rabid Wombat)
Date: Fri, 9 Aug 1996 15:24:33 +0800
Subject: Boom!
In-Reply-To: <ae2fd9c406021004edd7@[205.199.118.202]>
Message-ID: <Pine.BSF.3.91.960809033437.18281B-100000@mcfeely.bsfs.org>




On Thu, 8 Aug 1996, Timothy C. May wrote:

> On a related note, it looks like Richard Jewell, the "Olympic Bomber," may
> not be charged and may even receive a page 37B "letter of clarification"
> from the Feds. No word on what the pack of 100 media vultures camped in his
> apartment's driveway will say.
> 
> I suspect he will never live a normal life. Even if never charged, the
> splashing of private photos from his apartment--such as him cradling an
> AR-15 while dressed in camo--will stick in people's minds. What recourse
> does he have that camera crews were invited in on the searches? (*)

None. He'll be forced to spend his life touring the talk show circuit, 
promoting the made-for-TV movie. If they'll make four different "Amy 
Fisher" movies at four different networks, they'll make at least one on this.





From lspeidel at earthlink.net  Fri Aug  9 01:03:35 1996
From: lspeidel at earthlink.net (Michael Cortes)
Date: Fri, 9 Aug 1996 16:03:35 +0800
Subject: anarchy cookbook???
Message-ID: <320A86F3.22BC@earthlink.net>


cypherpunks

Ok this is what happend.I was looking around on the www. And came across 
the jolly roger "anarchy cookbook" and i was wondering.Any one know what 
happend to jolly roger? -Zac

ps:
Oh and sorry for like all fucken up on my last letter heh





From rich at c2.org  Fri Aug  9 01:13:24 1996
From: rich at c2.org (Rich Graves)
Date: Fri, 9 Aug 1996 16:13:24 +0800
Subject: anarchy cookbook???
In-Reply-To: <320A86F3.22BC@earthlink.net>
Message-ID: <Pine.GUL.3.95.960808231233.8399A-100000@Networking.Stanford.EDU>


On Thu, 8 Aug 1996, Michael Cortes wrote:

> cypherpunks
> 
> Ok this is what happend.I was looking around on the www. And came across 
> the jolly roger "anarchy cookbook" and i was wondering.Any one know what 
> happend to jolly roger?

He blew himself up cooking napalm according to his directions.

-rich






From jamesd at echeque.com  Fri Aug  9 01:15:58 1996
From: jamesd at echeque.com (James A. Donald)
Date: Fri, 9 Aug 1996 16:15:58 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <199608090451.VAA01180@dns1.noc.best.net>


At 12:25 AM 8/8/96 -0700, Alan wrote:
> It will be interesting to see the state come out on the side of all those
> anonymous drivers.

The state wants people to be anonymous from each other, but not anonymous
from the state.  This ensures that we are dependent on the state for the
maintenance of civilized behavior.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From dlv at bwalk.dm.com  Fri Aug  9 01:16:11 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Fri, 9 Aug 1996 16:16:11 +0800
Subject: "Thank you for not smoking" and other euphemisms
In-Reply-To: <ae2fe17707021004bcfc@[205.199.118.202]>
Message-ID: <ZoHDsD60w165w@bwalk.dm.com>


tcmay at got.net (Timothy C. May) writes:
> "Petite jurors" Is this a typo, or a special term of art in North Carolina?

This is the official name for "regular" juries, as opposed to the grand jury.

> (And then there's the "sliding scale donation suggested," say, from $5 to
> $15. Presumably this is the embodiment of pure Marxist theory, "from each
> according to his ability, to each according to his need." Be interesting to
> see their reaction if one declined to make any donation.)

Well - some time ago I came to a C++ users group meeting and had only $2
on me. The guy at the door said rather sternly: "the suggested donation
is three dollars". I said, sorry, I only got two, and just walked by.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From tcmay at got.net  Fri Aug  9 01:22:30 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 9 Aug 1996 16:22:30 +0800
Subject: Drive the SF Central Freeway, have your license plate photo'ed.
Message-ID: <ae3023570a0210043726@[205.199.118.202]>


At 4:55 AM 8/9/96, i am not a number! wrote:
>CBS radio news this morning: 80,000 commuters traveling the central
>f'way in SF will have information mailed to them regarding the quake
>retrofit blah blah.
>
>How?  Their license plates have been photographed.
>... and the cheery "news" anchorwoman sweetly moved on to the next
             ^^^^^^^^^^^^^^^^^^^^^^^^^
>story.....

Don't expect anchorbimbos to have a thought about anything. (*) Though it
might have given her more pause if the story was about how 80,000 women in
California are being mailed special information on birth control options
because their license plates were photographed in Planned Parenthood
parking lots....

It really ought to be illegal for any level of government to monitor
citizen-units this way, for any purpose. By the way, it also underscores
something we've talked about before: surveillance technology is moving so
fast that the Chaumian idea of avoiding movement-tracking by "digital cash"
may be impossible to achieve. You can spend your digibucks to avoid being
tracked on a toll road, but their cameras will see your (mandatory) license
plate and maybe even your face anyway.

--Tim


(* In the first "Robocop," anchorbimbo extraordinaire Leeza Gibbons, clone
of Mary Hart, did a wonderful satire of bubbleheaded hairspray
journalists.)




Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From shamrock at netcom.com  Fri Aug  9 01:32:55 1996
From: shamrock at netcom.com (Lucky Green)
Date: Fri, 9 Aug 1996 16:32:55 +0800
Subject: Drive the SF Central Freeway, have your license plate photo'ed.
Message-ID: <v02120d00ae30800991e5@[192.0.2.1]>


At 21:55 8/8/96, i am not a number! wrote:
>CBS radio news this morning: 80,000 commuters traveling the central
>f'way in SF will have information mailed to them regarding the quake
>retrofit blah blah.
>
>How?  Their license plates have been photographed.
>... and the cheery "news" anchorwoman sweetly moved on to the next
>story.....

You *are* making this up, right? Please say you did.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From deviant at pooh-corner.com  Fri Aug  9 01:33:16 1996
From: deviant at pooh-corner.com (The Deviant)
Date: Fri, 9 Aug 1996 16:33:16 +0800
Subject: e$: Watching the MacRubble Bounce
In-Reply-To: <3209A1D4.7566@netscape.com>
Message-ID: <Pine.LNX.3.94.960809061155.730B-100000@switch.sp.org>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 8 Aug 1996, Jamie Zawinski wrote:

> If you accept that, then doesn't that make writing crypto software for
> any Unix platform *even more* of a waste of time?  Because last time I
> checked, there were way more Macs on mom-and-pop's desks than Unix
> machines, counting *all* vendors.

Pardon my French, but you mus be fucking stupid or somehing.  How many
universities use UNIX platforms?  How many companies use UNIX platforms?
Sun, DEC, and SGI don't stay in buisiness by building cheap Windows boxes
ya know.  There are 13948 _registered_ LINUX machines, not to mention the
unregistered ones.  Don't tell me that Cray's were designed to run MacOS
or Windows 95.  UNIX isn' NEARLY as dead as Apple is.

 --Deviant
Military secrets are the most fleeting of all.
                -- Spock, "The Enterprise Incident", stardate 5027.4


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgrZbTAJap8fyDMVAQFSagf8C3/HIX7XwtFYRAKxhs8AlDIsO1EXDgr9
jm9RzjGMXqHkgg0OC/0Bzp+OtcYYL5qg/JtaZo90LIdPbqEeOb7HkcYgXkPZ9SLd
sQKIsZMr6IShG7ZIdPH9BRJWn131ExbUjCZ5IfMJVHsimTVbfLHHSppDylxtl2bG
pI6d9FdCWj8puL3omB9PD9gpjoaF4p961+HBclH8W6PLzI+swc/6f49Uxv3LIF4w
gm5IepZmoerW2iK2hwawngZPZJ4Sr4VqzyrAIvDl+rIFLFlN3ejNaGEjwHcNc43+
IBwoOS4kdv16faxT1jBskbKhcywmGqfIrap6Rdr0KkO5DyHHsSTz5g==
=UBUr
-----END PGP SIGNATURE-----






From tcmay at got.net  Fri Aug  9 01:33:37 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 9 Aug 1996 16:33:37 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <ae30277d0b021004309f@[205.199.118.202]>


At 2:49 AM 8/9/96, John F. Fricker wrote:

>Isn't that the role of legislation? To implement solutions that society
>would not do on it's own?
>
>The enabling technology is obviously off the self.
>
>I think you may have misinterpretted my last sentence which was supposed to
>have had a ? at the end. Where's the proof reader when you need one!

"To implement solutions that society would not do on it's own?"

Would not do, or could not do? It is within anyone's power to ask their
psychiatrist what form of encryption he uses to protect his files. Likewise
with doctors and hospitals.

(Though I freely admit that one would not be likely to get very far. For at
least the next decade or two, the reaction will likely be "Huh?" But
"legislation" mandating a form of encryption is not the answer. For many
reasons.)

On this list at least, calls for passing laws to implement societal
solutions are not usually smiled upon. This is not to say such discussions
are out of bounds, only that you'd better make some persuasive arguments
and not just appeal to our common sense sympathies for social engineering
and more laws.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From hal9001 at panix.com  Fri Aug  9 01:39:52 1996
From: hal9001 at panix.com (Robert A. Rosenberg)
Date: Fri, 9 Aug 1996 16:39:52 +0800
Subject: TrustBucks
In-Reply-To: <65tr6crmj9@nowhere.com>
Message-ID: <v0300780cae306e48020c@[166.84.220.80]>


At 19:11 -0500 8/7/96, TrustBuckFella wrote:


>
>"Robert A. Rosenberg" <hal9001 at panix.com> writes:
>>I fail to see why/how the initial swap of  TrustBucks(Alice) for
>>TrustBucks(Bob) followed by Alice returning the TrustBucks(Bob) [as
>>supposed payment] differs from her just paying with the TrustBucks(Alice)
>>in the first place [ie: He is willing to accept the TrustBucks(Alice) as
>>payment for the TrustBucks(Bob) that she will use to pay off her debt]. The
>>net result is the same - Bob has the same amount of TrustBucks(Bob) in
>> circulation and has an amount of TrustBucks(Alice) equal to Alice's payment
>> [the back and forth of the TrustBucks(Bob) is just playing "Right
>> Pocket/Left Pocket"].
>
>I admit, my analysis is probably flawed and I appreciate you challenging
>me on it. But I think it's more complex than the net result of single
>transactions.
>
>The way I figure it, if Bob could accept / not accept any variety of
>TrustBucks, then he can manipulate what varieties he reports being able
>to give in order to escape debts or manipulate what varieties he reports
>being able to accept in order to keep debts unpaid (for interest,
>foreclosure, etc.)
>
>    For instance, Alice is paying off her credit card, which pays Bob a
>    big 17% interest. Bob would rather not let her off early. "Nope, we
>    aren't accepting TrustBucks( Carol ) this week. TrustBucks( Dave )?
>    Let me see.... hmm... nope, sorry ma'am."
>
>    For instance, Alice has just eaten at Le Cafe Bob, and is about to
>    leave. Presented with the cybercheck, she "discovers" that she
>    hasn't got anything Bob is willing to accept. "Sorry 'bout that,
>    Bob. Ooh, hafta run! Bye bye."
>
>
>So it seems to me that the simplest course is to allow payment in
>exactly one variety, the payee's own. Bob can't credibly claim to not
>trust himself.
>
>You might object that the same problem is incurred anyways in
>TrustBucks. If Bob refuses to trade TrustBucks( Bob ) for TrustBucks(
>Carol ), isn't it the same thing as refusing TrustBucks( Carol )?
>
>I think it's subtly different, though. If Bob can accept other people's
>currency, he need not issue any himself. He can credibly refuse early
>payment, since no TrustBucks( Bob ) even exist. If Bob can only accept
>TrustBucks( Bob ), then Alice, who reports having no TrustBucks( Bob ),
>can't "innocently" incur debts she finds she cannot pay.

I admit that Bob can play games by altering the list of which currencies
(other than his own and Alice's) he is willing to accept from Alice. All I
was attempting to point out was that in the simple example you stated
(Alice does not have enough TrustBucks( Bob ) to pay off a debt to Bob so
she "Buys" the amount she needs by using TrustBucks( Alice ) and then
immediately returns the TrustBucks( Bob ) as her payment), the initial
transfer of TrustBucks( Bob ) is all smoke & mirrors (and a bookkeeping
trick) since he is still accepting payment in TrustBucks( Alice) not
TrustBucks( Bob ). The net result is that he is canceling some debt by
accepting the TrustBucks( Alice ) which he might later use to pay Alice for
something.







From deviant at pooh-corner.com  Fri Aug  9 01:49:02 1996
From: deviant at pooh-corner.com (The Deviant)
Date: Fri, 9 Aug 1996 16:49:02 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <Pine.SUN.3.92.960808094648.21717A-100000@linda.teleport.com>
Message-ID: <Pine.LNX.3.94.960809064227.730D-100000@switch.sp.org>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 8 Aug 1996, Rich Burroughs wrote:

> Date: Thu, 8 Aug 1996 09:50:57 -0700 (PDT)
> From: Rich Burroughs <richieb at teleport.com>
> To: cypherpunks at toad.com
> Subject: Re: Oregon License Plate Site in the News Tonight!
> 
> On Thu, 8 Aug 1996, Declan McCullagh wrote:
> 
> > Looks like we're a little late. However, we can still grab the tape from
> > Oregon's DMV for $220. It would be an interesting excercise to try to get
> > these tapes from each state with similar provisions and put them all
> > online.
> 
> This information has been available in Oregon for at least a couple of
> years on CD.  I've always been concerned about the privacy implications of
> that service -- perhaps that's the upside of this story?  That people do
> give a rat's ass about their privacy?
> 
> I do think that the information should be able to be disseminated on the
> Net as long as it's legal.
> 

Yes, but I can also see why its a bad idea to put somebody's VIN on the
Net... A clever terrorist would simply plant peices of metal with some
other loser's VIN's in their car before blowing up a building, (i.e. my
name's McVeigh (sp?), and this rider truck came from Oregon ;)... see my
point?

I do think that some information could be allowed (what your tag says,
your name, your mailing address), but what was put on he net was excesive.

 --Deviant
Horse racing *is* a stable business ...


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgreiTAJap8fyDMVAQHVawf/Txcu6RrhfLvx1kW3Z1VKXmzcP/AeDaeB
2VkEsicQ6xIeHHCUqrE88gJyEVdk8LXRg9wD2OQQObeQUtt6kjAyyxF4QlRz8zVC
EkgD4LAlgSfK/JErkO9rHuYutRc2FFtccd48GilQXTDBQWNLJWojLuObdqnxkT5s
zQDaLvVyy5p4bN2QN76nH+RnAoin+guyEl9EG4TBPo17uY2rIwt3NkTGIfASiKL5
46ugaobiE3Hmaw3GW3YR4nyva35ur3BwAo4uOmfyqsU3MEZx6SoGQpQlzIWDPqwa
T73LplenMei1oTCTssQzF4YODHkqVv0u1uNpVI3GXJgwNKupfMOOtA==
=Z9sz
-----END PGP SIGNATURE-----






From mpd at netcom.com  Fri Aug  9 01:53:45 1996
From: mpd at netcom.com (Mike Duvos)
Date: Fri, 9 Aug 1996 16:53:45 +0800
Subject: Going Postal (Was: Boom!)
In-Reply-To: <v02120d1bae3075c377c7@[192.0.2.1]>
Message-ID: <199608090539.WAA12675@netcom12.netcom.com>


Lucky Green writes:

>>Should wreak havoc with the mail order video tape rental business,
>>with those handy pre-paid 4th class labels you just slap on the
>>tapes before dropping in the nearest mailbox.

> A video tape weighs less than a pound.

Most video rental by mail places, like Facets or Movies Unlimited, 
rent up to three tapes at once, and use a single appropriately
sized box.  I suppose they will have to start packaging each
tape separately. 

The typical package one sends back to a book club when they ship
you the latest pulp fiction even though you sent the little card
back in time weighs about two pounds. 

But, as Tim points out, there's always UPS, or one of the other
services that will pick up at your door and is happy to have your
business. 

The Washington Post says...

"Reacting to growing concerns about mail bombs, the Postal Service
said yesterday that it is taking the extrordinary step of prohibiting
customers from depositing any stamped packages weighing 16 ounces or
more in its collection boxes.

"Posthamster General Marvin T. Runyon said the action was being
taken to 'enhance security measures and to protect the traveling
public, postal employees, and postal contractors who transport
US mail.'"

Persons who use postage meters and mail domestically are exempt
from the new rule. (!)

So I guess if the video place sends you a metered sticker for the
return postage, you can still drop the tapes in the box. 

I'm not quite sure what they are trying to accomplish, other than
to leap on the "we're doing our part to inconvenience the public over
terrorism" bandwagon. 

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $








From grafolog at netcom.com  Fri Aug  9 02:08:50 1996
From: grafolog at netcom.com (jonathon)
Date: Fri, 9 Aug 1996 17:08:50 +0800
Subject: Why should we trust the system?
In-Reply-To: <199608090119.SAA20142@mail.pacifier.com>
Message-ID: <Pine.SUN.3.95.960809070718.6581G-100000@netcom9>


	Jim:

On Thu, 8 Aug 1996, jim bell wrote:

> Okay, I'll admit that I _never_ believed that judges actually follow the 
> standards they claim to.  But many other people of those who are more 

	I know of a very good way to ensure that judges do follow
	the standards that they claim to follow.

	It works even better at making politicians keep all the
	election promises the make.

	Has one drawback --- it reduces the number of people willing
	to carry out those two functions to virtually zero.  OTOH, that
	probably would be a very good thing.  

        xan

        jonathon
        grafolog at netcom.com

		VapourWare is like the Tao,
		Looked for it cannot be found,
		Reached for it cannot be touched,
		Waited for not even FedX can deliver;
		            <Paid for it will not be refunded>







From deviant at pooh-corner.com  Fri Aug  9 02:25:29 1996
From: deviant at pooh-corner.com (The Deviant)
Date: Fri, 9 Aug 1996 17:25:29 +0800
Subject: Imprisoned for Not Having a Gun?
In-Reply-To: <ae2f8d2303021004ed0d@[205.199.118.202]>
Message-ID: <Pine.LNX.3.94.960809065417.730E-100000@switch.sp.org>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 8 Aug 1996, Timothy C. May wrote:
> 
> Pro-gun fascism is just as bad a anti-gun fascism.
> 
> I do recall that the "you must have a gun" town had some exemptions for
> folks opposed to guns, blah blah, but it still is intensely revolting to me
> that any town could ever pass such a law. Much as I think being armed is
> useful and all that, allowing such a law to go unchallenged feeds into the
> same approach that tries to ban guns...if guns can be required, they can be
> banned. What part of the Second Amendment did they not understand? (Legal
> quibblers will perhaps say the Second applies to _Congress_ (as in
> "Congress shall make no law"), and not to states and communities. I
> disagree. Can a town restrict free speech just because it is not the
> Congress?)
> 
> --Tim May
> 

I agree with you.  I don't have anything against guns, but either
requiring them or disallowing them is just plain dumb.  It should be
noted that the Supreme Court's interpretaion of "Congress shall make no
law" is basicly "no lawmaking body that holds any jurisdiction shall make
no law"...

 --Deviant
There are four kinds of homicide: felonious, excusable, justifiable,
and praiseworthy ...
                -- Ambrose Bierce, "The Devil's Dictionary"


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgrhejAJap8fyDMVAQEl1gf8C06PaoBEoOB971MpYa/4DejUinTxvpCS
9Q8/AgPSnbIlMhbwGcFkbjM+kuORfsWTJmlczMRxRXIApyK4qIYoG9HEx1lYWJ+b
bZ7X5FpiSKm3fIZ52eK8R2jCdcxGlq/5Fm3DrGemvPBb5swKMR8y3WWs/ETuwzOM
vTBXskonzAqRoMPysKyDUc2BY5n6+k5M22JAalIyAD8HQVyTgxcPv4E8qTWsgW60
qgNy+mv3nJ0sERCDas8WWCPWJ4FuIKg+KgL8bFELkri1CU7f5DdKCxa5bFfMM9kN
njd6mXMZ3qVbNtkMG59xOVIoOIx918jzXZcnXyoThbBCvIyTOFPnHQ==
=aSan
-----END PGP SIGNATURE-----






From jimbell at pacifier.com  Fri Aug  9 02:43:23 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 9 Aug 1996 17:43:23 +0800
Subject: Oregon DMV database:  "Needs a good home"
Message-ID: <199608090530.WAA04981@mail.pacifier.com>


The Oregon DMV database needs a new home.  I've seen a few mentions of 
willing volunteers, but I've deleted the notes.  Could you re-send offers of 
interest to me?  Thanks.

Jim Bell
jimbell at pacifier.com





From daw at cs.berkeley.edu  Fri Aug  9 03:07:19 1996
From: daw at cs.berkeley.edu (David Wagner)
Date: Fri, 9 Aug 1996 18:07:19 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <2.2.32.19960808154452.00c70514@vertexgroup.com>
Message-ID: <4uep7t$tkp@joseph.cs.berkeley.edu>


In article <Pine.GUL.3.95.960808151724.6575A-100000 at Networking.Stanford.EDU>,
Rich Graves  <rich at c2.org> wrote:
> I agree that this project needed to be done to educate the public, but I
> must say I'm glad my name isn't attached to it. 
> 
> To answer legitimate concerns about abuse, perhaps version 2 could make the
> relevant http logs publicly available?

I'd be most proud to have my name associated with such a project.

I say, what we need is a little more abuse.  I say, a well-publicized
incident of abuse of the driver's license database can do more to
help the cause of privacy than any amount of intellectually compelling
debate.  Perhaps one horrible incident of abuse would ignite enough
public backlash to stop states from selling their databases at the
drop of a hat.

I say this in all seriousness.  Look at how much furor has been
raised from one little incident (the TWA flight, the Atlanta bombing)
which caused an absolutely insignificant loss of life (in the grand
picture).  Look at how much folks want to curb our freedom in response.

We have been shown all too many times how much a highly-publicized
case of abuse can be used to trample on our civil liberties.  It's
about time for us to wise up.  It's time to fight fire with fire.

No regrets,
-- Dave Wagner





From tcmay at got.net  Fri Aug  9 03:50:23 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 9 Aug 1996 18:50:23 +0800
Subject: Imprisoned for Not Having a Gun?
Message-ID: <ae30450b0d021004223a@[205.199.118.202]>


At 6:57 AM 8/9/96, The Deviant wrote:

>I agree with you.  I don't have anything against guns, but either
>requiring them or disallowing them is just plain dumb.  It should be
>noted that the Supreme Court's interpretaion of "Congress shall make no
>law" is basicly "no lawmaking body that holds any jurisdiction shall make
>no law"...

On this last point, I used to think so, too. However, one of the law
professors on one of these lists gave various examples purporting to show
that this is not so, that local jurisdictions can and do pass laws which
Congress is not permitted to pass.

If they read this, they can comment.

--Tim

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From richieb at teleport.com  Fri Aug  9 04:38:16 1996
From: richieb at teleport.com (Rich Burroughs)
Date: Fri, 9 Aug 1996 19:38:16 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <Pine.LNX.3.94.960809064227.730D-100000@switch.sp.org>
Message-ID: <Pine.SUN.3.92.960809000709.28414A-100000@julie.teleport.com>


I wrote:
> > I do think that the information should be able to be disseminated on the
> > Net as long as it's legal.
> >

"The Deviant" wrote:
> Yes, but I can also see why its a bad idea to put somebody's VIN on the
> Net... A clever terrorist would simply plant peices of metal with some
> other loser's VIN's in their car before blowing up a building, (i.e. my
> name's McVeigh (sp?), and this rider truck came from Oregon ;)... see my
> point?

A clever terrorist could get the CD and do the same thing :)  They're
clever, right?

> I do think that some information could be allowed (what your tag says,
> your name, your mailing address), but what was put on he net was excesive.

That's a function of what information the State decides to make availble.
The fact that it's on the Net or not shoudln't be the issue.  If I can buy
it on a CD or march into a State office and get it, the same potential
harms exist.

I persoannly think this info is a privacy threat.  But if it's legal to
distribute in other forums, the Net should be no different, IMHO.  All Net
terrorist hype aside.


Rich
______________________________________________________________________
Rich Burroughs  richieb at teleport.com  http://www.teleport.com/~richieb
See my Blue Ribbon Page at http://www.teleport.com/~richieb/blueribbon
New EF zine "cause for alarm" - http://www.teleport.com/~richieb/cause






From frissell at panix.com  Fri Aug  9 04:52:10 1996
From: frissell at panix.com (Duncan Frissell)
Date: Fri, 9 Aug 1996 19:52:10 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <2.2.32.19960809093040.0092e510@panix.com>


At 12:26 AM 8/9/96 -0700, David Wagner wrote:

>I say, what we need is a little more abuse.  I say, a well-publicized
>incident of abuse of the driver's license database can do more to
>help the cause of privacy than any amount of intellectually compelling
>debate.  Perhaps one horrible incident of abuse would ignite enough
>public backlash to stop states from selling their databases at the
>drop of a hat.

The murder of the actress Rebecca Schaefer (sp?) by an obsessed fan (who
paid a private detective to get her address from the California DMV) did
cause California to somewhat restrict license and registration information.
I think they eased up though later.  I don't know who can get info there
these days.

This particular problem can be avoided privately by reporting a mail drop
rather than your real address to the state.

DCF






From jk at stallion.ee  Fri Aug  9 05:59:50 1996
From: jk at stallion.ee (=?ISO-8859-1?Q?J=FCri_Kaljundi?=)
Date: Fri, 9 Aug 1996 20:59:50 +0800
Subject: F2 hash?
In-Reply-To: <320A1A48.5A93@pc.jaring.my>
Message-ID: <Pine.GSO.3.93.960809132420.2359B-100000@nebula.online.ee>


 Thu, 8 Aug 1996, peng-chiew low wrote:

> Cerridwyn Llewyellyn wrote:
> 
> > Have you seen Mudge's white paper on S/Key?  
> 
> Any ideas how I can get my hands on this paper?

http://l0pht.com/~mudge/skey_white_paper.html

J�ri Kaljundi
AS Stallion
jk at stallion.ee







From pjb at ny.ubs.com  Fri Aug  9 08:24:44 1996
From: pjb at ny.ubs.com (Paul J. Bell)
Date: Fri, 9 Aug 1996 23:24:44 +0800
Subject: alien life found
Message-ID: <9608091153.AA01894@sherry.ny.ubs.com>


it's no good them showing up now. welfare for alien life forms, even if they 
are just germ life forms, is definitely out, as of right now, so they shouldn't
even ask.

	-paul

crypto relevance? it's obviously, isn't it?


> From cypherpunks-errors at toad.com Wed Aug  7 18:47:42 1996
> X-Sender: schryver at radiks.net
> X-Mailer: Windows Eudora Light Version 1.5.2
> Mime-Version: 1.0
> Content-Type> : > text/plain> ; > charset="us-ascii"> 
> Date: Wed, 07 Aug 1996 05:20:33 -0500
> To: cypherpunks at toad.com
> From: Scott Schryvers <schryver at radiks.net>
> Sender: owner-cypherpunks at toad.com
> Content-Length: 380
> 
> NBC News at Sunrise has just announced the discovery of alien life on the 
> planet Mars.  The lifeform that became extinct more than 2 billion years
> ago was found as a fossil in a meteor that originated from mars and landed
> on earth.  The fossil found was a primitive germ life form.
> 
> PGP encrypted mail preferred.  
> E-Mail me for my key.
> Scott J. Schryvers <schryver at radiks.net>
> 
> 





From morgan at keilin.helsinki.fi  Fri Aug  9 08:32:39 1996
From: morgan at keilin.helsinki.fi (Joel Morgan)
Date: Fri, 9 Aug 1996 23:32:39 +0800
Subject: Imprisoned for Not Having a Gun?
Message-ID: <199608091141.OAA23296@keilin.helsinki.fi>


>From Tim May's posting:
> 
> At 6:57 AM 8/9/96, The Deviant wrote:
> 
> >I agree with you.  I don't have anything against guns, but either
> >requiring them or disallowing them is just plain dumb.  It should be
> >noted that the Supreme Court's interpretaion of "Congress shall make no
> >law" is basicly "no lawmaking body that holds any jurisdiction shall make
> >no law"...
> 
> On this last point, I used to think so, too. However, one of the law
> professors on one of these lists gave various examples purporting to show
> that this is not so, that local jurisdictions can and do pass laws which
> Congress is not permitted to pass.

[I'm not a lawyer, and I can't answer Tim's question per se, but...]

As I understand it, the Bill of Rights itself was conceived strictly as
a set of limitations on the -federal- government, but that the 14th
ammendment has been interpreted to apply the Bill of Rights to limit
state and local governments.  (When and with what scope, I'm not sure.)

Section 1 of the 14th Ammendment:
All persons born or naturalized in the United States, and subject to
the jurisdiction therof, are citizens of the United States and of the
State wherein they reside. No State shall make or enforce any law which
                           --------------------------------------------
shall abridge the privileges or immunities of citizens of the United
--------------------------------------------------------------------
States; nor shall any State deprive any person of life, liberty, or
------
property, without due process of law; nor deny to any person within its
jurisdiction the equal protection of the laws.

(emphasis mine)
-- 
=====================================================================
Joel.Morgan at Helsinki.FI              http://blues.helsinki.fi/~morgan
    "Over the mountains there are mountains."   -- Chang-rae Lee 
=====================================================================





From trei at process.com  Fri Aug  9 09:56:45 1996
From: trei at process.com (Peter Trei)
Date: Sat, 10 Aug 1996 00:56:45 +0800
Subject: Imprisoned for Not Having a Gun?
Message-ID: <199608091318.GAA20040@toad.com>


Tim writes:
> 

> Regarding that town nearby that passed a _requirement_ that all households
> have a gun:

[...]

Quite a while back, I read an article in National Rifleman (the NRA
magazine), that for part of  the 19th century  it was the law that all 
adult men in the Balkan statelet of Montenegro must carry a pistol
when in public (a close relative of the ruler had a monopoly on the 
manufacture and sale of firearms in the kingdom).

Traveler's reports noted the extreme civility of Montenegrin
society during this period.

Peter Trei
trei at process.com





From trei at process.com  Fri Aug  9 09:57:53 1996
From: trei at process.com (Peter Trei)
Date: Sat, 10 Aug 1996 00:57:53 +0800
Subject: "Thank you for not smoking" and other euphemisms
Message-ID: <199608091255.FAA19436@toad.com>



> (And then there's the "sliding scale donation suggested," say, from $5 to
> $15. Presumably this is the embodiment of pure Marxist theory, "from each
> according to his ability, to each according to his need." Be interesting to
> see their reaction if one declined to make any donation.)
> 
> --Tim May

This summer I went to meet my wife at the American Museum of
Natural History in NYC, and discovered that I had a total of 10 cents
in pennies in my pocket - and that they took only cash or checks, and 
the 'suggested donation' was $6. The nearest cash machine was
several blocks away. So, I paid 10 cents. The cashier took it without
batting an eye, gave my my donor's tag (they no longer use the little
metal ones depicting a dinosaur (sigh)), and said 'Thank you'.

Peter Trei
trei at process.com  





From geoff at commtouch.co.il  Fri Aug  9 10:15:06 1996
From: geoff at commtouch.co.il (geoff)
Date: Sat, 10 Aug 1996 01:15:06 +0800
Subject: PGP Mailer for the masses ?
Message-ID: <19960809124443785.AAA218@[194.90.103.93]>


-----BEGIN PGP SIGNED MESSAGE-----

To: provos at wserver.physnet.uni-hamburg.de, coderpunks at toad.com,
 cypherpunks at toad.com
Date: Fri Aug 09 15:56:37 1996
Niels,

Thanks, for describing the features of Pronto Secure :)
This is how Pronto Secure matches up to your checklist:

> Here is just a short list what such a programm should be able to
>  do: ( all options should be optional ;)
> 
> Sending Mail:
> - Clear signing of outgoing mail
YES

> - If public key of recipients is known encrypt with those keys
YES

> - If there is access to a public keyserver try to get a public key
>   for the recipients
YES

> Receiving Mail:
> - While reading mail ( similiar to premail ) try to check existing 
>   signatures if public key is available otherwise try to get 
>   public key from server
YES (do on the fly signature checking as mail arrives in inbox)

> - Traverse the web of trust and show how the public key is
>    related to one own keys to mutual signatures on other public keys
>    ( For example mean distance to a key signed by the recipient
>    himself )
NO  (we handle certification by allowing the user to modify a list of  
    trusted certifiers for signing keys)

> - If the mail contains a public key add it to the keyring
NO  (Key is shown as an attachment icon double click on it adds it to  
   the keyring)

> - Don't show pgp blocks in Mail since they might confuse
YES

> Keymanagement:
> - Should be integrated in the addressbook together with E-Mail
>   Address and name.
YES

> - Keys should be imported via generation or via mail or via a file
YES (or the clipboard)

> - If you have a public key without an entry in the addressbook
>   take the EMail and Name from the public key
YES (or prompt user to supply address)

> - One should be able to sign the keys during import if origin is
>   known
NO  (signing keys is a separate process. This gives the user an     
opportunity to authenticate on another channel)

> Misc:
> - Passphrase should be kept in memory for a definable time, 0 for
>  immediate deletion, thus you would be prompted for the passphrase 
>  each time you use it. Question about Windows Swapspace ? or tag the 
>  memory as uncacheable ?
NO (Keyboard sniffing is too easy to do in Windows, This would give    
   a false sense of security)

> I would suggest creating a library with seperate io and gui parts in
> order to motivate peeple in helping who do not want to support 
> mainstream products like Windows. Like taking the PGP 3.0 lib ( is it 
> out yet ?) and modify it a bit.
YES (Separating UI from security functionality is also the right       
   way to go for offering plug in security providers)
 
> Since there are a variety of good functioning mailers available
> already it wouldn't make sense developing the whole stuff but instead 
> only integrate the library into existing products.
NO  (It will not be an easy task to design a general library of UI    
   elements that any mail client will be able to seemlessly plug into.)

> Do you think that such proposal is senseable and that there are
> people who would be willing to support the idea with programming 
> affords ?

It exists. Plus a few additional features not mentioned, and a much 
longer wish-list in the process of being implemented.

Check it out. It is available from http://www.commtouch.com/p1.htm

IMPORTANT: COMMTOUCH WILL GIVE A FREE COPY OF PRONTO SECURE TO ANY 
MEMBER OF THE CODERPUNKS/CYPHERPUNKS LISTS SUPPLYING USEFUL FEEDBACK 
ABOUT THE PRODUCT.

The impressions of early users of Pronto Secure can be viewed at: 
http://www.commtouch.com/testers.htm (many of whom are list members)

Regards, Geoff.



- ---------------------------------------------------------------
Geoff Klein, Pronto Secure Product Manager;   www.commtouch.com 
My PGP public Key 1814AD45 can be obtained by sending a message
to geoff at commtouch.co.il with "Get PGP Key" as the subject.
- ----------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBMgs1ikLv5OMYFK1FAQGe/gP/RdXtVIwo7aupkJn6X4VNTuNHHymPf9fJ
k7FAsONAAP9qbr4UaWzJXxWuvmxLgt5gsMpk6yzp6vY80krQqPf6SqphW7FOjGTq
PB05bNLDHm9SRGjVvKRHzGbOr094gkFpeso2C3MeMiDbT0J5gsLJOeMJsIb4NW2A
lHZ6e+o535w=
=R2jc
-----END PGP SIGNATURE-----






From wb8foz at nrk.com  Fri Aug  9 10:51:09 1996
From: wb8foz at nrk.com (David Lesher)
Date: Sat, 10 Aug 1996 01:51:09 +0800
Subject: Going Postal (Was: Boom!)
In-Reply-To: <ae2fef91080210040d06@[205.199.118.202]>
Message-ID: <199608091158.HAA13329@nrk.com>


Tim:
> >The Post Office has now jumped on the terrorist bandwagon by
> >announcing that it will no longer be legal to drop any package
> >weighing over 16 ounces into a collection box.
> 
> Actually, CNN was reporting that this is for _airmail_ only. Which makes a
> certain kind of sense, given the situation with bomb technology.


Errrr.... Can you specify 'ground-only' anymore at the PO? I think
not. In years past you could pay extra for air, but often were
getting it anyhow.

-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From sandfort at crl.com  Fri Aug  9 11:05:46 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 10 Aug 1996 02:05:46 +0800
Subject: PRACTICAL USES FOR DMV RECORDS
In-Reply-To: <199608090530.WAA04981@mail.pacifier.com>
Message-ID: <Pine.SUN.3.91.960809074041.19416A-100000@crl13.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 8 Aug 1996, jim bell wrote:

> The Oregon DMV database needs a new home.  I've seen a few
> mentions of willing volunteers,...

It probably needs a whole new domain.  How 'bout:

			burglary.org

That way, when burglars see an Oregon car loaded with a family
heading south into California on vacation, they can just go on
line and get those folks' address from the database.  

Afterwards, a thank you note to Oregon's DMV would be in order.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From ichudov at algebra.com  Fri Aug  9 11:07:35 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Sat, 10 Aug 1996 02:07:35 +0800
Subject: anarchy cookbook???
In-Reply-To: <Pine.GUL.3.95.960808231233.8399A-100000@Networking.Stanford.EDU>
Message-ID: <199608091332.IAA19907@manifold.algebra.com>


Rich Graves wrote:
> 
> On Thu, 8 Aug 1996, Michael Cortes wrote:
> 
> > cypherpunks
> > 
> > Ok this is what happend.I was looking around on the www. And came across 
> > the jolly roger "anarchy cookbook" and i was wondering.Any one know what 
> > happend to jolly roger?
> 
> He blew himself up cooking napalm according to his directions.

Napalm isn't really explosive. it is not a really dangerous substance
unless it is spread around by some explosion and ignited. I myself
had napalm burning on my clothes, and it really was not a big deal
(you have to extinguish it though). In that case napalm was not
spread by an explosion.

	- Igor.





From jya at pipeline.com  Fri Aug  9 11:10:51 1996
From: jya at pipeline.com (John Young)
Date: Sat, 10 Aug 1996 02:10:51 +0800
Subject: Tim's Mac Tales
Message-ID: <199608091415.OAA17421@pipe3.t2.usa.pipeline.com>


Thaks to Tim for politely noting that I alfingered most admirable Gordon
Moore as mal intendu Intel-inside wheeler-dealer. That's actually Andy
Grove, el supremo maestro of Intel intel despicably untellable -- except to
those deep, deep inside black budgeteering. 
 
 
A crank SciFi fantasy, to be sure, long ago, and well into the intel
futures, disproven.  
 
 
Like NASDAQ never cheats consumers. 
 
 





From s_levien at research.att.com  Fri Aug  9 11:22:47 1996
From: s_levien at research.att.com (Raph Levien)
Date: Sat, 10 Aug 1996 02:22:47 +0800
Subject: "Thank you for not smoking" and other euphemisms
In-Reply-To: <ae2fe17707021004bcfc@[205.199.118.202]>
Message-ID: <320B2C4A.337C@research.att.com>


T> "Donations suggested." This usually for leftist events, e.g., a 
speech by a
> Nicaraguan freedom fighter. Of course, what they really mean is "admission
> fee mandatory," but they call it a "suggested donation." I doubt one will
> be arrested for barging through the door without paying the "suggested
> donation," but this is a possibility, as they may deny admission.

My dad did this once, in a museum. There was no altercation, but it 
does take a certain amount of balls.

Raph





From geeman at best.com  Fri Aug  9 11:27:55 1996
From: geeman at best.com (i am not a number!)
Date: Sat, 10 Aug 1996 02:27:55 +0800
Subject: photographed license plates
Message-ID: <320B5805.712E@best.com>


At 21:55 8/8/96, i am not a number! wrote:
>CBS radio news this morning: 80,000 commuters traveling the central
>f'way in SF will have information mailed to them regarding the quake
>retrofit blah blah.
>
>How?  Their license plates have been photographed.
>... and the cheery "news" anchorwoman sweetly moved on to the next
>story.....

>> You *are* making this up, right? Please say you did.

------------------------------------------

I AM NOT making this up, unfortunately.
The news story contents may be bolluxed, of course, maybe they got it 
wrong.
But this is what she said, no joking.

O, and I think they're talking more about putting up cameras at some 
troubling intersections to take pictures of cars running red-lights.

And cameras on transit vehicles (buses primarily).

Gee, I am starting to feel so warm and safe!





From nobody at zifi.genetics.utah.edu  Fri Aug  9 11:38:37 1996
From: nobody at zifi.genetics.utah.edu (Anonymous)
Date: Sat, 10 Aug 1996 02:38:37 +0800
Subject: Why should we trust the system?
Message-ID: <199608091519.JAA05472@zifi.genetics.utah.edu>


jim bell <jimbell at pacifier.com> wrote:

>When supporting plans like GAK ("key escrow") and wiretaps...

<snip>

>If we allow this fiasco to die without a full analysis,
>particularly in light of the government's repeated assurances
>with regards to search warrants, we will be as incompetent as
>the police were.

Further, my original question, phoned in anonymously to the FBI,
mailed in anonymously to this list, and asked to the media (I
guess I like wasting my time) has never been either asked or
answered. I will restate it in stronger terms:
"Why the hell, when you have a tape of the perp. saying something,
do you not air it in the middle of a city chock full of people
who could very well know this guy's voice/mannerisms?" Why didn't
the media ask for it, and then give the answer (the fibbieclerk
had no answer at all for me) the FBI gave?? Am I missing something?
We hear 911 tapes ALL THE TIME of various stuff happening. Has the
FBI suddenly become a bunch of civil liberties activists WRT the
privacy of terrorist bombers?
Just asking.
me








From provos at ws1.physnet.uni-hamburg.de  Fri Aug  9 11:40:02 1996
From: provos at ws1.physnet.uni-hamburg.de (Niels Provos)
Date: Sat, 10 Aug 1996 02:40:02 +0800
Subject: PGP Mailer for the masses ?
In-Reply-To: <19960809124443785.AAA218@[194.90.103.93]>
Message-ID: <Pine.A32.3.94.960809153630.15623A-100000@ws1.physnet.uni-hamburg.de>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 9 Aug 1996, geoff wrote:
> Thanks, for describing the features of Pronto Secure :)
> This is how Pronto Secure matches up to your checklist:
> > - Traverse the web of trust and show how the public key is
> >    related to one own keys to mutual signatures on other public keys
> >    ( For example mean distance to a key signed by the recipient
> >    himself )
> NO  (we handle certification by allowing the user to modify a list of  
>     trusted certifiers for signing keys)
I personally would find it useful if you could get a measure of
trustworthy ness due to keydistance. Like that if I knew that the sender
is only 2 keys away from my own I would most likely trust his public key
to be the original, it would be nice to see the signing people involved
though:
Max Miller 
  |-signed- a friend of mine <-signed- me
  |-signed- Molly Malone <-signed- Someone <-signed- friend <- signed me

According to http://bcn.boulder.co.us/~neal/pgpstat/ there were 19124 keys
in the keyserver but the biggest werb of trust had only 1291 keys and
the next only 16 keys. The mean key distance was between 6 and 7.
That means that you don't have to get too many public keys in order to
find the connection to your key and on the other hand it might show that
calculating trust according to keydistance isn't worth is since the web
of trusts are so small. But I figure if you would show the connection of
keys in your mailer it might encourage people to participate in key
signing parties.

> > Misc:
> > - Passphrase should be kept in memory for a definable time, 0 for
> >  immediate deletion, thus you would be prompted for the passphrase 
> >  each time you use it. Question about Windows Swapspace ? or tag the 
> >  memory as uncacheable ?
> NO (Keyboard sniffing is too easy to do in Windows, This would give    
>    a false sense of security)
How would you get the pass phrase if not via the keyboard ? And if you
keep it in memory till you sign off ( like in premail ) you would only
have to type it once, though capturing the pass phrase once is normaly
enough.

> > I would suggest creating a library with seperate io and gui parts in
> > order to motivate peeple in helping who do not want to support 
> > mainstream products like Windows. Like taking the PGP 3.0 lib ( is it 
> > out yet ?) and modify it a bit.
> YES (Separating UI from security functionality is also the right       
>    way to go for offering plug in security providers)

Though I think that Pronto Secure will help spread the use of cryptography
I would prefer a source code distributed library which could handle most
of the stuff needed including for example preparing encrypted requests to
key servers ( via anonymous remailers or not )( it keyservers will
implement encrypted requests ) or calculating the key distance if possible
with the available keys.

I guess one should wait for the arrival of the pgp 3.0 lib and evaluate
what it can and can't.

Greetings
 Niels Provos =8)

- - PHYSnet Rechnerverbund     PGP V2.6 Public key via finger or key server
  Niels Provos               
  Universitaet Hamburg       WWW: http://www.physnet.uni-hamburg.de/provos/   
  Jungiusstrasse 9           E-Mail: provos at wserver.physnet.uni-hamburg.de
  Germany 20355 Hamburg      Tel.:   +49 40 4123-2504     Fax: -6571 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: latin1

iQCVAwUBMgtHOcweILHCAJhBAQFtyQQAo+UQF3KmpAIIQ/rEh1JHHAsQUBd9k6dk
OB2lfer/dV+kDUrgpW3CDP/GdlgMIl6LCReJz6pXTA1RShQ74cdB0HokQDfytfJW
pWjHbnUcrfCmotG4KjcWw4MBJLXLbBGY0yqcmhTiOCTpLNuv52Tvtz86vOwe4yxq
ysXIXokGJpw=
=5An3
-----END PGP SIGNATURE-----






From dlv at bwalk.dm.com  Fri Aug  9 11:50:24 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Sat, 10 Aug 1996 02:50:24 +0800
Subject: "Thank you for not smoking" and other euphemisms
In-Reply-To: <320B2C4A.337C@research.att.com>
Message-ID: <DXDesD2w165w@bwalk.dm.com>


Raph Levien <s_levien at research.att.com> writes:

> T> "Donations suggested." This usually for leftist events, e.g., a 
> speech by a
> > Nicaraguan freedom fighter. Of course, what they really mean is "admission
> > fee mandatory," but they call it a "suggested donation." I doubt one will
> > be arrested for barging through the door without paying the "suggested
> > donation," but this is a possibility, as they may deny admission.
> 
> My dad did this once, in a museum. There was no altercation, but it 
> does take a certain amount of balls.
> 
I do it regularly at museums - I find their "suggested donations" for kids'
admissions a rip-off.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From David.K.Merriman at toad.com  Fri Aug  9 11:59:00 1996
From: David.K.Merriman at toad.com (David.K.Merriman at toad.com)
Date: Sat, 10 Aug 1996 02:59:00 +0800
Subject: Going Postal (Was: Boom!)
Message-ID: <199608091513.IAA21952@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Fri Aug 09 10:12:37 1996
> The Post Office has now jumped on the terrorist bandwagon by 
> announcing that it will no longer be legal to drop any package
> weighing over 16 ounces into a collection box. 
> 

...

> 
> I suspect one could do a lot of damage to a mailbox with under 16
> ounces of the proper explosive.  Perhaps one of our resident
> Cypherpunks bomb experts could expand on this subject.

Don't know that I'm a 'bomb expert', but it would appear reasonable that 6 
just-under-a-pound bombs would do approximately as much damage as a 
similarly sized larger device.

Even if the 6 devices got scattered to two or more aircraft, the terror 
factor would be significant

Dave Merriman

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome, encouraged, and PREFERRED. Visit my web
site at         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
I use Pronto Secure (tm) PGP-fluent Email software for Windows
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCUAwUBMgqeo8VrTvyYOzAZAQFGfAP3ZL7pgWjadNN93mtwdG4cm60VjGcdP4G9
JlwS96gs6QJ0lD1CImMQL82KUIYe1IpPidC3bq5kTQhGbdM69yFiUmCxOGNwnH1L
pEbeEZ/OGDf0bnk/BYhoRKp1ufgdTVVSB1T0WZEYIaLe2zX1zzQPli4LW4UPUrds
5tmjt4QMEg==
=AZ0H
-----END PGP SIGNATURE-----






From adam at homeport.org  Fri Aug  9 11:59:57 1996
From: adam at homeport.org (Adam Shostack)
Date: Sat, 10 Aug 1996 02:59:57 +0800
Subject: Crypto Interface in Netscape
Message-ID: <199608091618.LAA22619@homeport.org>


Is it just my windows machine or are the security dialogs in
Netscape3.0b6 completely unreadable?  I get a dithered grey background
behind black text.  Can'tread the dialog boxes that show up when I see
a new cert.  

	(Speaking  of which,  there  seems to  be a  new long  list of
acceptable CA's.  Has  Netscape published a  policy doc explaining how
Adam's  Quik & EZ CA can get on the list?  And, those CA's should have
hyperlinks, so I can easily find  their policies for key signing, so I
can decide rationally that I don't trust the Post  Office  to  certify
things.  Right now, its just a gut feeling that they can't be trusted.
"Please don't call them junk certificates.")

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From jfricker at vertexgroup.com  Fri Aug  9 12:48:11 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Sat, 10 Aug 1996 03:48:11 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <2.2.32.19960809154848.0126c108@vertexgroup.com>


At 11:23 PM 8/8/96 -0700, Timothy C. May wrote:
>At 2:49 AM 8/9/96, John F. Fricker wrote:
>
>>Isn't that the role of legislation? To implement solutions that society
>>would not do on it's own?
>>
>>The enabling technology is obviously off the self.
>>
>>I think you may have misinterpretted my last sentence which was supposed to
>>have had a ? at the end. Where's the proof reader when you need one!
>
>"To implement solutions that society would not do on it's own?"
>
>Would not do, or could not do? It is within anyone's power to ask their
>psychiatrist what form of encryption he uses to protect his files. Likewise
>with doctors and hospitals.
>

Well where there's a will there's a way.

I agree that the general public and the market place often lacks the power
to affect particular events. Central planning can facility certain
processes. Free-marketers may argue that I can query and select based upon
my encryption criteria but chances are my psychiatrist will do nothing more
than "make note" of paranoia and ponder it's significance: "Do you resent
your mother?"



>(Though I freely admit that one would not be likely to get very far. For at
>least the next decade or two, the reaction will likely be "Huh?" But
>"legislation" mandating a form of encryption is not the answer. For many
>reasons.)
>
>On this list at least, calls for passing laws to implement societal
>solutions are not usually smiled upon. This is not to say such discussions
>are out of bounds, only that you'd better make some persuasive arguments
>and not just appeal to our common sense sympathies for social engineering
>and more laws.

I am not a great fan of social engineering and regulations. Yet the
legisture in Oregon may get called for a special session to address this
issue and I see this an opportunity for a grander arguement than merely
acccess to the DMV data. And as much as we dislike the presence of the
governments they do indeed exist. Living within their domain limits our
choices to either: complacency through inaction (cynicism et al), attempts
at isolation (back to the land), or taking an active role through voting,
education, civil disobedience or participation in the process (a pox on
party politics! the latter choice is easily the least enticing while civil
disobedience can be truly fun! >g<). Ok so call me a statist and shove me
out the door, but I am not argueing for the existance of a state. It does
currently exist and I am not self-sufficient. But I digress.

So. 

#1) My state legislature may very well get called to address this issue. Do
they have any concept of the big picture here? That the DMV data is one
small part of a debate regarding privacy which needs to be addressed. This
is an opportunity for some education and by the end of the day I should know
if my representatives are willing to listen.

#2) The records industry (for lack of a better term to encompass all
companies that accumulate data on individuals) needs some standards and
guidelines. Or walls and fences. Maybe even bars and a moat! And the sooner
the better. Federally imposed software requirements are not uncommon in
certain industries. It is time for standards for the personal data
maintained by co-operating entities (ie agencies the public co-operates with
such as doctors, the DMV, and so on).

#3) The goal is the anonymous citizen. The first step it to secure the data
currently exposed. Can this be done _without_ legislation?

--j








From pjb at ny.ubs.com  Fri Aug  9 13:00:17 1996
From: pjb at ny.ubs.com (Paul J. Bell)
Date: Sat, 10 Aug 1996 04:00:17 +0800
Subject: SecurID
Message-ID: <9608091601.AA02324@sherry.ny.ubs.com>


someone at my firm is about to press the securid system down our collective
throats. please point me to the recent thread on this subject, and/or point
me to some url's or the like, or to someone who has some firsthand knowledge
of the pitfalls and/or vulnerbilities of secirid.

cheers,
	-paul
 





From rich at c2.org  Fri Aug  9 13:03:21 1996
From: rich at c2.org (Rich Graves)
Date: Sat, 10 Aug 1996 04:03:21 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <Pine.LNX.3.94.960809064227.730D-100000@switch.sp.org>
Message-ID: <Pine.GUL.3.95.960809090633.11566A-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 9 Aug 1996, The Deviant wrote:
> On Thu, 8 Aug 1996, Rich Burroughs wrote:
> > I do think that the information should be able to be disseminated on the
> > Net as long as it's legal.

What does "legal" have to do with it?

> Yes, but I can also see why its a bad idea to put somebody's VIN on the
> Net... A clever terrorist would simply plant peices of metal with some
> other loser's VIN's in their car before blowing up a building, (i.e. my
> name's McVeigh (sp?), and this rider truck came from Oregon ;)... see my
> point?

Come on, we all know that McVeigh was set up by ZOG. It was conclusively
proven that the Oklahoma City Federal Building was bombed from the inside
with military explosives, a clear provocation.

> I do think that some information could be allowed (what your tag says,
> your name, your mailing address), but what was put on he net was excesive.

What do you mean, "allowed"? The market will decide. If you don't like what
someone has said about you, send Jim Bell an anonymous note. The market will
decide.

Fucking statist.

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMgtjX5NcNyVVy0jxAQGECAH9G6/T6243AP0/IyxGEgZ6UHALcgWypJsa
B4rxfxhQIichV7crUQ5cJvvXdyGZFMlZLPbHolgNbb+ik4sDk7YkBA==
=2z/C
-----END PGP SIGNATURE-----






From tcmay at got.net  Fri Aug  9 13:12:12 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 10 Aug 1996 04:12:12 +0800
Subject: Why should we trust the system?
Message-ID: <ae30b876030210049fa8@[205.199.118.202]>


At 3:19 PM 8/9/96, Anonymous wrote:

>Further, my original question, phoned in anonymously to the FBI,
>mailed in anonymously to this list, and asked to the media (I
>guess I like wasting my time) has never been either asked or
>answered. I will restate it in stronger terms:
>"Why the hell, when you have a tape of the perp. saying something,
>do you not air it in the middle of a city chock full of people
>who could very well know this guy's voice/mannerisms?" Why didn't
>the media ask for it, and then give the answer (the fibbieclerk
>had no answer at all for me) the FBI gave?? Am I missing something?
>We hear 911 tapes ALL THE TIME of various stuff happening. Has the
>FBI suddenly become a bunch of civil liberties activists WRT the
>privacy of terrorist bombers?
>Just asking.


This is the single best suggestion/question I have heard about this entire case!

Why, indeed, has the 911 threat not been aired publically, where someone
might recognize the voice as being that of their brother, or boss, or
whatever? And might hear immediately that whomever it is, it ain't Richard
Jewell.

If any of you cyber-journalists who hang out here in the wings on
Cypherpunks, collecting material for stories, are reading this, please ask
your journalists covering the Atlanta bombing about this.

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Fri Aug  9 13:14:05 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 10 Aug 1996 04:14:05 +0800
Subject: The Ostrich Security Principle
Message-ID: <ae30b617020210041126@[205.199.118.202]>


At 2:47 PM 8/9/96, Sandy Sandfort wrote:

>It probably needs a whole new domain.  How 'bout:
>
>                        burglary.org
>
>That way, when burglars see an Oregon car loaded with a family
>heading south into California on vacation, they can just go on
>line and get those folks' address from the database.
>
>Afterwards, a thank you note to Oregon's DMV would be in order.


Sounds like a market niche to me...people at the border could sell the
plate numbers (and even full DMV searches) of cars they see....maybe with a
higher price paid for "real-time quotes," and a lower price paid for
"15-minute-delayed quotes." Just like the stock market.

By the way, I'm watching MSNBC and they're engaging in a fretfest about
this Oregon situation, with calls for "regulating the Internet."

"There is no good reason for this to be on the Internet." is one line I
heard. (If the stuff is legal to own, and is "public information," just
what exception to the First Amendment could be used to bar publishing?)

BTW, this latest issue is similar to the flap several years ago over Lotus'
plan to sell to the public a CD-ROM of zipcodes and whatnot. (I think it
was called "Lotus Neighborhoods.") So-called "privacy activists" raised a
hue and cry and the plan was cancelled. Of course, corporations and other
such interest groups can get the data, so not much was accomplished. Many
of us thought it was a blow to real privacy issues.

The Ostrich Security Principle: "It is more important to have the
_illusion_ of privacy than to have real privacy."

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From peter.allan at aeat.co.uk  Fri Aug  9 13:23:16 1996
From: peter.allan at aeat.co.uk (Peter M Allan)
Date: Sat, 10 Aug 1996 04:23:16 +0800
Subject: secret sharing protocol - new or reinvented ?
Message-ID: <9608091638.AA17409@clare.risley.aeat.co.uk>




Schneier in That Book 2nd Ed p73
refers to "secret sharing with disenrollment",
but without giving details of such a scheme.

He gives a reference [1004] I think, by K Martin,
which has about 10 pages on the subject.
But I have not got it.

I planned a "secret sharing with disenrollment"
scheme last night.  Here is a brief description
and if somebody with the book tells me it's new
 (unlikely I think)
I'll write it up in more formally.  It has a 
resemblance to S/Key, but in the other direction
and using a keyed hash function.

If you see snags with this, I'd like to know.


Peter Allan  peter.allan at aeat.co.uk






Trent chooses his shareholders, a block cypher (or keyed hash),
a threshold, and a number of steps.  The threshold should be more
than half the number of shareholders.

(Say 15 shareholders for a 10 out of 15 scheme,
using DES, over 20 steps.)

Trent generates 15 64-bit DES keys (not caring about parity),
and gives them securely one to each shareholder.  He introduces all
shareholders to each other so they can recognise each other later.
He also tells them the number of steps (here 20).

Trent (in possession of all shares) calculates the secret, which
is a 64-bit number.  Obviously this could just be a key for a
secret not yet created at share distribution time.

Secret calculation is performed by executing the required number
of steps, and the result of the last step is the secret. 

Disenrollment (conducted by shareholders, presumably under
orders from Trent) is the performance of one step, omitting
those to be disenrolled.  (The number of possible disenrollments
is limited by the threshold.)

One step is this set of actions:

   Using a normal threshold scheme, such as Shamir's Lagrange Polynomials
   a sufficient number of shareholders construct a single secret from their
   shares.  Call this M.  M is then used to update all their shares using a
   keyed hash function.

   Table 18.1 suggests      H_i = E H_i-1 (M)  XOR M

   M and every H_i-1 is destroyed.

   Now those absent from the meeting have no M value to advance
   their share, and nobody (even the other shareholders following
   a change of heart) can reproduce it for them.

   Shareholders deduct 1 from the number of steps still to be performed.





From grafolog at netcom.com  Fri Aug  9 13:35:05 1996
From: grafolog at netcom.com (jonathon)
Date: Sat, 10 Aug 1996 04:35:05 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <2.2.32.19960809093040.0092e510@panix.com>
Message-ID: <Pine.SUN.3.95.960809163408.14975A-100000@netcom10>


	Duncan:

On Fri, 9 Aug 1996, Duncan Frissell wrote:

> cause California to somewhat restrict license and registration information.
> I think they eased up though later.  I don't know who can get info there

	You have to register as a company with CA DMV.  Pay them an
	annual fee, and a per report pulled fee, and only pull 
	records for a _legitimate business need._  

	Addresses are only provided if a court case the target 
	of the search is listed as being involved in.  Docket #
	must be listed -- which gives rise to some interesting 
	problems.

> This particular problem can be avoided privately by reporting a mail drop
> rather than your real address to the state.

	Depends upon the state.   In some states it is a misdemeanor
	to list anything other than your physical address.  Others
	don't care what you list, so long as mail can be delivered
	there.  

	More important is ensuring that all the addresses that the 
	state has on you are the same.  The preference seems to be 
	to have the same address as is on one's checks.  

	What I've noted some people do, is give their physical address,
	and provide a mail address as well.  Then the individuals move, 
	and omit to notify the state of the move.  When questioned about
	it, their usual response is something along the lines of "
	I get all of my mail at my mail box. I did not 
	realize that I had to file a change of address form, with you.
	After 
	all the address on my licence is the address where I get my
	mail.  [  In most states the mail address is the address listed
	when two addresses are provided. ] "

        xan

        jonathon
        grafolog at netcom.com



		VapourWare is like the Tao,
		Looked for it cannot be found,
		Reached for it cannot be touched,
		Waited for not even FedX can deliver;
		            <Paid for it will not be refunded>







From Ryan.Russell at sybase.com  Fri Aug  9 13:41:02 1996
From: Ryan.Russell at sybase.com (Ryan Russell/SYBASE)
Date: Sat, 10 Aug 1996 04:41:02 +0800
Subject: Drive the SF Central Freeway, have your license plate photo'ed.
Message-ID: <9608091711.AA27237@notesgw2.sybase.com>


How about a cypherpunks group activity
for the SF area?  2 per car, one to
drive, and one to moon....

    Ryan

---------- Previous Message ----------
To: geeman, cypherpunks
cc: 
From: shamrock @ netcom.com (Lucky Green) @ smtp
Date: 08/08/96 10:45:06 PM
Subject: Re: Drive the SF Central Freeway, have your license plate photo'ed.

At 21:55 8/8/96, i am not a number! wrote:
>CBS radio news this morning: 80,000 commuters traveling the central
>f'way in SF will have information mailed to them regarding the quake
>retrofit blah blah.
>
>How?  Their license plates have been photographed.
>... and the cheery "news" anchorwoman sweetly moved on to the next
>story.....

You *are* making this up, right? Please say you did.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.










From rich at c2.org  Fri Aug  9 13:51:47 1996
From: rich at c2.org (Rich Graves)
Date: Sat, 10 Aug 1996 04:51:47 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <4uep7t$tkp@joseph.cs.berkeley.edu>
Message-ID: <Pine.GUL.3.95.960809091549.11566B-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On 9 Aug 1996, David Wagner wrote:

> In article <Pine.GUL.3.95.960808151724.6575A-100000 at Networking.Stanford.EDU>,
> Rich Graves  <rich at c2.org> wrote:
> > I agree that this project needed to be done to educate the public, but I
> > must say I'm glad my name isn't attached to it. 
> > 
> > To answer legitimate concerns about abuse, perhaps version 2 could make the
> > relevant http logs publicly available?
> 
> I'd be most proud to have my name associated with such a project.
> 
> I say, what we need is a little more abuse.  I say, a well-publicized
> incident of abuse of the driver's license database can do more to
> help the cause of privacy than any amount of intellectually compelling
> debate.  Perhaps one horrible incident of abuse would ignite enough
> public backlash to stop states from selling their databases at the
> drop of a hat.

We did this in California, remember? You just need to target someone who's
been on TV.

> We have been shown all too many times how much a highly-publicized
> case of abuse can be used to trample on our civil liberties.  It's
> about time for us to wise up.  It's time to fight fire with fire.

I quite agree. But make it a controlled burn. Log everything. Restrict bulk
downloads. You don't need to let the genie all the way out of the bottle to
say "look, a genie."

It might be fun to make the database open for a couple weeks, without a
caveat about logging, and then publish the logs. Allow reverse lookups,
i.e., who looked up my record.  A nice little dragnet of people who are
interested in invading your privacy. 

For the near-medium term, I am resigned to the fact that government is going
to collect personal information, and that it is going to leak out. I'm just
interested in full disclosure of the leaks, and who is benefiting from them. 

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMgtmIJNcNyVVy0jxAQGvYgIArY2RcSR5RWaVDIzDGs1cVqSnCH5nhPL+
Y5VLghwkSnNcr5NPSJzc2BFWHB40c4aXb5pPnLaSjPiwj5HgkmE0Tg==
=Es4x
-----END PGP SIGNATURE-----






From sunder at dorsai.dorsai.org  Fri Aug  9 13:59:34 1996
From: sunder at dorsai.dorsai.org (Ray Arachelian)
Date: Sat, 10 Aug 1996 04:59:34 +0800
Subject: Unknown address (fwd) tigerteam???
Message-ID: <Pine.SUN.3.91.960809104341.27309A-100000@dorsai>


What's the story with the tiger.team at tigerteam.org bounces?  I've been 
getting quite a few of these from time to time, once when sending a message
Sterndark.  In this case this message wasn't addressed to 
cypherpunks at toad.com, and it was a private message to Adam Back 
aba at dcs.ex.ac.uk...  I couldn't do a traceroute to dcs.ex.ac.uk since 
it's an unknown host to my system...  So perhaps, given the hit below, 
this is by uucp, but even so, should the bounced message come from 
tigerteam??

Is tigerteam somehow snarfing up messages they shouldn't?  Even if 
they're a uucp gateway to England, shouldn't the bounce come from 
dcs.ex.ac.uk and not from tigerteam/netcom???

% whois shows this for them:

 whois tigerteam.org
Tiger Team Buddhist Information Network (TIGERTEAM-DOM)
   347 Warwick Suite #101
   Oakland, CA 94610

   Domain Name: TIGERTEAM.ORG

   Administrative Contact, Technical Contact, Zone Contact:
      Macko, Jeffrey  (JM67)  jmacko at TIGERTEAM.ORG
      (510) 268-1012

   Record last updated on 29-Mar-94.
   Record created on 10-Sep-93.

   Domain servers in listed order:

   UUCPNS1.NETCOM.COM           163.179.3.221
   UUCPNS2.NETCOM.COM           163.179.3.222


The InterNIC Registration Services Host contains ONLY Internet Information
(Networks, ASN's, Domains, and POC's).
Please use the whois server at nic.ddn.mil for MILNET Information.


Looking at the headers for the bounced message I see:

>From postmaster at tigerteam.org  Fri Aug  9 07:52:01 1996
Return-Path: postmaster at tigerteam.org
Received: from netcomsv.netcom.com (uucp12.netcom.com [163.179.3.12]) by 
ian.dor
sai.org (8.7.1/8.6.12) with SMTP id HAA09408 for 
<sunder at dorsai.dorsai.org>; Fri
, 9 Aug 1996 07:52:00 -0400 (EDT)
Received: from tigerteam.org by netcomsv.netcom.com with UUCP 
(8.6.12/SMI-4.1)
        id EAA15108; Fri, 9 Aug 1996 04:42:10 -0700
Received: by tigerteam.org (wcGATE v4)
        id 37297W Fri,  9 Aug 1996 10:33:39 GMT
From: postmaster at tigerteam.org (Postmaster)
Subject: Unknown address
Date: Wed,  7 Aug 1996 13:54:32 GMT
Message-Id: <96080903333941546 at tigerteam.org>
Organization: Tiger Team Info Net:  Modem (510) 523-5300
To: sunder at dorsai.dorsai.org
Status: RO
X-Status:

The user this message was addressed to does not exist at this site.  Please
verify the name and domain in the original message that follows.
Message was addressed to: TIGER.TEAM at tigerteam.org



==========================================================================
 + ^ + |  Ray Arachelian |FL|       KAOS KERAUNOS KYBERNETOS      |==/|\==
  \|/  |sunder at dorsai.org|UL|__Nothing_is_true,_all_is_permitted!_|=/\|/\=
<--+-->| --------------- |CG|What part of 'Congress shall make no |=\/|\/=
  /|\  | Just Say "No" to|KA|law abridging the freedom of speech' |==\|/==
 + v + | Janet Reno & GAK|AK|        do you not understand?       |=======   
===================http://www.dorsai.org/~sunder/=========================
 Key Escrow Laws are the mating calls of those who'd abuse your privacy!

---------- Forwarded message ----------
Date: Wed, 7 Aug 1996 13:54:32 GMT
From: Postmaster <postmaster at tigerteam.org>
To: sunder at dorsai.dorsai.org
Subject: Unknown address

The user this message was addressed to does not exist at this site.  Please
verify the name and domain in the original message that follows.
Message was addressed to: TIGER.TEAM at tigerteam.org

                     ----- Original Message follows -----

From: Ray Arachelian <sunder at dorsai.dorsai.org>
To: Adam Back <aba at dcs.ex.ac.uk>
Date: Wed, 7 Aug 1996 14:06:45 -0400 (edt)
Subject: Re: crypto CD source

On Tue, 6 Aug 1996, Adam Back wrote:

> 
> Cypherpunks archive?
> 
>       http://infinity.nus.sg/cypherpunks/
> 
> The earlier archives were at www.hks.net, try mailing cactus at hks.net.


I've a bunch of .gz files for the filtered cypherpunks list I run, they 
should contain stuff as far back as last year.  How would I get these to 
ya?

==========================================================================
 + ^ + |  Ray Arachelian |FL|       KAOS KERAUNOS KYBERNETOS      |==/|\==
  \|/  |sunder at dorsai.org|UL|__Nothing_is_true,_all_is_permitted!_|=/\|/\=
<--+-->| --------------- |CG|What part of 'Congress shall make no |=\/|\/=
  /|\  | Just Say "No" to|KA|law abridging the freedom of speech' |==\|/==
 + v + | Janet Reno & GAK|AK|        do you not understand?       |=======   
===================http://www.dorsai.org/~sunder/=========================
 Key Escrow Laws are the mating calls of those who'd abuse your privacy!







From bkmarsh at feist.com  Fri Aug  9 14:15:31 1996
From: bkmarsh at feist.com (Bruce M.)
Date: Sat, 10 Aug 1996 05:15:31 +0800
Subject: Imprisoned for Not Having a Gun?
In-Reply-To: <Pine.SUN.3.91.960808151142.29184B-100000@crl11.crl.com>
Message-ID: <Pine.BSI.3.91.960809092953.29835A-100000@wichita.fn.net>


On Thu, 8 Aug 1996, Sandy Sandfort wrote:

> I can't find the exact quote, but Will Rogers quipped that every
> time Congress made a law, it was a joke.  And every time Congress
> made a joke it was a law.  The town near Morton Grove was not
> making a real requirement that every household have a gun, they
> were just making a joke at Morton Grove's expense.  In addition
> to the "exceptions," there was no penalty for violation of the
> law, thus making sure it was unenforceable.  It was not a case
> of "pro-gun fascism" but of rough American political humor.  At
> the very least it kept the city council out of more serious 
> mischief.

    This is very similiar to the law (federal I believe) which states 
that you must report any 'computer crimes' to the authorities.  There are 
no punishments and it was obviously crafted to be more of a means of 
counting the crimes than solving them.  If anyone is interetes, I will 
get the specifics.

                       ________________________________
                      [ Bruce M. - Feist Systems, Inc. ]
                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     "Official estimates show that more than 120 countries have or are 
      developing [information warfare] capabilities." -GAO/AIMD-96-84
                         So, what is your excuse now?






From Ryan.Russell at sybase.com  Fri Aug  9 14:20:44 1996
From: Ryan.Russell at sybase.com (Ryan Russell/SYBASE)
Date: Sat, 10 Aug 1996 05:20:44 +0800
Subject: e$: Watching the MacRubble Bounce
Message-ID: <9608091717.AA27395@notesgw2.sybase.com>


Actually, DEC is trying to stay in business building
expensive Windows boxes.

The numbers I remember hearing are something like:
1,000,000 Unix machines
10,000,000 Macs
150,000,000 "PCs" (presumable not running *nix)

Why should we care what platform people develop for?
I use all of 'em.  If a package supports more than one, 
all the better.

As to why one should develop crypto stuff
for unix, the demographics of this list are probably
reason enough.. I use PCs as my main platform, 
but I get the distinct impression that most of
the folks here use unix primarily.  Maybe they're
just the most vocal :)

    Ryan

---------- Previous Message ----------
To: jwz
cc: cypherpunks
From: deviant @ pooh-corner.com (The Deviant) @ smtp
Date: 08/09/96 06:23:32 AM
Subject: Re: e$: Watching the MacRubble Bounce

-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 8 Aug 1996, Jamie Zawinski wrote:

> If you accept that, then doesn't that make writing crypto software for
> any Unix platform *even more* of a waste of time?  Because last time I
> checked, there were way more Macs on mom-and-pop's desks than Unix
> machines, counting *all* vendors.

Pardon my French, but you mus be fucking stupid or somehing.  How many
universities use UNIX platforms?  How many companies use UNIX platforms?
Sun, DEC, and SGI don't stay in buisiness by building cheap Windows boxes
ya know.  There are 13948 _registered_ LINUX machines, not to mention the
unregistered ones.  Don't tell me that Cray's were designed to run MacOS
or Windows 95.  UNIX isn' NEARLY as dead as Apple is.

 --Deviant
Military secrets are the most fleeting of all.
                -- Spock, "The Enterprise Incident", stardate 5027.4


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgrZbTAJap8fyDMVAQFSagf8C3/HIX7XwtFYRAKxhs8AlDIsO1EXDgr9
jm9RzjGMXqHkgg0OC/0Bzp+OtcYYL5qg/JtaZo90LIdPbqEeOb7HkcYgXkPZ9SLd
sQKIsZMr6IShG7ZIdPH9BRJWn131ExbUjCZ5IfMJVHsimTVbfLHHSppDylxtl2bG
pI6d9FdCWj8puL3omB9PD9gpjoaF4p961+HBclH8W6PLzI+swc/6f49Uxv3LIF4w
gm5IepZmoerW2iK2hwawngZPZJ4Sr4VqzyrAIvDl+rIFLFlN3ejNaGEjwHcNc43+
IBwoOS4kdv16faxT1jBskbKhcywmGqfIrap6Rdr0KkO5DyHHsSTz5g==
=UBUr
-----END PGP SIGNATURE-----









From m1tca00 at FRB.GOV  Fri Aug  9 14:26:59 1996
From: m1tca00 at FRB.GOV (Thomas C. Allard)
Date: Sat, 10 Aug 1996 05:26:59 +0800
Subject: Boom!
Message-ID: <9608091717.AA14737@bksmp2.FRB.GOV>

tcmay at got.net (Timothy C. May) said:

> What recourse does he have that camera crews were invited in on the 
> searches?



Subject: CBS Liable for Filming Search
From: dante at halcyon.halcyon.com (Dan Tenenbaum)
Date: Fri, 8 Jul 94 15:52:58 EDT
Article: 28633 of rec.arts.tv
Followup-To: alt.prisons
Newsgroups: alt.prisons,misc.legal,alt.politics.usa.constitution,alt.privacy,rec.arts.tv
Organization: mellow owl mailing field
Xref: glendora alt.prisons:817 misc.legal:28311 alt.privacy:7678 rec.arts.tv:28633

[Paul Wright, the imprisoned editor of Prison Legal News, sent me the
following and asked me to distribute it widely on the the net because
there has been no coverage of this in the mainstream media.
Followups to alt.prisons because I read it. Nyah.
Typos are mine.
The article will appear in slightly different form in the next PLN. PLN
is available from P.O. Box 1684, Lake Worth, FL 33460. $12 for
subscriptions and $1 for a sample copy.
Dan Tenenbaum (dante at microsoft.com or dante at halcyon.com)]

CBS Liable for Filming Search
	In a landmark decision a federal court in New York has ruled
that a CBS film crew and Secret Service agents are liable for filming and
broadcasting a search of a private citizen's home. It is the first reported
court decision to hold a television broadcaster liable for accompanying
police agents on a search and filming it for the broadcast. Anyone who
has watched "Cops," "Hard Copy," "America's Most Wanted," or any
of the "real life" cop shows has seen the degrading and propagandistic
manner in which the victims of police repression are portrayed. The
broadcasters and the police can be sued and held liable for such
actions.
	In 1992 Secret Service agents obtained a search warrant
from a federal court authorizing the search of an apartment shared by
Babatunde Ayeni, his wife Tawa, and small son Kayode, seeking
evidence of a credit card fraud operation. At 6PM on March 5, 1992,
several Secret Service (SS) agents forced their way into the Ayeni
residence announcing they had a warrant to conduct a search and
ask questions. Only Mrs. Ayeni and her son were home at the time. At
about 8:15 four more SS agents arrived with a film crew from the CBS
news program "Street Stories." The CBS film crew was never identified
as CBS employees. The CBS crew followed the SS agents and taped
them as they searched the apartment. They took closeup shots of the
home's interior, its closets, personal letters, family photos, etc. In the
apartment's foyer an SS agent was interviewed about the modus
operandi of people who commit credit card frauds and the tools of
their trade. During this tape sequence the SS agent implied the
complicity of the other residents of the Ayeni apartment. No
evidence implicating the Ayenis in any illegal activity was found
during the search. One of the agents was filmed expressing his
disappointment.
	The Ayenis filed suit against the federal agents as well as CBS,
contending that the search and its filming violated their fourth
amendment right to be free from unreasonable search and seizure. In his
opinion Judge Weinstein agreed with the Ayenis. The defendants sought
qualified immunity, which the court denied.
	Under the doctrine of qualified immunity government agents are
entitled to be free from liability for money damages even if they violate
constitutional rights as long as the right is not "well established" so that
a person of reasonable intelligence would know that the right violated
was recognized. In the case the court held that any reasonable police
agent would have known that it is unconstitutional to have private
citizens accompany them on a search to film and broadcast the search.
The court relied on 18 U.S.C. sec. 3105 which requires that search
warrants be served by an official authorized to serve the warrant and
by no other person unless their assistance is required in conducting the
search, i.e. an accountant, forensic expert, etc., depending on the
nature of the offense being investigated. Thus, the SS agents should
have known that having a film crew taping their activities was illegal.
Courts have previously held that taking photos is a "seizure" within
the meaning of the fourth amendment. CBS also claimed qualified
immunity from suit. The court notes that private entities are not
entitled to qualified immunity from suit, it only applies to government
actors.
	The court used harsh language in condemning the actions by
the SS and CBS. "The search warrant was issued to agent Mottola and
other agents of the Unites States Secret Service for precise and limited
purposes. It authorized their entry into the Ayenis' home only to search
for items related to credit card fraud. Agent Mottola's act of facilitating
the CBS camera crew's entry into the apartment and its filming of the
search exceeded the scope of the warrant. It was allegedly in clear
violation then well [sic] established fourth amendment principles.
...it is the equivalent of a rogue policeman using his official position
to break into a home in order to steal objects for his own profit or
that of another."
	For immunity purposes it would be "...grossly unreasonable
for a government agent not to have known that the presence of
private persons he invited in so that they could titillate and entertain
others was beyond the scope of what was lawfully authorized by
the warrant.
	"CBS had no greater right than that of a thief to be in the
home, to 'capture' the scene of the search on film and to remove
the photographic record. The images, though created by the camera,
are a part of the household; they could not be removed without
permission or official right....The television tape was a seizure of
private property, information, for non-governmental purposes."
	It is entirely possible that litigation by the victims of this type
of police and media activity may be able to halt the spread of
"police TV." Findings of liability against both police and the broadcaster
will see to it that police activity is not broadcast to "entertain and
titillate." So if you've been filmed against your will during a police
search you too can sue for an invasion of your privacy and your
fourth amendment rights. The court decision is reported at:
Ayeni v. CBS, Inc., 848 F. Supp 362 (ED NY 1994).






rgds-- TA  (tallard at frb.gov)
I don't speak for the Federal Reserve Board, it doesn't speak for me.
pgp fingerprint: 10 49 F5 24 F1 D9 A7 D6  DE 14 25 C8 C0 E2 57 9D



From sandfort at crl.com  Fri Aug  9 14:30:13 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 10 Aug 1996 05:30:13 +0800
Subject: The Ostrich Security Principle
In-Reply-To: <ae30b617020210041126@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.960809103000.12094A-100000@crl11.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 9 Aug 1996, Timothy C. May wrote:

> Sounds like a market niche to me...people at the border could
> sell the plate numbers (and even full DMV searches) of cars
> they see....

> By the way, I'm watching MSNBC and they're engaging in a
> fretfest about this Oregon situation, with calls for
> "regulating the Internet."

The Internet just makes it more efficient.  The way it used to
work, is that Northern California service station attendants
would look in Oregon cars they were servicing for registration
papers or get other indications (from drivers license, checks, 
credit card imprints or social engineering) the name and/or 
address of the traveler. This information was then sent to
accomplices in Oregon for "processing."  This is an OLD story.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From wb8foz at nrk.com  Fri Aug  9 14:50:58 1996
From: wb8foz at nrk.com (David Lesher)
Date: Sat, 10 Aug 1996 05:50:58 +0800
Subject: "Thank you for not smoking" and other euphemisms
In-Reply-To: <320B2C4A.337C@research.att.com>
Message-ID: <199608091804.OAA14810@nrk.com>



Donations are not subject to local admissions taxes.


-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From sandfort at crl.com  Fri Aug  9 14:53:39 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 10 Aug 1996 05:53:39 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <Pine.SUN.3.95.960809163408.14975A-100000@netcom10>
Message-ID: <Pine.SUN.3.91.960809103855.12094B-100000@crl11.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 9 Aug 1996, jonathon wrote:

> In some states it is a misdemeanor to list anything other than
> your physical address. 

I believe that in California, you may have a PO Box on your 
driver's license, but the state has to have your "real" address
in its records.  As noted, some people forget to update this 
information when they move, and others list their lawyer's 
address with the state.  Presumably, that should satisfy the 
legal justifications for requiring an address.

> 	More important is ensuring that all the addresses that the 
> 	state has on you are the same.  The preference seems to be 
> 	to have the same address as is on one's checks.  

That may be the preference, but I just use my e-mail address on
my checks.  If more is required to cut a deal, I can choose to
add more information by hand if I am willing to do so to do the
transaction.
 

 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From jfricker at vertexgroup.com  Fri Aug  9 15:07:58 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Sat, 10 Aug 1996 06:07:58 +0800
Subject: PRACTICAL USES FOR DMV RECORDS
Message-ID: <2.2.32.19960809182850.01276ed0@vertexgroup.com>


At 07:47 AM 8/9/96 -0700, you wrote:
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                          SANDY SANDFORT
> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
>
>C'punks,
>
>On Thu, 8 Aug 1996, jim bell wrote:
>
>> The Oregon DMV database needs a new home.  I've seen a few
>> mentions of willing volunteers,...
>
>It probably needs a whole new domain.  How 'bout:
>
>			burglary.org
>
>That way, when burglars see an Oregon car loaded with a family
>heading south into California on vacation, they can just go on
>line and get those folks' address from the database.  
>
>Afterwards, a thank you note to Oregon's DMV would be in order.
>
>

Currently they can stop in at the DMV, say something to the effect "this car
hit my dog", pay $4 cash and never even have to take off the ski mask. The
DMV has no ID requirements for giving out this information. It has without a
doubt already been bought and sold many times to marketing companies ("Hey
this guys got an old Toyota"), insurance companies, private investigators,
thieves and mobsters, and at least one person on our side.

Until there is such a thing as the "anonymous citizen" public data might as
well be as public as it gets. This "for those who know" policy is pervasive
and must end.

--j
Oregonian and in that database








From stewarts at ix.netcom.com  Fri Aug  9 15:08:14 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 10 Aug 1996 06:08:14 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <199608091830.LAA25424@toad.com>


Cypherpunks, Aaron -

>> I'm watching the LA NBC news channel, and they report that the Oregon "look
>> up any license plate" Web site is causing a flap. Though apparently legal,
>> the critics admit, the Governor wants the material removed.

( Aaron Nabil's page is at http://www.i.net/cgi-bin/plates , but temporarily
won't give you license plate information.)

A nice touch, at least for now, would be to put up some propaganda about
   "The State of Oregon sells your license plate information to anyone who wants
   to buy it.  Big companies have it.  Small sleazy companies have it.
   Tax collectors have it.  Car thieves and burglars can buy it if they want.
   Everybody but _you_ has it -- I've put it on the net so you can have it too.
   If this bothers you (and maybe it should), don't complain to the governor
   about it being on the web - complain that the State is selling your
private data.
   I've taken the server down temporarily, but press HERE for the Governor's
info,
   HERE for Senator Hatfield (AAA001), and HERE for the DMV head bureaucrat?"

If you want to get fancy, you could have the search return a FOUND / NOT FOUND
record, so people could check for vanity license plates (if Oregon has them),
or search for well-known politicians' information.  The data's there;
it's just a matter of crunching it.

        "Big Bro knows License Plate AAA001, Mr. M. H. "
        "Big Brother doesn't know License Plate AAA"


#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From deviant at pooh-corner.com  Fri Aug  9 15:08:25 1996
From: deviant at pooh-corner.com (The Deviant)
Date: Sat, 10 Aug 1996 06:08:25 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <Pine.SUN.3.92.960809000709.28414A-100000@julie.teleport.com>
Message-ID: <Pine.LNX.3.94.960809180731.1185D-100000@switch.sp.org>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 9 Aug 1996, Rich Burroughs wrote:

> Date: Fri, 9 Aug 1996 00:12:30 -0700 (PDT)
> From: Rich Burroughs <richieb at teleport.com>
> To: cypherpunks at toad.com
> Subject: Re: Oregon License Plate Site in the News Tonight!
> 
> I wrote:
> > > I do think that the information should be able to be disseminated on the
> > > Net as long as it's legal.
> > >
> 
> "The Deviant" wrote:
> > Yes, but I can also see why its a bad idea to put somebody's VIN on the
> > Net... A clever terrorist would simply plant peices of metal with some
> > other loser's VIN's in their car before blowing up a building, (i.e. my
> > name's McVeigh (sp?), and this rider truck came from Oregon ;)... see my
> > point?
> 
> A clever terrorist could get the CD and do the same thing :)  They're
> clever, right?
> 

Yes, well, true, but my point was that not _all_ of that information
should be available AT ALL.

> > I do think that some information could be allowed (what your tag says,
> > your name, your mailing address), but what was put on he net was excesive.
> 
> That's a function of what information the State decides to make availble.
> The fact that it's on the Net or not shoudln't be the issue.  If I can buy
> it on a CD or march into a State office and get it, the same potential
> harms exist.
> 
> I persoannly think this info is a privacy threat.  But if it's legal to
> distribute in other forums, the Net should be no different, IMHO.  All Net
> terrorist hype aside.
> 

I agree.  If its available, the net is as good a medium as any.

 --Deviant
You know you've been spending too much time on the computer when your
friend misdates a check, and you suggest adding a "++" to fix it.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMgt+1DAJap8fyDMVAQHctQf+Mg3pI74FLc9VzfeZoLDUU0DLzM0UYKg/
7G1HVUXPOS3CRuc40vUTx+1LO/6uGyfDUvZeW/tGEOP0tKAJ9jWZZbrbvs3XBl+G
+HPu7f4rJcsLqRLEVW8wGbJ+Z15RjtrJaB/A/QUxFwmz8y6b8XN1uAAb1Myh2fiT
XMwHW6L+dGsMIKZpAf018kdktlSLsgY4lkgcMb1b6utZkonX5POSw7DCmThOmFNp
gSaL5eKmLRHpYI2SAL48sAXvPD3Yg397/3bApIi7X2EzAlfEttg0lYlt2IMIKNsi
R+Zovv+npr/uqU4mTfwCgshHMQTXfMaXeKz8S55nQt1Tsvc6ZOIPPA==
=Q2OD
-----END PGP SIGNATURE-----






From jimbell at pacifier.com  Fri Aug  9 15:08:32 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 10 Aug 1996 06:08:32 +0800
Subject: Why should we trust the system?
Message-ID: <199608091830.LAA08975@mail.pacifier.com>


At 09:19 AM 8/9/96 -0600, Anonymous wrote:
>jim bell <jimbell at pacifier.com> wrote:
>
>>When supporting plans like GAK ("key escrow") and wiretaps...
>
><snip>
>
>>If we allow this fiasco to die without a full analysis,
>>particularly in light of the government's repeated assurances
>>with regards to search warrants, we will be as incompetent as
>>the police were.
>
>Further, my original question, phoned in anonymously to the FBI,
>mailed in anonymously to this list, and asked to the media (I
>guess I like wasting my time) has never been either asked or
>answered. I will restate it in stronger terms:
>"Why the hell, when you have a tape of the perp. saying something,
>do you not air it in the middle of a city chock full of people
>who could very well know this guy's voice/mannerisms?" Why didn't
>the media ask for it, and then give the answer (the fibbieclerk
>had no answer at all for me) the FBI gave?? Am I missing something?
>We hear 911 tapes ALL THE TIME of various stuff happening. Has the
>FBI suddenly become a bunch of civil liberties activists WRT the
>privacy of terrorist bombers?
>Just asking.
>me


And, of course, by now a substantial fraction of the people who were in 
Atlanta for the Olympics are now scattered to the winds, and their memories 
have dimmed, etc.




Jim Bell
jimbell at pacifier.com





From stewarts at ix.netcom.com  Fri Aug  9 15:08:50 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 10 Aug 1996 06:08:50 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <199608091839.LAA25540@toad.com>


At 12:26 AM 8/9/96 -0700, daw at cs.berkeley.edu (David Wagner) wrote:
>I say, what we need is a little more abuse.  I say, a well-publicized
>incident of abuse of the driver's license database can do more to
>help the cause of privacy than any amount of intellectually compelling
>debate.  Perhaps one horrible incident of abuse would ignite enough
>public backlash to stop states from selling their databases at the
>drop of a hat.

Judge Bork doesn't happen to live in Oregon, does he?
Publishing his video rental records got Congress to pass a law
against private businesses selling that kind of data;
perhaps we can embarass the state of Oregon into not selling 
data that the state forces you to provide.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From pjn at nworks.com  Fri Aug  9 15:16:28 1996
From: pjn at nworks.com (pjn at nworks.com)
Date: Sat, 10 Aug 1996 06:16:28 +0800
Subject: anarchy cookbook???
Message-ID: <TCPSMTP.16.8.9.14.40.4.2645935021.660786@.nworks.com>


 In> He blew himself up cooking napalm according to his directions.
     ^^ ^^^^ ^^^^^^^ ^^                ^^^^^^^^^ ^^ ^^^ ^^^^^^^^^^


  I hope this was a joke, or you mean: He blew himself up while following
  his directions to cook napalm.


  P.J.
  pjn at nworks.com



... Letterman of Borg - "Ok, Top 10 reasons why resistance is futile:"

___ Blue Wave/QWK v2.20 [NR]







From stewarts at ix.netcom.com  Fri Aug  9 15:21:17 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 10 Aug 1996 06:21:17 +0800
Subject: Drive the SF Central Freeway, have your license plate photo'ed.
Message-ID: <199608091854.LAA25837@toad.com>


At 10:45 PM 8/8/96 -0700, Lucky wrote:
>At 21:55 8/8/96, i am not a number! wrote:
>>CBS radio news this morning: 80,000 commuters traveling the central
>>f'way in SF will have information mailed to them regarding the quake retrofit
>>How?  Their license plates have been photographed.

>You *are* making this up, right? Please say you did.

It's possible today, and probably affordable.  If not, it will be in 1-2 years,
as Moore's law cranks down processing costs and video technology improves.
For this application, they don't have to photograph every car, or read every
plate successfully, or do it in real time.  The objective is to get lots of
drivers to take other routes or mass transit so they don't have to dump all
the traffic onto surface streets right around the construction.

Besides, this is nice friendly San Francisco.  Imagine New York City doing it:
        Yo!  Mr. E. Koch, 1234 E. 89th St. -
        We saw you takin' the West Side Highway last week.
        You better stop that as of next Friday. 
        We know where you live.  
        You got a problem wit' that?
                        Rudy.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From ph93szh at brunel.ac.uk  Fri Aug  9 15:24:37 1996
From: ph93szh at brunel.ac.uk (S Zaid Hassan)
Date: Sat, 10 Aug 1996 06:24:37 +0800
Subject: cybergangs?
Message-ID: <9768.9608091747@molnir.brunel.ac.uk>





 Okay, so this is a bit Gibsonish but after reading that piece on cybergangs
 and some of the ecash issues what I wanna know is this:

 There are no laws in cyberspace right? No one to enforce them as such
 shall we say? What happens if a group of hackers/crackers/cypherpunks
 set up shop and started offering their services to the highest bidder?

 Let's say that the US Government bans strong crypto and attempts to
 enforce is using the many, conventional, means at its disposal...
 what happens if the cypherpunks group raises the money to pay a group
 or individual to hack/destroy/grind to a halt milnet? Or some such
 government network? Or all of them? 

 How come this hasn't happened yet? Okay maybe not at such a grand scale,
 but ya know? 

 Hey it's just an idea,

 Zaid


"The wave is already gathering; one day it will wash us away." - Hermann Hesse





From jimbell at pacifier.com  Fri Aug  9 15:37:25 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 10 Aug 1996 06:37:25 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <199608091917.MAA11397@mail.pacifier.com>


At 08:48 AM 8/9/96 -0700, John F. Fricker wrote:

>I am not a great fan of social engineering and regulations. Yet the
>legisture in Oregon may get called for a special session to address this
>issue and I see this an opportunity for a grander arguement than merely
>acccess to the DMV data. And as much as we dislike the presence of the
>governments they do indeed exist. Living within their domain limits our
>choices to either: complacency through inaction (cynicism et al), attempts
>at isolation (back to the land), or taking an active role through voting,
>education, civil disobedience or participation in the process (a pox on
>party politics! the latter choice is easily the least enticing while civil
>disobedience can be truly fun! >g<). Ok so call me a statist and shove me
>out the door, but I am not argueing for the existance of a state. It does
>currently exist and I am not self-sufficient. But I digress.

Of course, in my opinion the "The State currently exists" observation is  a 
problem, but I believe it's a solvable one!



>#2) The records industry (for lack of a better term to encompass all
>companies that accumulate data on individuals) needs some standards and
>guidelines. Or walls and fences. Maybe even bars and a moat! And the sooner
>the better. Federally imposed software requirements are not uncommon in
>certain industries. It is time for standards for the personal data
>maintained by co-operating entities (ie agencies the public co-operates with
>such as doctors, the DMV, and so on).

Even better would be to simply stop the state from collecting the records in 
the first place, right?

>
>#3) The goal is the anonymous citizen. The first step it to secure the data
>currently exposed. Can this be done _without_ legislation?

Perhaps the better question is, "Can this be done _WITH_ legislation?!?"  
Legislation, by its very nature, tends to serve the interests of the 
government first, and possibly some of the citizenry trailing a bit behind.  
Remember the saying, "When the only tool you have is a hammer, you treat 
every problem as if it were a nail."  "Solving" the problem by legislation 
inherently tries to convert actions into crimes, or at least punishable 
activities.  Needless to say, it won't be GOVERNMENT people who get jailed 
or dissuaded.

A market and technology-based solution to the problem inherently involves 
cooperation, rather than confrontation, because the market has no inherent 
way to coerce people into acting





From vin at shore.net  Fri Aug  9 15:50:30 1996
From: vin at shore.net (Vin McLellan)
Date: Sat, 10 Aug 1996 06:50:30 +0800
Subject: F2 hash?
Message-ID: <v02130503ae313d72ccb8@[206.243.160.206]>


        .
         J�ri Kaljundi <jk at stallion.ee> noted that "Mudge," a fabled hacker
long associated with the elite clique "Cult of the Dead Cow," (honest!) had
been scheduled to speak on SecurID vulnerabilities at DefCon in Vegas two
weeks ago.

>>| At Defcon this year they promised to tell about some security
>>| flaws in SecurID tokens, anyone know more about that?

        Adam Shostack <adam at homeport.org> primed the pump:

>>       My understanding is that the guy who was going to give the
>>talk had nda difficulties.  Vin?  Did you make it out?  The talk was
>>going to be on race conditions, denial of service attacks, and the
>>like.

        Yup.  SDTI asked me and their Principal Engineer, John Brainard, to
wallow in the delights of Vegas and attend Mudge's scheduled speech at the
DefCon hackers' convention.

        Not knowing that half of the people over 30 attending DefCon would
be FBI agents (not undercover; wearing FBI/DefCon IV-embazoned polo shirts,
and passing out _lots_ of G-man recruiting literature! No kidding!) the
Powers That Be at SDTI selected John and I,  from the girded ranks of their
employees and sundry consultants, as either the least likely to squander
our personal fortunes at craps, or the most likely to fit in among the
(little)bit-perverted odd-balls who gather at DefCons.

        I refuse to speculate as to which (but I think I've finally got the
knack of card-counting at blackjack;-)

       As Cerridwyn Llewyellyn <ceridwyn at wolfenet.com> reported, Mudge --
posed and celebrated on page 40-something of last month's WiRed -- told the
DefCon audience that SDTI's lawyers were after him, threatening something
dire, so he was not going to release his "white paper" on weaknesses in the
ACE/SecurID system for several months.  Instead, he delivered a talk on
s/key vulnerabilities.

        This was weird, because I *knew* Security Dynamics had neither
consulted nor asked their lawyers to do anything about Mudge's speech on
SecurID vulnerabilities.  It would have been a fool's ploy: silly and
counterproductive.

        John and I took Mudge out for dinner right after that speech. He
told us then that he had inadvertently misspoken when he blamed his
temporary silence on SDTI's lawyers. The real problem, he said, was with
bullying lawyers from two corporate clients he is now under contract to in
his day job.

        (He didn't explain this further, but I understood that Mudge is
working for two firms which have access to SDTI plans and trade secrets
under non-disclosure agreements.  The firms were apparently worried about
their liability -- given their promises to SDTI and Mudge's work in their
employ.  Mudge may want to elaborate on this.  Or not.)

        Mudge is a very sharp guy; a hacker in the old sense of a system
maven -- despite his beer-swillin' Dead Cow Cult role-playing.  Off stage,
he spoke freely about which attack vectors he's been working on, but
offered limited detail.  (My impression was that when the
conflict-of-interest stuff came up, Mudge put aside his analysis of SecurID
authentication for awhile... but intends to work on it further, once free
of other obligations.)  He and SDTI's John Brainard got along well,
nattering to each other in machine code (which another DefCon luminary who
joined us, *Hobbit*, would ocassionally translate for me.)

        Mudge is deeply involved in analyzing the ACE client/server code
for weakness; he too is also very interested in the F2 algorithm -- which
he felt involves too much knowable information as input to the hash -- and,
of course (like Shimomura, the self-styled Threat of the West,) Mudge is
stolidly pounding away at the SecurID itself to retrieve and cryptoanalyze
the algorithm that hashes Current Time and the token's secret key to
generate a SecurID token-code.

        John Brainard -- who wrote the SecurID hash ten years ago -- openly
admired Mudge's ingenuity but didn't seem to feel particularly threatened.


        Mudge and John also talked about various potential high-level
protocol attacks on the network infrastructure and how they could possibly
be used to isolate a Master ACE/Server from a (backup) Slave -- with an
attacker able to both sniff incoming traffic to the Master and replay it to
the Slave (after the Slave had been artificially trapped on an isolated
subnet by the attacker.)  The discussion was out of my league, but I
enjoyed watching the vollying back and forth.

        The whole exchange was fun and reminded me of the healthy
relationship hackers in the user community used to have with product
designers.  My beard is gray.  I remember when the lead programmers for the
best time-sharing companies used to send a bottle of good booze to anyone
who alerted them to security problems in their systems.  A good tradition,
IMNSHO -- and one which I tried to continue when I picked up the check for
our dinner and Mudge's choice of wine.  (I'll bill SDTI;-)

        All the recent effort to bust the decade-old SecurID algorithm and
the ACE network protocol seem a little anachronistic, of course.  I suppose
it's kind of a grand salute to an old security warhorse (and SecurIDs are
still the first line of defense in most Fortune 500 companies.)  There has
been no formal announcement, but -- as J�ri suggested -- I think most of
the ACE/SecurID user community expects that both the network protocol and
the token's internal algorithm will be upgraded sometime in the very near
future.  (On a timeline SDTI established several years ago.)  And any new
ACE protocol will inevitably establish a stateful session for the
authentication exchange -- which will make the current generation of race
attacks historical novelties.

        SDTI Engineering (and most likely RSA Labs) have probably been
banging away at the new design for a long time.  RSA was deeply involved
with SDTI long before their recent merger;  RSA helped develop the F2 hash
that is used in the ACE client/server security protocol.  (It's this F2
hash that "Anonymous" is begging some Cypherpunk to steal,
reverse-engineer, and publish for everyone to play with.  Bad, bad,
commercial crypto!  Wouldn't want anyone to make money off strong
cryptography, would we??)

        It remains to be seen where the merger of the top OTP firm and the
top commercial crypto firm leads us --  but I, among many, hope the
widely-installed ACE/Server (with its potent RDBS) will provide the
key-management infrastructure that will allow the introduction of
enterprise-wide crypto on a scale seen only in the nightmares of the NSA's
congressional lobbyists.

        Mr. Gilmore is not the only one who has been plotting to vastly
expand the installed base of strong crypto in the coming year.

        Suerte,
                        _Vin


         Vin McLellan +The Privacy Guild+ <vin at shore.net>
      53 Nichols St., Chelsea, Ma. 02150 USA Tel: (617) 884-5548
                         <*><*><*><*><*><*><*><*><*>







From rich at c2.org  Fri Aug  9 16:36:49 1996
From: rich at c2.org (Rich Graves)
Date: Sat, 10 Aug 1996 07:36:49 +0800
Subject: Oregon License Plate Site in the News Tonight!
In-Reply-To: <2.2.32.19960809154848.0126c108@vertexgroup.com>
Message-ID: <Pine.GUL.3.95.960809131532.12726F-100000@Networking.Stanford.EDU>


On Fri, 9 Aug 1996, John F. Fricker wrote:

> #3) The goal is the anonymous citizen. The first step it to secure the data
> currently exposed. Can this be done _without_ legislation?

I disagree with this goal. The anonymous consumer/worker, yes; the public
has no business knowing what I as an economic actor buy, read, and think. If
I choose to participate fully in the political system, though, in ways that
go beyond votes and petty contributions to others' campaigns, the public has
an interest in my identity and biases. Anonymous voices can and should be
heard, and they can and should be influential at times, but they don't get
to run for office. 

-rich






From ponder at freenet.tlh.fl.us  Fri Aug  9 16:37:14 1996
From: ponder at freenet.tlh.fl.us (P. J. Ponder)
Date: Sat, 10 Aug 1996 07:37:14 +0800
Subject: John Gilmore on the Radio!
Message-ID: <Pine.A32.3.91.960809160856.44399A-100000@fn1.freenet.tlh.fl.us>


Today at lunchtime in the Eastern Time Zone, the radio show Real 
Computing with John C. Dvorak had John Gilmore as a guest, and Dvorak 
asked several questions about the US federal case against Phil 
Zimmerman.  Surprising how little Dvorak knew about the issues, 
especially considering he's a pretty bright guy and up-to-speed with the 
technology.  He asked JG [paraphrasing] - now that the government case 
against PRZ is dropped, what else is the Electronic Frontier Foundation 
(of which Gilmore is a board member) taking up as its next 'cause'?

The implication was that the 'crypto thing' is settled and we can move on
to other issues.

This may have been a rebroadcast of an earlier show, I don't know.

Gilmore was referred to by Dvorak as the head of the cypherpunks a few 
times.  







From dlv at bwalk.dm.com  Fri Aug  9 16:37:44 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Sat, 10 Aug 1996 07:37:44 +0800
Subject: Why should we trust the system?
In-Reply-To: <199608091519.JAA05472@zifi.genetics.utah.edu>
Message-ID: <k1oesD3w165w@bwalk.dm.com>


nobody at zifi.genetics.utah.edu (Anonymous) writes:
> Further, my original question, phoned in anonymously to the FBI,
> mailed in anonymously to this list, and asked to the media (I
> guess I like wasting my time) has never been either asked or
> answered. I will restate it in stronger terms:
> "Why the hell, when you have a tape of the perp. saying something,
> do you not air it in the middle of a city chock full of people
> who could very well know this guy's voice/mannerisms?" Why didn't
> the media ask for it, and then give the answer (the fibbieclerk
> had no answer at all for me) the FBI gave?? Am I missing something?
> We hear 911 tapes ALL THE TIME of various stuff happening. Has the
> FBI suddenly become a bunch of civil liberties activists WRT the


I noticed it too and had a conjecture that the caller said something
politically incorrect which they didn't want aired: like "Fuck
Janet Rhyno".

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From alanh at infi.net  Fri Aug  9 16:39:28 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 10 Aug 1996 07:39:28 +0800
Subject: Drive the SF Central Freeway, have your license plate photo'ed.
In-Reply-To: <ae3023570a0210043726@[205.199.118.202]>
Message-ID: <Pine.SV4.3.91.960809155652.21848B-100000@larry.infi.net>



A May unit wrote:


"bubbleheaded hairspray journalists"
                        ~~~~~~~~~~~~


wrong word. They are truly nothing more than actresses.





From sparks at bah.com  Fri Aug  9 16:55:52 1996
From: sparks at bah.com (Charley Sparks)
Date: Sat, 10 Aug 1996 07:55:52 +0800
Subject: Fw: The Ostrich Security Principle
Message-ID: <199608092145.RAA08394@pop1.jmb.bah.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Fri Aug 09 17:42:15 1996
OK Tim, 
I looked up Ontology.. how did you get your license ?
- -----Begin Included Message ----- 
- ---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."
- ---- End of forwarded message ----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCXAwUBMguwuOJ+JZd/Y4yVAQE+/wQMDMNJ7XIrI+VkTaNKQDdLkzUT9v8aEQzG
x9/8aFFbw5/jVJQjd3TwWjuRut3L+mc+/2GOqJwQHf1z9vakVDSdnMzIKKB68FfP
NtzU92MoqHip5D/R37cVACcAnXkoaSKvwy+m+V6Rxk2ffOlLoKLEUd9xK91hNFvs
2WymcjvaLC+MLQ==
=owbR
-----END PGP SIGNATURE-----






From sparks at bah.com  Fri Aug  9 17:02:09 1996
From: sparks at bah.com (Charley Sparks)
Date: Sat, 10 Aug 1996 08:02:09 +0800
Subject: Pronto Mailer
Message-ID: <199608092145.RAA08391@pop1.jmb.bah.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: provos at wserver.physnet.uni-hamburg.de, cypherpunks at toad.com
Date: Fri Aug 09 17:42:06 1996
I use Pronto Mail also. I just started using it yesterday. I can honestly 
say that it makes things simpler... no cutting, pasting, decrypting, 
encrypting...and on and on. It is the sweetest mailer since Ishmail ( UNIX 
/ Linux ). Not even Ishmail did key management and fetching, sending, 
etc....

I will be able to use Pronto in my effort to proselytize the cause. The 
only thing I see that will prevent a lot of folks from getting it ( and 
paying for it ) is the price. $300 US seems a bit steep to some. I am going 
to pay for it because of the time it saves me. I would like to see a few 
things added, though. Multiple address books, keyed and non-keyed ( this 
might speed up the address book or add a search ( I have several hundred 
members of my firm listed in my Eudora mailer ). I'd also like to see some 
sort of IMAP address book support ( like Simeon or Z Mail ), These would 
also be accessable seperately in the interest of spped, since the pubring 
would be on each users machine.

With the C2 option in the NT Resource kit, I'd like an explanation on using 
Pronto with NT 4. I tried all sorts of things and had no luck after 
installing.. Pronto kept telling me the pifs were no good, couldn't find 
keys, etc...

None the less, I love it so far.. Just have to get the MC down a bit to pay 
for it (<GRIN> That;s why it's a 60 day demo )
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCXAwUBMguwsOJ+JZd/Y4yVAQGeJgQJAU+SB/cl48Jhmu1khb/7p0xG24ruL4cI
av4myCELKV2GgOFfX+u48BLwCkTwRNaMIMdzBkNrQYQdofeSO0WrKJoDQVzMLeas
IK6OUCI3uELqMjtJs1TK2qrDcSKue9COpbPe4D9MzyieuObZ0CDLXhWgWGmA72Up
zFUPMrvd7swEIQ==
=c/6c
-----END PGP SIGNATURE-----






From jeremey at forequest.com  Fri Aug  9 17:03:38 1996
From: jeremey at forequest.com (Jeremey Barrett)
Date: Sat, 10 Aug 1996 08:03:38 +0800
Subject: Fun with M$
Message-ID: <Pine.BSI.3.93.960809134006.10361A-100000@descartes.forequest.com>


-----BEGIN PGP SIGNED MESSAGE-----

Some guy has written an ActiveX control which crashes windoze95... I don't
use windoze so can't try it, but if someone else is brave, I'd love to know
if it works...

Information page with a link to a page which loads the control:

	http://www.halcyon.com/mclain/ActiveX/

Quote from the page:

Exploder is an Active X control which demonstrates security problems with 
Microsoft's Internet Explorer. Exploder performs a clean shutdown of 
Win95 and will turn off the power on machines that have a power
conservation BIOS (green machines).


- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Jeremey Barrett
Senior Software Engineer			jeremey at forequest.com 
The ForeQuest Company       			http://www.forequest.com/

   "less is more."
		-- Mies van de Rohe.

   Ken Thompson has an automobile which he helped design.  Unlike most
   automobiles, it has neither speedometer, nor gas gage, nor any of the
   numerous idiot lights which plague the modern driver.  Rather, if the
   driver makes any mistake, a giant "?" lights up in the center of the
   dashboard.  "The experienced driver", he says, "will usually know
   what's wrong."

		-- 'fortune` output

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgujTi/fy+vkqMxNAQFikwP+LbLwibqKcp4FcLncenF44ptcp01j02M8
QwVbx0R+ept5jFea+R5Jhbypy+C2wvLh1hs4fjC0d2lrAQkfqiJxDAu8dblXYejy
hS1hmuzflIEcat2p0qbomKDf+Iba2fz2kXtcu5CSsmwvqWwZf9XSFiC0Gx9JJ0Nh
c/zVv9GcMIs=
=1j1L
-----END PGP SIGNATURE-----






From hua at chromatic.com  Fri Aug  9 17:07:45 1996
From: hua at chromatic.com (Ernest Hua)
Date: Sat, 10 Aug 1996 08:07:45 +0800
Subject: Massively parallel carbon-unit-based voice pattern matching
In-Reply-To: <ae30b876030210049fa8@[205.199.118.202]>
Message-ID: <199608092154.OAA04813@server1.chromatic.com>



> > "Why the hell, when you have a tape of the perp. saying something,
> > do you not air it in the middle of a city chock full of people
> > who could very well know this guy's voice/mannerisms?" Why didn't
>
> This is the single best suggestion/question I have heard about this
> entire case!

It may not be as good of a suggestion as you might think.  If the
number of false positives are so great that there is no reasonable
way for the FBI to go after everyone of them (that is, say, they
could not accurately weigh the likelihood of any particular siting
as having a reasonable chance of being worthy of investigation),
then such a act is worthless.

Also, the FBI, no doubt, has voice analysis systems much more
capable of detecting subtleties.  100,000 enthusiastic people
trying to recognize their friend/relative/co-worker's voice is just
not consistently accurate enough to give the FBI good leads while
avoiding bad ones.

Now, that said, I suppose the FBI could try something like this:

    Have some randomizing automated test which everyone can call
    into to test their hearing abilities before they can tell the
    FBI their possible lead.  Well, I take that back.  May you test
    them AFTER they leave info on their lead so that they don't get
    offended by the testing.

Well ... I guess I'll leave the exercise up to the FBI (to make the
phone-in more user-friendly).

Now what if the FBI had voice detection systems just like the ones
used in "Clear and Present Danger"?  Now THERE'S a good reason for
tapping 1% of every phone switch ...

I wonder if the public would mind having a MACHINE do drift net
matching on voices on all public phone switches in the U.S. just to
find the Olympic bomber ...  What if the specifications of that
machine were made public and the machine placed under Congressional
oversight?  (At least members of Congress would never get tapped.)

Ern







From minow at apple.com  Fri Aug  9 17:16:09 1996
From: minow at apple.com (Martin Minow)
Date: Sat, 10 Aug 1996 08:16:09 +0800
Subject: SecurID
In-Reply-To: <9608091601.AA02324@sherry.ny.ubs.com>
Message-ID: <v03007803ae3165aaac72@[17.202.12.102]>


I've been using SecureID for the better part of a year now and am
quite pleased with the way it works.  Here are the negatives,
though they are not very interesting:

-- There is a false rejection rate of around 2-5% (failure to login
   with my presumably valid SecureID card). This includes modem
   bobbles and database crashes. It generally is self-correcting.
-- Dialup access only. This would prevent me to access my mail server
   (which is inside the firewall) from telnet.
-- Interactive access only; I can't program my home machine to dial
   in at 5:00 AM to read mail without intervention.
-- We have a mixture of direct and 800 number dialups -- this presumably
   protects against problems unique to a single server.

In my case, SecureID is integrated into ARA (Apple Remote Access).
Client installation was trivial. I don't know what, if any, link-encryption
is incorporated.

The user overhead is about 30 seconds per dialup.

Martin Minow
minow at apple.com


>someone at my firm is about to press the securid system down our collective
>throats. please point me to the recent thread on this subject, and/or point
>me to some url's or the like, or to someone who has some firsthand knowledge
>of the pitfalls and/or vulnerbilities of secirid.
>
>cheers,
>	-paul
>








From bogus@does.not.exist.com  Fri Aug  9 17:33:14 1996
From: bogus@does.not.exist.com ()
Date: Sat, 10 Aug 1996 08:33:14 +0800
Subject: Fw: SafE Mail Corporation
Message-ID: <9608092200.AA07686@delfinsd.delfin.com>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

To: cypherpunks at toad.com
Date: Fri Aug 09 15:09:02 1996
Finally -- a 22 character public key that's "invulnerable to attack."

- -----Begin Included Message ----- 

Date: Fri, 9 Aug 1996 14:42:56 -0400
 From: safemail at ntrnet.net (M.Wagoner (1))
To: law-office at felix.org
Cc: 

FINALLY, SOFTWARE THAT COMPLETELY ENSURES THE CONFIDENTIALITY OF 
PRIVILEGED ATTORNEY/CLIENT INFORMATION OVER THE INTERNET!

If you are at all concerned about the security of documents that 
your firm regularly sends via e-mail, or about the confidentiality, 
integrity and size of documents currently affecting your 
transmission speeds, please read the following..........

SafE Mail=AE is a new, proprietary software product that provides 
information security through encryption, compression, error 
correction, INTERNET compatibility and, it is compatible with ANY 
electronic mailing system. 

Comparisons of SafE Mail's encryption against leading competitors 
revealed that SafE Mail's encryption key was longer and compression 
greater than any similar product available today and that SafE Mail 
offers error correction (also not available with similar products) 
of up to 30% which can typically occur during transmissions.  SafE 
Mail's proprietary technology is based on the concepts of private, 
public key and signature authentication and, it is supplied on a 
single diskette.  

SafE Mail utilizes a short 22 character public key (invulnerable to 
attack) which makes exchanging data secure and simple to do.  This 
information security software is the most secure and easiest to use 
on the market today. 

I have included some information that describes the features of 
SafE Mail I think will be of most interest to you.  If you would 
like more information, a copy of our "Frequently Asked Questions", 
or are interested in obtaining a nominal cost "demo" to evaluate 
the software yourself, please call us today. 

Thank you,
Randy Estridge
SafE Mail Corporation
1-800-252-9938
http://www.sfmc.com


SafE Mail  FEATURES
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
SafE Mail proprietary encryption and decryption of data, includes 
virtually any kind of computer generated information: text, video, 
audio, executable files, databases, spreadsheets, pictures, or any 
other kind of ASCII or binary files

*  Superior proprietary compression algorithm for fastest and most 
cost effective data transmission 

*  Powerful proprietary algorithmic control for error correction 
during transmission over noisy networks

*  Public Key distribution algorithm for exchanging presigned 
encrypted data over open networks

*  Electronic Signature protocol for exchanging presigned mail

*  User defined variable level of distortion protection that can be 
applied when using low quality transmission facilities

*  Long cryptographic key with a nearly infinite number of output 
codes

*  Multiple encryptions for extra security

*  Universal Secure Envelope format

*  Internet compatible output format

*  Easy procedure for use under Windows=AE

P.S.  Special, introductory pricing is only available this month!


Randy Estridge
SafE Mail Corporation
http://www.sfmc.com
1-800-252-9938



- ---- End of forwarded message ----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgu3Ai1djiVVpb+9AQGeewP/Q4jm/RA5HBm7IK4n6DnaQhiv6uA3OYuc
VulJtyBsV00TfcBT1FkNT/8fpr5LjIVb5PWh8WYrsoB912YnwDLi2H052jNpP1lv
DJQxq2oAQAB3VHqUFqXLVJb21iAKcaBNthObsQm1Fe6NJdH4xnNF2xX0aIBwlqNi
X6xGS24cJAk=
=IzPn
-----END PGP SIGNATURE-----




From Peter.C.M.M.Terporten at Inter.NL.net  Fri Aug  9 17:33:23 1996
From: Peter.C.M.M.Terporten at Inter.NL.net (Peter C.M.M. Terporten)
Date: Sat, 10 Aug 1996 08:33:23 +0800
Subject: Suit filed to enjoin crypto provisions of the ITAR
Message-ID: <199608092155.XAA28984@altrade.nijmegen.inter.nl.net>


I am  just such a simpe foreigner trying to understand this.

I thought that the International Traffic in Arms Regulations (ITAR) had in
the meantime been replaced with the Defense Trade Regulations (TDR). If not,
is this still in the planning?

And is the latest ITAR text somewhere on the net?

TIA, Peter  
Advokatenkantoor Terporten   Computer law   
Peter C.M.M. Terporten       Media- and information law
Paulus Potterlaan 28         e-mail: terporte at inter.nl.net
NL-3723 EZ Bilthoven         tel 31-30-2251892
The Netherlands              fax 31-30-2251889
*** Waar Recht En Techniek Samenkomen ***






From fty at mcnc.org  Fri Aug  9 17:34:34 1996
From: fty at mcnc.org (Frank E. Terhaar-Yonkers)
Date: Sat, 10 Aug 1996 08:34:34 +0800
Subject: Drive the SF Central Freeway, have your license plate photo'ed.
Message-ID: <199608092229.SAA12419@robin.mcnc.org>


It's been doable and afforadable for years.  7 years ago when I lived in
Knoxville TN there was(still is?) a firm there called Perceptics.  One of 
their products was an imaging system to OCR license plates.  I understood
the system was/is in use or being tested at US border crossings.

 >Date: Fri, 09 Aug 1996 11:56:34 -0700 Bill Stewart wrote:
 >At 10:45 PM 8/8/96 -0700, Lucky wrote:
 >>At 21:55 8/8/96, i am not a number! wrote:
 >>>CBS radio news this morning: 80,000 commuters traveling the central
 >>>f'way in SF will have information mailed to them regarding the quake retrofit
 >>>How?  Their license plates have been photographed.
 >
 >>You *are* making this up, right? Please say you did.
 >
 >It's possible today, and probably affordable.  If not, it will be in 1-2 years,
 >as Moore's law cranks down processing costs and video technology improves.
 >For this application, they don't have to photograph every car, or read every
 >plate successfully, or do it in real time.  The objective is to get lots of
 >drivers to take other routes or mass transit so they don't have to dump all
 >the traffic onto surface streets right around the construction.
 >
 >Besides, this is nice friendly San Francisco.  Imagine New York City doing it:
 >        Yo!  Mr. E. Koch, 1234 E. 89th St. -
 >        We saw you takin' the West Side Highway last week.
 >        You better stop that as of next Friday. 
 >        We know where you live.  
 >        You got a problem wit' that?
 >                        Rudy.
 >
 >#			Thanks;  Bill
 ># Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
 ># <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!
 >

\\\\////\\\\////\\\\\////\\\\\////\\\\////\\\\////\\\\////\\\\////\\\\////\\\\
Frank Terhaar-Yonkers,  Manager
High Performance Computing and Communications Research
MCNC
PO Box 12889	3021 Cornwallis Road
Research Triangle Park,  North Carolina  27709-2889
fty at mcnc.org   voice (919)248-1417   FAX (919)248-1455

http://www.mcnc.org/hpcc.html





From reagle at rpcp.mit.edu  Fri Aug  9 17:45:27 1996
From: reagle at rpcp.mit.edu (Joseph M. Reagle Jr.)
Date: Sat, 10 Aug 1996 08:45:27 +0800
Subject: Electronic Cash System Based On The Representation
Message-ID: <199608092225.SAA26589@mccannerick-bh.mccann.com>


Interesting paper I had not heard of, but was recently referred to...

http://www.cwi.nl/~brands/cash.html

Electronic Cash System Based On The Representation 
Problem Stefan Brands CWI 
P.O. Box 4079, 1009 AB Amsterdam 
The Netherlands e-mail: brands at cwi.nl 

Abstract: We present a new on-line electronic cash system based on a
problem, called the representation problem, of which little use has been
made in literature thus far. Our system is the first to be based entirely on
discrete logarithms. Using the representation problem as a basic concept,
some techniques are introduced that enable us to construct protocols for
withdrawal and payment that do not use the cut and choose methodology of
earlier systems. As a consequence, our cash system is much more efficient in
both computation and communication complexity than previously proposed
systems. Another important aspect of our system concerns its provability .
Contrary to previously proposed systems, its correctness can be
mathematically proven to a very great extent. Specifically , if we make one
plausible assumption concerning a single hash-function, the ability to break
the system seems to imply that one can break the Diffie-Hellman problem. Our
system offers a number of extensions that are hard to achieve in previously
known systems. In our opinion the most interesting of these is that the
entire cash system (including all the extensions) can be incorporated
straight forwardly in a setting based on wallets with observers, which has
the important advantage that double- spending can be prevented in the
\014rst place, rather than detecting the identity of a double-spender after
the fact. In particular, it can be incorporated even under the most
stringent requirements conceivable about the privacy of the user, which
seems to b e impossible to do with previously proposed systems. Another
benefit of our system is that framing attempts by a bank have negligible
probability of success (independent of computing power) by a simple
mechanism from within the system, which is something that p previous
solutions lack entirely . Furthermore, the basic cash system can be extended
to checks, multi-show cash and divisibility , while retaining its
computational efficiency. Although in this paper we only make use of the
representation problem in groups of prime order, similar intractable
problems hold in RSA-groups (with computational equivalence to facto ring
and computing RSA- roots). We discuss how one can use these problems to
construct an efficient cash system with security related to factoring or
computation of RSA-roots, in an analogous way to the discrete log based
system. Finally , we discuss a decision problem (the decision variant of the
Diffie-Hellman problem) that is strongly related to undeniable signatures,
which to our knowledge has never been stated in literature and of which we
do not know whether it is in BPP. A p roof of its status would be of
interest to discrete log based cryptography in general. Using the
representation problem, we show in the appendix how to batch the
confirmation protocol of undeniable signatures such that polynomially many
undeniable signatures can be verified in four moves. 

AMS Subject Classification (1991) : 94A60 
CR Subject Classification (1991) : D.4.6 
Keywords and Phrases : Cryptography , 
Electronic Cash, Representation Problem 
_______________________
Regards,            It is not because things are difficult that we do not dare; 
                    it is because we do not dare that they are difficult.
-Seneca
Joseph  Reagle      http://rpcp.mit.edu/~reagle/home.html
reagle at mit.edu      E0 D5 B2 05 B6 12 DA 65  BE 4D E3 C1 6A 66 25 4E






From alano at teleport.com  Fri Aug  9 17:49:36 1996
From: alano at teleport.com (Alan Olsen)
Date: Sat, 10 Aug 1996 08:49:36 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <2.2.32.19960809204258.00aaa7b8@mail.teleport.com>


At 09:24 AM 8/9/96 -0700, Rich Graves wrote:

>It might be fun to make the database open for a couple weeks, without a
>caveat about logging, and then publish the logs. Allow reverse lookups,
>i.e., who looked up my record.  A nice little dragnet of people who are
>interested in invading your privacy. 

This is impractical for one reason.  In most cases it will show the address
of the service provider, but will report nothing beyond that.  You will just
see which IP address you were assigned when you logged on.  The logs would
be true is some sense, flase in some sense and meaningless in most sense.

>For the near-medium term, I am resigned to the fact that government is going
>to collect personal information, and that it is going to leak out. I'm just
>interested in full disclosure of the leaks, and who is benefiting from them. 

This brings up an interesting point.  Is it poosible to obtain the list of
all the individuals/corporations that have purchaced the list of DMV
information and post *THAT* information to the net.  I think that people
would be surprised just who uses that information and for what...
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From alano at teleport.com  Fri Aug  9 17:53:44 1996
From: alano at teleport.com (Alan Olsen)
Date: Sat, 10 Aug 1996 08:53:44 +0800
Subject: photographed license plates
Message-ID: <2.2.32.19960809204211.00ff5090@mail.teleport.com>


At 08:23 AM 8/9/96 -0700, i am not a number! wrote:

>O, and I think they're talking more about putting up cameras at some 
>troubling intersections to take pictures of cars running red-lights.
>
>And cameras on transit vehicles (buses primarily).

They already have cameras on Tri-Met busses in Portland Oregon.  (Not all of
them, yet...  But many of them have two cameras.  One at the front and one
at the middle.)

It occured during one of the media inspired panics about people with guns on
busses.

>Gee, I am starting to feel so warm and safe!

Remember: A Paranoid constabulary is an effiecient constabulary.  (Just
because you got caught in the crossfire of a cop shooting at a suspected jay
walker does not make it any less effiecient.)

Support your local police for a more efficient police state!

---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From tcmay at got.net  Fri Aug  9 18:24:11 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 10 Aug 1996 09:24:11 +0800
Subject: Massively parallel carbon-unit-based voice pattern matching
Message-ID: <ae3118a30102100402f5@[205.199.118.202]>


At 9:54 PM 8/9/96, Ernest Hua wrote:


>Also, the FBI, no doubt, has voice analysis systems much more
>capable of detecting subtleties.  100,000 enthusiastic people

But the FBI presumably has no data base of voices to compare the voice on
the 911 tape to! They can have the most sophisticated voice analysis system
in the world and it useless, except in comparing the voice to
previously-recorded samples.

(This is presumably how the NSA's capabilities are used, as they have the
voice patterns of Boris Yeltsin, Yassir Arafat, Saddam Hussein, Bob Dole
and other previously-recorded voices. Plus, they can use COMINT at will
outside the U.S. (and maybe in the U.S....) and can acquire new voice
patterns for their libraries.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jimbell at pacifier.com  Fri Aug  9 18:32:34 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 10 Aug 1996 09:32:34 +0800
Subject: Massively parallel carbon-unit-based voice pattern matching
Message-ID: <199608092330.QAA26402@mail.pacifier.com>


At 02:54 PM 8/9/96 -0700, Ernest Hua wrote:
>Now what if the FBI had voice detection systems just like the ones
>used in "Clear and Present Danger"?  Now THERE'S a good reason for
>tapping 1% of every phone switch ...
>
>I wonder if the public would mind having a MACHINE do drift net
>matching on voices on all public phone switches in the U.S. just to
>find the Olympic bomber ...  What if the specifications of that
>machine were made public and the machine placed under Congressional
>oversight?  (At least members of Congress would never get tapped.)

Voiceprints used to be doable only with sophisticated, specialized 
equipment.  Presumably, they would be doable today with "only" a PC and 
soundcard, along with some software.  This raises an interesting question:  
Would it be possible to modify speech to remove the identifiable 
characteristics which came from the speaker, and replace them with those of 
some other person.  

In other words, could somebody fake a bomb threat using a recording which 
has been processed to sound "exactly" like some famous person whose voice 
you can analyze?  


Jim Bell
jimbell at pacifier.com





From bluemoon at mindvox.com  Fri Aug  9 18:36:30 1996
From: bluemoon at mindvox.com (platinum)
Date: Sat, 10 Aug 1996 09:36:30 +0800
Subject: Waiting Game on wiretapping and crypto, from HotWired
In-Reply-To: <v01510101ae2d0b1a7fc7@[204.62.128.229]>
Message-ID: <Pine.SOL.3.91.960809193252.7197D-100000@phantom>


can anyone tell me why i got nine copies of this message?
	Rose

           I am Rose my eyes are blue / I am Rose and who are you 
            I am Rose and when I sing / I am Rose like anything
                              --Gertrude Stein

		            bluemoon at MINDVOX.com






From jimbell at pacifier.com  Fri Aug  9 19:09:12 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 10 Aug 1996 10:09:12 +0800
Subject: John Gilmore on the Radio!
Message-ID: <199608092254.PAA24182@mail.pacifier.com>


At 04:38 PM 8/9/96 -0400, P. J. Ponder wrote:
>Today at lunchtime in the Eastern Time Zone, the radio show Real 
>Computing with John C. Dvorak had John Gilmore as a guest,


>Gilmore was referred to by Dvorak as the head of the cypherpunks a few 
>times.  

What was that old saying, "Like herding cats"?
Jim Bell
jimbell at pacifier.com





From rich at c2.org  Fri Aug  9 19:17:34 1996
From: rich at c2.org (Rich Graves)
Date: Sat, 10 Aug 1996 10:17:34 +0800
Subject: John Gilmore on the Radio!
In-Reply-To: <Pine.A32.3.91.960809160856.44399A-100000@fn1.freenet.tlh.fl.us>
Message-ID: <Pine.GUL.3.95.960809165855.15077A-100000@Networking.Stanford.EDU>


On Fri, 9 Aug 1996, P. J. Ponder wrote:

> Gilmore was referred to by Dvorak as the head of the cypherpunks a few 
> times.  

Did he mention any other body parts?

(Hey, shouldn't there be a SF Bay Area cpunks meeting tomorrow? I'm
otherwise engaged, but I'd have expected to see an announcement of what I'm
missing.) 

-rich






From jeremey at forequest.com  Fri Aug  9 19:38:42 1996
From: jeremey at forequest.com (Jeremey Barrett)
Date: Sat, 10 Aug 1996 10:38:42 +0800
Subject: Fw: SafE Mail Corporation
In-Reply-To: <9608092200.AA07686@delfinsd.delfin.com>
Message-ID: <Pine.BSI.3.93.960809172215.10361I-100000@descartes.forequest.com>


-----BEGIN PGP SIGNED MESSAGE-----

> Date: Fri, 9 Aug 1996 14:42:56 -0400
>  From: safemail at ntrnet.net (M.Wagoner (1))
> To: law-office at felix.org
> Cc: 
> 
> FINALLY, SOFTWARE THAT COMPLETELY ENSURES THE CONFIDENTIALITY OF 
> PRIVILEGED ATTORNEY/CLIENT INFORMATION OVER THE INTERNET!
> 
> If you are at all concerned about the security of documents that 
> your firm regularly sends via e-mail, or about the confidentiality, 
> integrity and size of documents currently affecting your 
> transmission speeds, please read the following..........
> 
> SafE Mail=AE is a new, proprietary software product that provides 
> information security through encryption, compression, error 
> correction, INTERNET compatibility and, it is compatible with ANY 
> electronic mailing system. 

[ blah blah blah blah blah.... ]

Not this again...

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Jeremey Barrett
Senior Software Engineer			jeremey at forequest.com 
The ForeQuest Company       			http://www.forequest.com/

   "less is more."
		-- Mies van de Rohe.

   Ken Thompson has an automobile which he helped design.  Unlike most
   automobiles, it has neither speedometer, nor gas gage, nor any of the
   numerous idiot lights which plague the modern driver.  Rather, if the
   driver makes any mistake, a giant "?" lights up in the center of the
   dashboard.  "The experienced driver", he says, "will usually know
   what's wrong."

		-- 'fortune` output

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgvWii/fy+vkqMxNAQEPLwP8DF+sIbGTqiyDi+i04eWjnNjOiXn3iWsq
9ypWK1TLA/FVU23VFIO5jJ58pT3HQwk2fo//VWmkVbdPl4rMbBxEt7/19xL++lmH
lE97b6fcOmGaToFOUejZizJWs1QVGqZ0LI9DArRrfjL6QfRgyb6c5yHEWbw26XT7
QwX92V7haG4=
=XY8w
-----END PGP SIGNATURE-----






From serw30 at laf.cioe.com  Fri Aug  9 19:39:05 1996
From: serw30 at laf.cioe.com (Eric Wilson)
Date: Sat, 10 Aug 1996 10:39:05 +0800
Subject: cybergangs?
Message-ID: <1.5.4.32.19960809230950.006ae3d0@gibson.cioe.com>


At 06:47 PM 8/9/96 +0100, you wrote:
>
>
>
> Okay, so this is a bit Gibsonish but after reading that piece on cybergangs
> and some of the ecash issues what I wanna know is this:
>
> There are no laws in cyberspace right? No one to enforce them as such
> shall we say? What happens if a group of hackers/crackers/cypherpunks
> set up shop and started offering their services to the highest bidder?
>
> Let's say that the US Government bans strong crypto and attempts to
> enforce is using the many, conventional, means at its disposal...
> what happens if the cypherpunks group raises the money to pay a group
> or individual to hack/destroy/grind to a halt milnet? Or some such
> government network? Or all of them? 
>
> How come this hasn't happened yet? Okay maybe not at such a grand scale,
> but ya know? 
>
> Hey it's just an idea,
>
> Zaid
>
>
>"The wave is already gathering; one day it will wash us away." - Hermann Hesse
>
A kind of Cybermilitia! Can we still wear green uniforms and camouflage face
paint?

Eric






From mirele at xmission.com  Fri Aug  9 20:00:16 1996
From: mirele at xmission.com (Deana Holmes)
Date: Sat, 10 Aug 1996 11:00:16 +0800
Subject: Another thing the Net is being blamed for...
Message-ID: <199608100049.SAA05625@xmission.xmission.com>


Yet another thing that we're being blamed for.  

FYI, the temple ceremony has been reproduced many times since it was 
first exposed in the 1840s.  The most recent revision (1990) was kept 
secret for only a short time before notorious former members got 
ahold of a tape and transcript of the ceremony.  (I have a good idea 
of how they got it.)  As far as I can tell, it didn't actually make 
it on to the Net until about 1994.

This particular Mormon churchman (Russell Ballard) gave a speech a 
year or so ago warning Mormons in vague terms about the evils of the 
Internet.  I suppose this is part of it.

=====

>From this morning's Rolley&Wells column in the Salt Lake Tribune (without
permission):

   "During a press tour this week of the LDS [Mormon] Church's new Mount
Timpanogos Temple in American Fork, a member of the news media asked
why a writtem copy of the temple ceremony was not given to members
with temple recommends so they could study it in the privacy of their
homes.
   Elder M. Russell Ballard of the Quorum of the Twelve Apostles
informed the reporter that there was no need. A church member had
'broken the covenant' -- taped the ceremony, transcribed it, and put
it on the Internet for all to read."

<end>

Deana M. Holmes
April 1996 poster child for clueless $cientology litigiousness
alt.religion.scientology archivist since 2/95
mirele at xmission.com





From roger at coelacanth.com  Fri Aug  9 20:00:55 1996
From: roger at coelacanth.com (Roger Williams)
Date: Sat, 10 Aug 1996 11:00:55 +0800
Subject: Drive the SF Central Freeway, have your license plate   photo'ed.
In-Reply-To: <199608091854.LAA25837@toad.com>
Message-ID: <roger7mr8m1mt.fsf@sturgeon.coelacanth.com>


>>>>> Bill Stewart <stewarts at ix.netcom.com> writes:
  > At 10:45 PM 8/8/96 -0700, Lucky wrote:
  >> You *are* making this up, right? Please say you did.

  > It's possible today, and probably affordable.

It's been reasonably affordable for several years.  

Video number plate reading is routinely used around here for gathering
statistics on the points of origin of commuter traffic, for highway
planning purposes.  (The numbers are looked up in the Registry
database to find where each commuter is likely to have come from.)

-- 
Roger Williams                         finger me for my PGP public key
Coelacanth Engineering        consulting & turnkey product development
Middleborough, MA           wireless * DSP-based instrumentation * ATE
tel +1 508 947-8049 * fax +1 508 947-9118 * http://www.coelacanth.com/






From rich at c2.org  Fri Aug  9 20:03:24 1996
From: rich at c2.org (Rich Graves)
Date: Sat, 10 Aug 1996 11:03:24 +0800
Subject: Fw: SafE Mail Corporation
In-Reply-To: <9608092200.AA07686@delfinsd.delfin.com>
Message-ID: <Pine.GUL.3.95.960809175133.15098C-100000@Networking.Stanford.EDU>


I trust their error was corrected on the relevant list?

I notice they've "sweetened" their "hacker" deal for cracking their
software. Now it's an all-expense-paid trip to North Carolina plus about
$400. Still not worth it, unless you're just pissed off.

-rich






From llurch at networking.stanford.edu  Fri Aug  9 20:12:00 1996
From: llurch at networking.stanford.edu (Rich Graves)
Date: Sat, 10 Aug 1996 11:12:00 +0800
Subject: Fun with M$
In-Reply-To: <Pine.BSI.3.93.960809134006.10361A-100000@descartes.forequest.com>
Message-ID: <Pine.GUL.3.95.960809173935.15098B-100000@Networking.Stanford.EDU>


On Fri, 9 Aug 1996, Jeremey Barrett wrote:

> Information page with a link to a page which loads the control:
> 
> 	http://www.halcyon.com/mclain/ActiveX/
> 
> Quote from the page:
> 
> Exploder is an Active X control which demonstrates security problems with 
> Microsoft's Internet Explorer. Exploder performs a clean shutdown of 
> Win95 and will turn off the power on machines that have a power
> conservation BIOS (green machines).

I love it!

I'll add it to the win95netbugs FAQ tomorrow.

-rich






From sandfort at crl.com  Fri Aug  9 20:15:08 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 10 Aug 1996 11:15:08 +0800
Subject: Massively parallel carbon-unit-based voice pattern matching
In-Reply-To: <199608092330.QAA26402@mail.pacifier.com>
Message-ID: <Pine.SUN.3.91.960809180401.26357G-100000@crl12.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 9 Aug 1996, jim bell wrote:

> Would it be possible to modify speech to remove the identifiable 
> characteristics which came from the speaker, and replace them
> with those of some other person.  

Equipment exists that can remove the microtremors associated with
stress, thus defeating voice stress analysis technology.  Modeling
someone elses voice print would seem to be of little value, if
possible at all.

However, one could use voice-synthesis software to phone in a
bomb threat.  (The cops would probably arrest Stephen Hawkings 
on the basis of the voice print.)


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From jimbell at pacifier.com  Fri Aug  9 20:51:27 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 10 Aug 1996 11:51:27 +0800
Subject: Massively parallel carbon-unit-based voice pattern matching
Message-ID: <199608100145.SAA03557@mail.pacifier.com>


At 06:09 PM 8/9/96 -0700, Sandy Sandfort wrote:
>On Fri, 9 Aug 1996, jim bell wrote:
>
>> Would it be possible to modify speech to remove the identifiable 
>> characteristics which came from the speaker, and replace them
>> with those of some other person.  
>
>Equipment exists that can remove the microtremors associated with
>stress, thus defeating voice stress analysis technology. 


I wonder if such equipment is used on CSPAN and CSPAN-2?

(And that's a serious question!)



There is a relatively famous neurologist named Oliver Sacks who has written 
a series of books concerning odd brain disorders among his and other 
patients.  In one book (maybe it was, "The Man who mistook his wife for a 
hat") he describes a scene where a group of patients with the same ailment 
(maybe it was called "aphasia", but it's been a few years...) were watching 
a speech by Ronald Reagan.    As I recall, people with this ailment can't 
understand what's being said to them, but they CAN tell whether the person 
speaking is telling the truth.  (or, at least, BELIEVES he's telling the 
truth...)  

All the patients laughed at Reagan's speech.


Jim Bell
jimbell at pacifier.com





From morgan at keilin.helsinki.fi  Fri Aug  9 21:31:07 1996
From: morgan at keilin.helsinki.fi (Joel Morgan)
Date: Sat, 10 Aug 1996 12:31:07 +0800
Subject: open diplomatic pouch
Message-ID: <199608100006.DAA27633@keilin.helsinki.fi>


According to the Economist (20 July p. 28) the Danish ombudsman
has ruled that correspondence between the foreign ministry and
embassies must be available to the public.

-- 
=====================================================================
Joel.Morgan at Helsinki.FI              http://blues.helsinki.fi/~morgan
    "Over the mountains there are mountains."   -- Chang-rae Lee 
=====================================================================





From jimbell at pacifier.com  Fri Aug  9 22:11:18 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 10 Aug 1996 13:11:18 +0800
Subject: Why should we trust the system?
Message-ID: <199608100120.SAA02197@mail.pacifier.com>


At 07:10 AM 8/9/96 +0000, jonathon wrote:
>On Thu, 8 Aug 1996, jim bell wrote:
>
>> Okay, I'll admit that I _never_ believed that judges actually follow the 
>> standards they claim to.  But many other people of those who are more 
>
>	I know of a very good way to ensure that judges do follow
>	the standards that they claim to follow.
>
>	It works even better at making politicians keep all the
>	election promises the make.
>
>	Has one drawback --- it reduces the number of people willing
>	to carry out those two functions to virtually zero.  OTOH, that
>	probably would be a very good thing.  
>

That's odd...I know of one also!    B^)


Jim Bell
jimbell at pacifier.com





From sandfort at crl.com  Fri Aug  9 22:32:21 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 10 Aug 1996 13:32:21 +0800
Subject: John Gilmore on the Radio!
In-Reply-To: <Pine.GUL.3.95.960809165855.15077A-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SUN.3.91.960809184024.26357I-100000@crl12.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 9 Aug 1996, Rich Graves asked:

> (Hey, shouldn't there be a SF Bay Area cpunks meeting tomorrow?

Cypherpunks operate on Parisian time.  Every August many of us 
flee the Bay Area or are too sluggish to go to meetings.  (Now
parties are usually a different matter.)


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From harka at nycmetro.com  Fri Aug  9 23:44:24 1996
From: harka at nycmetro.com (harka at nycmetro.com)
Date: Sat, 10 Aug 1996 14:44:24 +0800
Subject: Massively parallel ca
Message-ID: <TCPSMTP.16.8.9.-10.26.28.2780269260.1225298@nycmetro.com>


 * Carbons sent to: In: tcmay at got.net

 -=> Quoting In:tcmay at got.net to Harka <=-


 In> But the FBI presumably has no data base of voices to compare the voice
 In> on the 911 tape to! They can have the most sophisticated voice analysis
 In> system in the world and it useless, except in comparing the voice to
 In> previously-recorded samples.

 In> (This is presumably how the NSA's capabilities are used, as they have
 In> the voice patterns of Boris Yeltsin, Yassir Arafat, Saddam Hussein, Bob
 In> Dole and other previously-recorded voices. Plus, they can use COMINT at
 In> will outside the U.S. (and maybe in the U.S....) and can acquire new
 In> voice patterns for their libraries.)


Here the technical progresses made in eaves-dropping technology come in really handy. Eaves-dropping on, let's say, apartments is these days rather trivial and a great way of collecting voice samples of 'suspects'.
That the FBI doesn't have a voice database or at least access to one, I seriously doubt. Most of the technologically advanced countries use voice-recognition already to monitor phone traffic. The US does, Germany does, the UK....
The system functions 'vacuum-cleaner-like' and reacts to voice patterns (individual voices) and trigger words. If a trigger word is said, the entire conversation will be recorded and the telephone number on either end determined for later review.
There are a few books out there, that deal with that kind of thing. Unfortunately, I only remember a german one: "The RAF Phantom", written by three journalists. But an Altavista might bring something up too...


Harka
___ Blue Wave/386 v2.30 [NR]







From tcmay at got.net  Sat Aug 10 00:01:23 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 10 Aug 1996 15:01:23 +0800
Subject: Data Bases of Voiceprints?
Message-ID: <ae3157dd02021004dde0@[205.199.118.202]>


At 3:26 AM 8/10/96, harka at nycmetro.com wrote:
> * Carbons sent to: In: tcmay at got.net

(BTW, I read the list, so no need to send carbons to me, or carbon-based
units. or carbon-based citizen-units.)

>Here the technical progresses made in eaves-dropping technology come in
>really handy. Eaves-dropping on, let's say, apartments is these days
>rather trivial and a great way of collecting voice samples of 'suspects'.
>That the FBI doesn't have a voice database or at least access to one, I
>seriously doubt. Most of the technologically advanced countries use
>voice-recognition already to monitor phone traffic. The US does, Germany
>does, the UK....

I'm skeptical. To paraphrase Dr. Strangelove, what use is such a data base
if cops and agents don't know it exists? (Granted, useful in a few
exceptional cases, even if field offices and agents are unaware that it
exists, but not useful for many cases.)

If such a voiceprint database, obtained surreptitiously through National
Technical Means (tm), were to exist and be known to exist by investigators,
word of its existence would leak out quickly enough.

This is just my opinion, of course. But, as the Martian watchers say,
extraordinary claims require extraordinary proof. Do you _know_, that such
a data base exists? (A data base of, say, more than 5% of all the adults in
the U.S., in a data base that is searchable by voice print match to samples
submitted by FBI or other law enforcement agents.)

>The system functions 'vacuum-cleaner-like' and reacts to voice patterns
>(individual voices) and trigger words. If a trigger word is said, the
>entire conversation will be recorded and the telephone number on either
>end determined for later review.
>There are a few books out there, that deal with that kind of thing.
>Unfortunately, I only remember a german one: "The RAF Phantom", written by
>three journalists. But an Altavista might bring something up too...

Sure, we all know--or should know--what the _capabilities_ are,
technically. But capability !=! actuality.

I doubt such a data base of voice prints exists.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From dsmith at prairienet.org  Sat Aug 10 00:11:52 1996
From: dsmith at prairienet.org (David E. Smith)
Date: Sat, 10 Aug 1996 15:11:52 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <199608100428.XAA18766@bluestem.prairienet.org>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Fri Aug 09 23:30:57 1996
> I believe that in California, you may have a PO Box on your 
> driver's license, but the state has to have your "real" address
> in its records.  As noted, some people forget to update this 
> information when they move, and others list their lawyer's 
> address with the state.  Presumably, that should satisfy the 
> legal justifications for requiring an address.

In Missouri, that's all they wanted (a PO Box).  That's
perfectly copacetic by them.  If you want to register for
voting - since we have Motor Voter - they of course need
a real address.  And the post office's requirements for
getting a PO Box are nearly nonexistent.

> >     More important is ensuring that all the addresses that the 
> >     state has on you are the same.  The preference seems to be 
> >     to have the same address as is on one's checks.  
> 
> That may be the preference, but I just use my e-mail address on
> my checks.  If more is required to cut a deal, I can choose to
> add more information by hand if I am willing to do so to do the
> transaction.

I like that - email on cheques.  Wish I'd thought of that before
I ordered my last batch.

>  S a n d y
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dave


- ---- David E. Smith  POB 324  Cape Girardeau MO USA 63702
dsmith at prairienet.org   http://www.prairienet.org/~dsmith
send mail of 'send pgp-key' subject for my PGP public key
  "Heard a lot of talk about this Jesus, a man of love,
   a man of strength; but what a man was two thousand
    years ago means nothing at all to me today ... "
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Automagically signed with Pronto Secure for Windows.

iQEVAwUBMgwQmDVTwUKWHSsJAQGN1Af+LqxaOOIo/ZfMOLbUxRa09PLO5vArlZyW
sKbngGrr3ZPVVxIkrrhaBTPPQ2VFkzcrx+ixUZa36+tdf0F+Q8oZBbrRy+NBFqMr
D8x/5cHbXQ/1u7dZuHfDx9s0AFeijb2oNZ7XdmuoSb6evS2xuwknx15zLdHqt1LO
AiJgw86Bdwa1eYBYrCLt0JtvVXA8zB5CTZs/ZawpOszlcUwbPptOFH0S6fhGwolC
4zA2qE6nyOiD3efl6Q3TPnlUcusFj3ICa8bvzz3DgRIGJMN/pWHU+A4NmtL/NOoj
MGZfHGDiI27YOF6p+9p+pZ93HJuVJQOd+1US3hXBriM1lrVfNqMUlw==
=oBZP
-----END PGP SIGNATURE-----






From pstira at escape.com  Sat Aug 10 00:27:54 1996
From: pstira at escape.com (pstira at escape.com)
Date: Sat, 10 Aug 1996 15:27:54 +0800
Subject: DMV/Public record data on CDROM
Message-ID: <199608100338.XAA11082@escape.com>


There are several state's DMV data (or other public record data such as
Voter Registration) available on CD-ROM, with DOS search engines.

I have the demos for some of these programs on

    http://www.escape.com/~pstira/pi

Oregon is not the only place you can obtain this type of information.





From reece at taz.nceye.net  Sat Aug 10 00:34:06 1996
From: reece at taz.nceye.net (Bryan Reece)
Date: Sat, 10 Aug 1996 15:34:06 +0800
Subject: Fw: SafE Mail Corporation
In-Reply-To: <Pine.BSI.3.93.960809172215.10361I-100000@descartes.forequest.com>
Message-ID: <199608100358.XAA08898@taz.nceye.net>


   Date: Fri, 9 Aug 1996 17:24:01 -0700 (PDT)
   From: Jeremey Barrett <jeremey at forequest.com>
   MIME-Version: 1.0
   Content-Type: TEXT/PLAIN; charset=US-ASCII
   Sender: owner-cypherpunks at toad.com
   Precedence: bulk


   > Date: Fri, 9 Aug 1996 14:42:56 -0400
   >  From: safemail at ntrnet.net (M.Wagoner (1))
   > To: law-office at felix.org
   > Cc: 
   > 
   > FINALLY, SOFTWARE THAT COMPLETELY ENSURES THE CONFIDENTIALITY OF 
   > PRIVILEGED ATTORNEY/CLIENT INFORMATION OVER THE INTERNET!
   > 

[snipped harder]

   [ blah blah blah blah blah.... ]

   Not this again...


Afraid so.  But they do challenge hackers to break it (the old `here's
some ciphertext, doesn't this look secure?' thing).  They also offer a
`free demo version', but due to federal law they can't make it
available over the net so they do this:

[from the order form on their web site:]
|                      copy    "EndUser"     2+    S/H       SubTotal
| DOS DEMO - version  ______ x   _FREE_   _FREE_   __$40_   =__________
                                                     ^^^

How nice of them to offer this free trial.  And if you crack the
sample message, you *get a free copy of the weak software*. Neat, huh?





From adamsc at io-online.com  Sat Aug 10 00:42:42 1996
From: adamsc at io-online.com (Chris Adams)
Date: Sat, 10 Aug 1996 15:42:42 +0800
Subject: e$: Watching the MacRubble Bounce
Message-ID: <199608100456.VAA05213@toad.com>


On 9 Aug 96 01:54:52 -0800, deviant at pooh-corner.com wrote:

>> If you accept that, then doesn't that make writing crypto software for
>> any Unix platform *even more* of a waste of time?  Because last time I
>> checked, there were way more Macs on mom-and-pop's desks than Unix
>> machines, counting *all* vendors.

>Pardon my French, but you mus be fucking stupid or somehing.  How many
>universities use UNIX platforms?  How many companies use UNIX platforms?
>Sun, DEC, and SGI don't stay in buisiness by building cheap Windows boxes
>ya know.  There are 13948 _registered_ LINUX machines, not to mention the
>unregistered ones.  Don't tell me that Cray's were designed to run MacOS
>or Windows 95.  UNIX isn' NEARLY as dead as Apple is.

I think the numbers have escaped you:  there are far more Macs than Unix
machines.  It doesn't matter that Unix has a larger market with
universities or Internet weenies, merely that overall more people use
Macs than Unix. Also, FWIW some of those Unix machines are Macs running
A/UX (Apple's Unix).

One last thought: Sun, Dec, SGI, etc all make RISC Unix machines.  Apple
is the largest RISC vendor on the planet...

Given that the Amiga is still around (and may be revived) despite the
fact that the Mac:Amiga ratio is probably the same as the PC:Mac ratio,
I'd say that it's quite likely Apple will stay around.  Inspite of the
hype about loses, Apple posted tens-of-millions-of-dollars profits last
quarter - rare for a dead company... <g>  They still cannot meet the
demand for the PowerBooks - probably the best notebook available at any
cost.

# Chris Adams <adamsc at io-online.com> - Webpages for sale! Se habla JavaScript!
# Automatically receive my resume or PGPKEY by sending email with a subject
# of 'send PGPKEY' or 'send resume'. Capitalization counts so be careful!
# Web site: http://www.io-online.com/adamsc/adamsc.htp
 








From ichudov at algebra.com  Sat Aug 10 00:43:44 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Sat, 10 Aug 1996 15:43:44 +0800
Subject: cybergangs?
In-Reply-To: <1.5.4.32.19960809230950.006ae3d0@gibson.cioe.com>
Message-ID: <199608100514.AAA32117@manifold.algebra.com>


Eric Wilson wrote:
> > How come this hasn't happened yet? Okay maybe not at such a grand scale,
> > but ya know? 
> A kind of Cybermilitia! Can we still wear green uniforms and camouflage face
> paint?

Go to news.* groups. You will see all kinds of people there.

	- Igor.





From minow at apple.com  Sat Aug 10 02:11:42 1996
From: minow at apple.com (Martin Minow)
Date: Sat, 10 Aug 1996 17:11:42 +0800
Subject: Massively parallel carbon-unit-based voice pattern matching
In-Reply-To: <199608092330.QAA26402@mail.pacifier.com>
Message-ID: <v03007801ae31dbe7581f@[17.202.12.102]>


Voiceprints can be done on a modern PC with a D/A sound input. The
software is, essentially, FFT, various kinds of digital filtering
and windowing, and display. Linguists (my "real" profession) have
a generally low opinion of voiceprint analysis.

For an excellent introduction to the technology, read Alexander
Solzhenitsyn's "First Circle." (The linguistics is accurate.)

Martin Minow
minow at apple.com








From prz at ACM.ORG  Sat Aug 10 02:14:21 1996
From: prz at ACM.ORG (Philip Zimmermann)
Date: Sat, 10 Aug 1996 17:14:21 +0800
Subject: New web page for pgp.com
Message-ID: <199608100716.HAA01383@maalox>


I just wanted to let folks know that my new company has a new 
web page up at www.pgp.com.

Also, we are hiring a lot of people.  If you would like to work for
PGP Inc, contact us.  We need engineers, cryptographers, marketing
people, and people with many other skills.  If you are interested,
send email to our CEO, Tom Steding, at tsteding at pgp.com.  Or call us
at 415 631-1747.

--Philip Zimmermann
  prz at pgp.com





From pjn at nworks.com  Sat Aug 10 04:52:42 1996
From: pjn at nworks.com (pjn at nworks.com)
Date: Sat, 10 Aug 1996 19:52:42 +0800
Subject: Drive the SF Central
Message-ID: <TCPSMTP.16.8.10.5.51.48.2645935021.660960@.nworks.com>


 >>CBS radio news this morning: 80,000 commuters traveling the central
 >>f'way in SF will have information mailed to them regarding the quake retrofit
 >>How?  Their license plates have been photographed.
 
 >You *are* making this up, right? Please say you did.

 In> It's possible today, and probably affordable.  If not, it will be in
 In> 1-2 years, as Moore's law cranks down processing costs and video
 In> technology improves. For this application, they don't have to
 In> photograph every car, or read every plate successfully, or do it in
 In> real time.  The objective is to get lots of drivers to take other
 In> routes or mass transit so they don't have to dump all the traffic onto
 In> surface streets right around the construction. 

 Wasn't there something about these cameras in the latest 2600?
 (BTW, there was also alot of information on encryption in the
 issue, too.)


 P.J.
 pjn at nworks.com


... TagX Pro of Borg - "Your tagline will be assimilated."

___ Blue Wave/QWK v2.20 [NR]







From an366601 at anon.penet.fi  Sat Aug 10 05:26:12 1996
From: an366601 at anon.penet.fi (** CRAM **)
Date: Sat, 10 Aug 1996 20:26:12 +0800
Subject: editorial: information havenots already have not
Message-ID: <9608101016.AA24621@anon.penet.fi>



--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From liberty at gate.net  Sat Aug 10 05:48:43 1996
From: liberty at gate.net (Jim Ray)
Date: Sat, 10 Aug 1996 20:48:43 +0800
Subject: Nyms I'd vote for
Message-ID: <199608100948.FAA123578@osceola.gate.net>


-----BEGIN PGP SIGNED MESSAGE-----

Rich Graves <rich at c2.org> wrote:

>On Fri, 9 Aug 1996, John F. Fricker wrote:
>
>> #3) The goal is the anonymous citizen. The first step it to secure
>> #the data
>> currently exposed. Can this be done _without_ legislation?
>
>I disagree with this goal. The anonymous consumer/worker, yes; the
>public has no business knowing what I as an economic actor buy, read,
>and think. If I choose to participate fully in the political system,
>though, in ways that go beyond votes and petty contributions to
>others' campaigns, the public has an interest in my identity and
>biases. Anonymous voices can and should be heard, and they can and
>should be influential at times, but they don't get to run for office.

[Rant -- you touched a sore spot here, Rich.]
And I disagree with Rich, at least in regard to the present system. 

My "representative," is Ileanna Ros Lehtinen (R.). No Democrats have
chosen to run against her, and the Demopublican's beloved ballot laws
prevent me from running and actually getting on the ballot. I would
GLADLY vote for either Lucky Green or Black Unicorn if these nyms were
running against this statist woman, but I am not given that (or any
other) choice by the state. She has already "won" the "election," and
thus will NOT APPEAR on the ballot. The state of Florida assumes that
I would rather not vote for None Of The Above [NOTA], and my state is,
once again, wrong. The Florida Supreme Court is carefully ignoring the
Constitution(s) they all swore to uphold in these cases, and I am
trying to use any medium I can to trumpet this fact, so that solutions
like Mr. Bell's (yes, Jim, I know you have one for this, too) don't
start sounding better and better.  <sigh> :(
[End Rant]

P.S. Lucky & Uni: don't worry, I plan to [try to] write in "Jim Ray." 
JMR

Regards, Jim Ray -- DNRC Minister of Encryption Advocacy

"Ray's corrolary to Murphy's Law: 'You will be spared NOTHING.'" -- 
P. C. Ray (my dad)

 Defeat the Duopoly! Vote "NOTA," not Slick/Dull in November.
 Harry Browne for President. Jo Jorgensen for Vice-president.
 http://www.HarryBrowne96.org/
___________________________________________________________________
PGP id.E9BD6D35 51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8
<mailto:liberty at gate.net> http://www.shopmiami.com/prs/jimray Coming
soon, the "Pennies For Perot" page. Keep billionaires off welfare!
___________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMgxaBW1lp8bpvW01AQGRIQP+OZebKXfGgsKTdzIzld1vomnVqnB4nQ3L
C0iDcTPqsEuEN/39nb+BinccCvjM3vvdxTVOYhs9QS1Gdf4TwkUE8+k3oWc1X7hy
AtLcemGGQ+pwyMwfqd6gAboLM9oeg/QeRtaa+MXSdrl8WU/KCTWxeIQTH1/LPKLq
9KiTlgHH+2U=
=tBZy
-----END PGP SIGNATURE-----





From shamrock at netcom.com  Sat Aug 10 07:04:56 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sat, 10 Aug 1996 22:04:56 +0800
Subject: Fw: SafE Mail Corporation
Message-ID: <v02120d07ae322ddf2940@[192.0.2.1]>


At 23:58 8/9/96, Bryan Reece wrote:

>Afraid so.  But they do challenge hackers to break it (the old `here's
>some ciphertext, doesn't this look secure?' thing).  They also offer a
>`free demo version', but due to federal law they can't make it
>available over the net so they do this:

We showed their software to be worthless a few months ago. I am surprised
they are still selling it. They are opening themselves up for some very
nasty litigation.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From jya at pipeline.com  Sat Aug 10 07:14:04 1996
From: jya at pipeline.com (John Young)
Date: Sat, 10 Aug 1996 22:14:04 +0800
Subject: RLR_lsl
Message-ID: <199608101223.MAA26370@pipe2.t2.usa.pipeline.com>


   8-10-96, NYP: 
 
   Peter Steinfels, religion columnist, compares the 
   "religious right" with the "life-style left," and examines 
   how the perjoratives are employed to oversimplify and 
   stigmatize -- an example of the pitfall A. Mehta has 
   critiqued on Cypherpunks: "binary thinking." 
 
      The real opposite number to the religious right is the 
      life-style left, which includes people who are religious 
      and people who are not. It includes some welfare-state 
      liberals and some anti-government libertarians. 
 
      What unites the life-style left is the belief that In 
      regard to the widest possible range of basic choices 
      about how to live, the state should refrain from 
      exerting its influence. The more basic the question, the 
      less the role of the state. 
 
   ----- 
 
   http://jya.com/rlrlsl.txt  (7 kb) 
 
   RLR_lsl 
 
 
 
 
 





From shamrock at netcom.com  Sat Aug 10 07:15:06 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sat, 10 Aug 1996 22:15:06 +0800
Subject: Drive the SF Central Freeway, have your license plate	  photo'ed.
Message-ID: <v02120d06ae322b2d8736@[192.0.2.1]>


At 11:56 8/9/96, Bill Stewart wrote:
>At 10:45 PM 8/8/96 -0700, Lucky wrote:
>>At 21:55 8/8/96, i am not a number! wrote:
>>>CBS radio news this morning: 80,000 commuters traveling the central
>>>f'way in SF will have information mailed to them regarding the quake retrofit
>>>How?  Their license plates have been photographed.
>
>>You *are* making this up, right? Please say you did.
>
>It's possible today, and probably affordable.  If not, it will be in 1-2 years,

I know that there are video cameras on the freeway. I also know that
reading license plate must be trivial, since I saw such systems abroad
years ago. In fact, in Europe, where cameras are ubiquitous in inner
cities, face recognition is the latest fad.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From se7en at dis.org  Sat Aug 10 07:18:19 1996
From: se7en at dis.org (se7en)
Date: Sat, 10 Aug 1996 22:18:19 +0800
Subject: Email Bombing
Message-ID: <Pine.BSI.3.91.960810044131.29282A-100000@kizmiaz.dis.org>



Two messages were sent from my account to dc-stuff having me taking 
credit for email bombs against certain people, namely: Jeff Slaton, 
Captain Crunch and the Cyberangels.

I first became aware of these emails after receiving a message from 
Emmanuel Goldstein asking about who was doing this, as his email box was 
being slaughtered at that very moment.

I *DID NOT* email bomb anyone. This is going to be hard to believe since 
those mentioned as targets of annihilation were people I have fucked with 
in the past very openly on dc-stuff. This combined with the current 
"blame everything on se7en" attitude makes it very hard for anyone to 
take this professed innocence seriously.

I called my SysAdmin this morning at 4:00 AM PST and he ran through the 
logs of my account. The emails did in fact come from my account, but, the 
logs show unusual activity which can't be accounted for by either side. 
Fortunately, the logs show that the actual bombing was not done from my 
account.

I was on IRC for several hours talking to trusted friends while this all 
happened. Whoever penetrated my account knew what the hell they were 
doing in respects to log modification. A re-install is in process as well 
as a tightening of overall site security, especially my account.

I am not really upset other than my email account was used to take credit 
for something I didn't do. My account could have been used for more 
nefarious purposes; it wasn't. Veterans of dc-stuff know I am not afraid 
to take credit for the things I do. I did not do this. But I will also 
not lose any sleep over the Spam King being hit. Captain Crunch: well, 
after all is said and done, he is harmless. Same with the CyberAngels: 
they can talk the talk, but can't walk the walk. I have proved that many 
times. In the end, they are harmless also. Hitting them wouldn't 
accomplish anything tangible.

At this time, the initial mail headers show the attack was launched via 
sun.dmci.com from either a netcom.com or an io.* domain. No doubt the 
account used to launch the attack was hacked. The identity of the bomber 
may never be known. All I know is that it wasn't me. Take it for what's 
it worth. Time will vindicate me, as time always does. I just hope it's 
sooner than later. Hold your judgement of me until such time.

And while dis.org has been recently compromised, I wouldn't be so quick 
to blame this on the same people. I have had intermediary contact with 
Galf sufficient for me to believe he made his point and has moved on, 
having not been responsible for this latest wave of email impersonation. 
Recent logs have shown that a kind of "open season" has been declared 
upon dis.org by every newbie out there that has heard of recent events. I 
say newbie because none of the recent attempts to gain access have proved 
successful.

I used to laugh about email bombing. But when it happens and you are 
caught up in it, it is not funny. If any of you out there think it is, 
wait until you find tens of thousands of messages in your inbox and an 
incoming rate of 750 per minute, every minute. Scripts will not save you.

se7en





From rah at shipwright.com  Sat Aug 10 08:23:33 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Sat, 10 Aug 1996 23:23:33 +0800
Subject: cryptography course at WPI
Message-ID: <v03007802ae322a849e00@[206.119.69.46]>



--- begin forwarded text


Date: Fri, 9 Aug 1996 19:19:10 -0400 (EDT)
From: Christof Paar <christof at ece.wpi.edu>
To: dcsb at ai.mit.edu
Subject: cryptography course at WPI
Mime-Version: 1.0
Sender: bounce-dcsb at ai.mit.edu
Precedence: bulk
Reply-To: Christof Paar <christof at ece.wpi.edu>
Status: U

(I hope this mail is appropriate for this mailing list :)

This announcment is probably mainly of interest to people in the greater
Boston area.  I will offer a graduate course in crypto and data security in
the fall at Worcester Polytechnic Institute.  The focus group are on-campus
students as well as people in industry.  Last year, I taught exactly the same
course in industry and it was a big success.  I am sure that it serves
industry needs very well.

I will be gone for one week but promise to answer all questions about the
course immediately when I return.

Regards,

Christof Paar



PS: There will be an advanced crypto course in the spring.


________________________________________________
Christof Paar
Assistant Professor
ECE Department
Worcester Polytechnic Institute
100 Institute Road
Worcester, MA 01609
email: christof at ece.wpi.edu
www:   http://ee.wpi.edu/People/faculty/cxp.html
tel:   (508) 831 5061
fax:   (508) 831 5491



============================================================================

                               WPI

           EE 578/CS 578: CRYPTOGRAPHY AND DATA SECURITY

                     Fall '96, Monday, 5:30-8:15 pm


                           INTRODUCTION

It is well known that we are in the midst of a shift towards an information
society. The upcoming generation of digital information systems will provide
services such as:

  -  wireless LAN and WAN computer networks

  -  multi-media services (e.g., high quality video-on-demand)

  -  smart cards (e.g., for network identification of electronic purse)

  -  electronic banking/digital commerce

These and other new information-based applications will have far reaching
consequences. As this happens, security aspects of communication systems are
of growing commercial and public interest. Unfortunately, these aspects have
been widely underestimated or ignored in the past. Today, however, there is
high demand for expertise and high quality products in the field of
information security and cryptography.

WPI's graduate course EE 578/CS 578 provides a solid and broad foundation in
the area of cryptography and data security. After taking the course students
should have an overview of state-of-the-art cryptography. In industry, they
should be able to carefully choose and design a security scheme for a given
application. The course also serves as an introduction for students who are
interested in pursuing research in cryptography. There are several
opportunities for Master's and PhD theses in the field of cryptography.



                     COURSE DESCRIPTION

This course gives a comprehensive introduction into the field of
cryptography and data security. We begin with the introduction of the
concepts of data security. Different attacks on cryptographic systems are
classified. Some pseudo-random generators are introduced. The concepts of
public and private key cryptography is developed. As important
representatives for secret key schemes, DES, IDEA, and other private key
algorithms are described. The public key schemes RSA, ElGamal, and elliptic
curve crypto systems are developed. As important tools for authentication
and integrity, digital signatures and hash functions are introduced.
Advanced protocols for key distribution in networks are developed.
Identification schemes are treated as advanced topics.  Some mathematical
algorithms for attacking cryptographic schemes are discussed. Application
examples will include a protocol for security in a LAN and identification
with smart cards. Special consideration will be given to schemes which are
relevant for network environments.  For all schemes, implementation aspects
and up-to-date security estimations will be discussed.



                        PREREQUISITES

Working knowledge of ``C''. An interest in discrete mathematics and
algorithms is highly desirable.


                           TEXTBOOK

D.R. Stinson, Cryptography: Theory and Practice. CRC Press, 1995



                     SYLLABUS EE 578/CS 578

An important part of the course is an independent project. The project topic
can freely be chosen by the student. Possible topics include (but are not
limited to) implementation of a real-size cryptographic algorithm or
protocol, a literature study on new cryptographic schemes or on legal
aspects of cryptography, or implementation of an algorithm for attacking a
cryptographic scheme.


WEEK 1:
Introduction: Principals of cryptography. Classical algorithms.
Attacks on cryptographic systems.

WEEK 2:
Stream ciphers and pseudo-random generators. Some information theoretical
results on cryptography.

WEEK 3:
Private key cryptography: The Data Encryption Standard DES. Brief history,
function and performance.

WEEK 4:
Private key cryptography: Recent results on successful attacks on DES.
Operation modes of symmetric ciphers. IDEA and other alternatives to DES.

WEEK 5:
Public key cryptography: Introduction. Some Number Theory and Algebra.

WEEK 6:
Public key cryptography: RSA. Function and security. Recent results on
successful attacks on RSA.

WEEK 7:
Midterm exam.

WEEK 8:
Public key cryptography: The discrete logarithm problem. ElGamal crypto
system. Function and security. Security estimations.

WEEK 9:
Public key cryptography: Elliptic curve systems. Mathematical background,
function and security.

WEEK 10:
Digital Signatures: The ElGamal signature scheme. Message Authentication
Codes (MAC).

WEEK 11:
Hash functions: Principals. Block cipher based hash functions.
Protocols: Attacks against protocols, protocols for privacy,
authentication, and integrity.

WEEK 12:
Key distribution in networks: Private key approaches, certificates, and
authenticated key agreement.

WEEK 13:
Identification schemes: Challenge-and-response protocols. The Schnorr
identification scheme for smart cards.

WEEK 14:
Final exam.



******************************************************************************
Christof Paar                        http://ee.wpi.edu/People/faculty/cxp.html
Assistant Professor                  email:  christof at ece.wpi.edu
ECE Department                       phone:  (508) 831 5061
Worcester Polytechnic Institute      fax:    (508) 831 5491
100 Institute Road
Worcester, MA 01609, USA
******************************************************************************




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To unsubscribe from this list, send a letter to: Majordomo at ai.mit.edu
In the body of the message, write:  unsubscribe dcsb
Or, to subscribe,           write:  subscribe dcsb
If you have questions, write to me at Owner-DCSB at ai.mit.edu

--- end forwarded text



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From Scottauge at aol.com  Sat Aug 10 08:42:59 1996
From: Scottauge at aol.com (Scottauge at aol.com)
Date: Sat, 10 Aug 1996 23:42:59 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <960810081520_381433332@emout13.mail.aol.com>


I was watched CBS reports a couple nights ago about how all these blue collar
and now white collar jobs are going across seas.

How programmers in India are taking jobs away from us, programmers and
engineerss, the people pioneering them.  (Actually I know some Indian based
programmers and they are worked very hard, even being locked in a building
until they meet some deadline.  This is not conducive to quality work, just
enough to get ya back home to family.)

(Hmmm, the Pioneer Crypto-System, I think I like that name and it has a
specific purpose....)

So I was thinking, boy am I glad I am in a rather esoteric part of software
development where there is not much knowledge and how we, in this particular
field, have an unwritten rule about sharing knowledge with others - even
those trying to get a foot into the door.  (I'm a contractor and there is a
supply and demand thing going on - I like low supply and high demand for my
particular skill sets.)

White collar jobs are basically knowledge worker jobs, and if one does not
know how to do something, one cannot do it.

So a possible way to protect jobs is to protect the knowledge on how to do
them.  

>From who could be an interesting question.  Obviously some companies would be
interested in sharing the knowledge amongst the non-US tax paying population
of the world, thereby reducing income and taxes collected and thus needing to
raise taxes once again to pay for "rights" and entitlements the government
"gives" away to the citizens and non-citizens of this country.... but, I am
beginning to rant and rave.

Perhaps there is a larger picture in the world that the cyperpunks mailing
list is missing.  That cryptography is not just for personal privacy, but
could involve job security also - as a matter of fact, the income base for
this whole country.

In essence, knowledge is money, cuz that is what we usually want for it
now-a-days.  "Oh you want me to do that for you, hmmmm, lets see...."

Maybe a discussion could happen on protection of knowledge in a
socio-economic realm.





From peter.allan at aeat.co.uk  Sat Aug 10 09:19:19 1996
From: peter.allan at aeat.co.uk (Peter M Allan)
Date: Sun, 11 Aug 1996 00:19:19 +0800
Subject: secret sharing protocol: FLUFFED
Message-ID: <9608101310.AA24007@clare.risley.aeat.co.uk>



OK, before you rush to tell me...

Generating random shares doesn't work.

Different selections of 10 out of 15 shareholders
will arrive at different secrets.

I've got a fix in mind, and I'll chew it over for at least
a week before it reaches a keyboard.


 Peter Allan  peter.allan at aeat.co.uk





From aba at atlas.ex.ac.uk  Sat Aug 10 09:24:03 1996
From: aba at atlas.ex.ac.uk (aba at atlas.ex.ac.uk)
Date: Sun, 11 Aug 1996 00:24:03 +0800
Subject: cpunks CDROM suggestions anyone?
Message-ID: <24700.9608101234@exe.dcs.exeter.ac.uk>



I'm downloading things to put on the CDROM that Remo Pini
<rp at rpini.com> is organising.  (I'm doing the downloading because I
have better net connect than Remo, I'll simply forward my downloads on
a gold CD; it's Remo's CD, he will add things, structure, re-organise,
junk sections etc).

If there is anything that anyone thinks is a must have please let me
know, or email it to me.  (PGP keys on keyserver, either encrypt to me
(0x556A4A67) or Remo Pini (0x33F9B4E9), if it's encrypted to Remo, I'll
just forward it on the CD for Remo's consideration).

Please check that it is not already on the ftp site below.

So far I am part way through a complete dump of (including all the
mirrors):

	ftp://idea.sec.dsi.unimi.it/pub/crypt

here's the top level directory:

drwxr-xr-x   3 root     root        1024 Jan 30  1996 LUC
drwxr-xr-x   2 510      root        3072 Aug 10 09:31 PGP
-rwxr-xr-x   1 root     root        1579 Sep  2  1994 README
drwxr-xr-x   2 root     root         512 Jan 30  1996 SKIP
drwxr-xr-x   2 root     root        3072 Jan 30  1996 applied-crypto
drwxr-xr-x   3 root     root        2048 Feb  2  1996 bignum
drwxr-xr-x   2 root     root       10752 Jul 12 09:13 code
drwxr-xr-x  27 root     root        1024 Jun 19 23:01 cypherpunks
drwxr-xr-x   2 root     root        4096 Jan 30  1996 docs
drwxr-xr-x   6 root     root        1536 Jul 29 23:02 ftp.demon-PGP
drwxr-xr-x  13 root     root         512 Aug  7 23:15 ftp.funet.fi-crypto
drwxr-xr-x   2 root     root         512 Aug  6 23:10 ftp.informatik-PGP
drwxr-xr-x   2 root     root         512 Apr 18 23:02 ftp.informatik-disk#
drwxr-xr-x   2 root     root         512 Jan 30  1996 ftp.mantis-cryptography
drwxr-xr-x   8 root     root         512 Jun  4 23:28 ftp.ox.ac.uk
drwxr-xr-x   5 root     root         512 Aug  1 08:28 ftp.pgp.net
drwxr-xr-x   7 root     root         512 Jun  5 23:47 ftp.psy-Crypto
drwxr-xr-x   2 root     staff        512 Apr  1 09:21 kerberos
drwxr-xr-x   2 root     root         512 Jan 30  1996 libdes
drwxr-xr-x   2 root     root         512 Mar 23 15:37 math
drwxr-xr-x   9 root     root         512 Jan 30  1996 rpub.cl.msu.edu
drwxr-xr-x  15 root     root        1024 Jan 30  1996 rsa.com

(Amazing collection they have btw, the cypherpunks mirror seems to be
very up-to-date, some files just three days old... what is this,
automated ITAR violation?)

118Mb and counting... 

I'll be doing this today (and tomorrow if it takes that long), and
hopefully blowing a gold CD monday.  (Before anyone notices I've
clobbered 600Mb of disk space, hopefully).

Adam

Key for user ID: Adam Back <aba at dcs.ex.ac.uk>
1024-bit key, Key ID 556A4A67, created 1993/06/08

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2i

mQCNAiwUXUEAAAEEAJnWEHE3juLAyMnEt3hrID3t8tblJvJPfoPz4Plg+2a5y4HA
TonXBomkhm8hrRu1umruUUaeW1mxIbpvP413a2JyU7pdyfyoFVpWW5iT9pXYOgSW
65d+5GWe4g4PLrSbJZPBFIezd8xddnx5+5hbRk1K6UpfReQuOynIuJ1VakpnAAUT
tBxBZGFtIEJhY2sgPGFiYUBkY3MuZXguYWMudWs+iQCVAgUQMC4WlX47g+7S34A9
AQGJ3wP9Fwcooqg1/3MYFrfbMoqGydE60ypaCXBIM8Zypqhx+64ap8FhkANqW1jx
ltQMC7ZHhPiWMpNtWEGWcWFnqytyVIvGv8nuBGmiUrPJnMPWAsHTwl2tJ5WpYdPf
xQRLfN5eWrjW8Ps5fQHKziBrE0HAK9FcuZ51fSBH4ulmd/2kO9+JARUDBRAv4EaG
sVcwSRahJGUBARF3CACOs/Z1IpyKJqLswf979RbvfpCzi4r2vuzKdfFE+NBV7x0m
m13v3Eldf/5Z5WByZ36SQjxUhIxqMdaVQafaS5oiQZrmy31K6IyAJxQwdPNZ+pAd
AeASm9q1IjYIb0+As6QWdePYP9jRrHESHkDgmJANnAcU+OL9pbrqjdwIYPW1rvpI
58VCiCvQ2v/A9Lq+R4opwQ3rz4lX9/7qDnWfBe2pcaorQXAuXLSGEba/H4HUKvIr
OnW3jcQzK2lebxKRDduwFOMTnrcpnRVLn21NSukYsOU1WZ4valwIFGUt88hcO8Ki
f0liCzFqfvfbLPdtW/hqS/v5ukuI+y017xb3H8vWiQCVAwUQL9gNKSnIuJ1Vakpn
AQHH6AP/T7dwXid03U7UM2/QzU+y6F4kHrGBuvJcyJewWbEb16ItkMngjzXP47kx
gZygR4MWXsyQlvE2inSYzRJ3L+6ftaPvX8JsvVCll7JIejfmNGZYSWw9E/vPi/ls
aa+pN3WqPxnzpwr8PL6b8w1fZZ47antgdZlOXgGO+hRbWV7zPcc=
=iFuA
-----END PGP PUBLIC KEY BLOCK-----

Key for user ID: Remo Pini <rp at rpini.com>
2048-bit key, Key ID 33F9B4E9, created 1996/07/14

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQENAzHpRlsAAAEIANgw4sEL9idlZxO8UBYPluxSXI5tkDSpGAc5EfxeGsrnesEs
hnfhT7uQfr2M7mdY3BIvOVGj672m+1c0Bv4jO6E56uUaElS5uaf/rpd0lRdKNwnv
zokSprnUEOnXy8ZgtOqws97/I4J7gkvjhu9QJGj2CnHduQ4De1Q63kwVHuySJWvX
ecPBpV8XYrYkXumPJ6L/aBnnc/mT0ZVtKszoh/IHTq3dub/cWzShLBasmcIsIjDe
ZjAoxjGkN5t1fSpuUWIkzv0rIOdBNZaEYmVnhj6Q8BkrEep+3KsycJsJi3dr0Pk8
n/lPu8fD9VnpO2uMRFQVBx4vYCMkEWHLmzP5tOkABRG0GFJlbW8gUGluaSA8cnBA
cnBpbmkuY29tPokBFQMFEDHpRlsRYcubM/m06QEBgwcIAI24HElAY2JED5PJ78ct
R46RNWjMGQ5phP6ugE/xZzeW5zscHZChu1r8cdf+usl/qrTDPazYhcIfgiNwovdl
ofvt/X5vDvlFMFqvlXB6O8x09eGWXjfS/5Wo9O4wPSEPv66CGHQ0q8pZsxtboyNH
+eeYxqhSA03MDg5iWx5kakT2ShRv21oCwEZBTN8XOO4hRnfamIvOt5F8v3ypJZli
w7xM398Dl0fATmNSVFiJp+l/c/+uNFLlyBU9Dp/m1w2nXXVmbVtTSJN0p4cZZ4WB
1FsNhH8yj+JURr2OtqKeZLDQz88bIiw/nawJB8mvNAr6bml5GxgCi91f9l6xYeb5
ryQ=
=UhcC
-----END PGP PUBLIC KEY BLOCK-----






From gary at systemics.com  Sat Aug 10 10:16:48 1996
From: gary at systemics.com (Gary Howland)
Date: Sun, 11 Aug 1996 01:16:48 +0800
Subject: Police prepare stunning end for high-speed car chases
Message-ID: <199608101504.RAA03459@internal-mail.systemics.com>


Police prepare stunning end for high-speed car chases 

                                    BY GILES WHITTELL 
                                    AND NIGEL HAWKES 

         IT COULD be the end of the car chase as we know it. With the automotive equivalent of
         a stun gun, science fiction is coming to the aid of law enforcement. 

         A high-powered electrical device under development at the Pentagon's Army Research
         Laboratory in Adelphi, Maryland, is to be tested by police and border patrol agents and
         could be in use by next year. 

         The car stopper works by focusing an intense electromagnetic charge on the electronic
         systems that manage most modern engines, disabling them and paralysing the car. In
         the jargon of its inventors, the 150 kilovolt charge is a nemp, or non-nuclear
         electromagnetic pulse. Contractors are bidding to produce a police version. 

         Very precisely directed beams are required, but even then there will be problems. A
         pulse powerful enough to disable an engine at any reasonable range would also be likely
         to disrupt communications, damage television and radio sets, disable computers and
         even stop heart pacemakers. There is also the danger of loss of control when a car is
         being driven at high speed. 

         Counter-measures would include using old-fashioned engines with no electronics, or
         perhaps surrounding the most delicate components with shielding. The best might be to
         get hold of one of the stun guns and use it to disable pursuing police vehicles. 


Original article at http://www.the-times.co.uk/news/pages/Times/timnwsnws01022.html?1060389

Three questions come to mind:

	Will old fashioned engines be outlawed?
	Will the "stun guns" be outlawed?
	Will susceptible electronic systems become mandatory?
	(and if so, why not just put a remote control switch in all cars?)


Gary





From adam at homeport.org  Sat Aug 10 10:56:17 1996
From: adam at homeport.org (Adam Shostack)
Date: Sun, 11 Aug 1996 01:56:17 +0800
Subject: SecurID
In-Reply-To: <9608091601.AA02324@sherry.ny.ubs.com>
Message-ID: <199608101711.MAA25776@homeport.org>


Paul J. Bell wrote:

| someone at my firm is about to press the securid system down our collective
| throats. please point me to the recent thread on this subject, and/or point
| me to some url's or the like, or to someone who has some firsthand knowledge
| of the pitfalls and/or vulnerbilities of secirid.

	www.l0pht.com/~mudge/skey_white_paper.html has many attacks
which will work on securid as well as s/key.

	The software is slow.  The Ace/Server calculates expected
values of information by running stuff through des & f2.  This is
slow.  It also encrypts the logs, which can be slow.  I've found that
a sparc 2 can die under the load of 2 people running sdlogmon, one
running sdadmin, and 2 or 3 people trying to authenticate.  (This
seems to be bad design, since the Sparc2 has hardware des in it, which
they don't take advantage of.

	The software is not the most bug free.  I'll flame at length
about the fact that you can't get source to fix the bugs yourselves.
I looked into hacking in a new des library (shared libraries are great
sometimes) to fix the slowness problem, but without source it turned
out to be more effort than buying a faster machine.

	You're stuck with their hardware.  With some other systems,
that use open standards, and you might be able to switch card vendors.
With SD, you must buy new cards from them every three years.  (SD
claims that their cards have a much higher failure rate after three
years, and that this is a feature.)

	You're stuck with their software.  SD libraries must be on every
machine that they authenticate for.  You can't bugfix those libraries,
even if you replace things like sdshell (an analouge of skeysh).
(sdshell, incidentally, munges wtmp on solaris machines because it
doesn't use the right library calls.)  This also means that you can't
run on unusual machines, like a BeBox.

	There are of course more fundamental things, like the fixed
length authentication code, the lack of peer review on the hash
algorithims, and the lack of ongoing authentication.  Also, I have a
few cryptographic attacks on the system which I hope to present at
Crypto's rump session, and I'll put on the web afterwards.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From adam at homeport.org  Sat Aug 10 11:18:23 1996
From: adam at homeport.org (Adam Shostack)
Date: Sun, 11 Aug 1996 02:18:23 +0800
Subject: F2 hash?
In-Reply-To: <v02130503ae313d72ccb8@[206.243.160.206]>
Message-ID: <199608101729.MAA25805@homeport.org>


Vin McLellan wrote:

|         John and I took Mudge out for dinner right after that speech. He
| told us then that he had inadvertently misspoken when he blamed his
| temporary silence on SDTI's lawyers. The real problem, he said, was with
| bullying lawyers from two corporate clients he is now under contract to in
| his day job.

|         Mudge is deeply involved in analyzing the ACE client/server code
| for weakness; he too is also very interested in the F2 algorithm -- which
| he felt involves too much knowable information as input to the hash -- and,
| of course (like Shimomura, the self-styled Threat of the West,) Mudge is
| stolidly pounding away at the SecurID itself to retrieve and cryptoanalyze
| the algorithm that hashes Current Time and the token's secret key to
| generate a SecurID token-code.

|         All the recent effort to bust the decade-old SecurID algorithm and
| the ACE network protocol seem a little anachronistic, of course.  I suppose
| it's kind of a grand salute to an old security warhorse (and SecurIDs are
| still the first line of defense in most Fortune 500 companies.)  There has
| been no formal announcement, but -- as J=FCri suggested -- I think most of
| the ACE/SecurID user community expects that both the network protocol and
| the token's internal algorithm will be upgraded sometime in the very near
| future.  (On a timeline SDTI established several years ago.)  And any new
| ACE protocol will inevitably establish a stateful session for the
| authentication exchange -- which will make the current generation of race
| attacks historical novelties.

	I'm not sure I buy this claim.  The problem of syncronising
multiple geographically seperate servers is tough.  Its actually
easier with challenge-response tokens, since you can simply have
servers issue different challenges when they lose contact.  (Mudge has
a clever similar hack for the current version of securids.)

|         SDTI Engineering (and most likely RSA Labs) have probably been
| banging away at the new design for a long time.  RSA was deeply involved
| with SDTI long before their recent merger;  RSA helped develop the F2 hash
| that is used in the ACE client/server security protocol.  (It's this F2
| hash that "Anonymous" is begging some Cypherpunk to steal,
| reverse-engineer, and publish for everyone to play with.  Bad, bad,
| commercial crypto!  Wouldn't want anyone to make money off strong
| cryptography, would we??)

	No, I (possibly unlike anonymous) want lots of people to make
shitloads of money of strong crypto.  I intend to do so.  But strong
crypto is published crypto, not trade secrets.  SDTI should be in the
business of selling the best code and most sturdy cards to work with
their protocols, which should be publically open to review.  I can't
confirm my attacks without knowing F2*, and without knowing if the
attacks work, I'm reluctant to publish.  So, I think I'll publish
based on what SDTI has published, which may or may not be correct.  (I
have told Mark Warner and Chris McNeil (?) of SDTI about the attacks,
and will discuss their responses.

	*I'm not the one who asked for F2 to be published.  I have
told many people about my attacks, and its concievable that someone
else found the same things.


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From tcmay at got.net  Sat Aug 10 11:19:05 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 11 Aug 1996 02:19:05 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <ae32022e03021004e1bc@[205.199.118.202]>


At 12:15 PM 8/10/96, Scottauge at aol.com wrote:
>I was watched CBS reports a couple nights ago about how all these blue collar
>and now white collar jobs are going across seas.
>
>How programmers in India are taking jobs away from us, programmers and
>engineerss, the people pioneering them.  (Actually I know some Indian based
>programmers and they are worked very hard, even being locked in a building
>until they meet some deadline.  This is not conducive to quality work, just
>enough to get ya back home to family.)

Where do I begin? First, what does "taking jobs away from us" mean? That we
own these jobs? And who is "us"?

And as for locking people in buildings until they meet a goal, I'd say
that's a pretty fair description of Silicon Valley start-ups. :-}


>White collar jobs are basically knowledge worker jobs, and if one does not
>know how to do something, one cannot do it.
>
>So a possible way to protect jobs is to protect the knowledge on how to do
>them.

This kind of protection did not work 150-200 years ago, when the
"Colonists" figured out to make fabric in mills and how to mechanize
factories--they ended up "stealing" the industry the Brits thought they had
sewn up. Life goes on.

Essentially all of the technologies we talk about on this list work toward
erasing national boundaries, much as Singapore and the U.S. might find this
distasteful.

>>From who could be an interesting question.  Obviously some companies would be
>interested in sharing the knowledge amongst the non-US tax paying population
>of the world, thereby reducing income and taxes collected and thus needing to
>raise taxes once again to pay for "rights" and entitlements the government
>"gives" away to the citizens and non-citizens of this country.... but, I am
>beginning to rant and rave.

Indeed you are. I would be interested in hearing a more coherent argument
for your case, though.

>Perhaps there is a larger picture in the world that the cyperpunks mailing
>list is missing.  That cryptography is not just for personal privacy, but
>could involve job security also - as a matter of fact, the income base for
>this whole country.

Given that our list is international, with active contributors from Sweden,
India, Germany, Cyberia, and even Singapore, I rather doubt many of them
see strong crytography, anonymous remailers, denationalized money, and
crypto anarchy as a means of propping up the government or the economy of
the United States of America.

>In essence, knowledge is money, cuz that is what we usually want for it
>now-a-days.  "Oh you want me to do that for you, hmmmm, lets see...."
>
>Maybe a discussion could happen on protection of knowledge in a
>socio-economic realm.

?????

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From janke at unixg.ubc.ca  Sat Aug 10 11:19:05 1996
From: janke at unixg.ubc.ca (janke at unixg.ubc.ca)
Date: Sun, 11 Aug 1996 02:19:05 +0800
Subject: The BBS PRNG
Message-ID: <199608101630.JAA00353@clouds.heaven.org>



Is the BBS PRNG covered by any patents anywhere? How about the
probabilistic encryption public-key cryptosystem?

If anyone has a BBS PRNG working on a 486 could they please send me
a the clock frequency and bytes/sec they can generate for some
common moduli: 512, 1024, and 2048, say. I am close to having
an implementation which will run at 500 bytes/sec on a 486 DX/2
with a 1024 bit modulus and am not sure if that is competitively
fast or not.





From anonymous-remailer at shell.portal.com  Sat Aug 10 11:59:46 1996
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 11 Aug 1996 02:59:46 +0800
Subject: Chemistry question please ..
Message-ID: <199608101553.IAA10751@jobe.shell.portal.com>


Is there such a chemical compound as putracine ( maybe not correctly spelled ) which emulates the extreme odor of rotting corpses ? If so where can I find out how to make it ?






From nobody at REPLAY.COM  Sat Aug 10 12:08:52 1996
From: nobody at REPLAY.COM (Anonymous)
Date: Sun, 11 Aug 1996 03:08:52 +0800
Subject: testAnguilla Censors taxBomber ..... ??
Message-ID: <199608101716.TAA05459@basement.replay.com>


As of immediately, the "taxBomber's Site & Internet Offshore Center"
has been pulled by our Anguilla provider and will remain inaccessible
for a few days.

This is the work of some journalist hacks who did a major job of
character assassination by claiming that we (and our provider)
were involved in selling fake passports.

This tactics isn't exactly new or particularly original:

The Argentine press pulled a similar stunt in April, and again our
provider was pressurized to cut us off from the Web without
notice.

Needless to say, we have NEVER EVER dealt in one single fake
passport, nor have we ever offered, sold or brokered any forged,
stolen or "lost" documents. Nor is there any need to do so, if you can
get the real thing absolutely legally.

But of course, this is a political rather than a legal issue - we
were, and still are, too successful for Big Brother's liking: on our
site, ordinary people (i.e. no govt. or intelligence agency personnel)
got loads of free information on *legally* saving taxes, protecting
their assets and reffectivel guarding their privacy. While we were
and still are a commercial operation, we always made a point of being
as educative and topically exhaustive as our resources would permit.

But now, it seems, little Anguilla is getting "worried about its
international reputation".

Well, they are right, though with a vengeance: the reputation they
have most certainly lost as of today is that being of one of the
world's last truly liberal tax and data havens ...

Now for the good news: we will set up a provisional site elsewhere
soon and will announce it here on Usenet.

Still - if anyone knows of an operational site provider *outside* US
and EU jurisdiction, please drop us a line.  Your support would be
greatly appreciated and full credits given, if you so wish.
We will probably either set up a worldwide network of fallback and
mirror sites or continue our work in a new, truly innovative way to
effectively counter any censorship and dependency on site providers.

Until then, you can (still) email us at:

pt at taxbomber.com

or post your request (users permitting) to "alt.privacy",
which we will be scanning regularly.

Sorry for the inconvenience - hope to see you again soon!

the taxBomber






From jfricker at vertexgroup.com  Sat Aug 10 12:25:14 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Sun, 11 Aug 1996 03:25:14 +0800
Subject: Chemistry question please ..
Message-ID: <2.2.32.19960810173024.00610fe8@vertexgroup.com>


At 08:53 AM 8/10/96 -0700, you wrote:
>Is there such a chemical compound as putracine ( maybe not correctly
spelled ) which emulates the extreme odor of rotting corpses ? If so where
can I find out how to make it ?
>
>

Why make putracine when you can just buy it? You would be amazed at what you
can order from chemical supply companies. But I would recommend muriatic
acid instead as it is more persistant -- a couple drops will last for months
(sources say).

--j






From jamesd at echeque.com  Sat Aug 10 12:25:15 1996
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 11 Aug 1996 03:25:15 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <199608101720.KAA04252@dns2.noc.best.net>


At 08:15 AM 8/10/96 -0400, Scottauge at aol.com wrote:
> I was watched CBS reports a couple nights ago about how all these blue collar
> and now white collar jobs are going across seas.
>
> How programmers in India are taking jobs away from us, programmers and
> engineerss, the people pioneering them.

Indian engineers typically get
one tenth or less of what European programmers get.

Many companies, for example Informix, have campuses here and
there across the USA, a campus in India, and several campuses
in Europe.  These campuses are linked by private televideo
connections, private voice mail systems, and the internet.

So theoretically a programmer in India should be much the same
to them as a programmer anywhere else.  Why should they care
where he lives.

Yet these companies continually spend vast sums of money on
politicians, lawyers, and perhaps bureaucrats, in
order to get their engineers out of India, so that they can pay
them more than ten times as much in some foreign country.

Informix has facilities in the US that are staffed mostly by 
Indians.  Why did it not leave these teams in India, where they 
would cost less than a tenth as much?

Clearly therefore, the same man is more than ten times as
valuable to them when he is not in India.

Since the communications are pretty much the same wherever he
is located, what makes the difference?

The power of the Indian government over that man and his work
makes the difference.

That man is poor because he is more subject to the power of the
state, which values him no more than any other expendable
slave, than he is contractually subject to those who value what
he can do.

Crypto relevance?

When the crypto economy gets going, and government interference
in the exchange of specialized labor becomes less effective, we 
can expect to see a radical rise in the standard of living.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jimbell at pacifier.com  Sat Aug 10 12:29:19 1996
From: jimbell at pacifier.com (jim bell)
Date: Sun, 11 Aug 1996 03:29:19 +0800
Subject: Chemistry question please ..
Message-ID: <199608101736.KAA02222@mail.pacifier.com>


At 08:53 AM 8/10/96 -0700, anonymous-remailer at shell.portal.com wrote:
>Is there such a chemical compound as putracine ( maybe not correctly spelled 
) which emulates the extreme odor of rotting corpses ?

Yes.  The proper spelling is putrescine.  There's also another one called 
"cadaverine."  And yet another called "skatole."   ("scatology")

>If so where can I find out how to make it ?

Not on cypherpunks.  If you want to know more, communicate with me directly. 
 Use a penet-like remailer if you want...


 

Jim Bell
jimbell at pacifier.com





From tn0s+ at andrew.cmu.edu  Sat Aug 10 12:33:25 1996
From: tn0s+ at andrew.cmu.edu (Timothy Lawrence Nali)
Date: Sun, 11 Aug 1996 03:33:25 +0800
Subject: Police prepare stunning end for high-speed car chases
In-Reply-To: <199608101504.RAA03459@internal-mail.systemics.com>
Message-ID: <Mm3AQMW00iWS01lKNa@andrew.cmu.edu>


Excerpts from internet.cypherpunks: 10-Aug-96 Police prepare stunning
end.. by Gary Howland at systemics.c 

[stuff about police wanting a new "stun gun" that can disable a car's
electrical systems deleted] 

> Three questions come to mind:
>  
>         Will old fashioned engines be outlawed?
>         Will the "stun guns" be outlawed?
>         Will susceptible electronic systems become mandatory?
>         (and if so, why not just put a remote control switch in all cars?)

That last one may already be true.  I don't know about automotive
electronic systems, but there's a nice sticker on the back of my
computer that states the following:

        This device complies with the FCC, part 15 rules.
        Operation is subject to the following two conditions:
        1)  This device may not cause harmful interference.
        2)  This device must accept any interference received,
            including interference that may cause undesired operation.

And as for remote controls in all cars, that's not as far fetched as one
may think.  Watch for this in the form of car alarm/security systems. 
Imagine the following scenrio:

1) You just noticed that your car is stolen.
2) You call the XXX security company to report your car as stolen.
3) The company beams down a signal by satellite/pager/cell-phone/etc. 
   telling the car's security systems that the car has been stolen.
4) This signal instructs the car to disable itself (shut down the engine, 
   lock the doors, etc.) and, via a GPS module and built-in 
   cell-phone/pager/etc., transmit it's coordinates.
5) The car is recovered and everyone is happy.

Of course, once such systems are widespread, the XXX security company
will be "encouraged" to cooperate with local police and send that
shut-down signal to any car the police tell them to.

_____________________________________________________________________________
 
 Tim Nali            \  "We are the music makers, and we are the dreamers of
 tn0s at andrew.cmu.edu  \   the dreams" -Willy Wonka and the Chocolate Factory







From tcmay at got.net  Sat Aug 10 13:28:35 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 11 Aug 1996 04:28:35 +0800
Subject: Data Havens in Anguilla About to End?
Message-ID: <ae321e2b0402100474e7@[205.199.118.202]>


At 5:16 PM 8/10/96, Anonymous wrote:
>As of immediately, the "taxBomber's Site & Internet Offshore Center"
>has been pulled by our Anguilla provider and will remain inaccessible
>for a few days.
>
>This is the work of some journalist hacks who did a major job of
>character assassination by claiming that we (and our provider)
>were involved in selling fake passports.

"Pulled by our Anguilla provider."

This says it all about the probable viability of nominally offshore providers.

(I assume this is Vince Cates' site, though I haven't doublechecked...he's
the only Anguilla provider of similar sites I know of. I certainly mean no
criticism of Vince, if it was indeed his site. My comments are analogous to
what we might say about a particular remailer site going down, even if we
don't criticize the site operator for removing his remailer.)


>But now, it seems, little Anguilla is getting "worried about its
>international reputation".
>
>Well, they are right, though with a vengeance: the reputation they
>have most certainly lost as of today is that being of one of the
>world's last truly liberal tax and data havens ...

I'm not an expert on offshort tax and data havens, but *any* country can be
pressured by larger countries, and even by the glare of publicity. If a
country derives very little revenue from "permitting" some service, and the
costs (they believe) are much greater than the revenues, they will likely
act. Thus, the negatives of allowing offshore data havens in Anguilla may
easily exceed the few thousand dollars (or whatever) they get in taxes and
fees (whatever they might be) from Vince and his customers.

Longterm, I've never believed there is much safety in locating in *any*
physical country. (By this I mean advertising and making it clear that one
is in Country X, said to be "friendly" to tax avoiders, data havens, money
laundering, etc. Policies can and do change overnight. Corrupt governments
are, well, corrupt, and will change tunes if another piper pays them
enough.)

The case in Switzerland, with banking, is quite a bit different, with huge
deposits and huge fees from their financial services. Even so, Switzerland
has continually yielded more ground to tax collectors and various pressure
groups from large nations.

I'd guess that Vince has had a fun time in the Carribbean, but that he'll
be closing up shop sometime soon. Once some services are yanked, confidence
is lost.

The interesting question will be whether the U.S. authorities and
especially the Internal Revenue Service will put pressure on him if he
chooses to return to the U.S.

(Assuming this was Vince's service that is. But even if it wasn't, pressure
on another service means pressure on all Aguillan services.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From zachb at netcom.com  Sat Aug 10 14:03:11 1996
From: zachb at netcom.com (Zach Babayco)
Date: Sun, 11 Aug 1996 05:03:11 +0800
Subject: Cybergangs?
In-Reply-To: <01I81T5ESZKS9JD3MN@mbcl.rutgers.edu>
Message-ID: <Pine.3.89.9608101116.A7553-0100000@netcom10>



On Thu, 8 Aug 1996, E. ALLEN SMITH wrote:

> 
> >CYBERGANGS
> >The head of the gang task force for the Arizona Department of Public Safety
> >reports that a Web site established in Detroit offers a how-to guide for
> >gangster wannabes and is urging gang members everywhere to unite under its
> >umbrella to form the first cyberspace gang.  The official says:  "Now it's
> >in your home, your living room, your den... Unfortunately, these guys can
> >talk about anything they want and there's nothing law enforcement can do
> >about it."  (Atlanta Journal-Constitution 8 Aug 96 F3)
> 
> 	Umm... yes, it's called free speech. While organizational ability
> might be a matter for concern, somehow I doubt that having them on the net
> will do any real damage... being on a computer that mine is connected to hardly
> puts them "in [my] home," even if my computer at home were connected to a phone
> line. Bloody law enforcement paranoids...
> 	-Allen
> 

Besides, its not at all threatening.  Actually, more on the stupid side.  
All it is right now is a several pages of trash-talk and a few links.  
Hardly a threat to life as we know it.  The URL, for anyone whos 
interested, is http://www.geocities.com/SunsetStrip/3149 (across town 
from my page, thankfully :)


Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127






From jimbell at pacifier.com  Sat Aug 10 14:19:09 1996
From: jimbell at pacifier.com (jim bell)
Date: Sun, 11 Aug 1996 05:19:09 +0800
Subject: Police prepare stunning end for high-speed car chases
Message-ID: <199608101912.MAA05720@mail.pacifier.com>


At 01:30 PM 8/10/96 -0400, Timothy Lawrence Nali wrote:
>Excerpts from internet.cypherpunks: 10-Aug-96 Police prepare stunning
>end.. by Gary Howland at systemics.c 
>
>[stuff about police wanting a new "stun gun" that can disable a car's
>electrical systems deleted] 

>
>1) You just noticed that your car is stolen.
>2) You call the XXX security company to report your car as stolen.
>3) The company beams down a signal by satellite/pager/cell-phone/etc. 
>   telling the car's security systems that the car has been stolen.
>4) This signal instructs the car to disable itself (shut down the engine, 
>   lock the doors, etc.) and, via a GPS module and built-in 
>   cell-phone/pager/etc., transmit it's coordinates.
>5) The car is recovered and everyone is happy.
>
>Of course, once such systems are widespread, the XXX security company
>will be "encouraged" to cooperate with local police and send that
>shut-down signal to any car the police tell them to.

"Car-Key-Escrow"?


Jim Bell
jimbell at pacifier.com





From sameer at c2.net  Sat Aug 10 14:50:04 1996
From: sameer at c2.net (sameer)
Date: Sun, 11 Aug 1996 05:50:04 +0800
Subject: Data Havens in Anguilla About to End?
In-Reply-To: <ae321e2b0402100474e7@[205.199.118.202]>
Message-ID: <199608101956.MAA02623@atropos.c2.org>


> "Pulled by our Anguilla provider."

	Note that the taxbomber site is moving to a provider in the US.

-- 
Sameer Parekh					Voice:   510-986-8770
Community ConneXion, Inc.			FAX:     510-986-8777
The Internet Privacy Provider
http://www.c2.net/				sameer at c2.net





From gimonca at skypoint.com  Sat Aug 10 15:06:41 1996
From: gimonca at skypoint.com (Charles Gimon)
Date: Sun, 11 Aug 1996 06:06:41 +0800
Subject: Chemistry question please .. (fwd)
Message-ID: <m0upKAv-00004EC@skypoint.com>


Forwarded message:
> Date: Sat, 10 Aug 1996 08:53:09 -0700
> To: cypherpunks at toad.com
> From: anonymous-remailer at shell.portal.com
> Subject: Chemistry question please ..
> 
> Is there such a chemical compound as putracine ( maybe not correctly spelled ) which emulates the extreme odor of rotting corpses ? If so where can I find out how to make it ?
> 

See Neal Stephenson's novel "Zodiac".







From nobody at replay.com  Sat Aug 10 17:06:28 1996
From: nobody at replay.com (Anonymous)
Date: Sun, 11 Aug 1996 08:06:28 +0800
Subject: Police prepare stunning end for high-speed car chases
In-Reply-To: <199608101504.RAA03459@internal-mail.systemics.com>
Message-ID: <199608102116.XAA23230@basement.replay.com>


Why don't they just have government access to car engines?  They could
just require car manufacturers to include remote shutdown devices for
the engines.






From proff at suburbia.net  Sat Aug 10 17:06:58 1996
From: proff at suburbia.net (Julian Assange)
Date: Sun, 11 Aug 1996 08:06:58 +0800
Subject: GOP Security (fwd)
Message-ID: <199608102127.HAA15949@suburbia.net>


Forwarded message:
>From notes at igc.org  Sun Aug 11 07:25:25 1996
Date: Sat, 10 Aug 1996 12:46:19 -0700 (PDT)
Reply-To: Moderator of conference "justice.polabuse" <bwitanek at igc.apc.org>
From: Bob Witanek <bwitanek at igc.apc.org>
Subject: GOP Security
To: Recipients of pol-abuse <pol-abuse at igc.apc.org>
Message-ID: <APC&1'0'a9f98b16'b93 at igc.apc.org>
X-Gateway: conf2mail at igc.apc.org
Errors-To: owner-pol-abuse at igc.apc.org
Precedence: bulk
Lines: 201

Posted:  Michael Novick <mnovickttt at igc.apc.org>

Philadelphia Inquirer: Page One
Sunday, August 4, 1996
Next security test: GOP's convention

Even before the Atlanta bombing, San Diego had battened down for
the Republican s' meeting.
By Carol Morello
INQUIRER STAFF WRITER
 SAN DIEGO  -- For all the festive bunting and wacky elephants
springing up around town, the Republican National Convention will
open here in a grim atmosphere of no-nonsense security.

 With a week left to go, Harbor Street, six lanes sweeping past the
convention center, already has been closed to traffic. Owners of
boats docked in the marina adjoining the center have been notified
that their vessels will be swept and boarded for ``consensual
searches.''

 Tall chain-link fences ring the convention center itself. But
metal detectors like the ones the delegates will pass through were
deemed too unwieldy for the parking lot across the street, where
65 protest groups have been assigned carefully choreographed time
slots. Instead, a sign at the entrance will advise that satchels
and backpacks may be searched, and police have leased 200 pieces
of high-tech equipment to detect firearms and explosives.

 Police also have gathered floor plans and photographs of every
hotel and party site where delegates will be lodged and feted, all
considered potential targets. They have even pressed the Retired
Senior Citizens Patrol into service, and encouraged abortion
doctors to ``take a vacation.''

 Authorities in Chicago, where the Democrats will meet the last
week of August, are taking similar precautions. Metal detectors,
bomb-sniffing dogs and surveillance cameras will be in force, along
with thousands of police. Coast Guard cutters will patrol Lake
Michigan. Chicago police are sealing an eight-block area around the
United Center sports arena, the main convention site, to all
unauthorized cars, trucks and pedestrians.  As the 20th century
nears an end, wary, pervasive security is as much a part of the
convention scene as Old Glory and silly hats. San Diego has been
preparing convention security for more than a year. Then a bomber
on the other side of the country suddenly made everyone wonder if
the next big public event could be free of mayhem and terror.

 In an emergency meeting called the day after a pipe bomb exploded
at the Olympics in Atlanta, convention security planners assured
Mayor Susan Golding that plans already in place were adequate. They
said they neither made, nor expect to make, any significant
changes. They have devised more than 100 scenarios that could
threaten a peaceful convention, from an earthquake to a building
collapse to a bomb like the one that twisted Atlanta's moment of
glory.

 Carl Truscott, head of convention security for the Secret Service,
said he had reached a ``comfort level'' for security within the
center itself. His agents are conducting sweeps of the 800 to 1,000
sites around San Diego County where party potentates will appear.
But he said the sweeps began before Atlanta's bombing.  ``It
certainly raised our awareness level and concern,'' said Capt. Dave
Bejarano, head of the San Diego Police Department's convention
security planning unit, which is coordinating the deployment of law
enforcement from 18 different agencies. ``But we've made no
significant changes. We'll just be more proactive. We're planning
for the worst-case scenario, and hoping for the best.''

 After two failed bids, San Diego fought hard for this moment in
the sun. But even before it's begun the clouds are out.

 Television networks and party poo-bahs have groused about the
convention center's puny dimensions. Protesters went to court to
guarantee a demonstration zone where delegates can hear and see
them after the Republicans tried to shuffle them down the street.

 With equal amounts of anticipation and trepidation, San Diegans
are prepared to host 50,000 visitors who can charitably be
described as intense  -- 8,000 conventioneers, 12,000 media
representatives and tens of thousands of protesters. They know the
GOP gathering will showcase this city of 1.2 million people more
than all previous events held here, from the Super Bowl to the
World Series.

 Twice before, San Diego was an also-ran in the convention
sweepstakes. In 1972, the convention that nominated Richard Nixon
to a second term was moved to Miami when a leaked memo by ITT
lobbyist Dita Beard disclosed that the Justice Department dropped
an antitrust lawsuit against the corporation after it donated
$400,00 to the San Diego convention campaign. And in 1992,
Republicans encouraged the city to make a costly bid, only to pick
Houston in George Bush's home state.

 With the conventions-that-almost-were behind them, the city that
alternately describes itself as ``America's Finest City'' and the
``City of the 21st Century'' hopes to prove to the country  -- and
itself  -- that it has more going for it than the weather.

 ``We believe in a lot of outside feedback,'' said Francine
Phillips, author of America's Finest City  -- If We Say It Enough
We'll Believe It. ``We've long felt that if we do it here, it's not
really good enough.

 ``For years and years, we were second to Los Angeles in size and
second to San Francisco in sophistication. Now San Diego is coming
into its own. It's an opportunity, and a risk. We're going to get
exposure, and we feel vulnerable.''

 Jack Ford, son of former President Gerald Ford, is responsible for
setting the stage in the compact bayside convention center, built
in 1989. It was designed to hold 13,000, but it's been reconfigured
to hold 19,600. That still falls well short of 50,000 in Houston's
Astrodome and 40,000 in New Orleans' Superdome, site of the 1988
convention.

 Seating is so tight that it has helped the price for nondelegate
tickets soar through the convention center's tentlike roof. In
Houston, anyone who donated $1,000 to the party got two floor
passes. In San Diego, donors have to pony up $100,000 to qualify
for the same two tickets.

 The host committee's head of protocol, Bill Black, couldn't even
secure enough seats for the 92 foreign ambassadors and their
spouses he's entrusted with shepherding around the convention and
to social events. Since most are smokers, however, he figures he
can rotate them in and out of seats when they sneak to the terrace
for a smoke.  It will look more cramped than recent conventions.
A CBS executive complained the convention will come across on TV
screens like ``a postage stamp with a bunch of ants crawling around
on it.''  Ford, executive director of the host committee, put the
best face on the situation as he walked around the convention floor
recently.

 ``It's the Camden Yards of conventions centers,'' he said, as
stagehands hammered away on temporary skyboxes. ``It will be more
intimate, not big and sterile like Veterans Stadium.''

 As for all the carping about not having a dramatic balloon drop
from the 27-foot ceiling, Ford said jovially: ``There are lots of
other possibilities, not the least of which is having a balloon
rise.''

 An array of protesters has lined up to get a rise out of
delegates. To control them, police drew up 55-minute slots spread
over five days, with 15-minute breaks to rotate protest groups.

 Groups stood in line for up to 72 hours to have first crack at the
65 spots. Thirteen protest groups identify themselves as Democrats.
At least eight spots were reserved by gay and lesbian groups. 
``This is going to be the largest mobilization of lesbians and gays
ever in this country,'' said Brenda Schumacher, a spokesman for a
group called Lesbian, Gay, Bisexual and Transgender Voices '96.
``We've faced an extremely hostile political environment ever since
'92. We want to expose the lies and show an accurate picture of who
we are.''  The Republican National Committee tried to confine all
the protesters to a sit e three blocks from the convention center.
It said the parking lot across the street should be reserved for
handicapped parking.

 But the ACLU sued, and a federal judge agreed the Republican
proposal would violate the protesters' right to be seen and heard
by delegates. Police, who estimate 10,000 protesters at a time can
wedge onto the two-acre parking lot, had drawn up the time slots
for protest groups wherever they wound up.

 Parking will be at a premium. The Secret Service has banned
underground parking at the convention center. And the Republican
National Committee has reserved every spare parking space in town
for its people.

 The host committee raised about $12 million to put on this party,
more than double what any other city contributed before. In return,
it's counting on $160 million to be spread around town during
convention week and good publicity to pull in even more economic
benefits.

 Knowing the Republican reputation for big spending, every business
in the vicinity, from Hooters restaurant to the Goodwill Industries
store, is decking itself out with GOP paraphernalia.

 The Cuban Cigar Factory laid on extra tobacco rollers in early
January. Limousine companies lined up cars from Arizona and Nevada.
One bar opened its doors just two months ago, unabashedly calling
itself the Grand Old Party, complete with a pink neon elephant in
the window. Even Carol the Painting Elephant at the San Diego Zoo
is getting into the act, readying an exhibit of the brush strokes
created by her swinging trunk.

 Still, a few San Diegans profess to be unfazed about all the
hoopla.

 ``This is not the biggest convention we've ever had,'' said
Stephen Cushman, a Mazda and Jaguar auto dealer who is deputy
chairman of the host committee. ``Alcoholics Anonymous and the
Baptist ministers both held bigger conventions here. We handled
those just fine.''

Posted in pol-abuse at igc.apc.org
To subscribe, send this message: subscribe pol-abuse
To this address: majordomo at igc.apc.org


-- 
"Of all tyrannies a tyranny sincerely  exercised for the good of its victims  
 may be the most  oppressive.  It may be better to live under  robber barons  
 than  under  omnipotent  moral busybodies,  The robber baron's  cruelty may  
 sometimes sleep,  his cupidity may at some point be satiated; but those who  
 torment us for own good  will torment us  without end,  for they do so with 
 the approval of their own conscience."    -   C.S. Lewis, _God in the Dock_ 
+---------------------+--------------------+----------------------------------+
|Julian Assange RSO   | PO Box 2031 BARKER | Secret Analytic Guy Union        |
|proff at suburbia.net   | VIC 3122 AUSTRALIA | finger for PGP key hash ID =     |
|proff at gnu.ai.mit.edu | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 |
+---------------------+--------------------+----------------------------------+





From hallam at ai.mit.edu  Sat Aug 10 17:17:55 1996
From: hallam at ai.mit.edu (Hallam-Baker)
Date: Sun, 11 Aug 1996 08:17:55 +0800
Subject: Anguilla Censors taxBomber ..... ??
In-Reply-To: <4uimq2$n4n@life.ai.mit.edu>
Message-ID: <320D01F1.41C6@ai.mit.edu>


Anonymous wrote:
> 
> As of immediately, the "taxBomber's Site & Internet Offshore Center"
> has been pulled by our Anguilla provider and will remain inaccessible
> for a few days.


Before people get too carried away the site is still up and appears
to have been up all along. Of course it would be a convenient ploy
to advertise a site of this type by claiming to have been censored.


I had a look at their wares and was not impressed. The diplomatic
passport and "second passport" offers are somewhat pricey at
$10 to $20K. Note that a diplomatic passport does not convey any
status or privileges unless the holders credentials have been 
accepted by host state. "non-revenue producing investments" will
be familliar to anyone who has traded extensively in that area. 

Note that no country in the world offers such passports openly, to
do so would be contrary to a number of international conventions. 

There has been the long running case of the South African immigration
laws which meant that whites used to get citizenship whether they 
wanted it or not after a stay of about six months. Its possible that
it hasn't been repealed. 

Note that the statement that the trade is illegal is countered by
the assertion that the documents are genuine. Its very easy to obtain
genuine documents if the right bribes are paid. That does not make
a scheme legal. 


The various licenses etc appear to be avaliable on condition that you
provide them with appropriate statements as to eligibility. If you
apply for the student's card in this way and you are not a student 
you are committing fraud. If you are willing to do that you can get
a student ID card much more easily - go to any branch of British 
Rail in the UK and you can have one for a few quid.


Similarly the various other "offers" tend to be priced rather high. If
you know what the card is being offered you can probably get it legit
much cheaper.  

The piece de resistance is the offer of an EU driving license to 
peoplke from Ireland, Netherlands etc for only $680. Its the same
goddam license! Just go to your embassy and ask them to replace your
current license for an EU pink 'un.


All in all stay well clear.


		Phill





From hallam at ai.mit.edu  Sat Aug 10 21:48:13 1996
From: hallam at ai.mit.edu (Hallam-Baker)
Date: Sun, 11 Aug 1996 12:48:13 +0800
Subject: Imprisoned for Not Having a Gun?
In-Reply-To: <4uefdh$12o@life.ai.mit.edu>
Message-ID: <320D0B63.167E@ai.mit.edu>


Sandy Sandfort wrote:
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                           SANDY SANDFORT
>  In addition
> to the "exceptions," there was no penalty for violation of the
> law, thus making sure it was unenforceable.  It was not a case
> of "pro-gun fascism" but of rough American political humor.  At
> the very least it kept the city council out of more serious
> mischief.

Was there a bar against a person obtaining an injunction to
force someone to purchase a gun or a provision providing that
no liabilities would be incurred as a result of not owning one?

The law is much too important to start abusing to make political
points.

		Phill





From hallam at ai.mit.edu  Sat Aug 10 22:06:47 1996
From: hallam at ai.mit.edu (Hallam-Baker)
Date: Sun, 11 Aug 1996 13:06:47 +0800
Subject: Imprisoned for Not Having a Gun?
In-Reply-To: <4ufqum$ihk@life.ai.mit.edu>
Message-ID: <320D0C1E.2781@ai.mit.edu>


Peter Trei wrote:

> Quite a while back, I read an article in National Rifleman (the NRA
> magazine), that for part of  the 19th century  it was the law that all
> adult men in the Balkan statelet of Montenegro must carry a pistol
> when in public (a close relative of the ruler had a monopoly on the
> manufacture and sale of firearms in the kingdom).
> 
> Traveler's reports noted the extreme civility of Montenegrin
> society during this period.

Yes and what happened in the early part of the 20th century
with respect to that area of Europe?

	Phill





From perry at piermont.com  Sat Aug 10 22:26:23 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Sun, 11 Aug 1996 13:26:23 +0800
Subject: Imprisoned for Not Having a Gun?
In-Reply-To: <320D0B63.167E@ai.mit.edu>
Message-ID: <199608102237.SAA10457@jekyll.piermont.com>



Hallam-Baker writes:
> The law is much too important to start abusing to make political
> points.

An excellent argument for libertarianism, Mr. Hallam-Baker.

Perry





From bromill at deltanet.com  Sat Aug 10 22:32:28 1996
From: bromill at deltanet.com (Doug Weimer)
Date: Sun, 11 Aug 1996 13:32:28 +0800
Subject: Where can I get the public key?
In-Reply-To: <24700.9608101234@exe.dcs.exeter.ac.uk>
Message-ID: <320CD954.7042@deltanet.com>


aba at atlas.ex.ac.uk wrote:
> 
> I'm downloading things to put on the CDROM that Remo Pini
> <rp at rpini.com> is organising.  (I'm doing the downloading because I
> have better net connect than Remo, I'll simply forward my downloads on
> a gold CD; it's Remo's CD, he will add things, structure, re-organise,
> junk sections etc).
> 
> If there is anything that anyone thinks is a must have please let me
> know, or email it to me.  (PGP keys on keyserver, either encrypt to me
> (0x556A4A67) or Remo Pini (0x33F9B4E9), if it's encrypted to Remo, I'll
> just forward it on the CD for Remo's consideration).
> 
> Please check that it is not already on the ftp site below.
> 
> So far I am part way through a complete dump of (including all the
> mirrors):
> 
>         ftp://idea.sec.dsi.unimi.it/pub/crypt
> 
> here's the top level directory:
> 
> drwxr-xr-x   3 root     root        1024 Jan 30  1996 LUC
> drwxr-xr-x   2 510      root        3072 Aug 10 09:31 PGP
> -rwxr-xr-x   1 root     root        1579 Sep  2  1994 README
> drwxr-xr-x   2 root     root         512 Jan 30  1996 SKIP
> drwxr-xr-x   2 root     root        3072 Jan 30  1996 applied-crypto
> drwxr-xr-x   3 root     root        2048 Feb  2  1996 bignum
> drwxr-xr-x   2 root     root       10752 Jul 12 09:13 code
> drwxr-xr-x  27 root     root        1024 Jun 19 23:01 cypherpunks
> drwxr-xr-x   2 root     root        4096 Jan 30  1996 docs
> drwxr-xr-x   6 root     root        1536 Jul 29 23:02 ftp.demon-PGP
> drwxr-xr-x  13 root     root         512 Aug  7 23:15 ftp.funet.fi-crypto
> drwxr-xr-x   2 root     root         512 Aug  6 23:10 ftp.informatik-PGP
> drwxr-xr-x   2 root     root         512 Apr 18 23:02 ftp.informatik-disk#
> drwxr-xr-x   2 root     root         512 Jan 30  1996 ftp.mantis-cryptography
> drwxr-xr-x   8 root     root         512 Jun  4 23:28 ftp.ox.ac.uk
> drwxr-xr-x   5 root     root         512 Aug  1 08:28 ftp.pgp.net
> drwxr-xr-x   7 root     root         512 Jun  5 23:47 ftp.psy-Crypto
> drwxr-xr-x   2 root     staff        512 Apr  1 09:21 kerberos
> drwxr-xr-x   2 root     root         512 Jan 30  1996 libdes
> drwxr-xr-x   2 root     root         512 Mar 23 15:37 math
> drwxr-xr-x   9 root     root         512 Jan 30  1996 rpub.cl.msu.edu
> drwxr-xr-x  15 root     root        1024 Jan 30  1996 rsa.com
> 
> (Amazing collection they have btw, the cypherpunks mirror seems to be
> very up-to-date, some files just three days old... what is this,
> automated ITAR violation?)
> 
> 118Mb and counting...
> 
> I'll be doing this today (and tomorrow if it takes that long), and
> hopefully blowing a gold CD monday.  (Before anyone notices I've
> clobbered 600Mb of disk space, hopefully).
> 
> Adam
> 
> Key for user ID: Adam Back <aba at dcs.ex.ac.uk>
> 1024-bit key, Key ID 556A4A67, created 1993/06/08
> 
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: 2.6.2i
> 
> mQCNAiwUXUEAAAEEAJnWEHE3juLAyMnEt3hrID3t8tblJvJPfoPz4Plg+2a5y4HA
> TonXBomkhm8hrRu1umruUUaeW1mxIbpvP413a2JyU7pdyfyoFVpWW5iT9pXYOgSW
> 65d+5GWe4g4PLrSbJZPBFIezd8xddnx5+5hbRk1K6UpfReQuOynIuJ1VakpnAAUT
> tBxBZGFtIEJhY2sgPGFiYUBkY3MuZXguYWMudWs+iQCVAgUQMC4WlX47g+7S34A9
> AQGJ3wP9Fwcooqg1/3MYFrfbMoqGydE60ypaCXBIM8Zypqhx+64ap8FhkANqW1jx
> ltQMC7ZHhPiWMpNtWEGWcWFnqytyVIvGv8nuBGmiUrPJnMPWAsHTwl2tJ5WpYdPf
> xQRLfN5eWrjW8Ps5fQHKziBrE0HAK9FcuZ51fSBH4ulmd/2kO9+JARUDBRAv4EaG
> sVcwSRahJGUBARF3CACOs/Z1IpyKJqLswf979RbvfpCzi4r2vuzKdfFE+NBV7x0m
> m13v3Eldf/5Z5WByZ36SQjxUhIxqMdaVQafaS5oiQZrmy31K6IyAJxQwdPNZ+pAd
> AeASm9q1IjYIb0+As6QWdePYP9jRrHESHkDgmJANnAcU+OL9pbrqjdwIYPW1rvpI
> 58VCiCvQ2v/A9Lq+R4opwQ3rz4lX9/7qDnWfBe2pcaorQXAuXLSGEba/H4HUKvIr
> OnW3jcQzK2lebxKRDduwFOMTnrcpnRVLn21NSukYsOU1WZ4valwIFGUt88hcO8Ki
> f0liCzFqfvfbLPdtW/hqS/v5ukuI+y017xb3H8vWiQCVAwUQL9gNKSnIuJ1Vakpn
> AQHH6AP/T7dwXid03U7UM2/QzU+y6F4kHrGBuvJcyJewWbEb16ItkMngjzXP47kx
> gZygR4MWXsyQlvE2inSYzRJ3L+6ftaPvX8JsvVCll7JIejfmNGZYSWw9E/vPi/ls
> aa+pN3WqPxnzpwr8PL6b8w1fZZ47antgdZlOXgGO+hRbWV7zPcc=
> =iFuA
> -----END PGP PUBLIC KEY BLOCK-----
> 
> Key for user ID: Remo Pini <rp at rpini.com>
> 2048-bit key, Key ID 33F9B4E9, created 1996/07/14
> 
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: 2.6.2
> 
> mQENAzHpRlsAAAEIANgw4sEL9idlZxO8UBYPluxSXI5tkDSpGAc5EfxeGsrnesEs
> hnfhT7uQfr2M7mdY3BIvOVGj672m+1c0Bv4jO6E56uUaElS5uaf/rpd0lRdKNwnv
> zokSprnUEOnXy8ZgtOqws97/I4J7gkvjhu9QJGj2CnHduQ4De1Q63kwVHuySJWvX
> ecPBpV8XYrYkXumPJ6L/aBnnc/mT0ZVtKszoh/IHTq3dub/cWzShLBasmcIsIjDe
> ZjAoxjGkN5t1fSpuUWIkzv0rIOdBNZaEYmVnhj6Q8BkrEep+3KsycJsJi3dr0Pk8
> n/lPu8fD9VnpO2uMRFQVBx4vYCMkEWHLmzP5tOkABRG0GFJlbW8gUGluaSA8cnBA
> cnBpbmkuY29tPokBFQMFEDHpRlsRYcubM/m06QEBgwcIAI24HElAY2JED5PJ78ct
> R46RNWjMGQ5phP6ugE/xZzeW5zscHZChu1r8cdf+usl/qrTDPazYhcIfgiNwovdl
> ofvt/X5vDvlFMFqvlXB6O8x09eGWXjfS/5Wo9O4wPSEPv66CGHQ0q8pZsxtboyNH
> +eeYxqhSA03MDg5iWx5kakT2ShRv21oCwEZBTN8XOO4hRnfamIvOt5F8v3ypJZli
> w7xM398Dl0fATmNSVFiJp+l/c/+uNFLlyBU9Dp/m1w2nXXVmbVtTSJN0p4cZZ4WB
> 1FsNhH8yj+JURr2OtqKeZLDQz88bIiw/nawJB8mvNAr6bml5GxgCi91f9l6xYeb5
> ryQ=
> =UhcC
> -----END PGP PUBLIC KEY BLOCK-----
This encryption starting to bug.





From vince at offshore.com.ai  Sat Aug 10 23:20:52 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Sun, 11 Aug 1996 14:20:52 +0800
Subject: Rumors of death of Anguilla Data are greatly exagerated.
Message-ID: <Pine.LNX.3.91.960810204259.1326A@offshore>



Taxbomber wrote:
>This is the work of some journalist hacks who did a major job of
>character assassination by claiming that we (and our provider)
>were involved in selling fake passports.

This is a fraud by taxbomber.  He is totally involved with selling fake
passports.  He calls them "camouflage passports" and they have names like
"British Honduras" of countries that no longer exist, or never did.  He
does not think they are "fake", but the rest of the world does.  He also
suggested opening up bank accounts with these fake passports (encouraging
fraud).

My lawyer called me up and told me that fake passports are illegal in
Anguilla and that I should pull this guy immediately.  I did. It is our
policy to not permit anything on our servers that is illegal in Anguilla. 
My lawyer is where I get the definition of "illegal in Anguilla". 

Tim:
>(I assume this is Vince Cates' site, though I haven't doublechecked...

Yes, taxbomber was using Offshore Information Services.

Tim:
>Longterm, I've never believed there is much safety in locating in *any*
>physical country. (By this I mean advertising and making it clear that one
>is in Country X, said to be "friendly" to tax avoiders, data havens, money
>laundering, etc. 

As a practical matter, taxbomber would have been better off to not state
what country his web site was currently in, let alone who the provider
was.  This reporter seems not to even use email, and I doubt he would know
how to locate a sites provider. 

Tim:
>I'd guess that Vince has had a fun time in the Carribbean, but that he'll
>be closing up shop sometime soon. Once some services are yanked, confidence
>is lost.

I am not closing up at all.  Anything that is legal in Anguilla can be
done from my servers.  If not, then not.  Note that there are no taxes
here, and there are still many things a guy can do here that are not
permitted in other places.  However, fake passports turns out not to be
one of them. 

Sameer:
> Note that the taxbomber site is moving to a provider in the US.

Actually, at the moment http://www.taxbomber.com/ is off in Europe
someplace.  The US provider has been slow to come up with an IP address. 
:-)

   --  Vince






From ses at tipper.oit.unc.edu  Sat Aug 10 23:21:05 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Sun, 11 Aug 1996 14:21:05 +0800
Subject: An SSL implementation weakness?
In-Reply-To: <Pine.LNX.3.94.960809045202.653D-100000@switch.sp.org>
Message-ID: <Pine.SUN.3.91.960810193128.13080B-100000@tipper.oit.unc.edu>


This was the second SSL problem documented; it was fixed in 
netscape 2.0. The fix is to include the hostnames used for the server in 
the certificate as multi-values for the CommonName (CN). 

The fix is relatively simple; The client must then check the certificate
to make sure the hostname matches, and the CA must not check ownership of
domain names before issuing certs. 

Simon
(the first, and silliest was the original SSL's habit of using RC4 on 
(essentially) known plain-text with no checksum. Doh!) 

 ---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From frissell at panix.com  Sat Aug 10 23:21:30 1996
From: frissell at panix.com (Duncan Frissell)
Date: Sun, 11 Aug 1996 14:21:30 +0800
Subject: Police prepare stunning end for high-speed car chases
Message-ID: <2.2.32.19960810235220.00a455fc@panix.com>


Time to fire up the '57 Chevy.


At 05:04 PM 8/10/96 +0200, Gary Howland wrote:
>Police prepare stunning end for high-speed car chases 
>
>                                    BY GILES WHITTELL 
>                                    AND NIGEL HAWKES 
>
>         IT COULD be the end of the car chase as we know it. With the
automotive equivalent of
>         a stun gun, science fiction is coming to the aid of law enforcement. 
>
>         A high-powered electrical device under development at the
Pentagon's Army Research






From tcmay at got.net  Sat Aug 10 23:34:08 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 11 Aug 1996 14:34:08 +0800
Subject: Imprisoned for Not Having a Gun?
Message-ID: <ae328685020210048a43@[205.199.118.202]>


At 10:21 PM 8/10/96, Hallam-Baker wrote:
>Sandy Sandfort wrote:
>>
>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>                           SANDY SANDFORT
>>  In addition
>> to the "exceptions," there was no penalty for violation of the
>> law, thus making sure it was unenforceable.  It was not a case
>> of "pro-gun fascism" but of rough American political humor.  At
>> the very least it kept the city council out of more serious
>> mischief.
>
>Was there a bar against a person obtaining an injunction to
>force someone to purchase a gun or a provision providing that
>no liabilities would be incurred as a result of not owning one?
>
>The law is much too important to start abusing to make political
>points.

This, of course, was my exact point. I don't buy the argument that Kennesaw
(or whatever) was just making a symbolic point. If one community passes a
law which mandates the ownership of guns, in contravention to the Second
Amendment, then another community could ban ownership of guns, using the
same logic and "general principal."

(Several have, of course. I think such laws violate the Second Amendment,
but apparently the courts do not agree.)

And what of making a "citizen's arrest" of a "perp" who refuses to own a
gun. I prefer not to have to guess which laws are real and which are merely
posturing.


--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From ses at tipper.oit.unc.edu  Sat Aug 10 23:37:10 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Sun, 11 Aug 1996 14:37:10 +0800
Subject: photographed license plates
In-Reply-To: <320B5805.712E@best.com>
Message-ID: <Pine.SUN.3.91.960810194513.13080C-100000@tipper.oit.unc.edu>


In the UK they now use cameras to deter speeding; the cameras are 
triggered by vehicles passing by which exceed the speed-limit, so in 
theory it's only naughty people who get photographed. Interestingly 
enough, there are far more places with camera warning signs than there 
are actual cameras; the actual cameras are moved around at random. Even 
though most of the time there isn't a camera there, almost everbody 
seemed to slow down in the marked areas; probably because there's almost 
100% chance of being caught if there is a camera there. 



---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From ses at tipper.oit.unc.edu  Sat Aug 10 23:39:44 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Sun, 11 Aug 1996 14:39:44 +0800
Subject: Fw: SafE Mail Corporation
In-Reply-To: <Pine.GUL.3.95.960809175133.15098C-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SUN.3.91.960810195344.13080E-100000@tipper.oit.unc.edu>


On Fri, 9 Aug 1996, Rich Graves wrote:
> I notice they've "sweetened" their "hacker" deal for cracking their
> software. Now it's an all-expense-paid trip to North Carolina plus about
> $400. Still not worth it, unless you're just pissed off.

Come on, it'd be worth it even without the $400...

Simon

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | IN WASHINGTON DC TILL SEPTEMBER
You're my firewall -    	      | 





From jamesd at echeque.com  Sat Aug 10 23:57:58 1996
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 11 Aug 1996 14:57:58 +0800
Subject: Going Postal (Was: Boom!)
Message-ID: <199608110037.RAA10125@dns1.noc.best.net>


(Regarding the one pound limit on anonymous parcels)

At 08:13 AM 8/9/96 -0700, David.K.Merriman at toad.com, wrote:
> Don't know that I'm a 'bomb expert', but it would appear reasonable that 6 
> just-under-a-pound bombs would do approximately as much damage as a 
> similarly sized larger device.

As was pointed out earlier in this thread, a one pound device containing 
high explosive can drop a plane out of the sky as if it was swatting a fly.

Note that any moron can make high explosive, though the average moron 
has a good chance of blowing himself up in the process.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From vince at offshore.com.ai  Sun Aug 11 00:05:07 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Sun, 11 Aug 1996 15:05:07 +0800
Subject: Anguilla / taxbomber  - legality
Message-ID: <Pine.LNX.3.91.960811004757.1724B-100000@offshore>



I meant to quote this part in the previous post:

taxbomber:
>Needless to say, we have NEVER EVER dealt in one single fake
>passport, nor have we ever offered, sold or brokered any forged,
>stolen or "lost" documents. Nor is there any need to do so, if you can
>get the real thing absolutely legally.

He was definately selling fake passports.   He thinks of them as
camouflage.  If I look up fake in websters, they fit the definition.

Turns out this is not legal in Anguilla.

If it is no longer in his web page, you can see quotes from his web
page in the David Evans article.

The Internet spans many counties and if something is not legal in one
country but legal in another, someone can move.   He has moved.
One of the exciting things about the Internet.  

If there are taxes in your country and banks cooperate with the
government, you can incorporate in Anguilla, put your web site here, and
run your business from here (coming in over the Internet) tax free. 

But fraud is illegal in Anguilla, and fake passports are concidered
fraud.

   -- Vince
 
     http://online.offshore.com.ai/






From amehta at giasdl01.vsnl.net.in  Sun Aug 11 00:22:49 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Sun, 11 Aug 1996 15:22:49 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <1.5.4.32.19960811041731.00305a5c@giasdl01.vsnl.net.in>


At 02:05 10/08/96 -0700, Timothy C. May wrote:
>At 12:15 PM 8/10/96, Scottauge at aol.com wrote:
>>I was watched CBS reports a couple nights ago about how all these blue collar
>>and now white collar jobs are going across seas.
>
>Where do I begin? First, what does "taking jobs away from us" mean? That we
>own these jobs? And who is "us"?

Well said. While I didn't see the CBS program , I bet the
scaremongerers did not point out that programmers don't just
produce software, they are major consumers as well. The growth of
the software industry in other countries therefore means business
for US industry, which produces most of the compilers and other
utilities that programmers everywhere use. This clearly helps
programmers in the US. 

>>So a possible way to protect jobs is to protect the knowledge on how to do
>>them.

To some extent this happens automatically -- for instance, if you
live in the Silicon valley, your knowledge levels are higher on
account of higher frequency of user meets, conferences, etc. But,
to the extent you use the Internet as an information source, it
is available internationally. So you cannot have it both ways:
use an open forum like the Internet, and hope to keep knowledge bottled in.

In earlier generations of computing, monopolistic organizations
such as IBM and DEC charged huge sums for information. One of the
reasons that IBM was thrown out of India in the mid seventies was
their practice of shipping only outdated computers from the US to
India. Indian programmers were at a disadvantage, and clearly
could not charge as much as American ones. But the openness of
MS-DOS and UNIX changed all that, a trend that has only been
strengthened by the Internet. 

While jobs could easily move overseas, the developing world may
not be able to absorb them. To start with, such migration assumes
the availability of excellent telecom facilities. These are
severely lacking in most developing countries, which have about
75% of the world's population and 16% of its product, but only
12% of the total number of telephone main lines. These too are
mostly in cities. While the World Bank's 1988 figures indicate
that in industrialized countries, major cities have a 20-30%
higher telephone density than do other areas, in a country like
Ethiopia, cities have a density of about 14 times the national
average. In other words, most people in developing countries have
practically no access to telecom facilities. In addition, the
quality of the facilities, typically provided by state-owned
monopolies, is often abysmal. While low-earth orbit satellite
projects such as Iridium, Odyssey, Teledisc and Globalstar
threaten to change all this, little impact will be felt until the
end of the decade. In any case, telecom facilities in the
industrialized countries will most likely continue to be
considerably superior, providing workers there with an ongoing
competitive advantage.

Further, as economists such as Paul Krugman point out, developing
countries lack the means for sustained growth ("Which Asian
Model?", Newsweek, November 20, 1995). Those economies that have
shown dramatic growth, such as the East Asian, have relied
essentially on low-cost inputs, rather than on their efficient
utilization. Professor Alwyn Young of Boston has in fact come to
the surprising conclusion that Singapore's total factor
productivity (which measures such efficiency) is so poor as to be
comparable to that of the Soviet Union. He points out that "at
just the time that everybody was ranting about how magnificent
Japan was, it ceased to catch up."

Cheap inputs is not a long-term phenomenon, as companies looking
for good programmers in India are increasingly discovering.
Programmer salaries in India are rapidly rising. While many
youngsters are keen to become programmers, India lacks adequate
training facilities. Today, teachers receive poor pay, even by
Indian standards. Educational institutions are hardly going to be
able to raise salaries of software teachers alone, while raising
them for everybody will be impossible. Consequently, there is
going to be little  incentive for good programmers to become
teachers, and the educational institutions will continue to churn
out large numbers of poorly trained students. It is suggested
that universities in industrialized countries could use the
Internet to teach students in developing countries, but the
efficacy of this model has yet to be proven.

Also, a very small percentage of Indians are fluent in English,
and from it come the senior bureaucrats, managers for the private
sector, the military, newspapers, educational institutions -- in
short, all the important posts of the country. Unless there is to
be a severe disruption of the nation's activities, not too many
can be diverted to cater to export.

>>Perhaps there is a larger picture in the world that the cyperpunks mailing
>>list is missing.  That cryptography is not just for personal privacy, but
>>could involve job security also - as a matter of fact, the income base for
>>this whole country.

I'd argue the opposite: I see no reason why companies such as
Netscape have to put up with such draconian US laws as ITAR: why
don't they simply develop their software overseas? If they made a
highly publicised move, that might do wonders to change the
opinions of US Congresspersons voting on ITAR-related legislation.

My prediction is that with the blessings of the Internet, the
next generation of multiracial programmers, even those that were
born in the USA, will be more likely to be found on the beaches
of tropical islands than in the fog of San Francisco. When you
can work in the shade of a palm tree, even if you should earn
less, it's worth it :-)

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From vin at shore.net  Sun Aug 11 01:02:09 1996
From: vin at shore.net (Vin McLellan)
Date: Sun, 11 Aug 1996 16:02:09 +0800
Subject: SecurID
Message-ID: <v02130504ae314de8a9fc@[206.243.160.206]>


        Paul J. Bell <pjb at ny.ubs.com> gave a desperate shout for help:

>someone at my firm is about to press the securid system down our collective
>throats. please point me to the recent thread on this subject, and/or point
>me to some url's or the like, or to someone who has some firsthand
>knowledge of the pitfalls and/or vulnerbilities of secirid.

        I think Enigma Logic, Digital Pathways, and Cryptocard -- all
vendors of competitive one-time passsword (OTP) tokens --have diatribes
against the ACE/SecurID system on their web sites.  Check them out.  Over
the past two years, there have also been a number of fairly in-depth
debates about SecurIDs and the ACE protocols on the Firewalls mailing list
(ftp the archives at greatcircle.com) and in comp.security.unix. My SecurID
FAQ, available from SDTI at <http://www.securid.com> might give you ideas
too.

        Most people find the SecurID (and most of its competitors)
relatively well-designed and and secure devices.  Most of the negative
comment I've seen is from competitors who say the SecurID and it's ACE
support system is too expensive, and from ACE administrators who gripe that
the software is not optimized for their favorite platform.  It is
unfortunately true that SDTI  has not yet mastered the knack of producing
perfectly bugless code. Earlier this year SDTI also fouled up badly when
they failed to bring their Customer Support operation up to speed to
support a new generation of authentication servers (ACE 2.X) which involved
a relatively more complex Unix installation.  They've spent a lot of money
and hired a lot of people, but I don't think there is yet a consensus about
whether they've licked that.

        Still, some people think they get their money's worth.  SecurID is
the OTP token of choice at most (80 percent +) large corporate sites --in a
market with a lot of competitors, including well-done freeware OTP
alternatives: s/key and OPIE.  Of course, those buyers could all be wrong.

          SDTI's success is really built on the fact that users -- the
people who actually carry the tokens -- usually say they like the SecurID
better than the alternatives.  The SecurID claims the lion's share of the
market  because it is relatively intuitive and easy to use: the PIN and
token-code can be typed in like a (long) traditional password.  The
alternative tokens -- all challenge/response devices -- force the user to
engage in a multi-step process to get a random challenge from the remote
host, tap it into the token, encrypted it, then send it back to the host as
the OTP.

      SecurIDs are supported by an ACE authentication server which  --
alone among the OTP vendors -- holds its Access Control files in a
commercial-grade SQL-savvy relational database, which means that can be
interlinked with HR or any other SQL-savvy corporate RDBS.  As the industry
sets the stage for enterprise-wide IP security (hopefully soon to include
crypto) many  believe the authentication server's capabilities become more
important than the token's design.

        But, hey, those folks could be wrong.

        SDTI also just bought RSA Data Security, which some feel enhances
its prospects for making some further contribution to enterprise security.
Even before that, some 50 of the leading independent vendors of
network-based products (from firewalls and comm servers to big databases)
had chosen to integrate ACE/SecurID client code into a huge variety of
products.  This is a fairly unprecidented level of industry support -- but
they might be all wrong too.

        ACE/SecurID is notable among other OTP systems for both its support
infrastructure (STDI supported the client/server architecture five years
before any other OTP vendor,) and because it is a (patent-protected)
time-synched device: the 30/60-second dynamic token-code the SecurID
displays is a hash of Current Time and a token-specific secret seed. This
has pros and cons (honest,  both pros and cons;-)

        Unfortunately, what ACE/SecurID does not do -- what no OTP can do
-- is safeguard or secure your communications links.  (It also does not
minimize the need for ongoing system administration; capable auditing and
oversight; or an explicit local security policy -- all of which can also be
burdensome to the user.  But the real bear is network security.)  On an
unprotected network or telephone link -- in the face of a sophisticated
attack -- nothing but  network-level crypto or link encryption can stave
off either eavesdropping or active TCP "session stealing."

        (Several of SDTI's strategic partners do provide encrypted tunnels
through open networks. There are even some well-regarded freeware or
shareware options.) SecurIDs, like any OTP, only identifies the guy who
knocks on the front door.  This is useful; it's even important -- but it's
not enough.  Most environments need (but don't have) crypto too.  But even
in the face of this acknowledged threat -- session hijacking -- many sites
still find it useful to invest in OTP tokens, often SecurIDs.  They do this
because:

        * OTPs can offer a more-certain two-factor authentication
(something known; something held);
        * OTPs foil a whole array of trojan and sniffer-based attacks which
seek to collect the passwords of innocent users like yourself; and
        * OTPs can raise a partial barrier against network-based attacks.

        Effectively, OTPs force most network-based attacks to become
overt... so the user and/or sysadmin has a chance to recognize that
something is wrong and react defensively.

        Some believe the ACE/SecurID system actually does a little better
than that. The ACE protocol encrypts all packets containing user
authentication data as it passes between the ACE/Clients (often embedded
communication servers of various types) and the ACE/Server.  This
establishes an encrypted virtual net for authentication data with the user
site, which blocks another class of attacks.

        In an ACE/SecurID-protected environment, the threat of
network-based attacks is thus somewhat constained.  Authentication calls,
and the TCP/IP sessions they authorize, remain quite vulnerable if they are
transmitted over the Internet, or an extended private network, or telephone
links susceptable to physical wiretaps.  OTPs safeguard the authentication
calls against replay attacks --and most of the race attacks seem managable
-- but unencrypted sessions ultimately remain vulnerable to both
eavesdropping and session hijacking

        In many corporations, however, only a fraction of the data traffic
travels on these high-risk links.  While there are net-based attacks that
might reach in to grab unencrypted message traffic on your internal LAN (Is
someone is also trying to force a firewall on you guys too, PJ?) within the
ACE client/server environment, at least user authentication data -- name,
OTP, and PIN --  seems to be securely encrypted.  Not that there aren't
hackers -- and cynical system administrators -- probing and testing it
daily.

        Rumors and dark suspicious whispers abound, as seems inevitable
with any successful product that relies on crypto. (Actually, any widely
used computer security product -- have you noticed?) Personally, I find it
reassuring to remember that for virtually every flaw there is, inevitably,
a fix.  But then, Wall Street's recent soaring climbs and plunging drops
remind me of just how potent rumors can be.

        Please come back and tell us if you find any real dirt, Mr. Bell.
(And please pardon the blithe spirit that infected my comments. It's just
hard to play the straight man on a Saturday summer night.)  Also, an
obligatory avowal:  SDTI regularly pays me huge sums of money for
information and advice, but they ignore at least half of what I say.

        You can too.

        Suerte,
                        _Vin

         Vin McLellan +The Privacy Guild+ <vin at shore.net>
      53 Nichols St., Chelsea, Ma. 02150 USA Tel: (617) 884-5548
                         <*><*><*><*><*><*><*><*><*>







From shamrock at netcom.com  Sun Aug 11 01:14:16 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sun, 11 Aug 1996 16:14:16 +0800
Subject: Police prepare stunning end for high-speed car chases
Message-ID: <v02120d01ae3326ad34cd@[192.0.2.1]>


At 23:16 8/10/96, Anonymous wrote:
>Why don't they just have government access to car engines?  They could
>just require car manufacturers to include remote shutdown devices for
>the engines.

But they will. Didn't you know that?



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From tcmay at got.net  Sun Aug 11 02:18:26 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 11 Aug 1996 17:18:26 +0800
Subject: Where is the fraud? (re: Anguilla)
Message-ID: <ae32d230050210045227@[205.199.118.202]>



One more thing....

At 12:53 AM 8/11/96, Vincent Cate wrote:

>This is a fraud by taxbomber.  He is totally involved with selling fake
>passports.  He calls them "camouflage passports" and they have names like
>"British Honduras" of countries that no longer exist, or never did.  He
>does not think they are "fake", but the rest of the world does.  He also
>suggested opening up bank accounts with these fake passports (encouraging
>fraud).

On this last point, how is this "encouraging fraud"?

If I deposit money in a bank and choose to identify myself as "Mickey
Mouse, Citizen of the Magic Kingdom," perhaps even presenting a Disneyland
Passport, who is being defrauded?

Is the bank being defrauded? Not if Mickey is depositing money. What if the
bank is _lending_ money to Mickey? Then of course they might find that the
"Magic Kingdom" is not a real country, and that Mickey's "passport" was not
issued by one of the 192 godfearing countries in the United Nations. So
what? Then they deny the loan.

Where is the fraud? Is Anguilla in the business of determining what a True
Name is? (What is it, by the way?) I should remind readers that it is legal
to sell such passports in the U.S....somewhere I have one that says "This
document not good for travel in the People's Republics of Berkeley, Santa
Monica, and Madison," or somesuch.

Again, which specific law in Anguilla specifies which pieces of paper may
be bought and sold? Does the law say an actual crime or case of fraud has
to occur, or is only the potentiality of a crime or fraud involved? Does
the crime or fraud have to occur in Anguilla?

Inquiring minds want to know.

--Tim May



Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Sun Aug 11 02:40:26 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 11 Aug 1996 17:40:26 +0800
Subject: Rumors of death of Anguilla Data are greatly exagerated.
Message-ID: <ae32ba0103021004a3cd@[205.199.118.202]>


(I have respect for what Vince did, by actually moving to the Caribbean and
setting up a data haven/offshore ISP business. However, just as we discuss
the situation about remailers going down, or monitoring the cleartext, or
blocking certain addresses, so too should we discuss what Vince is choosing
to do. Maybe he is ultimately right, maybe not. I'm including this preface
just so no one thinks I'm trying to start a feud. No way.)


At 12:53 AM 8/11/96, Vincent Cate wrote:
>Taxbomber wrote:
>>This is the work of some journalist hacks who did a major job of
>>character assassination by claiming that we (and our provider)
>>were involved in selling fake passports.
>
>This is a fraud by taxbomber.  He is totally involved with selling fake
>passports.  He calls them "camouflage passports" and they have names like
>"British Honduras" of countries that no longer exist, or never did.  He
>does not think they are "fake", but the rest of the world does.  He also
>suggested opening up bank accounts with these fake passports (encouraging
>fraud).

"What is truth?" Many of the things customers of a data haven are likely to
be doing are "fraudulent" or "illegal" in some jurisdictions....I'm sure I
don't have to spend effort here citing examples from religious, medical,
and business domains.

(But I can't resist: vitamin data the U.S. calls fraudulent, political
information about Ireland the U.K. calls illegal, sex information the
government of Iran punishes with death, and so on.)

Selling fake passports seems not to be something Vince ought to even be
paying attention to. Granted, pressure from outside states may put pressure
on Vince, but this actually confirms my worst (OK, _nearly_ my worst)
suspicions about the viability of such data havens.

>My lawyer called me up and told me that fake passports are illegal in
>Anguilla and that I should pull this guy immediately.  I did. It is our
>policy to not permit anything on our servers that is illegal in Anguilla.
>My lawyer is where I get the definition of "illegal in Anguilla".

Instead of "pulling" this guy, did you first send a copy of your lawyer's
letter to you to this guy, and advise him that he should remove just this
one specific item, the allegedly illegal British Honduras passports?


>Tim:
>>I'd guess that Vince has had a fun time in the Carribbean, but that he'll
>>be closing up shop sometime soon. Once some services are yanked, confidence
>>is lost.
>
>I am not closing up at all.  Anything that is legal in Anguilla can be
>done from my servers.  If not, then not.  Note that there are no taxes
>here, and there are still many things a guy can do here that are not
>permitted in other places.  However, fake passports turns out not to be
>one of them.

Then I suggest you carefully provide a full copy of what you consider to be
illegal to all subscribers. Or give subscribers a time period to remove the
_specific_ items that are deemed to be illegal.

I have some questions, though. Would bomb-making instructions be legal or
illegal, acceptable or not acceptable on your system? How about "Kill the
Queen" screeds? And so on.

Sorry to put you on the spot, Vince, but a "data haven" is by its nature
going to have a lot of "unusual" material, to use a euphemism. Everything
from Bell's bids for having government officials offed, to plans for sale
on creating false identiites, to crypto anarchy manifestos advocating the
destruction of democracies.

If you "pull" the entire account of a business when the Governor-General,
or His Royal Excellency--or whomever it is that runs Anguilla--applies
pressure....well, you won't have much of a real data haven, now will you?

Could you actually give us an idea of what is considered legal to run in
Anguilla, and what is not? How about dial-a-porn sites? (I seem to recall
mention from you or a visitor that "Penthouse" is not permitted to be sold
in Anguilla, so....)

How about gambling? How about assassination markets? (Is it legal in
Anguila if no residents or citizens of Anguilla are included in the
"game"?)

And so on.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From pjn at nworks.com  Sun Aug 11 05:07:25 1996
From: pjn at nworks.com (pjn at nworks.com)
Date: Sun, 11 Aug 1996 20:07:25 +0800
Subject: Police prepare stunning e
Message-ID: <TCPSMTP.16.8.11.5.51.56.2645935021.661159@.nworks.com>


 In> IT COULD be the end of the car chase as we know it. With the
 In> automotive equivalent of a stun gun, science fiction is coming
 In> to the aid of law enforcement.  
 In> A high-powered electrical device under development at the
 In> Pentagon's Army Research Laboratory in Adelphi, Maryland, is
 In> to be tested by police and border patrol agents and could be
 In> in use by next year.  
 In> The car stopper works by focusing an intense electromagnetic
 In> charge on the electronic systems that manage most modern
 In> engines, disabling them and paralysing the car. In the jargon
 In> of its inventors, the 150 kilovolt charge is a nemp, or non-nuclear
 In> electromagnetic pulse. Contractors are bidding to produce a
 In> police version.  
 In> Very precisely directed beams are required, but even then
 In> there will be problems. A pulse powerful enough to disable an
 In> engine at any reasonable range would also be likely to disrupt
 In> communications, damage television and radio sets, disable computers
 In> and even stop heart pacemakers. There is also the danger of
 In> loss of control when a car is being driven at high speed. 

 In> Counter-measures would include using old-fashioned engines
 In> with no electronics, or perhaps surrounding the most delicate
 In> components with shielding. The best might be to get hold of
 In> one of the stun guns and use it to disable pursuing police vehicles.  

 Is there any dif between this and a HERF gun?


 P.J.
 pjn at nworks.com



... RAM DISK is NOT an installation procedure!

___ Blue Wave/QWK v2.20 [NR]







From mudge at l0pht.com  Sun Aug 11 05:31:06 1996
From: mudge at l0pht.com (What we're dealing with here is a blatant disrespect of the law!)
Date: Sun, 11 Aug 1996 20:31:06 +0800
Subject: F2 hash?
In-Reply-To: <v02130503ae313d72ccb8@[206.243.160.206]>
Message-ID: <Pine.BSD/.3.91.960811054832.7724C-100000@l0pht.com>





On Fri, 9 Aug 1996, Vin McLellan wrote:

>        As Cerridwyn Llewyellyn <ceridwyn at wolfenet.com> reported, Mudge --
> posed and celebrated on page 40-something of last month's WiRed -- told the
> DefCon audience that SDTI's lawyers were after him, threatening something
> dire, so he was not going to release his "white paper" on weaknesses in the
> ACE/SecurID system for several months.  Instead, he delivered a talk on
> s/key vulnerabilities.
> 
>         This was weird, because I *knew* Security Dynamics had neither
> consulted nor asked their lawyers to do anything about Mudge's speech on
> SecurID vulnerabilities.  It would have been a fool's ploy: silly and
> counterproductive.
> 
>         John and I took Mudge out for dinner right after that speech. He
> told us then that he had inadvertently misspoken when he blamed his
> temporary silence on SDTI's lawyers. The real problem, he said, was with
> bullying lawyers from two corporate clients he is now under contract to in
> his day job.
> 
>         (He didn't explain this further, but I understood that Mudge is
> working for two firms which have access to SDTI plans and trade secrets
> under non-disclosure agreements.  The firms were apparently worried about
> their liability -- given their promises to SDTI and Mudge's work in their
> employ.  Mudge may want to elaborate on this.  Or not.)
> 

Hrmmm. Let me set the record straight here. Lest people think I would 
violate nda agreements upon end of contracts. sigh.

First, I am not under any NDA agreement with STDTI. All of my research 
and work on the SecurID token cards was done independently from any of 
the companies I am currently contracting for (I noticed that there were 
several problems with the system and that's enough to set me off on 
something).

Second, while I did refrain from going into specifics on SecurID 
vulnerabilities at the talk - I did give one on some of the problems with 
OTP's in general. S/Key happened to be a good example to use in 
illustration as a large portion of the audience there was familiar with 
it. Many of the vulnerabilities mentioned there hold true to SecurID.

Third, and most important, the reason I refrained from giving the SecurID 
talk was that the two companies I am doing some security related contract 
work for both employ this technology in varying degrees. I have explained 
the problems that I have found to these companies and they are quite 
concerned. I believe it would be un-ethical to give out instructions on 
how to break through SecurID, thus leaving networks vulnerable that I am 
being paid to help secure before the problem has been addressed locally 
(I like being able to put food on the table). The information will be made 
public in the near future. SDTI has been made aware of these problems 
(some of which were presented to them almost a year ago).

I don't dislike SecurID. I am quite happy to have made Vin and John's 
acquaintance as they are both wonderfull people. I do feel that there are 
problems with SecurID that exist largely due to the card being sold into 
an environment that it was not designed for (a little thing called the 
internet).

I just wanted to set the record straight as I realised that the inital 
statements that Vin made could be mis-interpreted and potentially impact my 
image to future employers (though I know that this was not his intention).

cheers,

.mudge

PS I do not currently read / keep up with the cypherpunks list. So I 
probably will only see the bits of this thread that are forwarded to me.







From jya at pipeline.com  Sun Aug 11 07:15:26 1996
From: jya at pipeline.com (John Young)
Date: Sun, 11 Aug 1996 22:15:26 +0800
Subject: Police prepare stunning end for high-speed car chases
Message-ID: <199608111213.MAA26617@pipe5.t1.usa.pipeline.com>


On Aug 10, 1996 23:07:44, 'shamrock at netcom.com (Lucky Green)' wrote: 
 
 
>At 23:16 8/10/96, Anonymous wrote: 
>>Why don't they just have government access to car engines?  They could 
>>just require car manufacturers to include remote shutdown devices for 
>>the engines. 
> 
>But they will. Didn't you know that? 
 
 
Why don't we have people's access to government? We could require officials
to include remote shutdown devices when they renege on promises, line their
pockets, start wars to get re-elected, betray public trust by cruel neglect
of their sworn obligations while strutting and bombasting -- damn fools
interrupting my X-rated sleazy cheating schemes to fuck my neighbor's dog,
or ferret, or mudhole; god, I hate my momma's favorite fuck-up, poor little
me, please, world, help me get off Ritalin and wheat germ and my
lead-filled ass. Now, off to Sunday school to pray not to burn in hell. On
second think, fuck it, com 'ere pooch. 





From shabbir at vtw.org  Sun Aug 11 07:21:23 1996
From: shabbir at vtw.org (Voters Telecommunications Watch)
Date: Sun, 11 Aug 1996 22:21:23 +0800
Subject: INFO: Gather and talk to Republican luminaries live online from the convention!
Message-ID: <199608111220.IAA22009@panix3.panix.com>


----------------------------------------------------------------------------
	     REPUBLICAN CONVENTION!  LIVE!  CHECK IT OUT ONLINE!
		(DO NOT DISTRIBUTE AFTER AUGUST 20, 1996)

WHAT:   Live feed from the Republican Convention in San Diego over the net
	Eat, drink, shmooze with Republican luminaries through the Net.
WHERE:  @Cafe, #12 St. Mark's Place (212-979-5439)
WHEN:   8:30pm, Tuesday August 13, 1996

At 8:30pm EST on Tuesday, August 13, 1996, the Republican National Convention
will be broadcast live over the Internet!  The Several members of Congress
will be present and, technology and Murphy's Law permitting, they'll be
able to talk to you online through CUSeeMe.

Many of New York's Republicans will be gathering at the @Cafe (address
below), one of New York's many fine cybercafes, to eat, drink, shmooze,
and queue up for a chance to talk to notable Republican legislators
live from the Republican convention.

Montana Senator Conrad Burns, who has been a driving force within the
bi-partisan push to deregulate encryption, will be cyber-present, as will
Montana Governor Marc Racicot, widely regarded as a visionary.

The event is being coordinated in San Diego by Mike Rawson of Senator
Conrad Burns office.  Rawson, who has been instrumental in putting the
Senate hearings live online along with Jonah Seiger of the Center for
Democracy and Technology, will be bringing Senators, and other luminaries
to the event.

The Republican National Convention's live broadcast page is at:
http://www.convention96.rnc.org/live.htm
Simply point your Web browser there on Tuesday night to see the live
goings-on.

The @Cafe is where most people will probably gather, but there are many
fine Internet cafes in New York.  To find the one nearest you, go to
Clay Irving's NYC Guide at: http://www.panix.com/~clay/nyc/cybercafes.shtml

@cafe
        12 St. Marks Place.
        It's an Internet provider! No, it's a restaraunt! Whatever it is,
	it seems like a cool place! 

alt.coffee
        139 Avenue A - Tel: 212.529.CAFE
        coffee. computers. comfy chairs. 

Cyber Cafe
        273A Lafayette Street, New York, New York 10012 Tel: (212) 334-5140
        Fax: (212) 334-6436
        In the heart of SOHO New York, Cyber Cafe is a stylish interface
	between the latest internet technology and the best
        in fresh, organic food. 

Internet Cafe
       3rd Street (between 1st and 2nd) 

Kokobar
        espresso bar-cafi-bookstore features workstations for all-out Internet
        access. Located in Fort Greene. 

The VOID
       16 Mercer Street (at Howard, one block north of Canal) 


For more information on the live hookups from the Republican convention,
contact Mike Rawson at Senator Conrad Burns' office at 202-224-8250.
For more information on the gathering at the @Cafe in New York City, contact
Shabbir J. Safdar at 917-978-8430.

				###





From frissell at panix.com  Sun Aug 11 08:54:19 1996
From: frissell at panix.com (Duncan Frissell)
Date: Sun, 11 Aug 1996 23:54:19 +0800
Subject: Anguilla / taxbomber  - legality
Message-ID: <2.2.32.19960811134146.00a288a8@panix.com>


At 12:56 AM 8/11/96 -0400, Vincent Cate wrote:
>But fraud is illegal in Anguilla, and fake passports are concidered
>fraud.
>

I should have thought that fraud required use rather than manufacture.  It
is hard to defraud someone just by making something.  You have to
communicate with them in some way.  

The US has very broad fraud statutes and yet these passports are sold in the
US.  I've never heard of any action against them.  There is also a First
Amendment issue with the World Federalists and their "Citizen of the World"
passport.  

In any case, and ISP is not a publisher or vendor.

Sometimes people pay more attention to lawyers than they should.

DCF






From frissell at panix.com  Sun Aug 11 09:30:41 1996
From: frissell at panix.com (Duncan Frissell)
Date: Mon, 12 Aug 1996 00:30:41 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <2.2.32.19960811123331.011a8e08@panix.com>


At 08:15 AM 8/10/96 -0400, Scottauge at aol.com wrote:
>I was watched CBS reports a couple nights ago about how all these blue collar
>and now white collar jobs are going across seas.
>
>So a possible way to protect jobs is to protect the knowledge on how to do
>them.  
>In essence, knowledge is money, cuz that is what we usually want for it
>now-a-days.  "Oh you want me to do that for you, hmmmm, lets see...."

The first axiom of economics is "Wants are unlimited."  I'm glad that
they're "shipping all those jobs overseas."  The more people we have working
the more goodies are produced.  If the labor of US workers is freed up, then
they can go about producing something else valuable that they didn't have
time to produce before because those "third worlders" weren't doing their
fair share back when they were trapped in feudalism or fabian socialism.
You can't get more stuff (wealth) unless everyone is out there working to
capacity (consistent with their desired work/leisure tradeoff).

DCF






From perry at piermont.com  Sun Aug 11 10:37:40 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 12 Aug 1996 01:37:40 +0800
Subject: Rumors of death of Anguilla Data are greatly exagerated.
In-Reply-To: <ae32ba0103021004a3cd@[205.199.118.202]>
Message-ID: <199608111520.LAA12619@jekyll.piermont.com>



Timothy C. May writes:
> Selling fake passports seems not to be something Vince ought to even be
> paying attention to. Granted, pressure from outside states may put pressure
> on Vince, but this actually confirms my worst (OK, _nearly_ my worst)
> suspicions about the viability of such data havens.

Vince has the right to run his business any way he likes.

In some jurisdictions, "Fake" passports are legal. In some, they are
illegal. Vince feels that in his jurisdiction they are illegal. He has
every right to decide who to allow to run off of his web servers --
even to be arbitrary about it.

Vince has made it very clear that he is NOT a data haven. Anguilla is
a TAX HAVEN. That is, if you are selling copies of some software over
the net or what have you, and you run the business out of Anguilla,
you are not liable for any Anguillian taxes because there are none.

Anguilla is *not* a data haven, drug haven, or any other sort of
haven. I would have thought that Vince made this clear.

Perry





From charlee at netnet.net  Sun Aug 11 12:03:40 1996
From: charlee at netnet.net (kickboxer)
Date: Mon, 12 Aug 1996 03:03:40 +0800
Subject: Email Bombing
Message-ID: <199608111631.LAA13681@netnet1.netnet.net>


        Yeah, but if the REAL email bomber were such an accomplished hacker,
he did not alter the scripts well enough to make the SysAdmin overlook them...

-kickboxer
                                                                               






From vince at offshore.com.ai  Sun Aug 11 12:31:51 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Mon, 12 Aug 1996 03:31:51 +0800
Subject: Rumors of death of Anguilla Data are greatly exagerated.
In-Reply-To: <v02120d02ae332cab9cff@[192.0.2.1]>
Message-ID: <Pine.LNX.3.91.960811133518.3067A-100000@offshore>



Tim:
>(I have respect for what Vince did, by actually moving to the Caribbean and
>setting up a data haven/offshore ISP business. 

Thanks.

>However, just as we discuss
>the situation about remailers going down, or monitoring the cleartext, or
>blocking certain addresses, so too should we discuss what Vince is choosing
>to do. Maybe he is ultimately right, maybe not. I'm including this preface
>just so no one thinks I'm trying to start a feud. No way.)

Sure.  There are things to figure out, lessons to learn, ...

>>This is a fraud by taxbomber.  He is totally involved with selling fake
>>passports.  He calls them "camouflage passports" and they have names like
>
>"What is truth?" Many of the things customers of a data haven are likely to
>be doing are "fraudulent" or "illegal" in some jurisdictions....I'm sure I
>don't have to spend effort here citing examples from religious, medical,
>and business domains.

The fraud I meant was his saying that he is not selling fake passports in
his "fee sorry for me I got cut off" post.  He was selling fake passports. 

>Selling fake passports seems not to be something Vince ought to even be
>paying attention to. Granted, pressure from outside states may put pressure
>on Vince, but this actually confirms my worst (OK, _nearly_ my worst)
>suspicions about the viability of such data havens.

Remember regulatory arbitrage.  The more jurisdictions on the Intenet,
the better for users.  That some things are not permitted in Anguilla
does not mean it is not a viable jurisdiction for some other things.
For example, tax free corporations, IPOs over the Internet, gambling
(Anguilla should have bingo on the Internet by the end of next month).

Vince
>My lawyer called me up and told me that fake passports are illegal in
>Anguilla and that I should pull this guy immediately.  I did. It is our
>policy to not permit anything on our servers that is illegal in Anguilla.
>My lawyer is where I get the definition of "illegal in Anguilla".

Tim:
>Instead of "pulling" this guy, did you first send a copy of your lawyer's
>letter to you to this guy, and advise him that he should remove just this
>one specific item, the allegedly illegal British Honduras passports?

After my lawyer called I disabled the web access.  I believe this is a big
part of his business, and it really just makes more sense for him to use
another provider than to remove it.

>Tim:
>Then I suggest you carefully provide a full copy of what you consider to be
>illegal to all subscribers.

Will do.  More than just leggality, what I consider acceptable.
This will show up as  http://online.offshore.com.ai/rules.html

>I have some questions, though. Would bomb-making instructions be legal or
>illegal, acceptable or not acceptable on your system? How about "Kill the
>Queen" screeds? And so on.

Not acceptable.  This is not the market I am after.  I don't see the
profit in it.  

>If you "pull" the entire account of a business when the Governor-General,
>or His Royal Excellency--or whomever it is that runs Anguilla--applies
>pressure....well, you won't have much of a real data haven, now will you?

I may not have your idea of a data haven.  But there are things, 
like no-taxes, where Anugilla has stood up to the US pressure for years.

>>He also suggested opening up bank accounts with these fake passports 
>> (encouraging fraud).
>
>On this last point, how is this "encouraging fraud"?

If the laws of a country say it is fraud to open a bank account with 
a fake passport, then encouraging someone to do so is encouraging
fraud.  Check with your lawyer and see if you can open up a bank
account with a fake passport.  If I were making the laws I would
permit numbered accounts etc, so there was no interest in fake passports
for bank accounts.

>Then they deny the loan.

One use of fake ID is to open up loans or credit cards under fake names, 
get some money, and then toss the fake ID and never pay, and never be found.
You would agree that is fraud?

Tim:
>I should remind readers that it is legal
>to sell such passports in the U.S....somewhere I have one that says "This
>document not good for travel in the People's Republics of Berkeley, Santa
>Monica, and Madison," or somesuch.

Regulatory arbitrage is a fun thing.  If you want to do something that
is not OK in Anguilla, but is in the US, then you should do it in the US.

    --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/






From tcmay at got.net  Sun Aug 11 13:47:54 1996
From: tcmay at got.net (Timothy C. May)
Date: Mon, 12 Aug 1996 04:47:54 +0800
Subject: Rumors of death of Anguilla Data are greatly exagerated.
Message-ID: <ae337a8400021004b45e@[205.199.118.202]>


At 3:20 PM 8/11/96, Perry E. Metzger wrote:
>Timothy C. May writes:
>> Selling fake passports seems not to be something Vince ought to even be
>> paying attention to. Granted, pressure from outside states may put pressure
>> on Vince, but this actually confirms my worst (OK, _nearly_ my worst)
>> suspicions about the viability of such data havens.
>
>Vince has the right to run his business any way he likes.

Of course. I never said otherwise, so this is a straw man argument.

Ditto for remailers, ISPs, bookstores, blah blah blah. But this does not
mean people should say nothing about what they learn the practices to be.

>In some jurisdictions, "Fake" passports are legal. In some, they are
>illegal. Vince feels that in his jurisdiction they are illegal. He has
>every right to decide who to allow to run off of his web servers --
>even to be arbitrary about it.

Of course. I never said otherwise.

Those of us who have commented are not challenging his legal right to do
so, only remarking that if he cancels accounts without stronger legal
evidence, or without making it clear what is acceptable and what is not, he
risks losing reptuation capital.

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From blane at aa.net  Sun Aug 11 13:50:18 1996
From: blane at aa.net (Brian C. Lane)
Date: Mon, 12 Aug 1996 04:50:18 +0800
Subject: Police prepare stunning end for high-speed car chases
In-Reply-To: <2.2.32.19960810235220.00a455fc@panix.com>
Message-ID: <Pine.LNX.3.94.960811114822.19459A-100000@big.aa.net>


On Sat, 10 Aug 1996, Duncan Frissell wrote:

> Time to fire up the '57 Chevy.
> 
> >         A high-powered electrical device under development at the
> Pentagon's Army Research

  Actually people have done this before, using amplified radar guns to fry
the electronics in newer cars. That's why I've always favored pre  '70s
vehicles. You can work on em, and they can't be shot from under you with
new hi-tech weapons.

  I wonder what will happen in the insurance industry when cops start
using these devices to stop car thieves. They'll recover the car but it
will require a whole new brain (and who knows what else). I'm suprised
that the Clinton administraion hasn't called for a car-escrow system
whereby duly authorized law enforcement officials (with the permission of
a Judge od course) can send a signal to your car's computer to make it
shut off (or slow down or whatever).

   Brian

------- <blane at aa.net> -------------------- <http://www.aa.net/~blane> -------
  Embedded Systems Programmer, EET Student, Interactive Fiction author (RSN!)
==============  11 99 3D DB 63 4D 0B 22  15 DC 5A 12 71 DE EE 36  ============






From geeman at best.com  Sun Aug 11 14:03:13 1996
From: geeman at best.com (I=(!isnum(self)))
Date: Mon, 12 Aug 1996 05:03:13 +0800
Subject: US Power Outages
Message-ID: <320E3840.5C65@best.com>


I wonder if someone's probing power-system vulnerabilities and defense 
strategies.

Just coincidental that there's been all this noise about power grid 
vulnerability and two vast regional outages this summer?

We spent an enjoyable evening around the oil lamps ... maybe it's not 
such a bad thing, this vulnerability......

<blink>


   ... POOF!





From wombat at mcfeely.bsfs.org  Sun Aug 11 14:14:24 1996
From: wombat at mcfeely.bsfs.org (Rabid Wombat)
Date: Mon, 12 Aug 1996 05:14:24 +0800
Subject: Massively parallel carbon-unit-based voice pattern matching
In-Reply-To: <199608092330.QAA26402@mail.pacifier.com>
Message-ID: <Pine.BSF.3.91.960811185455.24521B-100000@mcfeely.bsfs.org>


> 
> In other words, could somebody fake a bomb threat using a recording which 
> has been processed to sound "exactly" like some famous person whose voice 
> you can analyze?  
> 

In theory, yes; with digitized sound, anything is "possible."

However, in practice, it isn't all that different from altering digitized 
photos. In theory, a "perfect" false image could be produced, but in 
practice, subtle errors are detectable. Once you've detected that 
alteration has occurred, the information is suspect, and the 
perpetrator has added clues as to his/her identity.

-r.w.






From vince at offshore.com.ai  Sun Aug 11 14:14:31 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Mon, 12 Aug 1996 05:14:31 +0800
Subject: Rumors of death of Anguilla Data are greatly exagerated.
In-Reply-To: <Pine.LNX.3.91.960811142731.3169A-100000@offshore>
Message-ID: <Pine.LNX.3.91.960811145436.3170B-100000@offshore>



Perry E. Metzger <perry at piermont.com>
> Vince has the right to run his business any way he likes.

This is a very good libertarian point.  

> Vince has made it very clear that he is NOT a data haven. Anguilla is
> a TAX HAVEN. That is, if you are selling copies of some software over
> the net or what have you, and you run the business out of Anguilla,
> you are not liable for any Anguillian taxes because there are none.
> 
> Anguilla is *not* a data haven, drug haven, or any other sort of
> haven. I would have thought that Vince made this clear.

And Anguilla is first and foremost a taxhaven.  But it tries hard to be a
very clean taxhaven (does not want drug money etc).  I think that "clean"
corporations operating here tax free is a potentially huge market. 

Anguilla and OIS are not the data haven of cypherpunks wet dreams. Neither
Anguilla nor I want "hit men for hire" advertising here. Sorry Tim.  And I
think the loss in clean business would outweigh any money from such by a
long shot. 

The concept of a datahaven is still evolving.  There are things that we
can and will do from Anguilla.  So while Anguilla may not really far along
the cypherpunk datahaven scale at this point, I would not go so far as to
say it is not a datahaven. 

One simple example is that OIS was given a project Gutenberg CD-ROM and
may sell online copies of old books.  Some countries are extending
copyrights back further into the past.  Anguilla is not.  So we could sell
books that have expired copyrights in Anguilla but not expired in USA etc. 
Think regulatory arbitrage.  

Taxhavens are a huge and well understood market.  Datahavens are still
new. Not counting gambling, they may only be $0/year rounded to the
nearest million. 

   --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/





From frissell at panix.com  Sun Aug 11 15:04:39 1996
From: frissell at panix.com (Duncan Frissell)
Date: Mon, 12 Aug 1996 06:04:39 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <2.2.32.19960811195935.00993f9c@panix.com>


At 11:28 PM 8/9/96 -0500, David E. Smith wrote:

>In Missouri, that's all they wanted (a PO Box).  That's
>perfectly copacetic by them.  If you want to register for
>voting - since we have Motor Voter - they of course need
>a real address.  And the post office's requirements for
>getting a PO Box are nearly nonexistent.

Using a Mail Receiving Service (MRS) address will usually work.  Many
bureau-rats have yet to compile or use a list of Mail Receiving Services.
There *are* commercial firms that do compile such lists but they have to be
used to be any good.

In those rare cases where they turn you down for a registration or drivers
license because they happen to notice that you are using a MRS, you can find
a real person to accept your mail for you.  I solved the problem once by
advertizing on Usenet newsgroups for an address and cut a deal.  Another
possibility is to use the "homeless defense."  I'm homeless, this is the
only address I have.  Auto insurance companies are more likely to give you
trouble than government if you use an accommodation address since they have
actual money to lose.  There are still 10 or so states that do not require
auto insurance so by forum shopping, one can dodge this problem and save
money at the same time. 

Most states are not so fussy, and one can usually just use MRS addresses.
Litigation to force you to list a "real" address is exceedingly rare (it's
not worth the government's time).  This is particularly so since it is
trivial to switch cities, counties, states, and countries (if in the US use
Canada) for official address purposes.  You control your address.  Move into
a hotel/motel that rents by the week, list the address, and then leave.  

Even in the Nazi strongholds of Mitteleuropa with their address registration
laws, one can crash with friends or sublet apartments and avoid the process.
Holiday cottages let a month at a time is another technique.  Plenty of
Germans are living unregistered lives even today.

Residence=Domicile

Domicile requires "actual physical presence plus intent to make it your
home."  *Your* actions establish intent not any actions by the government.

DCF

"Last year, the Government of the United States collected more taxes from
the American people than any unit of government has ever collected before in
the history of mankind -- and still it's not enough."






From jya at pipeline.com  Sun Aug 11 16:08:47 1996
From: jya at pipeline.com (John Young)
Date: Mon, 12 Aug 1996 07:08:47 +0800
Subject: FCC_ups
Message-ID: <199608112108.VAA23815@pipe1.ny3.usa.pipeline.com>


   8-10-96. WaPo: 
 
   "Phone Service Via the Internet May Slash Rates." 
 
      Labs of Advanced Technology has developed a way for 
      people to make long-distance calls over the Internet 
      using only their telephones, at about half the price of 
      ordinary toll calls. Customers would merely call a 
      central number, then dial their long-distance numbers. 
      The call is carried on the Internet, then put back onto 
      the local phone system at its destination. The company 
      plans to charge 5 to 8 cents per minute for all domestic 
      U.S. calls, which represents a 50 to 75 percent discount 
      off most domestic long-distance rates. International 
      rates would depend on arrangements made with foreign 
      phone companies. "Twenty years from now, and probably 
      sooner, I don't see the giants of the telecommunications 
      industry existing anymore," said the company's 
      president. The giants hoot, "FCC, PACs, whack him." 
 
   "PCs and the Postal Service Challenge the Mailroom Reign of 
   Pitney Bowes" 
 
      New technology has made it possible for IBM, Bell 
      Atlantic and National Semiconductor to start prowling 
      around postage meters, which account for $20 billion a 
      year in postage. With a telephone line to the post 
      office and some fancy computer software, a "stamp" could 
      spin out of the printer at the same time the envelope is 
      being addressed. Computer-generated envelopes will not 
      only have addresses and stamps, but also a bar code that 
      can quickly be read by a computer to hasten delivery. 
      Distinctive stamps called indicia carry a specially 
      encrypted numerical code that Pitney Bowes believes the 
      Postal Service should adopt to prevent counterfeiting. 
 
   ----- 
 
   http://jya.com/fccups.txt  (22 kb) via: www.anonymizer.com 
 
   FCC_ups 
 
 
 
 
 
 





From bart.croughs at tip.nl  Sun Aug 11 16:43:38 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Mon, 12 Aug 1996 07:43:38 +0800
Subject: National Socio-Economic Security Need for Encryption  Technology
Message-ID: <01BB87DE.CFF8D020@groningen15.pop.tip.nl>


Duncan Frissell wrote:

The first axiom of economics is "Wants are unlimited."  I'm glad that
they're "shipping all those jobs overseas."  The more people we have working
the more goodies are produced.  If the labor of US workers is freed up, then
they can go about producing something else valuable that they didn't have
time to produce before because those "third worlders" weren't doing their
fair share back when they were trapped in feudalism or fabian socialism.
You can't get more stuff (wealth) unless everyone is out there working to
capacity (consistent with their desired work/leisure tradeoff).

I agree that 'shipping all those jobs overseas' will not cause the US workers to lose jobs. There is other work they can do.
	 But there is another axiom of economics which the nationalist/socialist can use for his case against the free movement of capital. This axiom states that the wages of workers depend on the amount of capital invested. The more capital invested, the higher the wages are. If American companies are moving capital to Third World countries because of the low wages in these countries, then the workers in the Third World will of course be better off. But in the US, the amount of capital will be lowered. So the American workers will be able to get other jobs, but these jobs will pay less, because of the diminished amount of capital in the US.
	Of course there are advantages also for the US (shareholders will get higher returns, trade will increase), but how can you proof that these advantages will offset the disadvantage of the lowered amount of capital in the US? 
	Anyone?

Bart Croughs
	
	













From farber at central.cis.upenn.edu  Sun Aug 11 17:05:16 1996
From: farber at central.cis.upenn.edu (Dave Farber)
Date: Mon, 12 Aug 1996 08:05:16 +0800
Subject: US Power Outages
Message-ID: <2.2.32.19960811221550.006da548@linc.cis.upenn.edu>


As someone who was married in NYC during the 65 blackout *happened at 1716
-- the blackout , the wedding at 1705, I have watched with interest the
attempt to explain that blackout and how to prevent such. We have not
progressed very far. The avalanche behavior of power systems is still not
well understood and techniques to prevent such failures are not obvious.
Same can be said of telephone and computer networks at different levels.

Dave






From rah at shipwright.com  Sun Aug 11 17:36:57 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Mon, 12 Aug 1996 08:36:57 +0800
Subject: e$: I Never Meta-Certification...
Message-ID: <v03007804ae33faa983c9@[206.119.69.46]>


-----BEGIN PGP SIGNED MESSAGE-----BY SAFEMAIL 1.0-----

e$: I Never Meta-Certification...

Verisign, NRC-CRISIS, Crypto vs. Encryption, "Half-Way" Measures,
Meta-Certification, Reputation Rental, FLAs, Groucho Marx, and a Proto-Call
for IFCA Founders.

August 11th, 1996

About a month ago, after the July DCSB meeting, I had a drink with Jon
Matonis, who's in charge of Financial Products for Verisign. We talked about
a lot of stuff, but, since he was buying, :-), we talked a lot about
certification authorities (CAs), specifically, financial certification
authorities. Verisign financial certification authorities, to be completely
precise.


I have to admit up front that until then, I didn't follow the CA world all
that much. I've been a Web-of-Trust guy, and I still think the world will go
to more geodesic trust models sooner or later. The only "certificates" I
care much about are the "digital bearer" kind. In a financial sense, I see
certificate authorities as a way to extend book-entry accounting to the
internet, and I'm more interested in edgier stuff: what I claim will be the
re-emergence of cash-settled bearer certificates in the financial markets,
this time in digital form, on public networks. CAs and link-level encryption
are just a way, as someone from MIT said to me at MacWorld this week, to
move the old private networks out onto the net, which, to my mind, are the
same thing to digital commerce that derigibles were to aviation. Yes, they
look like ships, which we know all about, and they *can* fly, but...

Anyway, it's clear we're moving from a world of insecure transactions on
private secure networks to one of secure transactions on insecure public
networks. CAs, SSL, and the whole enterprise of encrypting links between
accounting databases seem to be halfway measures to me. They're a way to
create, like our friend from MIT says, a temporary private secure network,
so you can send properly authorized, but still unsecure, book-entry down it.
For that "proper authorization", you need the biometric identity a CA
provides, so you can hunt down and jail miscreants who change the wrong book
entry. I've even made biometric-identity CA jokes about "X.BlaBla" and
"Numbers of the Beast", and all that.


Which reminds me of something Steve Kent said at the NRC CRISIS report
roadshow this week. He likes to make the distinction between cryptography
and encryption. That is, governments tolerate cryptographic signatures
because they can still read your mail, while they don't tolerate encryption,
because, well, they can't read your mail.

Frankly, I see that as a false dichotomy, and I think most crypto people do,
too, but, since the major selling point for cryptography to business is that
need to keep their book-entries clean, this gives governments a lot of
breathing room.  As long as most other businesses (call criminal enterprise
a business for the time being) can't read the encrypted link, businesses are
happy, and will accept watered-down *cryptography*, not just encryption. The
problem, of course, is that *governments* will have the ability to read
those messages, and even forge those signatures, and businesses aren't to
the point where they're sensitive about this.

Given the ubiquity of the invasiveness of modern industrial government in
the affairs of business, not only with respect to regulation, but also with
the ability to audit for taxes and other reasons, it may take a while for
business to wake up to their own need for privacy through strong
cryptography. But they will. Governments are made of people, of course, and
when it's possible to create enormous financial advantage for yourself by
reading financial transaction data, some of those people will do so, and,
given the ubiquity of networks, they'll be able to get away with it. When
you outlaw crypto, only outlaws have crypto, and all that. However, the
*business* knows they've been robbed, and, since government employees are
the only ones with the power to break the link and forge signatures, either
through computational horesepower or key escrow, who are going to be the,
heh, usual suspects? A bad place for a nation-state to be in, it seems to
me. Cleptocracy may work in *some* places, but in general they're bad for
business.

Finally, there's a red herring in all of this, and that's the so-called
exemptions for "financial activity" from much proposed cryptography
controls. So, how do you know what's financial activity and what isn't if a
message is encrypted? This doesn't even take into account the fact that, if
bearer certificate technology takes off, from micropayments like Micromint
and Millicent, through ecash and on to digital bearer certificates for
foriegn exchange (a $3 trillion daily business), the sheer volume of
encryption on the net, of the strongest possible form, is going to explode.

Don't get me wrong, I like the CRISIS report, because they are, to use a
beloved scatalogical expression, inside the tent and er, pointing, out. But,
to beat a few more metaphors like dead horses :-), the CRISIS report is
trying to "decompress" government into a world where they can't really
wiretap anymore. To do that, they want to start the bar at, say, 56-bit DES
and 1048-bit RSA, and move it up as technology, er, improves. In this, they
remind me more of someone trying to shovel uphill against an avalanche. If
you can't sign a mortgage with a signature long enough to withstand 30 years
of Moore's law, or encrypt something you don't want others to read for that
long, then why do it at all?  A little bit of encryption is like being a
little bit pregnant --. OK, OK, I'll give the metaphors a break now... :-).


So, we're back in the hotel bar, and Jon was buying, and I'm listening.
(Besides, Jon's an original e$pam subscriber, and he's *still* one, so I had
*better* listen.) He has a point when he says that most of the stuff I'm
interested in is out *there* somewhere, and the way you make money is here
and *now*, where the "halfway measures" live. Jon says that as far as he's
is concerned, of all the different kinds of businesses you can use
certification authorities for, banks and financial institutions the low
hanging fruit, and he and his bunch are out there shaking the trees for all
they're worth. Go, Jon, go.

So, why *doesn't* Verisign rule the world of financial CAs already? After
all, they have the patents, "modulo" the debate on the legal strength and
longevity thereof. From the standpoint of mobilized resources, they're
literally the only game in town, and, even if they aren't, with a tip of the
black cryptographer's hat to Redmond, a lack of uniqueness hasn't kept other
first movers from software hegemony before, anyway.

Well, first of all, let's assume the market's already there for book-entry
transactions on the internet (like credit and debit cards, and counter-cash
like Mondex). Yeah, I know, "assume a frictionless surface". But, everyone
else around here does, so we'll fiat the issue for the time being. Last
Sunday's "Shoe" cartoon, about the wizard spending $300 in webware upgrades
while ostensibly learning to get rich doing web commerce, to the contrary.

Second, we can assume that banks need certification, for all the reasons I
outlined above: In order to move book-entries around the net, you need
*functionally* encrypted links (for the time being, what technology and
governments let us have) and the digital authority to change those
book-entries. Operationally, they may not need strict biometric identity
just to map a signature to an account full of money, but we'll deal with
that some other time.

Now, let's look at what I presume is Verisign's business strategy for
financial markets. They're trying to build a superheirarchy of all those
bank heirarchies, so that those banks can clear trades with each other, on
the net, without using a proprietary network to do it. This is, of course
admirable, if not necessary, if banks want to do internet commerce
efficiently with their customers. It will be necessary when electronic
checks come on line, say, next year, because even though ACH is out there on
the other side of those internet-ACH gateways, there might come a time where
banks will want to clear checks against each other directly. Having a CA's
CA, CA^2, if you will, will make that possible.

To make this happen, Verisign doesn't want you to be you unless Verisign
says you're you, to paraphrase the old underwear comercial, and that, I
believe, is the problem. Verisign is not paying attention to what it really
is: a software vendor. It is not a financial intermediary, which is what
this CA's CA would be, by definition.

A financial intermediary, especially one on the net, is in effect "renting"
its reputation to a trade until it clears. It is saying, first and foremost,
that the trade will be safe, effectively risk-free, or at least
risk-calculable, to both parties of the trade. What it does to control that
risk is almost immaterial as long as it works, but, in this case, it is to
use RSA as the technical means of identifying the parties of the trade, with
a link to a "biometric" identity of either party. If you can call it
"biometric" for a financial institution.  The financial institution then, of
course vouches for the contents of the particular account being offset, the
book-entries swap, and the trade is over.

Like flying an airliner, of course, this is the easy part. If the trade is
broken, what does Verisign do? Of course, it can refuse to do trades with
the offending party. It can even call the law. The former is much more
powerful, however, and, frankly, it's the only enforcement mechanism which
we'll be able to use someday anyway. Physical force costs a lot to use, even
if you can buy it wholesale, at the government rate.

Fortunately, this kind of "club", as Eric Hughes calls it, is the
predominant way of renting reputation in the financial community. Think of
NYSE, or NASD, or CBOT, or NIDS, or SIAC, or any other FLA. ;-). (Yes,
there's DTC, and CUSIP, and Other-Letter-Acronyms too.) They're pretty easy
to set up. Verisign itself is *not* how to do it, however. They would to
*sell* to this reputation-rental entity.

Every one of the above entities is an association
(not-necessarily-non-profit), or, more usually, a member-owned corporation.
So, with that in mind, internet financial institutions like banks could
create an association or member-owned corporation, which would "rent"
reputation and function as a financial intermediary between members.
Obviously we shouldn't restrict membership in this organization to just
depositories like banks, because non-depositories will be significantly
involved in internet commerce. See Phil Webre's CBO study on electronic
retail payments for more on that.

Here is one way that could be done. A bunch of banks -- and non-depository
financial intermediaries, like digital cash underwriters / trustees, payment
gateway companies, (someday maybe Millicent brokers and MicroMint issuers)
- -- could get together, purchase shares for startup money, and form a
certification authority for themselves. Revenue could come from processing
and membership fees. They could then contract with Verisign to build their
system. Of course, they could contract with someone else, too, but I expect
that Verisign is in the best position to do this at the moment. In addition,
Verisign would probably be the technology of choice for the subordinate
certification heirarchies those financial intermediaries use with their
customers. Pretty lucrative, but it is also tempered by whatever patent
lifetimes Verisign has hanging over its head.

Here's what that gets us. We get the ability for any member to clear any
trade of any agreed-upon financial instrument (subject to legal
restrictions, of course) with any other member, no matter where they are in
the world, using the internet as the transport mechanism. Very powerful
stuff indeed. In fact, this *organization* can be located anywhere, which
gets really interesting, but we'll save that for some other discussion.

Notice that I'm not saying that this would be a monopoly. Just like several
countries have multiple stock and commodity exchanges, there will probably
be multiple financial certification associations like this one. In fact,
that's the core of a good prima facie name. The Internet Financial
Certification Association. Nice ring to it. Four-Letter Acronym, too.

I also expect that these kinds of "heirarchies" will probably devolve into a
geodesic, too, but they'll probably survive the change, because there'll
always be a market for, er, inter-mediary intermediation. I feel vaguely
like Frege, or Russell, or Goedel here. Maybe (Groucho) Marx?


So. Like most internet enterprise ideas, all it takes is a mailgroup, and,
later, a meeting (I can think of this *nice* time and place in Anguilla
;-)), to set this up. Obviously, the membership/shareholders of the proposed
IFCA should be companies, and the management of this enterprise should come
from the membership, or at least hired by them. Any individuals (like
myself, for instance) who participate at this stage are just kibbitzers
along for the ride, unless they're planning to be an internet financial
institution, of course. :-).

As a sort of test of the idea, I've gone and set up yet another mail-group
on thumper (<mailto://majordomo at thumper.vmeng.com>, with " subscribe ifca "
in the body of the message) to discuss it. We'll move it someplace else
later, if necessary. If there's enough interest from the right people,
expect a call for founders sometime soon. If there isn't, it'll sink
without a trace, as
it should.

So, if you, or anyone you know, is part of a financial institution involved,
or wishing to get involved, in financial transactions on the internet, pass
this rant along to them. Well, maybe not the *whole* rant, it might scare
them. :-). But enough necessary to give them the idea, anyway. I expect that
the places I put this rant will probably be enough to get critical mass for
the mailgroup, at least, and we'll take it from there.

Cheers,
Bob Hettinga










-----BEGIN PGP SIGNATURE-----BY SAFEMAIL 1.0-----
Version: 2.6.i

iQCVAwUBMg5FQvgyLN8bw6ZVAQF2GQP/fPHzQmgLy2ZOO8qTQIZoBgyiOUxXxkDA
hoWJOc0BO5IoeK+JETLTiH5BNxbVqnWQiCO0N13RWXEDFyaBHAmRoujG1hgzs2e0
zYIS37jab3nPH7bkznswQJXOgOYBu9qRtZqrP5VonWXQxz2Zw5izFqdOIiOgoANv
0xMO8UayXEY=
=MTk+
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From drosoff at ARC.unm.EDU  Sun Aug 11 18:22:08 1996
From: drosoff at ARC.unm.EDU (David Rosoff)
Date: Mon, 12 Aug 1996 09:22:08 +0800
Subject: photographed license plates
Message-ID: <1.5.4.16.19960811231209.3c677258@arc.unm.edu>


-----BEGIN PGP SIGNED MESSAGE-----

At 08.23 AM 8/9/96 -0700, i am not a number! wrote:

>>How?  Their license plates have been photographed.
>>... and the cheery "news" anchorwoman sweetly moved on to the next
>>story.....

[...]

>O, and I think they're talking more about putting up cameras at some 
>troubling intersections to take pictures of cars running red-lights.
>
>And cameras on transit vehicles (buses primarily).
>
>Gee, I am starting to feel so warm and safe!

Typical prole. Doesn't know what's good for him.

===============================================================================
David Rosoff (nihongo ga sukoshi dekiru)  --------------->  drosoff at arc.unm.edu
PGP public key 0xD37692F9 -----> finger drosoff at acoma.arc.unm.edu or keyservers
0xD37692F9  Key fingerprint =  25 7D AA 01 85 41 43 89  50 5A 33 76 F1 F1 99 67
Do you know who's reading your email? ---> http://www.arc.unm.edu/~drosoff/pgp/
Is it a forgery? --- I have PGP signed all email and news posts since May 1996.
===============================================================================
"Your Honor, I have been following this person's movements for quite some time,
and I can prove that he is in possession of secret government underwear."

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMg5oqxguzHDTdpL5AQGdOAQAmAjdOJzLTavjv2wsMwiJKKYc2vI2t9pk
CK4lzP163lEwIbvaQsDg9sLm4CmV+6JYV4+YbeLcSLLW5xNoCHV+Eh8XkDFC+fpP
XF4wjYdQyux+WF/vYeNBcnKdtMb+VKD/+P9nkSmYexuRiGMmsMDHvX2znHKWOIa0
ko8Vul1tkuQ=
=o/Ge
-----END PGP SIGNATURE-----






From perry at piermont.com  Sun Aug 11 18:28:51 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 12 Aug 1996 09:28:51 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB87DE.CFF8D020@groningen15.pop.tip.nl>
Message-ID: <199608112336.TAA13447@jekyll.piermont.com>



Bart Croughs writes:
> 	 But there is another axiom of economics which the
> nationalist/socialist can use for his case against the free movement of
> capital. This axiom states that the wages of workers depend on the
> amount of capital invested. The more capital invested, the higher the
> wages are.

This must be some new axiom of economics that I had not heard of.

>  If American companies are moving capital to Third World
> countries because of the low wages in these countries, then the workers
> in the Third World will of course be better off. But in the US, the
> amount of capital will be lowered.

????

> So the American workers will be able to get other jobs, but these
> jobs will pay less, because of the diminished amount of capital in
> the US.

This is truly one of the oddest economic theses I've seen in years.

It seems like an odd offshoot of mercantilism at the very best...

Perry





From stewarts at ix.netcom.com  Sun Aug 11 18:51:42 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Mon, 12 Aug 1996 09:51:42 +0800
Subject: Oregon License Plate Site in the News Tonight!
Message-ID: <199608112354.QAA21856@toad.com>


>This brings up an interesting point.  Is it poosible to obtain the list of
>all the individuals/corporations that have purchaced the list of DMV
>information and post *THAT* information to the net.  I think that people
>would be surprised just who uses that information and for what...

Many states have open records laws, and Oregon seems like the type
that would.  You might try asking your Legislator's (or their staff) first 
before going to the DMV, since Legislators are more likely to say
"Yes, we're helpful and friendly and like interacting with the public",
while DMV bureaucrats say things like "No" and "Go stand in line, peon".


#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From perry at piermont.com  Sun Aug 11 19:06:35 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 12 Aug 1996 10:06:35 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <199608112336.TAA13447@jekyll.piermont.com>
Message-ID: <199608120002.UAA13510@jekyll.piermont.com>



I realized that I'd simply dismissed Bart without explaining why his
contention is so silly.

"Perry E. Metzger" writes:
> Bart Croughs writes:
> > 	 But there is another axiom of economics which the
> > nationalist/socialist can use for his case against the free movement of
> > capital. This axiom states that the wages of workers depend on the
> > amount of capital invested. The more capital invested, the higher the
> > wages are.
> 
> This must be some new axiom of economics that I had not heard of.

I failed to note obvious counterexamples. Well known authors get giant
advances for books written with manual typewriters. Minimum wage
workers routinely operate expensive equipment. Workers doing the same
job in different places using identical equipment that cost identical
sums earn different salaries.

Clearly, wages are defined by supply and demand -- not by "capital
investment".

Perry





From bugs at netcom.com  Sun Aug 11 20:54:14 1996
From: bugs at netcom.com (Mark Hittinger)
Date: Mon, 12 Aug 1996 11:54:14 +0800
Subject: US Power Outages
Message-ID: <199608120133.SAA26983@netcom17.netcom.com>


>
> I wonder if someone's probing power-system vulnerabilities and defense 
> strategies.
> 
> Just coincidental that there's been all this noise about power grid 
> vulnerability and two vast regional outages this summer?
> 

The week before twa800 Clinton signed that executive order creating the
"infrastructure protection task force".  Now we are having massiv power
outages "caused by trees".  Sounds like they are trying to make swamp
gas fly again.

Later
Mark Hittinger
Netcom/Dallas
bugs at netcom.com





From ses at tipper.oit.unc.edu  Sun Aug 11 20:57:25 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Mon, 12 Aug 1996 11:57:25 +0800
Subject: FCC _ ups
In-Reply-To: <199608112108.VAA23815@pipe1.ny3.usa.pipeline.com>
Message-ID: <Pine.SUN.3.91.960811212557.14911D-100000@tipper.oit.unc.edu>


On Sun, 11 Aug 1996, John Young wrote:
>       Distinctive stamps called indicia carry a specially 

Man I was excited till I read that line more carefully :-)

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From bg809 at scn.org  Sun Aug 11 21:25:47 1996
From: bg809 at scn.org (Jeffery Foy)
Date: Mon, 12 Aug 1996 12:25:47 +0800
Subject: DMV/Public record data on CDROM
In-Reply-To: <199608100338.XAA11082@escape.com>
Message-ID: <njmDyoQ0mkvD091yn@scn.org>


>There are several state's DMV data (or other public record data such as
>Voter Registration) available on CD-ROM, with DOS search engines.
>
>I have the demos for some of these programs on
>
>    http://www.escape.com/~pstira/pi
>
>Oregon is not the only place you can obtain this type of information.

The question turns out not to be "can this be done". It seems to be more 
like - now that it is done, can you have your information removed if you 
wish?

-- 
  Jeffery Foy via bg809 at scn.org -  PGP Public Key available by Request
     Verbosity is the refuge of those with nothing original to say
   Key Fingerprint: C6 6E BE 09 FA 9B 30 53  FA 4B FE F3 F0 28 56 96





From sandfort at crl.com  Sun Aug 11 21:58:38 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Mon, 12 Aug 1996 12:58:38 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB87DE.CFF8D020@groningen15.pop.tip.nl>
Message-ID: <Pine.SUN.3.91.960811184629.22848D-100000@crl8.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Sun, 11 Aug 1996, Bart Croughs wrote:

> If American companies are moving capital to Third World
> countries because of the low wages in these countries, then the
> workers in the Third World will of course be better off. But in
> the US, the amount of capital will be lowered. So the American
> workers will be able to get other jobs, but these jobs will pay
> less, because of the diminished amount of capital in the US.

The fallacy in this argument is the assumption that because some
American capital moves overseas, there will be less capital 
available in the US for investment/wages.  It doesn't contemplate
infusion of foreign capital investments in American industries 
that have a competitive advantage over their foreign competition.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From tcmay at got.net  Sun Aug 11 22:24:53 1996
From: tcmay at got.net (Timothy C. May)
Date: Mon, 12 Aug 1996 13:24:53 +0800
Subject: National Socio-Economic Security Need for Encryption  Technology
Message-ID: <ae33e6f0010210042d89@[205.199.118.202]>


At 10:31 PM 8/11/96, Bart  Croughs wrote:

>         But there is another axiom of economics which the
>nationalist/socialist can use for his case against the free movement of
>capital. This axiom states that the wages of workers depend on the amount
>of capital invested. The more capital invested, the higher the wages are.
>If American

I agree strongly. In my Econ 101 class, lo those many years ago, I was
constantly reminded to "Remember the Croughs Axiom!"

It is why MacDonald's workers, who work at a company which has invested
truly vast sums of money in the capital of its outlets, pays its workers so
much more than do the legal firms, advertising firms, etc., which have
invested almost nothing in the capital of their facilities.

This is why so many lawyers choose to move into hamburger flipping. In
fact, the lawyer who won the "hot coffee" lawsuit is now a Milkshake
Trainee at the East Outback, Wisconsin MacDonalds.

"Would you like fries with that?"

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From shamrock at netcom.com  Sun Aug 11 22:53:37 1996
From: shamrock at netcom.com (Lucky Green)
Date: Mon, 12 Aug 1996 13:53:37 +0800
Subject: US Power Outages
Message-ID: <v02120d06ae344a4cc94e@[192.0.2.1]>


At 18:15 8/11/96, Dave Farber wrote:
>The avalanche behavior of power systems is still not
>well understood and techniques to prevent such failures are not obvious.
>Same can be said of telephone and computer networks at different levels.

Does somebody here have a pointer to literature on this topic? A system in
which small localized disturbances can amplify, propagate through the
system, leading to catastrophic failure is the worst of all possible
designs. I fail to understand why a system as important as the power grid
would display this type of behavior. Why is the grid negatively dampened?

TIA,


-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From wombat at mcfeely.bsfs.org  Sun Aug 11 23:01:39 1996
From: wombat at mcfeely.bsfs.org (Rabid Wombat)
Date: Mon, 12 Aug 1996 14:01:39 +0800
Subject: (Off Topic) Re: FCC_ups
In-Reply-To: <199608112108.VAA23815@pipe1.ny3.usa.pipeline.com>
Message-ID: <Pine.BSF.3.91.960812015431.25054A-100000@mcfeely.bsfs.org>



(no crypto here, so delete it already)  :)

Yeah, right.

The tier one ISPs are refusing to peer with anyone that does not have at
least a T3 backbone cross-country, as they don't want to have to carry
other's bits long haul at no charge.. This is to keep "small ISP" from
opening locations all over the country, and connecting to "the Internet"
(bigger providors with cross-country capacity) without paying for the
long-haul capacity. 

Just because this scheme is economical on a small scale (probably only
looking at the costs of the two "ends", and considering the long haul to 
be "free") doesn't mean that it will work on a large scale. Large ISPs 
pay the same costs for infrastructure as telephone companies - or more.

POTS takes 64 Kb/s for one call, or 24 calls per T1. Analog from the CO to
your house, digital in between COs.  Packetizing the voice transmission to
carry it in IP increases the required bandwidth, unless compression is
used. Compression is getting better, but even state-of-the-art systems at
16 Kb/s sound like a bad connection on a car phone, IMHO. Go lower, and
you sound like Mickey Mouse - or Mickey on a car phone. ;)  I'd rather 
pay the dime lady $.10 per minute for a good connection than pay somebody 
else $.05-.08 for compressed audio.

On top of all that, most sound cards in PCs (today) are only capable of 
half-duplex audio. If you don't know why that matters, go play with your 
walkie-talkie a bit.

"The Internet" isn't "free", and as more delay-sensitive applications 
(voice, video) are added, ISPs will only become MORE aware of the demands 
their client's activities place on their capacity. I'd rather not see 
usage tarrifed on a volume basis, but this sort of approach to doing 
business on the 'net only makes such charges more likely.

Twenty years from now, you'll still have a few players dominating the top 
level - the infrastructure needed to support communications is expensive 
to create, maintain, and manage. The economies of scale in this industry 
will drive others out of the top tier. There will still be plenty of 
niche providors that focus on the vertical markets, and lease their 
bandwidth from the big players - same as today. As for whether the 
players will be the same as today, that depends. If the railroads had 
realized that they were in the transportation business, instead of the 
train business, they'd be flying airplanes today.

Anyone that wants to carry a large volume of traffic via the 'net will
find that either the market will dictate that they pay for the bandwidth
they use, or the FCC will. I don't see the FCC getting involved, unless
the "phone service via internet" providor tries to use the courts to get
out of paying for the bandwidth they use. They'll be restricted by the 
size of the "pipe" they purchase from their ISP, and the ISPs all charge 
more for access from larger "pipes." If they lease their own 
cross-country circuits, they'll pay the same (or higher) costs as the Telcos.

The large telephone companies are moving away from circuit switched 
networks, and towards packet switched networks - have been for years. 
It's called ATM, and it's not in wide use yet. There are advantages to 
building large scale communication systems this way, but "free bandwidth" 
is not one of them.

- Ranting Wombat

On Sun, 11 Aug 1996, John Young wrote:

>    8-10-96. WaPo: 
>  
>    "Phone Service Via the Internet May Slash Rates." 
>  
>       Labs of Advanced Technology has developed a way for 
>       people to make long-distance calls over the Internet 
>       using only their telephones, at about half the price of 

SNIP
>       phone companies. "Twenty years from now, and probably 
>       sooner, I don't see the giants of the telecommunications 
>       industry existing anymore," said the company's 
>       president. The giants hoot, "FCC, PACs, whack him." 
SNIP





From EALLENSMITH at ocelot.Rutgers.EDU  Sun Aug 11 23:03:52 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Mon, 12 Aug 1996 14:03:52 +0800
Subject: Edited Edupage, 11 Aug 1996
Message-ID: <01I85ZST2Z8O9JD53S@mbcl.rutgers.edu>


>From:	IN%"educom at educom.unc.edu" 11-AUG-1996 20:55:02.08
>To:	IN%"edupage at elanor.oit.unc.edu"  "EDUCOM Edupage Mailing List"
>Subj:	Edupage, 11 August 1996

>*****************************************************************
>Edupage, 11 August 1996.  Edupage, a summary of news about information
>technology, is provided three times a week as a service by Educom,
>a Washington, D.C.-based consortium of leading colleges and universities
>seeking to transform education through the use of information technology.
>*****************************************************************

>U.K. INTERNET PROVIDERS PLAN TO RESTRICT CYBERPORN
>Reacting to pressure from Scotland Yard, the Internet Service Providers
>Association, representing 60 of an estimated 140 providers in the United
>Kingdom, will be asking its members to voluntarily block access to sites
>and services featuring hard-core pornography.  An executive of Demon
>Internet, which has the largest subscriber base in the U.K., dismisses the
>proposed action as ineffective:  "This is not a solution, it is just hiding
>the problem."  (Financial Times 10 Aug 96)

	I suspect that the largest subscriber base is about to get larger...

>PRIVACY VS. FREEDOM-OF-INFORMATION ON THE WEB
>A computer consultant in Oregon paid the state $222 for its complete motor
>vehicles data base, which he then posted to a Web site, prompting charges
>of privacy violations from people who complained that he had invaded their
>privacy.  The database allows anyone with an Oregon license plate number to
>look up the vehicle owner's name, address, birthdate, driver's license
>number, and title information.  The consultant's motive in posting the
>information, which anyone can obtain for a fee by going to a state office,
>was to improve public safety by allowing identification of reckless
>drivers.  Oregon Governor John Kitzhaver says that instant access to motor
>vehicle records over the Internet is different from information access
>obtained by physically going to state offices and making a formal request
>for information:  ``I am concerned that this ease of access to people's
>addresses could be abused and present a threat to an individual's safety.''
>(Associated Press 8 Aug 96)

	At least they mentioned that it was publically available... but I don't
see any difference between net.availability and physical.availability.
	-Allen

>Edupage is written by John Gehl <gehl at educom.edu> & Suzanne Douglas
><douglas at educom.edu>.  Voice:  404-371-1853, Fax: 404-371-8057.

>Technical support is provided by Information Technology Services at the
>University of North Carolina at Chapel Hill.

>***************************************************************
>Edupage ... is what you've just finished reading.  To subscribe to Edupage:
>send mail to: listproc at educom.unc.edu with the message:  subscribe edupage
>Ray Croc (if your name is Ray Croc;  otherwise, substitute your own name).
>....  To cancel, send a message to: listproc at educom.unc.edu with the
>message: unsubscribe edupage.   (If you have subscription problems, send
>mail to manager at educom.unc.edu.)





From shamrock at netcom.com  Sun Aug 11 23:24:07 1996
From: shamrock at netcom.com (Lucky Green)
Date: Mon, 12 Aug 1996 14:24:07 +0800
Subject: [off-topic] Black powder source/ I love Explosives stickers
Message-ID: <v02120d0cae3454371dc9@[192.0.2.1]>


By popular request, here is the address for the place that sells the "I
(picture of a heart) Explosives" bumper stickers as well as black powder in
20 pound economy packs. Black powder will be shipped via UPS. Coonie's is a
federally licensed explosives dealer, offering a wide variety of commercial
high explosives. However, such explosives will only be sold to
appropriately licensed individuals. They are very nice people, please don't
ask them stupid questions.

Coonie's Explosives & Black Powder
512 E. Lea
Hobbs, N.M. 88240
Voice: (505) 393-0166
Fax:   (505) 393-6060





-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From shamrock at netcom.com  Sun Aug 11 23:45:06 1996
From: shamrock at netcom.com (Lucky Green)
Date: Mon, 12 Aug 1996 14:45:06 +0800
Subject: FCC_ups
Message-ID: <v02120d0fae34593549d3@[192.0.2.1]>


At 14:08 8/11/96, John Young wrote:
>   8-10-96. WaPo:
>
>   "Phone Service Via the Internet May Slash Rates."
>
>      Labs of Advanced Technology has developed a way for
>      people to make long-distance calls over the Internet
>      using only their telephones, at about half the price of
>      ordinary toll calls. Customers would merely call a
>      central number, then dial their long-distance numbers.
>      The call is carried on the Internet, then put back onto
>      the local phone system at its destination. The company
>      plans to charge 5 to 8 cents per minute for all domestic
>      U.S. calls, which represents a 50 to 75 percent discount
>      off most domestic long-distance rates.

I am glad to see some movement in this area. I designed a similar system
for a previous employer of mine. But the real choke point is the local
loop. As of this day, the local telos still have a de facto monopoly in the
local markets. The new competitors (the same old Phone Company) that we
will see in the near future seem to show no desire to deliver the really
interesting services that are now possible. They long distance carriers
about to enter the local markets plan to offer the same old stuff at a
(perhaps) somewhat lower price.

The company I used to work for has technology capable of delivering a 10
Mb/s Ethernet plus 100 ISDN B channels to your home, using the very same
wires already in your wall. Keep this in mind next time you hear what great
new services the local telcos are about to offer. Then demand better.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From tcmay at got.net  Sun Aug 11 23:53:43 1996
From: tcmay at got.net (Timothy C. May)
Date: Mon, 12 Aug 1996 14:53:43 +0800
Subject: India, Productivity, and Tropical Climes
Message-ID: <ae33ea6002021004fc46@[205.199.118.202]>



It's human nature, and the nature of information theory (at least our
version), to focus on points of disagreement. "I agree" messages are
frowned upon (but so, it seems to me, would "I disgree" messages....but
most who disagree choose to comment on specific points, while most who
agree seem to agree on the overall theme.

In any case, I agree with Arun's points, and I am pleased--in a
transnationalist sense--that an Indian makes these points.


At 4:17 AM 8/11/96, Arun Mehta wrote:
>At 02:05 10/08/96 -0700, Timothy C. May wrote:

>>Where do I begin? First, what does "taking jobs away from us" mean? That we
>>own these jobs? And who is "us"?
>
>Well said. While I didn't see the CBS program , I bet the
>scaremongerers did not point out that programmers don't just
>produce software, they are major consumers as well. The growth of
>the software industry in other countries therefore means business
>for US industry, which produces most of the compilers and other
>utilities that programmers everywhere use. This clearly helps
>programmers in the US.

As others have noted, _all_ productive output helps _all_. That is,
productivity around the world is a "common good." As Milton Friedman points
out, what should our response be if the Koreans want to sell us
supertankers at $1 each? Buy as many as we can.

(Though this sounds absurd, my old company's ability to crank out
multimillion transistor chips running at 200 MHz must seem similar to many
countries. What should Germany's or India's response to 200 MHz Pentia
selling for $200 be? Buy all they can and integrate them into systems.)

>In earlier generations of computing, monopolistic organizations
>such as IBM and DEC charged huge sums for information. One of the
>reasons that IBM was thrown out of India in the mid seventies was
>their practice of shipping only outdated computers from the US to
>India. Indian programmers were at a disadvantage, and clearly

This I tend to disagree with. I recall that India had some laws in the
1970s which required companies to dislose trade secrets to them. As a
result, IBM chose not to stay in India. I recall that Coca-Cola also
refused to turn over the formula for Coke, but this may've been urban
legend. The IBM case is pretty well-documented. IBM would've sold the
latest and greatest technology to India if: a) it was profitable to them,
b) if India could've paid for a 370/90 or whatever in 1975, c) if COCOM
regulations would have allowed such a sale (doubtful, given the Ghandi
dynasty's cozying up to the Sovs in the 70s.

I don't think shipment of "old technology" to India was at all on IBM's
list of concerns, certainly not back then.


>Further, as economists such as Paul Krugman point out, developing
>countries lack the means for sustained growth ("Which Asian
>Model?", Newsweek, November 20, 1995). Those economies that have
>shown dramatic growth, such as the East Asian, have relied
>essentially on low-cost inputs, rather than on their efficient
>utilization. Professor Alwyn Young of Boston has in fact come to
>the surprising conclusion that Singapore's total factor
>productivity (which measures such efficiency) is so poor as to be
>comparable to that of the Soviet Union. He points out that "at
>just the time that everybody was ranting about how magnificent
>Japan was, it ceased to catch up."

A good friend of mine was stationed in Japan for Intel for 9 years. He
confirms that the Japanese are really struggling. (I have a lot of
independent evidence for this, but will not go into it here.)

The Japanese bought a theory that industrial policy was best-determined by
MITI, their central-planning organization. They gambled on RAMs and on a
vague dream of "Fifth Generation" systems, but they missed workstations,
PCs, and the Web. (And a bunch of other things that American companies have
dominated in.)

(responding to comments from someone else)

>I'd argue the opposite: I see no reason why companies such as
>Netscape have to put up with such draconian US laws as ITAR: why
>don't they simply develop their software overseas? If they made a
>highly publicised move, that might do wonders to change the
>opinions of US Congresspersons voting on ITAR-related legislation.

This is not so much of a mystery. The vagueness of the ITARs and the powers
of the American State are such that Netscape, for example, would probably
be in violation of the ITARs if it subcontracted-out the security features
of Navigator to a non-U.S. company. Think "hooks." Think "exporting
knowledge."

I agree that Netscape would galvanize the debate by announcing, say, that
furhter development of Navigator would take place in Ireland or Slovenia or
India. But I doubt it would accomplish much....the U.S would be on the horn
immediately to their lap dogs in Ireland, Slovenia, and Ireland, warning
them of the consequences, and would likely find multiple ways to pressure
Jim Clarke and Netscape.

(Any of the three Weinstein brothers are welcome to explain why Netscape
would not yield to such pressures. But if any of them comment, ask them why
Netscape has not elected to solve this problem--which according to reports
is costing them sales--by doing precisely this. Are they stupic, or what?)

>My prediction is that with the blessings of the Internet, the
>next generation of multiracial programmers, even those that were
>born in the USA, will be more likely to be found on the beaches
>of tropical islands than in the fog of San Francisco. When you
>can work in the shade of a palm tree, even if you should earn
>less, it's worth it :-)

As attractive as this sounds, historically this has not happened. And as
many will tell you, the climate of the Bay Area in particular and
California in general is extremely benign and delightful. The average
winter temperature is only about 10C cooler than summer temperatures.
Evenings are not balmy, but neither are they oppressively hot.

Interestingly, and not really related to CP themes, the fact is that is
that most technological developments have come out of cooler climes. Not a
lot of stuff from tropical and island climes. Maybe they realize life is
too good eating roast pig at the beach luau, maybe they are too lethargic
from the heat, maybe tropical diseases and mosquitos have taken their toll,
maybe....

I know an awful lot of folks who could easily affort to move to almost
anywhere in the world, and yet they stay in California. (I also know folks
moving to even cooler climes, in the U.S., especially less-crowded areas.)

--Tim May



Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From shamrock at netcom.com  Mon Aug 12 00:32:13 1996
From: shamrock at netcom.com (Lucky Green)
Date: Mon, 12 Aug 1996 15:32:13 +0800
Subject: e$: I Never Meta-Certification...
Message-ID: <v02120d07ae344c123415@[192.0.2.1]>


At 18:30 8/11/96, Robert Hettinga wrote:

>Anyway, it's clear we're moving from a world of insecure transactions on
>private secure networks to one of secure transactions on insecure public
>networks. CAs, SSL, and the whole enterprise of encrypting links between
>accounting databases seem to be halfway measures to me. They're a way to
>create, like our friend from MIT says, a temporary private secure network,
>so you can send properly authorized, but still unsecure, book-entry down it.
>For that "proper authorization", you need the biometric identity a CA
>provides, so you can hunt down and jail miscreants who change the wrong book
>entry. I've even made biometric-identity CA jokes about "X.BlaBla" and
>"Numbers of the Beast", and all that.

Beware of biometrics. They can give a false sense of security. Case in
point: the other day, I picked up my girlfriend at an international airport
that uses hand shape scanners to control access to restricted areas. I had
her put her hand into the scanner, entered a random four digit code -- and
the scanner displayed "Access granted"... We quickly walked away.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From cdaemon at goblin.punk.net  Mon Aug 12 00:39:49 1996
From: cdaemon at goblin.punk.net (The Checkered Daemon)
Date: Mon, 12 Aug 1996 15:39:49 +0800
Subject: National Socio-Economic Security Need for Encryption  Technology
In-Reply-To: <ae33e6f0010210042d89@[205.199.118.202]>
Message-ID: <199608120414.VAA05766@goblin.punk.net>


Timothy May writes (with tongue firmly in cheek):
> 
> At 10:31 PM 8/11/96, Bart  Croughs wrote:
> 
> >         But there is another axiom of economics which the
> >nationalist/socialist can use for his case against the free movement of
> >capital. This axiom states that the wages of workers depend on the amount
> >of capital invested. The more capital invested, the higher the wages are.
> >If American
> 
> I agree strongly. In my Econ 101 class, lo those many years ago, I was
> constantly reminded to "Remember the Croughs Axiom!"
> 
> It is why MacDonald's workers, who work at a company which has invested
> truly vast sums of money in the capital of its outlets, pays its workers so
> much more than do the legal firms, advertising firms, etc., which have
> invested almost nothing in the capital of their facilities.
> 
> This is why so many lawyers choose to move into hamburger flipping. In
> fact, the lawyer who won the "hot coffee" lawsuit is now a Milkshake
> Trainee at the East Outback, Wisconsin MacDonalds.
> 
> "Would you like fries with that?"

Of course, it might work in the Macro realm:

Large amounts of capital are suddenly invested in the previously underfunded
Internet.  Sudden demand for scarce TCP/IP specialists sends salaries
soaring, causing Federal Reserve to tighten credit in fear of inflation };->

Worked for me ...

-- 
The Checkered Daemon			       	  cdaemon at goblin.punk.net

Delirium:  There must be a word for it ... the thing that lets you know that
	   TIME is happening.  IS there a word?
Sandman:   CHANGE.
Delirium:  Oh.  I was AFRAID of that.






From proff at suburbia.net  Mon Aug 12 00:55:51 1996
From: proff at suburbia.net (Julian Assange)
Date: Mon, 12 Aug 1996 15:55:51 +0800
Subject: Read; NOW
In-Reply-To: <2.2.32.19960812022931.006d7320@mail.geocities.com>
Message-ID: <199608120432.OAA01745@suburbia.net>


> 
>         Hi I'm Unix Code and have a few things to ask...(it may not go with
> Cryptography but go ahead and read)

Sad.





From unix_code at geocities.com  Mon Aug 12 00:56:40 1996
From: unix_code at geocities.com (Unix_Code)
Date: Mon, 12 Aug 1996 15:56:40 +0800
Subject: Read; NOW
Message-ID: <2.2.32.19960812022931.006d7320@mail.geocities.com>


        Hi I'm Unix Code and have a few things to ask...(it may not go with
Cryptography but go ahead and read)

------------==------------------==-----------------==-------------------==------

[Bill Gates]
What is wrong with him? I don't see any thing bad about him, instead I see
the guy who helped the best computer system of all become the most used
around the world. PC's. If he weren't here then probobly we'd be using Macs
Instead, OR  that we may be using a PC, But it's Super Expensive. I don't
understand.. why people are so mad at him. Now... I may get tons of letters
saying that you're wrong, and that he sux. But think about it. (I may also
want to add..that the
most known drink in at least [hacking] is jolt Cola
(http://www.joltcola.com), and ya know what.... he drinks it too.


[AOL and others]
**NOTE: When I mention AOL..I mean all of the online services.
I know I know... this is probobly going to be the most stupidest thing in
the world...but I'm going to say it. Alot of people hate AOL because of the
money you have to pay.. or people hate Prodidgy, CompuServe, etc. But lets
put money aside.. (even though it's a big issue.) AOL is actually [with out
the money] a great service. It has a 3.0 web browser which supports frames.
It has great Libraries of software. Great Chat Rooms. Great Hackers. Great
People. And it is a great atmusphere. and great [places.] Its money that's
the problem.



[Hackers]
Either you are a hacker, general user, or cryptography person, or a curious
user who wants to know alot of stuff from the advanced minds reading this
mailinglist. so lets put it straight. A hacker is a person who can get arund
the software. I am a hacker. I rate classes of hackers from A to F.

A - Person who can get around the software, knows how to use it
destructively, has hacked more than 10 times, has no care for family, and
has a bad temper, never gets out of the house, and drinks jolt cola more
than 5 times a day.

B - Person who can get around the software, knows how to use it destructively,
has hacked more than 5 times, has a bad temper, rarely gets out, and drinks
jolt cola more than 5 times a day.

C - Person who can get around the software, knows how to use it destructively,
has hacked more than 3 times, has a bad temper, gets out twice a week,
drinks jolt cola more than 3 times a day, and has a family.

D - Person who can get around the software, knows how to use it destructively,
has hacked 1 time, has a farely bad temper, gets out for work, drinks jolt
cola more than 5 times a day, has an income, has a family.

E - Person who can get around the software, Person who can get around the
software, knows how to use it destructively, has hacked never hacked, has a
controled temper, gets out for work and family, drinks jolt cola more than 3
times a day, has an income,and has a family.

F - Person who can get around the software, has a controled temper, gets out
for work and family, drinks jolt cola , has an income, and has a family.

Z - Person who can get around the software, knows how to use it
destructively, has hacked never hacked anything big, has a bad temper, gets
out for family, drinks jolt cola more than 3 times a day, has no income, has
a family, goes to school, stays on the computer forever.

I am a Class Z Hacker. MayBe alot of people won't thinka hacker is Kevin
Mitnick, but instead... Bill Gates.


------------==------------------==-----------------==-------------------==------

Thanks,
----UC   
3-D by UC (Sux.. but I don't care!)

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^  
^$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$^
^$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$^
^UUUUUUUUUUUU$$$$UUUUUUUUUUUU$$$$$$$$$$$$$$$$$CCCCCCCCCC$$$$$$$$$$$$^ 
^$UUUUUUUUU$$$$$$$UUUUUUUU$$$$$$$$$$$$$$$$$$$CCCCCCCCCCCC$$$$$$$$$$$^ 
^$UUUUUUUUU$$$$$$$UUUUUUUU$$$$$$$$$$$$$$$$$$CCCCCC$$$$$CCCC$$$$$$$$$^   vi@
^$UUUUUUUUU$$$$$$$UUUUUUUU$$$$$$$$$$$$$$$$$$CCCCCC$$$$$$$$$$$$$$$$$$^  Em at il
^$UUUUUUUU$$$$$$$$UUUUUUU $$$$$$$$$$$$$$$$$$CCCCCC$$$$$$$$$$$$$$$$$$^
^$UUUUUUU$$$$$$$$UUUUUUU$$$  http://
$$$$$$$CCCCCC$$$$$$$$CCCCCCC$$^unix_code@   
^$UUUUU$$$$$$$$$UUUUUU$$ www.geocities.com   $CCCCCCCCCCCCCCCCC$$$$$^geocities
^$UUUUUU$$$$$$$$UUUUU$    /CapitolHill/2381/ $$$$cccccccccccccc$$$$$^.com
^$$$UUUUUU$$$$$$$UUUUU                        $$$$$$cccccccccc$$$$$$^   
^$$$UUUUUUUUUUUUUUUU$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$^
^$$$$UUUUUUUUUUUUU$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$^
^$$$$$UUUUUUUUUUU$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$^
^$$$$$$$UUUUUUU$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$^
^$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$^
^$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^






From rich at c2.org  Mon Aug 12 01:08:14 1996
From: rich at c2.org (Rich Graves)
Date: Mon, 12 Aug 1996 16:08:14 +0800
Subject: DMV/Public record data on CDROM
In-Reply-To: <njmDyoQ0mkvD091yn@scn.org>
Message-ID: <Pine.GUL.3.95.960811214938.21843D-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Sun, 11 Aug 1996, Jeffery Foy wrote:

> >There are several state's DMV data (or other public record data such as
> >Voter Registration) available on CD-ROM, with DOS search engines.
> >
> >I have the demos for some of these programs on
> >
> >    http://www.escape.com/~pstira/pi
> >
> >Oregon is not the only place you can obtain this type of information.
> 
> The question turns out not to be "can this be done". It seems to be more 
> like - now that it is done, can you have your information removed if you 
> wish?

Of course not. Don't be silly.

My question is, "Yes, this can be done, but would YOU do it?" But I guess
ethics aren't high on the list of cypherpunk topics. 

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMg64MJNcNyVVy0jxAQE3pQH/WPBXoXR93sdt6+QjB2tQgoE2nt3b/K5h
bSjYNDoZ9Q6p5FyWUOzq+bxNqpVGHw1qoJgtYvr8LqakNEQN1adnwg==
=U/3T
-----END PGP SIGNATURE-----






From zachb at netcom.com  Mon Aug 12 01:19:25 1996
From: zachb at netcom.com (Z.B.)
Date: Mon, 12 Aug 1996 16:19:25 +0800
Subject: US Power Outages
In-Reply-To: <v02120d06ae344a4cc94e@[192.0.2.1]>
Message-ID: <Pine.3.89.9608112235.A16390-0100000@netcom3>


>From what I read, this wasn't a "small localized disturbance".  
Apparently, a fire underneath one of the main towers on the CA-OR border 
was the cause of the problem.  Now that may not sound like too much, but 
the lines were carrying at least 3000Mw of electricity, enough "to power 
3-1/2 Seattles for a day" (quote from local newspaper).  My guess is that 
when there is a problem involving that much power with no place to go, 
the safety systems shut everything down to prevent damage.

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127


On Sun, 11 Aug 1996, Lucky Green wrote:

> At 18:15 8/11/96, Dave Farber wrote:
> >The avalanche behavior of power systems is still not
> >well understood and techniques to prevent such failures are not obvious.
> >Same can be said of telephone and computer networks at different levels.
> 
> Does somebody here have a pointer to literature on this topic? A system in
> which small localized disturbances can amplify, propagate through the
> system, leading to catastrophic failure is the worst of all possible
> designs. I fail to understand why a system as important as the power grid
> would display this type of behavior. Why is the grid negatively dampened?
> 





From dlv at bwalk.dm.com  Mon Aug 12 01:41:40 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 12 Aug 1996 16:41:40 +0800
Subject: cybergangs?
In-Reply-To: <199608100514.AAA32117@manifold.algebra.com>
Message-ID: <kR7isD77w165w@bwalk.dm.com>


ichudov at algebra.com (Igor Chudov @ home) writes:

> Eric Wilson wrote:
> > > How come this hasn't happened yet? Okay maybe not at such a grand scale,
> > > but ya know?
> > A kind of Cybermilitia! Can we still wear green uniforms and camouflage fac
> > paint?
>
> Go to news.* groups. You will see all kinds of people there.

Death to the Usenet Cabal! All power to the GruborBots!

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From dlv at bwalk.dm.com  Mon Aug 12 01:45:49 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 12 Aug 1996 16:45:49 +0800
Subject: Chemistry question please ..
In-Reply-To: <199608101736.KAA02222@mail.pacifier.com>
Message-ID: <NB8isD81w165w@bwalk.dm.com>


jim bell <jimbell at pacifier.com> writes:
> At 08:53 AM 8/10/96 -0700, anonymous-remailer at shell.portal.com wrote:
> >Is there such a chemical compound as putracine ( maybe not correctly spelled
> ) which emulates the extreme odor of rotting corpses ?
>
> Yes.  The proper spelling is putrescine.  There's also another one called
> "cadaverine."  And yet another called "skatole."   ("scatology")
>
> >If so where can I find out how to make it ?
>
> Not on cypherpunks.  If you want to know more, communicate with me directly.
>  Use a penet-like remailer if you want...

If someone were to start a chempunks mailing list, I'd subscribe.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From dlv at bwalk.dm.com  Mon Aug 12 01:48:28 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 12 Aug 1996 16:48:28 +0800
Subject: John Gilmore on the Radio!
In-Reply-To: <Pine.GUL.3.95.960809165855.15077A-100000@Networking.Stanford.EDU>
Message-ID: <ge7isD74w165w@bwalk.dm.com>


Rich Graves <rich at c2.org> writes:

> On Fri, 9 Aug 1996, P. J. Ponder wrote:
>
> > Gilmore was referred to by Dvorak as the head of the cypherpunks a few
> > times.
>
> Did he mention any other body parts?

Like tentacles?

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From stewarts at ix.netcom.com  Mon Aug 12 02:02:05 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Mon, 12 Aug 1996 17:02:05 +0800
Subject: US Power Outages
Message-ID: <199608120525.WAA25154@toad.com>


At 06:15 PM 8/11/96 -0400, Dave Farber wrote:
>attempt to explain that blackout and how to prevent such. We have not
>progressed very far. The avalanche behavior of power systems is still not
>well understood and techniques to prevent such failures are not obvious.

It surprises me how little these systems appear to be monitored.
It took some hours for them to decide that the brush fire on the
California border didn't cause the system to shut down;
you'd think they'd know quickly that the subsystem shut itself down
or disconnected from the grid or whatever because of reason #17...

One of my concerns about the situation is that it's only a week
or two after Clinton's speech about how The Government needs to protect the
National Information Infrastructure for us.  I'm not paranoid enough
to think that they did it, but I'm sure that within a week we'll
see Al Gore or somebody making an NII Protection Agency speech
and Louis Freeh explaining that we need enhanced wiretap underwriting
to make sure that encryption-wielding hackers don't do it again.

>As someone who was married in NYC during the 65 blackout *happened at 1716
A former boss of mine was on his honeymoon cruise in the Caribbean
and pulled into scenic Havana harbor the day of the Revolution....

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From jamesd at echeque.com  Mon Aug 12 02:11:44 1996
From: jamesd at echeque.com (James A. Donald)
Date: Mon, 12 Aug 1996 17:11:44 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <199608120538.WAA29670@dns2.noc.best.net>


At 08:02 PM 8/11/96 -0400, Perry E. Metzger wrote:
> Clearly, wages are defined by supply and demand -- not by "capital
> investment".

However more capital, relative to labor, influences demand, and more
labor, relative to capital, influences supply.

But in practice, the mobility of capital and the importance of labor
is such that this has little effect.  How much capital do you need
to provide a job for a software engineer?  The major determinant of 
someones value on the international market is who has coercive power 
over him, not the national supply of capital. Capital does not
come from nations, but from individuals.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From tcmay at got.net  Mon Aug 12 02:15:49 1996
From: tcmay at got.net (Timothy C. May)
Date: Mon, 12 Aug 1996 17:15:49 +0800
Subject: Unmetered Net Usage
Message-ID: <ae33ffaf03021004fdeb@[205.199.118.202]>


At 6:34 AM 8/12/96, Rabid Wombat wrote:
>(no crypto here, so delete it already)  :)

A good rant, in the best sense of the word.

>players will be the same as today, that depends. If the railroads had
>realized that they were in the transportation business, instead of the
>train business, they'd be flying airplanes today.

I've heard this example used for years, and I'm skeptical. The methods and
experts needed by early aviation companies were completely different from
the methods and experts the railroad companies had; I'm not convinced that
deciding one is in the "transportation business" is the key.

>Anyone that wants to carry a large volume of traffic via the 'net will
>find that either the market will dictate that they pay for the bandwidth
>they use, or the FCC will. I don't see the FCC getting involved, unless
>the "phone service via internet" providor tries to use the courts to get
>out of paying for the bandwidth they use. They'll be restricted by the
>size of the "pipe" they purchase from their ISP, and the ISPs all charge
>more for access from larger "pipes." If they lease their own
>cross-country circuits, they'll pay the same (or higher) costs as the Telcos.

I see zero chance a local ISP will attempt to use the courts to "get out
of" a charge he has incurred. For one thing, his supplier can simply say
"you don't pay, you get cut off," and be supported by the courts. For
another, even the ISP may not be able to simply tell which customers are
using telephony programs and which are just dowloading pictures of Christy
Canyon.

Will "unmetered" usage go away? It depends on a lot of factors. Right now,
unmetered usage is a big enough marketing draw that it appears to
outcompete metered usage plans. Sure, there are people like me who pay a
flat rate (in my case, $20/month) and yet who are on for several hours a
day. But the subscribers who also pay the $20/mo and yet who are on only
briefly to check their mail are not clamoring to switch to metered usage.

If Internet telephony becomes a big deal, I still suspect unmetered usage
will be common. If the capacity isn't there, from the ISP through the
various links to the other person's ISP then there will be stalls and
delays. Think of it as evolution in action, like crowded freeways.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jamesd at echeque.com  Mon Aug 12 02:22:59 1996
From: jamesd at echeque.com (James A. Donald)
Date: Mon, 12 Aug 1996 17:22:59 +0800
Subject: (Off Topic) Re: FCC_ups
Message-ID: <199608120538.WAA29683@dns2.noc.best.net>


At 02:34 AM 8/12/96 -0400, Rabid Wombat wrote:
> Anyone that wants to carry a large volume of traffic via the 'net will
> find that either the market will dictate that they pay for the bandwidth
> they use, or the FCC will. I don't see the FCC getting involved, unless
> the "phone service via internet" providor tries to use the courts to get
> out of paying for the bandwidth they use. 

Bandwidth costs almost nothing, unless you are doing full motion
video.

What is expensive is cutting that bandwidth up into little pieces 
and delivering those pieces to the people who want to use it at
the time that they want to use it.

Thus those who retail bandwidth will have the bulk of the revenue,
rather than those who wholesale it.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From dlv at bwalk.dm.com  Mon Aug 12 03:54:59 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 12 Aug 1996 18:54:59 +0800
Subject: problem software
In-Reply-To: <199608101547.IAA13645@patty.loop.net>
Message-ID: <k27isD80w165w@bwalk.dm.com>


ARCHFIEND <sven at loop.com> writes:
> >we have problem software looming on the horizen here.
> >does anyonw have the expertise to write any
> >anti-lightening.bolt software that can disable
> >or disengage these e-mail address collectors?
>
> We come face to face with our old problems organization and consistency.  If
> we want to "stop" lightning bolt and other programs like this (6 hours of
> coding for anyone halfway to reality), we have to stop its profitability by
> 1) boycotting advertisers and 2) assiduously, consistently, mailbombing the
> fuck out of their addresses until their ISPs drop them.

Hey - we just got back from a trip, it's good to see all your guys back
online.

I think one way to fightt junk e-mail is to do what I proposed: have a
"don't-e-mail" list available for FTP, and make it trivial to add one's
address to it. I can talk more about how I envision this if anyone is
willing to consider putting such a thing up.

I honestly don't think lightening&co want to e-mail people who don't
want to be e-mailed.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From rich at c2.org  Mon Aug 12 04:12:31 1996
From: rich at c2.org (Rich Graves)
Date: Mon, 12 Aug 1996 19:12:31 +0800
Subject: Netscape US betas lagging...
Message-ID: <Pine.GUL.3.95.960812003508.23548E-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

The international version is 3.0b7. The export-controlled version on wwwus
is two revisions and almost a month behind at 3.0b5. Have y'all simply not
had time/inclination to recompile the 128-bit version with the latest
patches, or is there some sort of trouble brewing? 

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMg7ft5NcNyVVy0jxAQGLNAIAwf9BqKx+kHjfN/4YRfjHhXsqv8S6qbQ2
DiotNQxH/rrauDWOzh5TaTTgUp+0syzWKIvQtXUZC1+9JduWK39d6w==
=W2nf
-----END PGP SIGNATURE-----






From shamrock at netcom.com  Mon Aug 12 04:13:17 1996
From: shamrock at netcom.com (Lucky Green)
Date: Mon, 12 Aug 1996 19:13:17 +0800
Subject: [off-topic] Re: US Power Outages
Message-ID: <v02120d13ae347585efdc@[192.0.2.1]>


At 22:24 8/11/96, Z.B. wrote:
>>From what I read, this wasn't a "small localized disturbance".
>Apparently, a fire underneath one of the main towers on the CA-OR border
>was the cause of the problem.  Now that may not sound like too much, but
>the lines were carrying at least 3000Mw of electricity, enough "to power
>3-1/2 Seattles for a day" (quote from local newspaper).  My guess is that
>when there is a problem involving that much power with no place to go,
>the safety systems shut everything down to prevent damage.

It was a disturbance at a single power line. By any standard, this should
not lead to a blackout from Canada to Mexico. Does anybody here have some
first hand knowledge about power transfer at the scale of the US grid?



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From jk at stallion.ee  Mon Aug 12 05:10:06 1996
From: jk at stallion.ee (=?ISO-8859-1?Q?J=FCri_Kaljundi?=)
Date: Mon, 12 Aug 1996 20:10:06 +0800
Subject: Fw: SafE Mail Corporation
In-Reply-To: <Pine.GUL.3.95.960809175133.15098C-100000@Networking.Stanford.EDU>
Message-ID: <Pine.GSO.3.93.960812120202.2158C-100000@nebula.online.ee>


 Fri, 9 Aug 1996, Rich Graves wrote:

> I notice they've "sweetened" their "hacker" deal for cracking their
> software. Now it's an all-expense-paid trip to North Carolina plus about
> $400. Still not worth it, unless you're just pissed off.

Well if they would pay all expences of my trip from Estonia to US and
back, I might like to do it. Or someone else far away ...

Only thing I do not believe the _will_ pay for it so I better continue my
summer holidays.

J�ri Kaljundi
AS Stallion
jk at stallion.ee






From sparks at bah.com  Mon Aug 12 05:25:22 1996
From: sparks at bah.com (Charley Sparks)
Date: Mon, 12 Aug 1996 20:25:22 +0800
Subject: Read; NOW
Message-ID: <199608120931.FAA18644@booz.bah.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: proff at suburbia.net, cypherpunks at toad.com
Date: Mon Aug 12 05:34:05 1996
Perhaps this UNIX_CODE wants to create a mailing list with out names on 
it.. if we reply to him......
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCXAwUBMg76juJ+JZd/Y4yVAQFT0AQMDvQgn8c1bNhpZ16Niqbdho71jCeyTV0I
z5o5NPnSspEUhhxI3CIMp0OVwThaAOpRPakL8Pm6pjc08tgr0Hjbg0d0zFvVVDcM
Wkh6mSCYXFIEz043ZDiSuYQuY8Zs8ChiBTTElJQM5Ns2j6O1jYyiogGwSgVTszvV
TCj9PWFovL5VHQ==
=DVBI
-----END PGP SIGNATURE-----






From mccoy at communities.com  Mon Aug 12 05:28:23 1996
From: mccoy at communities.com (Jim McCoy)
Date: Mon, 12 Aug 1996 20:28:23 +0800
Subject: US Power Outages
Message-ID: <v02140b00ae3493b29455@[204.179.131.58]>


Lucky (crypto-leprechaun) wrote:
> At 18:15 8/11/96, Dave Farber wrote:
> >The avalanche behavior of power systems is still not
> >well understood and techniques to prevent such failures are not obvious.
> >Same can be said of telephone and computer networks at different levels.
>
> Does somebody here have a pointer to literature on this topic? A system in
> which small localized disturbances can amplify, propagate through the
> system, leading to catastrophic failure is the worst of all possible
> designs. I fail to understand why a system as important as the power grid
> would display this type of behavior. Why is the grid negatively dampened?

Because the system designed to fail non-destructively rather than risk
a power surge.  Part of the problem is that the power being controlled
moves as fast as any information about the state of the network: all
decisions must be made locally at the switch level.  When a major line
fails the power generation stations can not just "turn off the juice" at
the speed required, the power must either be redistributed or else the
switch overloads and shuts down to prevent a massive power spike.  The
power companies would rather face the ire of consumers without power for
an evening than the outcry that would happen if every toaster, microwave,
and computer on the west coast was fried by the spike caused by 3 gigawatts
being dumped into grids that could not handle the load (not to mention the
long-term blackouts caused by local switching equipment getting fried.)
In this case the system must fail to prevent damage.

The great east coast blackout was caused by a $50 switch which wore out.
The switch happened to control a chunk of load which was re-routed on to
another line, causing a cascade failure as the excess load caused other
switches to fail when it was dumped on to those lines (and the excess
load caused by these other switches tripping accellerated the failure.)
Power distribution is not like telecom, if a phone switch dies the calls
end; the failure does not endanger the upstream switch with overload
from bits not going anywhere.

Imagine that cars on highways had no brakes until they reached an offramp
but the DOT could apply a kill-switch to segments between offramps (tying
this thread into another non-crypto thread on the list :),if a failure in
the roadway caused traffic to stop then all of the upstream traffic would
have to be dumped off the road via offramps that were only one or two lanes.
This would cause further bottlenecks and the kill-switch would need to be
applied to more and more segments upstream to prevent the traffic stopped
or being slowly bled off from causing more problems.  No imagine that
offramp-to-offramp messages were transmitted via messengers travelling
upstream in the carpool lane :)

Even the power company's secret experiments in the cores of nuclear reactors
have not found a way to get around the 186,000 km/s speed limit on everything.

jim







From frissell at panix.com  Mon Aug 12 07:06:46 1996
From: frissell at panix.com (Duncan Frissell)
Date: Mon, 12 Aug 1996 22:06:46 +0800
Subject: Rumors of death of Anguilla Data are greatly exagerated.
Message-ID: <2.2.32.19960812101556.00a54ec4@panix.com>


At 01:37 PM 8/11/96 -0400, Vincent Cate wrote:

>If the laws of a country say it is fraud to open a bank account with 
>a fake passport, then encouraging someone to do so is encouraging
>fraud.  Check with your lawyer and see if you can open up a bank
>account with a fake passport.  

My lawyer says that at common law you can use any name to open an account as
long as there is no intent to defraud.  Since I am giving the bank money and
not vice-versa, it can't be common law fraud.  I'm lending to them.  They
aren't lending to me.  It *is* illegal in the US for the bank to open an
account for me without some ID checks, but it is not *my* problem and it is
not fraud.

DCF






From ichudov at algebra.com  Mon Aug 12 08:17:34 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Mon, 12 Aug 1996 23:17:34 +0800
Subject: US Power Outages
In-Reply-To: <v02140b00ae3493b29455@[204.179.131.58]>
Message-ID: <199608121228.HAA11850@manifold.algebra.com>


Jim McCoy wrote:
> Even the power company's secret experiments in the cores of nuclear reactors
> have not found a way to get around the 186,000 km/s speed limit on everything.
> 

I wonder where does the 186,000 km/s speed limit come from? ;)

	- Igor.





From EALLENSMITH at ocelot.Rutgers.EDU  Mon Aug 12 09:07:15 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Tue, 13 Aug 1996 00:07:15 +0800
Subject: Article on Electronic Commerce with a few too many assumptions
Message-ID: <01I85ZCPI14G9JD53S@mbcl.rutgers.edu>


	I haven't had time to do more than skim over the following article,
but I can already see some problems with it. For instance, he mentions CD
places not allowing agent searching - but with increasing development of
anonymization and like technology, will they have any choice?
	-Allen

[Permit me to recommend that you read this very interesting draft paper
and send its author, Andrew Odlyzko, detailed comments.]

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message was forwarded through the Red Rock Eater News Service (RRE).
Send any replies to the original author, listed in the From: field below.
You are welcome to send the message along to others but please do not use
the "redirect" command.  For information on RRE, including instructions
for (un)subscribing, send an empty message to  rre-help at weber.ucsd.edu
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Date: Fri, 9 Aug 96 14:17 EDT
From: amo at research.att.com
Subject:  electronic commerce article

Enclosed is the draft of an invited paper for the WebNet '96 conference
to be held in San Fransisco, Oct. 16-19, 1996, URL 
   http://aace.virginia.edu/aace/conf/webnet.html.
Comments are invited.

Andrew Odlyzko





                  The bumpy road of electronic commerce

                            Andrew Odlyzko
                         AT&T Labs - Research
                         amo at research.att.com

                   Preliminary version, August 9, 1996


Abstract:  Electronic commerce is widely expected to promote
"friction-free" capitalism, with consumers sending software agents to
scour the Net for the best deals.  Many distribution chains will
indeed be simplified and costs substantially reduced.  However, we are
also likely to see the creation of artificial barriers in electronic
commerce, designed by sellers to extract more value from consumers.
Frequent flyer mileage plans and the bundling of software into suites
are just two examples of the marketing schemes that are likely to
proliferate.  It appears that there will be much less a la carte
selling of individual items than is commonly expected, and more
subscription plans.  Therefore many current development plans should
be redirected.  Electronic commerce is likely to be even more
exasperating to consumers than current airline pricing, and will be
even further removed from the common conception of a "just price."  As
a result, there are likely to be more attempts to introduce government
regulation into electronic commerce.


Footnote:  This paper incorporates material from an earlier article
on electronic publishing, [Odlyzko].



1.  Introduction

Electronic commerce (or ecommerce for short) is still small, at least
if we consider only online consumer transactions, such as ordering a
book from amazon.com over the Internet.  In a broader sense, ecommerce
is much larger, since financial, news, and legal information services
such as Bloomberg, Reuters, and Lexis have total revenues in the
billions of dollars.  In a still broader sense, electronic funds
transfers are already huge, with daily transactions in the trillions
of dollars.  All these types of transactions are expected to grow, and
to become part of a much larger and uniform system of electronic
transactions.

While we are rapidly moving towards the Information Age, food,
shelter, and clothing will remain our most important needs.  However,
their shares of the economy are decreasing, and the information
content of their goods is increasing.  This is an old trend.
Agriculture has moved from being the largest segment of the economy a
century and a half ago to a relatively minor industry, dwarfed by the
medical sector, for example.  Furthermore, the cost of the basic
ingredients in cereals and other foods is a small portion of the total
price.  As a further example of the decreasing value of raw materials
and factory labor, a single celebrity is often paid as much for
endorsing an athletic shoe model as all the workers in the undeveloped
countries who assemble those shoes.  We can expect a continuation of
this trend, with the work of the "symbolic analysts" (who, in Robert
Reich's terminology, include lawyers, software writers, and
advertising executives) making up increasing fractions of the economy.

The main concern of this essay is electronic trade in information
goods, such as news, novels, software, music, movies, as well as
legal, medical, and credit information.  How will these goods be
distributed, and how will their production be financed?  Esther Dyson
[Dyson] predicts that almost all intellectual content will be
available for free.  In her view, some content production will be
supported by outside advertisers (who already pay for most of the cost
of newspapers, for example, as well as all the costs of the commercial
TV networks).  Some content will likely be made available for free, as
a form of advertising for other services by the producers (as the
Grateful Dead do in encouraging people to tape their performances, in
the hope this will bring more people to their concerts).  While
Dyson's vision will come true for a large part of the material on the
Net, it seems unlikely that it will be universal.  Movie studios such
as Disney attract large paying audiences to theaters and purchasers to
their videotapes through the quality of their products, and are likely
to do so in the future.  While some novelists make more money from
selling movie rights to their plots to Hollywood than from royalties
on books, this is rare.  Each year, over a hundred times as many books
are published as there are movies produced, and the sales of books are
much higher than movie theater revenues.  Thus we can expect that
content producers will usually want to be paid directly for their
work, as that will be the only feasible route to earning a living.
Furthermore, Dyson herself [Dyson] emphasizes that much of the value
on the Net "will go to the middlemen and trusted intermediaries who
add value - everything from guarantees of authenticity to software
support, selection, filtering, interpretation, and analysis."  How
will these middlemen be paid?  It seems likely that often they will
wish to collect payment directly from consumers, just as the online
legal information service Westlaw collects fees from attorneys who use
it.  The basic data in Westlaw is court opinions, which are freely
avaialable.  What gives Westlaw its lock on the market is the control
of its citation system.

Many of Dyson's predictions are likely to come true.  In particular,
huge amounts of intellectual property will be available for free.
However, it seems likely that there will also be a flourishing
ecommerce sector, with individuals purchasing goods and services.  The
question is, how will ecommerce be conducted?

The usual expectation is that ecommerce will promote "friction-free
capitalism," (cf.  [Gates]), with distribution costs reduced.  It is
easy to see how this can happen, as the older communication systems
such as the post office, the telegraph, the telephone, and the fax
have all served to make the economy more efficient.  The Internet
creates many more possibilities.  Classified ads, for example, bring
in a large fraction of the revenues of the newspaper industry, but can
be replaced by a much cheaper and easier to use electronic system.
Other part of the common vision of ecommerce are more questionable,
however, and that is what the rest of this essay will discuss.  It is
often thought that instead of buying an entire newspaper, readers will
pay for those individual stories they are interested in.  Someone
wishing to purchase a VCR might send an "intelligent agent" into the
Internet to collect bids from suppliers for a unit that meets desired
specifications, and then select the best choice.  While such scenarios
will be feasible technically, it is extremely unlikely they will be
dominant.  Instead, we are likely to see a proliferation of policies
such as those of current music CD retailers who sell on the Internet.
Most of them do not allow software agents to collect their prices.  We
are also likely to see a strenthening of the trend towards
subscription services and bundling of products, as is done in software
suites today.  This will often require redirection of development
efforts.

This essay is devoted largely to an explanation of the economic
reasons that are likely to lead to the creation of "bumps" on the
electronic superhighway.  These reasons operate already in the current
economy, and are responsible, for example, for the U.S. airline
pricing system, which is a source of frequent frustration and
complaints.  In ecommerce, frustration and complaints are likely to be
even more frequent.  The reasons for this are twofold.  On one hand,
the economic incentives to create artificial barriers will be greater
in ecommerce than today, since essentially all costs will be one time
costs of creating goods, and distribution will be practically free.
On the other hand, it will be much more transparent that the barriers
are artificial.  This will often collide with popular notions of what
is fair, and is likely to lead to attempts at much more intrusive
government regulations than we have seen so far.  In the past
governments have been involved primarily in security issues of the
Net, and more recently have gotten concerned about pornography.
However, in the future they are likely to attempt to regulate the
conduct of business on the Net as well.

If the predictions of this essay come true, then some of the current
development efforts will turn out to be misdirected.  In particular,
there is likely to be much less use of micropayments for individual
transactions, and more subscription services, which require different
systems.  Also, it will be necessary to prepare to comply with edicts
from various governments which will be changing and will often be
inconsistent.


2.  Natural and artificial barriers in commerce

Capitalism is excellent at inducing people to reduce barriers to
commercial activities.  However, it also produces incentives to create
artificial barriers.  Some of the barriers are created by government
action, such as those of patent and copyright laws, which give owners
of intellectual property a limited legal monopoly on the uses of their
creations.  Other barriers are created by merchants.  It is common for
an airline passenger to have paid 5 times as much as the person in an
adjacent seat, with the only difference between the two being that the
first one is not away from home on a Saturday night.  The airlines
would like to charge the business travelers (who are presumed to be
able and willing to pay) more than vacationers (who might drive a car
instead or not travel at all), but do not have a direct way to do so.
Therefore they impose the Saturday night stopover restrictions to
distinguish between those two classes of customers.  There have been
several attempts by airlines to move towards a simpler system of
uniform pricing (sometimes by newcomers, such as People Express,
sometimes by established carriers), but they all collapsed.  This
suggests that there is an underlying economic logic behind this
system, however exasperating it might be.  If that is so, though, we
can expect similar moves in ecommerce.

The general tendency in the marketplace is to avoid "commoditization,"
in which there are many almost equivalent products and services, and
where price is the only consideration.  Ford does not compete with
Honda in producing the most inexpensive Accord.  Instead, it offers
the Taurus as an alternative, and there are many features in which the
Accord and Taurus differ.  Sometimes commoditization is hard to
resist.  In some cases this happens because consumers learn there is
little to differentiate products.  As an example, oil companies have
pretty much given up on trying to convince people that gasoline
differs in anything other than octane ratings.  In other cases,
commoditization is forced on an industry by government edict or
effective private monopoly.  Intel and Microsoft have reduced the
IBM-compatible PC industry to a commodity business, in which they
collect almost all the profits, and the other players scramble to find
a niche that will enable them to do more than just break even.
However, those are the exceptions.  The general ecological principle
is towards evolution of species that fill different roles.  Zebras do
not attempt to compete with giraffes, but exploit a different part of
the ecosystem, and evolution does not lead to a convergence of those
two species.  Similarly, in the world of business, companies try to
differentiate their products.  Workstation producers could never in
the past agree on a common version of Unix, even under the threat of
being overwhelmed by PCs, since that would have required giving up the
distinctive features that bound them to their customers.  Even
airlines, which are basically in the commodity business of moving
people from one city to another, try to differentiate themselves
through frequent flier plans and special pricing schemes.

Ecommerce is likely to lead to a proliferation of pricing plans that
will seem to most people to be much more frustrating and less rational
than even today's U.S. airlines.  There will probably be a niche
market for people who care most about their convenience, and will use
their intelligent agents to do their shopping for them.  However, what
Sony, for example, might do is sell to that market only models of VCRs
that are not available elsewhere, and are hard to compare to those
sold in other places.  Stores that have physical buildings are likely
to serve a different clientele, and might also take further steps to
differentiate themselves to prevent comparison shopping, which will be
much easier with many people sharing their experiences on the
Internet.  There is likely to be a proliferation of frequent-shopper
plans.  Further, Sony VCRs sold in Sears stores might be slightly
different from those sold in WalMart, and model numbers and features
might change rapidly to inhibit consumer rating services (such as
Consumer Reports, or various Internet-based group-rating schemes that
are beginning to develop).  There are already artificial barriers to
free information flow.  Grocery stores routinely bar employees of
other stores from collecting extensive data on prices.  The policy of
Internet CD stores of preventing software agents from collecting
prices for comparison shopping is just an extension of such barriers
to free information flow to ecommerce.  We can expect more such
barriers.

While barriers to commerce of the type discussed above are usually
perceived as unfair (an issue that I will deal with more extensively
in the last section), they can increase not just the producers'
wealth, but economic efficiency and social welfare.  As a simple
example, consider an independent consultant who can produce a
technical report that two different customers might be willing to pay
$3,000, and $2,000 for, respectively.  If she has to charge a uniform
price to the two customers, the most she can get is $4,000, obtained
by pricing the report at $2,000.  However, if she charges the first
customer $3,000, and the other $2,000, she will earn $5,000.  If the
consultant's time and expenses to prepare the report are worth $4,500,
she will not undertake the effort if a uniform price is required.
>From an economic viewpoint it is therefore advantageous to allow her
to charge different prices to different customers.  However, the
customer that pays $3,000 is likely to resent it if somebody else
obtains the same product for $2,000, and often will not agree to the
deal if all conditions are publicly known.  This is caused by a
conflict between notions of economic efficiency and fairness.  

There are many examples in the marketplace of behavior that appears 
even less fair.  For example, in 1990, IBM introduced the LaserPrinter 
E, a lower cost version of its LaserPrinter.  The two version were
identical, except that the E version printed 5 pages per minute
instead of 10 for the regular one.  This was achieved (as was found by
independent testers, and was not advertised by IBM) through the
addition of additional chips to the E version that did nothing but
slow down processing.  Thus the E model cost more to produce, sold for
less, and was less useful.  However, as Deneckere and McAfee show in
their paper [DeneckereM], which contains many more examples of this
type (referred to as "damaged goods"), it can be better for all
classes of consumers to allow such behavior, however offensive it
might be to the general notions of fairness.  Consumers who do not
need to print much, and are not willing to pay for the more expensive
version, do obtain a laser printer.  Consumers who do need high
capacity obtain a lower price than they might otherwise have to pay
since the manufacturer's fixed costs are spread over more units.

Barriers in commerce are an essential part of the current marketplace.
Consider the book trade.  Although people do not think of it this way,
current practices involve charging different prices to different
users, and thus maximizing revenues.  A novel is typically published
in hard cover first, with the aim of extracting high prices from those
willing to pay more to read it right away.  Once that market is fully
exploited, a somewhat cheaper trade paperback edition is made
available, to collect revenue from those not willing to pay for the
hardbound copy.  Finally, a regular paperback edition is published at
an even lower price.  The used book market develops in parallel, for
those willing to read books marked up by previous owners, and so on.

How will ecommerce affect book publishing?  Eventually we can expect
that all books will be available electronically (and will evolve
towards new forms, made possible by digital communications).  Costs of
publishing will come down, and this is going to increase the supply,
and lead to many works distributed for free, by aspiring authors
hungry for the recognition that might lead to fortune.  What about
those electronic books that people will be willing to pay for?  With
publishing costs reduced, we can expect that the authors' share of the
revenues will rise, say from the current 15% or so royalty rate to 50%
or more, and so in effect the authors might become much more
influential than the publishers (or might become the publishers
themselves).  However, since publishers obviously benefit from the
present system of differential pricing, they (and the authors) are
likely to have an incentive to institute a similar system in the
digital arena.  The issue is how to do this.  Bits are bits, after
all, and are easy to copy.  If we make only simple extensions of
current copyright laws, we are likely to see a great change in the
marketplace for information goods.  For example, when I buy a book, I
cannot make a copy of it and sell that copy to somebody else.  On the
other hand, I can sell, rent, or give away the book I purchased to
anyone I wish.  Suppose we carry over exactly the same rights to the
digital world, with some combination of cryptographic techniques and
laws guaranteeing that unauthorized copies of digital "books" cannot
be made.  The ease of transactions on the Net (which is what leads to
the dreams of "frictionless capitalism") would then force major
changes.  With physical volumes, there are substantial barriers to
trade in books.  Most people do not like reading books that are
tattered or marked up by others.  They take their time reading books,
and (especially for the ones they enjoy) like to retain them in their
libraries to be reread any time they wish.  As a result of these
natural barriers, a single copy is usually read by only a few people.
The economics of the present book publishing business depend on this
phenomenon.  In the digital world, though, with high bandwidth
networks and efficient intermediaries, I could buy a copy of a book an
hour before bedtime, read a new chapter, and then, just before turning
off the lights, send that copy off for resale.  Instead of a million
copies of a printed book, a thousand electronic copies might suffice.
This would force a dramatic change in the structure of the book
publishing industry, and explains why there is an intense interest in
the creation of artificial barriers to ecommerce, either through
revisions to copyright laws or through technological methods.


3.  The bumps on the electronic highway

Some types of barriers to commerce are accepted as natural when
dealing with physical goods.  It would be prohibitively expensive for
the New York Times, say, to distribute 100 little sheets each day,
each one with a separate story, and having readers buy just the ones
they were interested in.  The accepted wisdom is that ecommerce will
lead to the electronic equivalent of just that, with readers selecting
and paying for individual stories.  It will certainly be possible to
do so, as micropayment systems are being developed that will allow for
processing of tiny transactions, such as payment for a single story in
the New York Times, or a "hit" on some aspiring poet's Web page that
contains his sonnets.  However, the economic argument is that while
such schemes might exist, and may be used in some situations, they
will not be dominant.  The example of book publishing in the previous
section shows why producers of information goods benefit from the
natural barriers that exist in the physical world.  Their incentives
to create artificial barriers in the digital world will be even
stronger.  It will be harder to distinguish between consumers, since
transactions will tend to be impersonal, and arbitrage will be easy.
Most important, distribution costs will be negligible, so that only
the "first copy" cost of creating a work will matter.  Hence
traditional, commodity-market type of competition, in which the market
price equals the marginal cost, will have to be avoided, since
marginal prices will be essentially zero.  The incentive that low
marginal costs provide to create barriers in commerce can already be
seen in many high technology fields.  The "damaged goods" studied in
[DeneckereM] come primarily from such areas.  The pharmaceutical
industry is notorious for selling products for hundreds of times more
than the cost of producing them, and for selling the same chemicals
for human use for ten times the price charged for veterinary purposes.

While the incentives to erect artificial barriers will be large in
ecommerce, there will also be novel possibilities created by the
electronic medium.  What kinds of barriers are we likely to encounter
in ecommerce?  The four most important ones will probably be bundling,
differential pricing, subscriptions, and site licensing.  Hal Varian
[Varian3] discusses the first two in detail, and argues convincingly
that they will be prominent in ecommerce.  In the rest of this section
I will present some additional arguments for these techniques, and
will also show why subscription services (which are a form of
bundling, but are important for other reasons as well) and site
licensing are also likely to be common.  There are additional
arguments in favor of subscription and site licensing plans.  For
example, security problems are likely to be easier in those cases.
However, this essay will deal only with the economic arguments.

The basic assumption in the economic analyses below is that for each
information good, an individual consumer will purchase it only if the
price is below some threshold (that consumer's valuation of the good).
For simplicity, I will only consider items that are independent of
each other (such as stories in a newspaper).  Much of the economic
literature cited below is concerned with goods that are related in one
way or another.  (For example, if I buy a spreadsheet from Corel, I am
unlikely to purchase another one from Microsoft.  On the other hand,
if I buy a presentation package, I am more likely to buy a CD-ROM of
pictures than I would otherwise.)  I will not take these factors into
consideration, to keep the presentation simple, and bring out only the
main factors that are likely to influence the development of
ecommerce.  I will also assume that producers cannot in general find
out what an individual is willing to pay for a product, but can,
through test marketing, say, obtain an accurate statistical
description of the valuations that the whole population of potential
buyers place on that product.


3.1 Bundling

Bundling consists of offering several goods together in a single
package, such as combining a word processor, a spreadsheet, and a
presentation program in a software suite (such as Microsoft Office),
or else printing many stories in a single newspaper.  Bundling is
common, and often seems natural.  For example, right shoes and left
shoes are invariably sold together, and just about the only time
anyone might regret this is when a dog chews up one of a new pair of
shoes.  I will concentrate on bundling of goods that are almost
unrelated, such as a word processor and a spreadsheet program.  Why
should the pair of them together sell for much less than the sum of
their separate prices?  It is useful to have seamless integration of
the two, to make it easier to move material between them, to have
common command structure and icon layouts, and so on.  That seems to
argue for charging more for the bundle than for the pieces!  However,
bundling, with a lower price for the bundle than for the components,
or even without any possibility for purchasing the components
separately, is extremely common.  The reason is that it allows the
producer to increase revenues by capturing more of the "consumer
surplus" that arises when customers pay less than they are willing to
do.  Since in general prices have to be the same for all customers,
bundling can be used to smooth out the uneven preferences people have
for different goods and services.  For example, suppose we were
dealing with a proposal to start a newspaper that would have two
sections, a business page and a sports page.  Suppose also that there
were just two potential readers, Alice and Bob. Suppose also that
Alice needs to keep up with the business world, and so is willing to
pay $0.50 for the business page, but only $0.20 for the sports page,
since she does not particularly care about sports, but might like to
keep up with lunchtime conversations.  Suppose that Bob's preferences
are reversed, in that he is an eager sports fan, willing to pay $0.50
for the sports page, but only $0.20 for the business page, since all
he cares about is occasionally checking on his retirement fund.  Under
those conditions, how should the proposed newspaper be priced?  If
each section is sold separately, then a price of $0.20 for each will
induce both Alice and Bob to buy both sections, for total revenues of
$0.80.  If the price is set at $0.50 for each section, then Alice will
buy only the business page, and Bob only the sports page, for total
revenue of $1.00.  On the other hand, if the two sections are bundled
together, then a price for both of $0.70 will induce both Alice and
Bob to purchase the newspaper, and will produce total revenues of
$1.40.  Thus the economically rational step is not to offer the two
sections separately, but only bundled together.

Bundling has been studied extensively in the literature, starting with
the paper of Burnstein [Burnstein].  Other references are [AdamsY,
Bowman, Economides1, KrishnaKA, Schmalensee, Stigler, Varian2,
Wilson1, Wilson2].  Unfortunately there is no simple prescription that
can be given as to when bundling is better than selling items
separately.  Depending on the distribution of consumer preferences,
bundling can be either more or less profitable for the producer, as
was already shown by Adams and Yellen [AdamsY].  However, there are
some general guidelines.  One is that bundling becomes more profitable
as marginal costs decrease (which may be part of the reason for the
spread of software suites as the amount of unpaid support provided to
users by software houses decreased).  Another is that bundling becomes
more attractive when consumer preferences are negatively correlated
(as in the example above, where Alice and Bob had almost opposite
tastes).  However, negative correlation in valuations is not necessary
for bundling to be profitable, as was first pointed out by Schmalensee
[Schmalensee], and as will be shown in the example below.  Random
variations in preferences are sufficient as a result of the law of
large numbers.

How much of a difference can bundling make to a producer's bottom
line?  Unfortunately the published literature is practically silent on
this point, for reasons I will discuss later.  (There is an intriguing
computation in [Stigler], based on reported revenues of movie theaters
in different cities.)  Let us therefore consider some artificial
examples, a bit more realistic than the Alice and Bob one presented
above.  Consider two books, A and B, say "The Tannu-Tuva Cookbook" and
"Sherlock Holmes in Antarctica."  Suppose that among one million
potential customers, book A is valued at $1 by 100,000, at $2 by
another 100,000, and so on, up to $10 by 100,000, and suppose the same
distribution of valuations applies to book B. Suppose further that the
valuations of the two books are independent.  Thus there are about
10,000 customers who value book A at $3 and simultaneously book B at
$5, and similarly about 10,000 customers who place values $9 and $2 on
A and B, respectively.  Under these conditions, if the publisher is to
sell these books separately, revenue will be maximized when the price
of each is set at $5.  About 600,000 people will purchase each book,
for total revenue from sales of both books of $6,000,000.  (This
maximum is not unique, as the same revenue can be achieved by pricing
each book at $6, in which case about 500,000 people will buy each.)
However, if the two books are sold together, revenue can be made much
higher.  Since there are 10,000 people who value the bundle at $2
(exactly the 10,000 who value each book at $1), while there are 90,000
who value it at $10, a short calculation shows that the
revenue-maximizing price is $9.  At the price of $9 per bundle,
720,000 people will purchase it, for total revenue of $6,480,000,
exactly 8% higher than if the books were sold separately.  Since
profits would be the revenues minus the fixed costs of producing the
books, they would increase much more dramatically.

What weakens the case for bundling is that most people have no
interest in most goods.  In the example of the books "Sherlock Holmes
in Antarctica" and "The Tannu-Tuva Cookbook," a more realistic
assessment might be that in a population of 1,000,000, each book would
be valued at zero by 90% of the population, with 10,000 valuing it at
$1, 10,000 at $2, and so on.  If the 100,000 people who do place a
positive value on book A are distributed independently of those who
value book B at $1 or more, then there would be only 10,000 people who
place positive values on both A and B. Bundling under these conditions
would not produce much benefit.  However, even in cases of extreme
indifference, bundling can work if there are enough goods.  Consider
an information service with 1,000 items (news stories, pictures, or
songs).  Suppose that in a large population, each individual is
totally uninterested in 900 of the items, and values 10 at $0.01 each,
10 at $0.02 each, and so on, with 10 valued at $0.10 each.  If the
items are to be sold individually, the revenue-maximizing price will
be $0.05 for each (or $0.06 each), and each customer will purchase 60
items for a total of $3.00.  However, if the collection is sold as a
whole (which involves no extra cost to producers of information goods,
and also no cost of tossing out mounds of unwanted boxes to
consumers), then a price of $5.50 will induce each person to buy, for
a gain of 83% in revenues (and much more in profits).

So far we have compared only sales of unbundled products (pure
unbundling) to those of bundles (pure bundling).  However, it is often
advantageous to use mixed bundling, where both bundles and separate
goods are offered.  In the example of the books "Sherlock Holmes in
Antarctica" and "The Tannu-Tuva Cookbook," with the distribution of
valuations assumed above, a price of $10 for the bundle and $5 for
each book separately would produce revenue of $7,400,000, about 14%
higher than pure bundling, and over 23% higher than pricing the books
separately.  (Note that the optimal combination above has the
paradoxical property that the price of the bundle is exactly the price
of the pieces.  Under the assumption of the model, people who value
book A at $7 and book B at $3 will purchase the bundle, but if the
bundle is not available, will only purchase A.) Adams and Yellen
[AdamsY] have shown that mixed bundling is always more advantageous to
the producer than pure bundling.

Toy models like the one above are amusing to play with, and help
illustrate the advantages to producers of bundling.  If the
distribution of consumer valuations is known, one can determine
numerically what the optimal policy is for the producer [Wilson1,
Wilson2].  Unfortunately the basic assumption that consumers know what
value they place on various goods, and purchase them precisely when
the price is below their value, is questionable.  In practice people
behave in much more complicated ways.  An old joke illustrates this:

  Waiter:  And for dessert, we have chocolate mousse, apple pie,
    and ice cream.

  Customer:  I will have apple pie.

  Waiter:  Oh, I forgot to mention that we also have Peach Melba.

  Customer:  In that case I will have the mousse.

While this is a joke, actual behavior is often just as paradoxical.
Catalog merchants have learned that the attractiveness of an item is
affected strongly not just by its price and description, but also by
its placement among other offers.  Consumer choices are complicated.
Some of the seemingly irrational behavior can be explained on the
basis of different consumers having different sensitivities to prices.
For example, the phenomenon of regular sales has been modeled
successfully this way in [Varian1] and later papers.  Other
interesting phenomena emerge if one assumes that consumers do respond
to price signals in an economically rational way, but with some delay
(see [RichardsonR], for example).  However, there is no complete
theory.  Experimental economics has shown that economically optimal
solutions can be attained even with small groups of agents, provided
they are working in a constrained environment and are trying to
optimize their wealth, although even there paradoxes abound (cf.
[CookL, HagelR]).  In general settings, though, human behavior is hard
to model.  There are nontransitivities in preferences, choices are
determined by behavior of others (so a person is more likely to see a
movie that colleagues have seen to have something to talk to them
about), and so on.  Companies collect extensive data from test
marketing, but that data is noisy, and typically involves only small
variations in test parameters.  There seems to be no unambiguous
empirical demonstration that a well defined demand curve exists.  Thus
economic models discussed above do indicate that bundling is likely to
be advantageous to producers, but do not prove this.

What happens in the real marketplace, with a variety of customers and
competitors, and where there is already much experience with a variety
of marketing plans?  What we see there is extensive evidence of
bundling.  In many situations, such as that of physical newspapers,
there is an obvious motivation for bundling to reduce costs.  However,
there is also evidence of bundling's success when there are
practically no physical costs involved.  Software suites such as
Microsoft Office are just one example.  Cable TV does not charge for
each channel separately, but for packages (bundles) of them.  Finally,
the big and profitable online information services in the financial
and legal arena, such as Reuters, Bloomberg, and Lexis, all operate on
a subscription basis or appear to be moving in that direction.  (The
"pay-per-view" approach made more sense when the computing
infrastructure for online access was expensive, and therefore there
were high marginal costs of providing access.)  All this evidence
confirms that bundling is likely to be common in ecommerce.


3.2 Differential pricing

Charging different prices to different consumers is already common.
Various senior citizen or student discount programs are just some of
the most widely spread practices.  Scholarly journals typically charge
much higher prices to libraries than to individuals, sometimes 10
times higher.  For a thorough discussion of such price discrimination
and its economic and legal status, see the survey [Varian2].  A
producer would like to charge according to the consumer's willingness
to pay, but the consumer will usually be reluctant to reveal such
information.  However, it is sometimes possible to correlate
willingness to pay with other features.  Airlines offer much cheaper
tickets for those willing to be away from home on Saturday night.  The
theory is that business travelers, who are willing to pay a lot, will
not be willing to put up with such inconvenience.  In information
services, online services such as Prodigy and CompuServe offer stock
market quotes that are delayed by 15 or 20 minutes for no extra cost,
beyond the basic subscription.  Real-time quotes uniformly cost extra,
on the theory that those who need them for their trading will pay
more.  The software industry relies on differential pricing in many
products.  Student or demo versions typically are the same as the main
product, except for artificial limitations on what they can do.  They
either cannot produce large executables, or cannot handle large files,
or cannot use extended precision.  We are likely to see many more
examples of such differential pricing.  Electronic publications may
offer high-resolution versions at one price, a lower-resolution
version at a lower one, and sometimes they might offer a fax-quality
version at no charge.  There are already interesting experiments going
on in book distribution, with authors making some parts of their
manuscripts freely available on the Internet, to advertise their work,
to update it with lists of current errata, and to make available
features that draw on the unique capabilities of the electronic
medium.  There are also likely to be differentials based on
timeliness, as with stock market quotes; old issues might be offered
at low or no charge.  There might be extra charges for links to cited
works or other desirable features.

Differences in quality of offered products might be the only way to
preserve some of the features of public libraries.  In the digital
realm, without some artificial barriers, there would be practically no
difference between buying and borrowing.  Hence the traditional
library policy of unrestricted lending is not compatible with
ecommerce, and we are likely to see artificial barriers.  Databases
might be available to library customers but only inside the library,
at special terminals, for example.  Librarians would then have to
become gatekeepers, restricting access to material more than making it
freely available.


3.3 Subscription vs.  pay-per-view

Offering access to a database or a movie channel on a subscription
basis is a form a bundling.  The alternative is to charge for each
movie, or each download of a Web page.  There is much discussion of
how such "a la carte" shopping might become prevalent.  One attraction
of programs consisting of small applets that can be downloaded on
demand appears to be the perception that this would allow producers to
charge according to how frequently the software is used.  However,
past experience with pay-per-view systems has been discouraging.
Except for a few events, such as championship boxing matches, they
have not succeeded in attracting much revenue.  All the arguments in
favor of bundling apply, and suggest that pay-per-view systems will
not be common.  Furthermore, there are additional arguments, supported
by empirical data on consumer behavior, that argue against
pay-per-view schemes.  Consumers appear to have a strong predilection
for reducing risk, even when this predilection results in lower than
optimal expected financial payoff.  A certain $10 gain is usually
preferred to a wager with a 90% chance of winning $15, and a 10%
chance of losing $20.  People also tend to use small deductibles when
purchasing fire or casualty insurance, even when they could easily
bear the loss from a larger deductible.  (Since few insurance
companies operate with an overhead of less than 30%, a larger
deductible would almost surely lead to savings in the long run.)
Similarly, consumers appear to have a strong preference for
subscription services.  To a large extent this is probably explainable
by general risk aversion.  I may prefer to pay a higher price for a
word processor now, even if I do not need it much, to have free use of
it when I lose my job, and need to send out lots of job applications,
but will not be able to afford extra charges.  This preference for
subscription services is present even among librarians, who are not
spending their own money, and with a large number of users of their
resources might be expected to have a stable usage pattern.  Even so,
they have often expressed their unease about paying "a la carte" for
access to databases, since they feared they could not predict what
this would do to their budgets.  It is difficult to quantify the
strength of this preference for subscription services, but it exists
and is strong.  In the 1970s, the Bell System first experimented with
charging for local calls.  Typically, customers were given a choice of
the traditional flat rate option, which might cost $7.50 per
month, and allow unlimited local calling, and of a measured rate 
option, which might cost $5.00 per month, allow for 50 calls at no
extra charge, and then cost $0.05 per call.  Anyone making fewer than
100 local calls per month would be better off with the measured rate
option.  However, in the numerous trials that were carried out, typically
around 50% of the customers who were making almost no local calls at
all, and thus would benefit from measured rate service, still stayed with 
the more expensive flat rate service.  The preference for flat rate 
pricing for Internet access is another example of this phenomenon.

The main conclusion to be drawn from this discussion is that
subscription services do offer substantial value to consumers, even if
that value may seem to be irrational.  As a corollary, they also offer
value to producers.  People are willing to pay a lot just to be able
to occasionally use certain features.  Software producers complain
about all the heavy users of their products who do not pay for their
high usage.  However, these producers benefit from the many users who
hardly ever use their system.  I seldom use Microsoft Word, but when I
do use it (typically because somebody sends me a Word document), I do
need it, and so am willing to purchase it for just such occasions.
Hence we can expect that even if large systems consisting of
downloadable applets do become practical, they will be available on a
subscription, and not on a per-use basis.


3.4 Site licensing

Site licensing, in which a company or a university pays a flat fee to
allow everyone in that institution to use some program or access a
database, is very common in the computer and online information
industries.  In some forms, it has been present for a long time in
other areas as well.  For example, scholarly publishing can be thought
of as an example of site licensing.  Typically a university will buy a
single copy of an esoteric journal, which is then placed in a library,
to be consulted by anyone on campus.

In software, site licensing has many attractive features.  It
simplifies the enforcement problem (which is nontrivial, since many
corporations report they spend more on policing software use than on
the purchase of that software).  It also encourages new users to try
out a package, and thus stimulates more usage.  In addition, though,
site licensing has a strong direct economic argument behind it.  We
can think of site licensing as a variant of bundling.  In ordinary
bundling, a producer assembles together several goods into a bundle,
to smooth out the differences in valuations that individual consumers
place on those goods.  In site licensing, a producer assembles
together a group of consumers to smooth out the differences in
valuations that different people place on a single product.  As an
example, suppose that in a company of 1,000 employees, 900 are totally
uninterested in a software package, but 10 feel it is worth paying $10
for it, 10 feel it is worth $20, and so on, up to 10 who feel it is
worth $100.  If the software manufacturer had to sell copies of the
package to individuals, the best price would be either $50 or $60 for
a copy, and the revenue in either case would be $3,000.  However, if
the management of the company has an accurate impression of how much
the employees value the product, it should be willing to pay $5,500
for a site license.  This would be a much better deal for the
producer, even though it would bring in only $5.50 for each person
entitled to use the product.  Hence we can expect further spread
of site licensing.


4.  Fairness, legality, and efficiency

Economic arguments show that there is value to many of the artificial
barriers in commerce.  It is value not just to producers of the goods
and services, but to society.  Moreover, the incentives to create such
barriers apply to individuals as well as large corporations.  If Alice
plays the piano, and Bob performs magic tricks, they might be able to
obtain higher income by bundling their services through offering a
combined act to nightclubs.  The result might be the difference
between starvation and relative comfort.  In ecommerce, a group of
budding poets might collect larger revenues if they sell access to
their combined works, instead of working individually.

While economics will lead to the creation of barriers in ecommerce,
this will frequently clash with popular notions of what is fair.
There is already much grumbling about airline pricing and senior
citizen discounts.  Moreover, many of the grumbles result in laws
restricting commerce.  Several cities in the United States have passed
laws decreeing that women's shirts should not cost more to launder
than men's.  There is a general perception of what is fair, often
codified into laws.  Some of it goes back to the ancient notion of a
"just price," which is supposed to reflect a modest markup over the
producer's costs.  However, in ecommerce, even more than in the modern
physical economy, cost is a poorly defined concept.

In ecommerce, the concepts of "increasing returns" [Arthur], in which
producer profits increase as usage increases, and customer lock-in, in
which someone trained in using a particular spreadsheet faces a major
barrier of retraining in switching to another one, are the ruling
ones.  This means that the standard tests of illegal monopolistic
behavior do not apply.  It can make excellent sense to give away a
software package, since the major benefit to the producer will come
from sales of upgrades.  Other examples of economically sensible
behavior that is not accepted by society exist.  U. S. courts stopped
IBM from requiring users of its tabulating machines to purchase their
punched cards from IBM [US1936].  Today, most economists would argue
that this decision was a mistake, since in effect what IBM was
attempting to do was to charge the heavy users more than the light
ones, to enlarge the market.  (See [Stigler] for economic arguments
against another decision, [US1962], which barred movie distributors
from requiring movie theaters to book whole series of movies instead
of selecting them individually.)  While the general issue of what
practices are legal is not entirely clear (cf.  [Bowman, Varian2]),
there may be legal problems with some of the barriers that are likely
to be erected.  Even when there is no legal difficulty, there can be
extensive public action, as in recent protests against pharmaceutical
firms' pricing, and against use of child labor in less developed
countries.  (With reputations, whether of celebrity endorsers or
producers themselves, becoming increasingly important, public protests
can be powerful weapons.)  Issues of fairness (see [Zajac] for
extensive discussions of their influence on public policy) are likely
to be much more pronounced than in the past.  One reason is that the
barriers on the electronic superhighway are likely to be frequent.
Another is that those barriers will be much more visible as
artificial.  (In print book publishing, most people seem to think that
hardcover books sell for more than paperbacks because they cost more
to produce.  However, the differences in costs are minor, and the
price difference is just a form of price discrimination.  On the Web,
it will be clear that a low resolution version of a work is just a
degraded version of the high resolution one.)  It will also be much
easier to organize protest movements than in the past.

Public perceptions of what is fair depend on culture, are often
inconsistent, and do often clash with economic incentives.
Furthermore, the rapid evolution of technology, markets, and laws,
will lead to a continuation of the unstable situation we have.
Therefore there will likely be increasing temptation to ask
governments to intervene, and that will produce serious difficulties
for ecommerce.  Barlow's "independence declaration" [Barlow] might
appeal to many, but is totally unrealistic.  Government has been
involved in setting up the Internet, and is getting more involved all
the time, through issues such as the fair use of Scientology documents
on the Net, assignments of names, and provision of wide access to the
Net. The U. S. Telecommunications Act of 1996, which nominally
deregulated telecommunications, also brought in extremely intrusive
government regulations, to deal with thorny issues of setting up a
"level playing field."  We should be prepared for more intervention of
this type, whether they are successful or not.

Many issues will be complex.  As an example, only a tiny fraction of
the public understood any of the arguments about the U. S.
telecommunications deregulation debate, with its technical points
about access to local wires.  Also, few people follow the details of
the debate about revisions to copyright laws.  As was argued in an
earlier section, ecommerce requires some revision.  However, there are
a variety of ways to do this, and the precise ways in which different
proposals affect different players is not clear to the public.  (See
the discussions by Samuelson [Samuelson1, Samuelson2] of the proposed
revisions to U. S. copyright law [USPTO1995], as well as the survey
paper [Okerson] and the book [PattersonL].)  Therefore we can expect
an increased demand for lobbyists, lawyers, and public relations
experts.  Even in the non-governmental arena, it is reported, for
example, that "in preparing a commemorative CD-ROM for the 500th
anniversary of the first Columbus voyage to America, IBM spent over
$1M clearing rights, of which only about $10K went to the rights
holders; everything else went into administrative and legal fees"
[Lesk].  Although systems are being developed for automatic tracking
of rights to copyrighted material and the automatic payment of fees,
it is unlikely that such systems will see wide usage.  Content
owners will probably be reluctant to rely on them, and possibly
let valuable rights slip away.  

The conclusion to be drawn from this essay is that electronic
commerce will increase the efficiency of the economy.  However, it 
will also create artificial barriers, and we will have to learn
to live with them.



Acknowledgements:  I thank Greg Blonger, Hsueh-Ling Huynh, Bill
Infosino, Steve Lanning, Peter Linhart, Gerry Ramage, Ryan Siders, Hal
Varian, and Ed Zajac for their comments and the information they
provided.



References:

[AdamsY] W. J. Adams and J. L. Yellen, Commodity bundling and the
  burden of monopoly, Quart.  J. Economics, 90 (1976), 475-498.

[Arthur] W. B. Arthur, "Increasing Returns and Path Dependence
  in the Economy," U. Michigan Press, 1994.

[Barlow] J. P. Barlow, A cyberspace independence declaration,
  Feb.  9, 1996 email broadcast message, available at URL
   http://syninfo.com/IAN/02136002.htm
  and many other Net sites.

[Bowman] W. S. Bowman, Jr., Tying arrangements and the leverage
  problem, Yale Law J., 67 (Nov.  1967), 19-36.

[Burnstein] M. L. Burnstein, The economics of tie-in sales,
  Rev.  Economics and Statistics, 42 (1960), 68-73.

[CookL] K. S. Cook and M. Levi, eds., "The Limits of Rationality,"
  Univ.  Chicago Press, 1990.

[DeneckereM] R. J. Deneckere and R. P. McAfee, Damaged goods,
  J.  Economics and Management Strategy, to appear.

[Dyson] E. Dyson, Intellectual value, first published in Dec. 1994
  in Release 1.0, republished (in an abbreviated form) in Wired,
  July 1995, and available at URL
   http://www.hotwired.com/wired/3.07/features/dyson.html

[Economides1] N. Economides, Mixed bundling in duopoly, working
  paper (1993), available at URL
   http://edgar.stern.nyu.edu/networks/cvnoref.html

[Economides2] N. Economides, The economics of networks, Intern.
  J.  Industrial Organization, to appear.  Available at URL
   http://edgar.stern.nyu.edu/networks/cvnoref.html

[FrankC] R. H. Frank and P. J. Cook, "The Winner-Take-All Society,"
  Free Press, 1995.

[Gates] B. Gates (with N. Myhrvold and P. Rinearson), "The Road
  Ahead," Viking, 1995.

[HagelR] J. H. Hagel and A. E. Roth, eds., " The Handbook of
  Experimental Economics," Princeton Univ.  Press, 1995.

[KrishnaKA] A. Krishna, P. K. Kopalle, and J. L. Assuncao,
  Bundling of complementary goods:  The impact of competition,
  brand preference, and price sensitivity, in preparation.

[Lesk] M. Lesk, The seven ages of information retrieval, to be
  published.

[Odlyzko] A. M. Odlyzko, On the road to electronic publishing,
  Euromath Bulletin, vol.  2, no.  1 (June 1996), to appear, and
  to be available at URL
     http://www.math.ethz.ch/~shared/emb
  Available electronically at URL
     http://netlib.att.com/netlib/att/math/odlyzko/index.html
  and via email by sending the message
     send epublishing.road.txt from att/math/odlyzko
  to netlib at research.att.com.

[Okerson] A. S. Okerson, Who owns digital works?, Scientific American,
  275 (July 1996), 64-68.  Text available electronically at URL
     http://www.sciam.com/WEB/0796issue/0796okerson.html

[PattersonL] L. R. Patterson and S. W. Lindberg, "The Nature of
  Copyright: A Law of Users' Rights," Univ.  Georgia Press, 1991.

[RichardsonR] T. J. Richardson and R. Radner, Monopolists and
  viscous demand, to be published.

[Samuelson1] P. Samuelson, Intellectual property rights and the global
  information economy, Comm.  ACM 39 (1996), 23-28.

[Samuelson2] P. Samuelson, Technological protection for copyrighted
  works, Emory Law J., to appear.

[Schmalensee] R. Schmalensee, Pricing of product bundles,
  J.  Business, 57 (1982), S211-S230.  Comments on pp.  S231-S246.

[Stigler] G. Stigler, United States v.  Loew's Inc.:  A note on
  block booking, Supreme Court Review, 152 (1963), 152-157.

[US1936] International Business Machines Corp.  v.  United States,
  298 U.S. 131 (1936).

[US1962] Loew's Inc. v.  United States, 371 U.S. 38, 52 (1962).

[USPTO1995] Intellectual Property and the National Information
  Infrastructure, The Report of the Working Group on Intellectual
  Property Rights, B. A. Lehman, Chair, U. S. Patent and Trademark
  Office, Sept.  1995.  Available at URL
    http://www.uspto.gov/web/ipnii/

[Varian1] H. R. Varian, A model of sales, Am. Economic Review,
  70 (1980), 651-659.  Erratum on p.  517 of vol.  71 (1981).

[Varian2] H. R. Varian, Price discrimination, pp.  597-654 in
  "Handbook of Industrial Organization," vol.  I, R. Schmalensee
  and R. D. Willing, eds., Elsevier, 1989.

[Varian3] H. R. Varian, Pricing information goods, available at URL
  http://www.sims.berkeley.edu/~hal/people/hal/papers.html.

[Varian4] H. R. Varian, Buying, renting and sharing information goods,
  available at URL
  http://www.sims.berkeley.edu/~hal/people/hal/papers.html.

[Wilson1] R. Wilson, "Nonlinear Pricing," Oxford Univ.  Press, 1993.

[Wilson2] R. Wilson, Nonlinear pricing and mechanism design,
  pp.  249-289 in "Handbook of Computational Economics," vol.  I,
  H.  M. Amman, D. A. Kendrick, and J. Rust, eds., Elsevier, 1996.

[Zajac] E. E. Zajac, "Political Economy of Fairness," MIT Press,
  1995.






From habs at warwick.com  Mon Aug 12 09:38:44 1996
From: habs at warwick.com (Harry S. Hawk)
Date: Tue, 13 Aug 1996 00:38:44 +0800
Subject: Unmetered Net Usage
In-Reply-To: <ae33ffaf03021004fdeb@[205.199.118.202]>
Message-ID: <199608121309.JAA25649@cmyk.warwick.com>



> Will "unmetered" usage go away? It depends on a lot of factors. Right now,
> unmetered usage is a big enough marketing draw that it appears to
> outcompete metered usage plans. Sure, there are people like me who pay a
> flat rate (in my case, $20/month) and yet who are on for several hours a

My view point on this is that there will always be unmetered use but
it will ALWAYS have a lower priority. That if you want to ensure that
the download your doing or the internet phone call you placing gets
through you'll have to pay it bit...

You pay for faster routing
You will pay for priority access
You will pay for transaction control and measure and monitoring..
etc..

If you don't care about those things.. and will surf on the left over
bits' i'm sure it will always be unmetered.

/hawk






From wb8foz at nrk.com  Mon Aug 12 10:22:23 1996
From: wb8foz at nrk.com (David Lesher)
Date: Tue, 13 Aug 1996 01:22:23 +0800
Subject: [off-topic] Re: US Power Outages
In-Reply-To: <v02120d13ae347585efdc@[192.0.2.1]>
Message-ID: <199608121325.JAA01788@nrk.com>


It looks to me as if, what with all the earthquakes out there,
that some of those high voltage poles have tipped into the right
hand plane....



-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From jya at pipeline.com  Mon Aug 12 10:22:42 1996
From: jya at pipeline.com (John Young)
Date: Tue, 13 Aug 1996 01:22:42 +0800
Subject: Unmetered Net Usage
Message-ID: <199608121357.NAA17415@pipe5.t2.usa.pipeline.com>


Science, August 2, reports on Net traffic jams and various schemes to ease
the flow, including  pricing correlated to speedier service. 
 
 
See: 
 
 
http://www.sciencemag.org/science/scripts/display/full/273/5275/585b.html 
 
 
 
The report is part of a special section on computer use in science, with
three others on the Internet. 
 
 
For the full section see: 
 
 
http://www.sciencemag.org/science/scripts/display/full/273/5275/585.htm





From vince at offshore.com.ai  Mon Aug 12 10:27:28 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Tue, 13 Aug 1996 01:27:28 +0800
Subject: Rumors of death of Anguilla Data are greatly exagerated.
In-Reply-To: <2.2.32.19960812101556.00a54ec4@panix.com>
Message-ID: <Pine.LNX.3.91.960812071219.5395A-100000@offshore>





On Mon, 12 Aug 1996, Duncan Frissell wrote:
> At 01:37 PM 8/11/96 -0400, Vincent Cate wrote:
> 
> >If the laws of a country say it is fraud to open a bank account with 
> >a fake passport, then encouraging someone to do so is encouraging
> >fraud.  Check with your lawyer and see if you can open up a bank
> >account with a fake passport.  
> 
> My lawyer says that at common law you can use any name to open an account as
> long as there is no intent to defraud.  Since I am giving the bank money and
> not vice-versa, it can't be common law fraud.  I'm lending to them. 

Interesting. 

First, common law only applies if there is no specific law against it. In
some countries there are specific laws.  Is your lawyer sure there is no
specific law against this in the USA? 

> They
> aren't lending to me.  It *is* illegal in the US for the bank to open an
> account for me without some ID checks, but it is not *my* problem and it is
> not fraud.

Second, maybe they are lending to you.  Or maybe you are laundering money.

This also depends on the bank forms.  If they ask you to list any other
aliases you use, or your social security number, etc, you probably need to
lie to fill out the form. 

Think your lawyer would be willing to give his name and a statement on
this?  If a cypherpunk ever got in trouble and could say, "I was told by
the lawyer XYZZY this was legal", it might help.  :-)

  --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/






From trei at process.com  Mon Aug 12 10:32:30 1996
From: trei at process.com (Peter Trei)
Date: Tue, 13 Aug 1996 01:32:30 +0800
Subject: [NOISE] Re: Police prepare stunning e
Message-ID: <199608121156.EAA02006@toad.com>



 pjn at nworks.com writes:
Someone writes:
>> The car stopper works by focusing an intense electromagnetic
>> charge on the electronic systems that manage most modern
>> engines, disabling them and paralysing the car. In the jargon
>> of its inventors, the 150 kilovolt charge is a nemp, or non-nuclear
>> electromagnetic pulse. Contractors are bidding to produce a
>> police version.  
 
>  Is there any dif between this and a HERF gun?

Only that this is pretty real, while "HERF guns" have only appeared
in science fiction novels, and in newspaper articles which seem
to be from the 'Weekly World News' school of journalism.

Go over the the amateur radio newsgroups, and you'll find that the
interference of mobile ham radios with car ignitions is a well
known issue.

On a more speculative note,  many years ago Harlan Ellison
wrote an anti-statist short story entitled '"Repent Harlequin!"
cried the Tick-Tock Man.' , in which the government required
all adults to be surgically fitted with 'cardioplates', which 
allowed the state to turn off the hearts of  uncooperative
citizen-units by radio.

Peter Trei
trei at process.com





From raph at CS.Berkeley.EDU  Mon Aug 12 11:27:27 1996
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Tue, 13 Aug 1996 02:27:27 +0800
Subject: List of reliable remailers
Message-ID: <199608121350.GAA14978@kiwi.cs.berkeley.edu>


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list at kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail. For more information, see:
http://www.c2.org/~raph/premail.html

   For the PGP public keys of the remailers, finger
pgpkeys at kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list at kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail at miron.vip.best.com> cpunk pgp special";
$remailer{"c2"} = "<remail at c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon at anon.penet.fi> penet post";
$remailer{"flame"} = "<remailer at flame.alias.net> cpunk mix pgp. hash latent cut post reord";
$remailer{"mix"} = "<mixmaster at remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"replay"} = "<remailer at replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"ecafe"} = "<cpunk at remail.ecafe.org> cpunk mix";
$remailer{"amnesia"} = "<amnesia at chardos.connix.com> cpunk mix pgp hash latent cut ksub";
$remailer{'alpha'} = '<alias at alpha.c2.org> alpha pgp';
$remailer{'nymrod'} = '<nymrod at nym.jpunix.com> alpha pgp';
$remailer{"lead"} = "<mix at zifi.genetics.utah.edu> cpunk pgp hash latent cut ek";
$remailer{"nemesis"} = "<remailer at meaning.com> cpunk pgp hash latent cut";
$remailer{"exon"} = "<remailer at remailer.nl.com> cpunk pgp hash latent cut ek";
$remailer{"vegas"} = "<remailer at vegas.gateway.com> cpunk pgp hash latent cut";
$remailer{"haystack"} = "<haystack at holy.cow.net> cpunk mix pgp hash latent cut ek";
$remailer{"ncognito"} = "<ncognito at rigel.cyberpass.net> mix cpunk pgp hash latent";
$remailer{"lucifer"} = "<lucifer at dhp.com> cpunk mix pgp hash latent cut ek";
$remailer{"jam"} = "<remailer at cypherpunks.ca> cpunk mix pgp hash latent cut ek";
$remailer{"winsock"} = "<winsock at c2.org> cpunk pgp hash cut ksub reord";
$remailer{'nym'} = '<config at nym.alias.net> newnym pgp';
$remailer{"balls"} = "<remailer at huge.cajones.com> cpunk pgp hash latent cut ek";
catalyst at netcom.com is _not_ a remailer.
lmccarth at ducie.cs.umass.edu is _not_ a remailer.
usura at replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(c2 alpha)
(flame replay)
(alumni portal)

Use "premail -getkeys pgpkeys at kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

Note: The remailer list now includes information for the alpha
nymserver.

Last update: Mon 12 Aug 96 6:48:36 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
mix      mixmaster at remail.obscura.com     -++--++-+--+  2:22:53  99.96%
haystack haystack at holy.cow.net            *+*#*+*--###    21:59  99.95%
balls    remailer at huge.cajones.com                *++#     6:01  99.95%
lead     mix at zifi.genetics.utah.edu       ++++++++--++  1:59:31  99.94%
replay   remailer at replay.com              *** **+***+*     5:07  99.91%
nymrod   nymrod at nym.jpunix.com            #+** *####-#    23:23  99.90%
penet    anon at anon.penet.fi               ------_.--   14:43:28  99.55%
jam      remailer at cypherpunks.ca          **** _.-****  6:31:35  98.67%
nemesis  remailer at meaning.com             **+  *  ****    28:31  98.61%
winsock  winsock at c2.org                   ----..--_ -  18:19:17  97.80%
amnesia  amnesia at chardos.connix.com       --- ------    3:20:56  96.89%
extropia remail at miron.vip.best.com        __  ------   10:03:23  91.52%
ncognito ncognito at rigel.cyberpass.net     -....----+    7:57:35  89.83%
alpha    alias at alpha.c2.org               +-+*+-_.      5:24:22  58.18%
c2       remail at c2.org                    --+---..      5:59:32  57.68%
lucifer  lucifer at dhp.com                  +--+++++        53:57  56.99%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien





From reusch at pluto.njcc.com  Mon Aug 12 11:37:59 1996
From: reusch at pluto.njcc.com (Michael Reusch)
Date: Tue, 13 Aug 1996 02:37:59 +0800
Subject: No Subject
Message-ID: <199608121502.LAA04167@pluto.njcc.com>




is now doing internet telephony (www.von.com). Who isn�t?  They have developed a

set of voice morphing tools (www.voxware.com/meta.htm) and I quote:



�Morph-It offers an alternative. Morph-It allows multimedia developers and users to actually 

change, in real time, the character of encoded speech by altering resonance, pitch, timbre and 

other voice personality elements. With Morph-It, pitch and resonance can be altered 

independently. All these changes can be made and saved using a simple editor, and 

transformed voices can be stored as easy-to-apply VoiceFonts.



Morph-It can be used for a variety of purposes: 



Multiple voice personalities can be created from a single voice recording.

Users in "real-time" applications can disguise or alter their voices to enhance game- and 

role-playing.

Vocal character can be easily transformed into virtually any form, whether from male to 

female, or from a child's to an adult's.� 



End quote.



I have not heard it work. Imagine drunken suits, in karioki bars, sounding 

like drunken Pavarottis,  disk jockeys whose true voices are nasel whines, 

talking-heads and telemarketers using highly tuned voice-clones, home-alone children 

answering the phone as John Wayne.






From trei at process.com  Mon Aug 12 11:44:47 1996
From: trei at process.com (Peter Trei)
Date: Tue, 13 Aug 1996 02:44:47 +0800
Subject: India, Productivity, and Tropical Climes
Message-ID: <199608121315.GAA03303@toad.com>


Tim writes:
>Arun Mehta writes:
> 
[huge snip]
> >My prediction is that with the blessings of the Internet, the
> >next generation of multiracial programmers, even those that were
> >born in the USA, will be more likely to be found on the beaches
> >of tropical islands than in the fog of San Francisco. When you
> >can work in the shade of a palm tree, even if you should earn
> >less, it's worth it :-)
 
> As attractive as this sounds, historically this has not happened. And as
> many will tell you, the climate of the Bay Area in particular and
> California in general is extremely benign and delightful. The average
> winter temperature is only about 10C cooler than summer temperatures.
> Evenings are not balmy, but neither are they oppressively hot.

'Oppressive' is a subjective term, and is largely defined by what one is 
used to. Personally, I find the Bay area's climate very boring, too dry, and
usually too hot (and yes, I've been there many times, at all parts of the
year - I'm speaking from experience). Due to the lack of rain, the whole
country side also seems much dirtier than a place where everything,
both natural and artificial, gets a regular washing.

> Interestingly, and not really related to CP themes, the fact is that is
> that most technological developments have come out of cooler climes. Not a
> lot of stuff from tropical and island climes. Maybe they realize life is
> too good eating roast pig at the beach luau, maybe they are too lethargic
> from the heat, maybe tropical diseases and mosquitos have taken their toll,
> maybe....

The last time I heard this argument was in a documentary film
about South African mining and agriculture, produced by South Africans, 
during the height of apartheid 'these great natuaral resources lay 
untapped until the arrival of a more industrious people, tempered by 
a colder climate...'

While there *is* some truth that people living in environments where 
survival does not depend on long-term planning have less pressure to
develop sophisticated industry, to claim that average temperature is the
main determinate is betrays an ignorance of history.

The technological pre-emminence of Northern Europe and derivative
cultures is a very recent phenomenom. Civilization was invented in
hot climates, and for most of history the more sophisticated cultures 
were in locations where you could sweat any time of the year - the
Mediterranean basin, Mesopotamia, India, coastal China, Central
America - in fact, in the classical period you could have mapped
out a 'civilized belt' surrounding the globe in a distinctly sub-tropical
climate.
 
> I know an awful lot of folks who could easily affort to move to almost
> anywhere in the world, and yet they stay in California. (I also know folks
> moving to even cooler climes, in the U.S., especially less-crowded areas.)

In any place you can name, most of the people who can afford to move to
other areas do not do so. By your argument, Kuwait should be totally 
depopulated by now. 
 
> --Tim May

Peter Trei
trei at process.com

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei at process.com





From root at deimos.ceddec.com  Mon Aug 12 11:54:03 1996
From: root at deimos.ceddec.com (Tom Zerucha)
Date: Tue, 13 Aug 1996 02:54:03 +0800
Subject: s/key for linux?
In-Reply-To: <2.2.32.19960801042307.00679844@gonzo.wolfenet.com>
Message-ID: <Pine.LNX.3.95.960811132738.1698C-100000@deimos.ceddec.com>


I managed to get it working enough to fit into tis fwtk.  You need to add
some bsd stuff, and/or move some includes.

zerucha at shell.portal.com
finger zerucha at jobe.portal.com for PGP key






From an584514 at anon.penet.fi  Mon Aug 12 12:04:25 1996
From: an584514 at anon.penet.fi (an584514 at anon.penet.fi)
Date: Tue, 13 Aug 1996 03:04:25 +0800
Subject: Rumors of death of Anguilla Data are greatly exagerated.
Message-ID: <9608121346.AB00628@anon.penet.fi>



Vince says:

>  And Anguilla is first and foremost a taxhaven.  But it tries hard to be a
>  very clean taxhaven (does not want drug money etc).  I think that "clean"
>  corporations operating here tax free is a potentially huge market.

This is an illusion.  There ain't no such thing as a clean corporation
operating in a clean tax haven.  Every overseas corp that is doing
something they can't do without interference back onshore, is running the
gauntlet.  Remember, its my moral choice as to whether its dirty, and
if I am sitting in some Washington quango office, and I decide its
dirty, then it is.  Plus its my job to fight it, and I'm not afraid
of a dirty fight.  And I got a list of contacts who've got friends
who've got favours to call in...

But you must know this, don't you follow the machinations that USG
pulls in the region to try and close down the arbitrages?

>  Anguilla and OIS are not the data haven of cypherpunks wet dreams. Neither
>  Anguilla nor I want "hit men for hire" advertising here. Sorry Tim.  And I
>  think the loss in clean business would outweigh any money from such by a
>  long shot.

Nobody's talking about things that every body agrees are no-go.
Shooting people is generally considered not acceptable.  So please
don't change the subject.

What we are talking about is a fairly harmless concept.  An obviously
"fake" passport that is designed to fool the supposedly ignorant peasant
terrorist when they wave grenades on the some flight from Miami, now
going to Havana.  It's a laughable concept, and one that most western
governments have sniffed at and not lifted one finger to even warn about.

OK, so there is a chance that a dumb clerk in a bank could be fooled.
Still, opening a bank account with such a person could be done any number
of ways.  It's equally possible to imagine the Honduras passport being
used to escape some sudaka warzone, without being shot for a gringo.
Remember PGP?  It was used for liberty, crime and freedom, all at once.

>  One simple example is that OIS was given a project Gutenberg CD-ROM and
>  may sell online copies of old books.  Some countries are extending
>  copyrights back further into the past.  Anguilla is not.  So we could sell
>  books that have expired copyrights in Anguilla but not expired in USA etc.
>  Think regulatory arbitrage.

Crap.  It's obvious what book your talking about, if you get Europeans
down there.  It's about as harmless, or harmful, as "kill the Queen"
rants, again its my moral choice.  If a phone call from your lawyer
causes such good responses, then there is no problem about getting
this one made out-of-stock.  Do you have a lot of tourists then
from *that* place?  What's the GDP take for the holiday trade anyway?

>  Taxhavens are a huge and well understood market.  Datahavens are still
>  new. Not counting gambling, they may only be $0/year rounded to the
>  nearest million.

The distinction is irrelevant.  What are you going to do to protect
my business?  Now I know.  SFA.  I may be asking you for data
protection, but my profits, which (might) pay you, come from a
long line of other businesses.  We're not all geeks.

Tim makes good points, especially as he is not (as far as I can
see) in the trade.  When my company does business with such
a jurisdiction, we look for the list of things allowed and the list
of no-nos (which we respect).  Then we look at the history of how that
country stand up to its word.  One thing is what they say, then
another is what they do.  It's surprising how easy it is to see
just how much a place really wants your business for the long run.

I will say this, it ain't really your fault that this happened.
The webshop was too bright, too blatent.  He talked to toublesome
scam reporters.  That sort of thing is going to bring in trouble.
Softly softly catchee monkey is what is needed.

Then when the phone rang my guess is it all happened to quickly.
You win some you lose some.  Lets not make a bad story get worse.

Even though this is not a happy post (Anguilla was on our list)
we still would like you to suceed.  Our advice, worth what you
paid, is don't advertise this event, one bad storm doesnt sink
a ship.  Take a look at all your webpages and tone down the
noisy ones.  Tell them to camoflage their location, no pun intended.

Then, get down to your lawyers office and sit down over a beer
and work out how your going to handle this thing next time.
Properly.

Publish (quietly but definatively) your list of no-nos (ok,
that's already said).  Think about what new shops want to do
and talk it over with your man down at the bar (so you can
predict the attacks).  Learn some negotiating skills, soften
the blow from both ends.  Nothing I'm sure you hadn't thought of.

Cheers,
sorry for anonymity, but as I say, its softly softly in this game.
Wish you luck.
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From dsiemon at cyg.net  Mon Aug 12 12:26:58 1996
From: dsiemon at cyg.net (Dan Siemon)
Date: Tue, 13 Aug 1996 03:26:58 +0800
Subject: Fun with M$
Message-ID: <199608121526.LAA07380@granite.cyg.net>




----------
> From: Rich Graves <llurch at networking.stanford.edu>
> To: cypherpunks at toad.com
> Subject: Re: Fun with M$
> Date: Friday, August 09, 1996 8:46 PM
> 
> On Fri, 9 Aug 1996, Jeremey Barrett wrote:
> 
> > Information page with a link to a page which loads the control:
> > 
> > 	http://www.halcyon.com/mclain/ActiveX/
> > 
> > Quote from the page:
> > 
> > Exploder is an Active X control which demonstrates security problems
with 
> > Microsoft's Internet Explorer. Exploder performs a clean shutdown of 
> > Win95 and will turn off the power on machines that have a power
> > conservation BIOS (green machines).

I don't see how anyone can call this a bug. Microsoft has chosen what Sun
should have: leave the security to the user, don't take it away from
everyone. Java has been sverly crippled by the removal of features that
would have made applets truly usefull, like local disk access. By leaving
these abilities and allowing the user to choose whether or not to run the
object, leaves the trusted objects to be truly usefull. Microsoft has even
designed a system of trust verification for these objects throught the
trust chain and the MS download service. For details on the MS download
service look at the july 96 issue of Microsoft Systems Journal. Security
should be a user/parent decision not a general ban to protect a few.






From vagab0nd at sd.cybernex.net  Mon Aug 12 12:32:24 1996
From: vagab0nd at sd.cybernex.net (Erle Greer)
Date: Tue, 13 Aug 1996 03:32:24 +0800
Subject: Read; NOW
Message-ID: <2.2.32.19960812154732.00704a10@mail.sd.cybernex.net>


At 10:29 PM 8/11/96 -0400, Unix_Code <unix_code at geocities.com> wrote:
>        Hi I'm Unix Code and have a few things to ask...

Ok, go ahead... we're waiting... I thought you had a few things to ask?

>                                                        (it may not go with
>Cryptography but go ahead and read)

Maybe I read it too fast.  Not only did it have nothing to do with crypto,
but I could not ascertain as to it's relevance to anything whatsoever.

- I'm sorry, C-Punks; I couldn't resist, but I did keep it short.
Vagab0nd<br>
<a href="http://ww2.sd.cybernex.net/~vagab0nd/index.html">Visit web page for
public key.</a>






From jya at pipeline.com  Mon Aug 12 12:41:54 1996
From: jya at pipeline.com (John Young)
Date: Tue, 13 Aug 1996 03:41:54 +0800
Subject: [NOISE] Re: Police prepare stunning e CUT_ags
Message-ID: <199608121531.PAA22889@pipe5.t2.usa.pipeline.com>


Peter Trei <trei at process.com> Wrote: 
 
 
On a more speculative note,  many years ago Harlan Ellison wrote an  
anti-statist short story entitled '"Repent Harlequin!" cried the Tick-Tock 

Man.' , in which the government required all adults to be surgically fitted
 
with 'cardioplates', which allowed the state to turn off the hearts of   
uncooperative citizen-units by radio. 
 
-------- 
 
 
NYP reports today on the thriving market for Radio Frequency Identification
(R.F.-ID) tags. 
 
 
And FiTi reports today on tagging cattle, tracking meat from cradle to
abbatoir, to ward off mad cow assassination politics. 
 
 
Are these precursors of CU body-tags acoming from ARPA labs? E-Systems and
a bunch of comp-conspirators just got supercalifrigalistic HPCC contracts. 
 
 
----- 
 
 
For the NYT and FiTi reports, see: 
 
 
http://jya.com/cutags.txt 
 
 
CUT_ags 
 
 





From jfricker at vertexgroup.com  Mon Aug 12 12:52:19 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Tue, 13 Aug 1996 03:52:19 +0800
Subject: FCC_ups
Message-ID: <2.2.32.19960812155336.012936dc@vertexgroup.com>


At 08:58 PM 8/11/96 -0700, you wrote:
>At 14:08 8/11/96, John Young wrote:
>>   8-10-96. WaPo:
>>
>>   "Phone Service Via the Internet May Slash Rates."
>>
>>      Labs of Advanced Technology has developed a way for
>>      people to make long-distance calls over the Internet
>>      using only their telephones, at about half the price of
>>      ordinary toll calls. Customers would merely call a
>>      central number, then dial their long-distance numbers.
>>      The call is carried on the Internet, then put back onto
>>      the local phone system at its destination. The company
>>      plans to charge 5 to 8 cents per minute for all domestic
>>      U.S. calls, which represents a 50 to 75 percent discount
>>      off most domestic long-distance rates.
>
>I am glad to see some movement in this area. I designed a similar system
>for a previous employer of mine. But the real choke point is the local
>loop. As of this day, the local telos still have a de facto monopoly in the
>local markets. The new competitors (the same old Phone Company) that we
>will see in the near future seem to show no desire to deliver the really


The real issue concerns the $0.03 per minute access fee that LD companies
pay the local loop for voice communications. Seems there is difference
between data bits and voice bits. VON has sparked this debate and the ISP's
may end up paying the RBOCs the access fee.

The way around that as well is through point to point wiring (and of course
wireless systems). PairGain Technology is manufacturing a product that
provides 384Kbps data and voice over a single pair of copper. Many RBOCs
will sell you a LAD circuit which is point-to-point, unloaded, and
unswitched. They go by different names : telegraph circuits, alarm circuits,
Local Area Data Circuit. Ask a security company what kind of circuit they
install. Your mileage may vary.

--j






From jimbell at pacifier.com  Mon Aug 12 13:43:12 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 13 Aug 1996 04:43:12 +0800
Subject: US Power Outages
Message-ID: <199608121610.JAA05896@mail.pacifier.com>


At 07:28 AM 8/12/96 -0500, Igor Chudov @ home wrote:
>Jim McCoy wrote:
>> Even the power company's secret experiments in the cores of nuclear reactors
>> have not found a way to get around the 186,000 km/s speed limit on everything.
>> 
>
>I wonder where does the 186,000 km/s speed limit come from? ;)
>

A serious confusion as to proper units.
Jim Bell
jimbell at pacifier.com





From jkroeger at squirrel.owl.de  Mon Aug 12 13:47:21 1996
From: jkroeger at squirrel.owl.de (Johannes Kroeger)
Date: Tue, 13 Aug 1996 04:47:21 +0800
Subject: New mixmaster/ghio remailer mix@squirrel.owl.de
Message-ID: <19960812160526.19277.qmail@squirrel.owl.de>


-----BEGIN PGP SIGNED MESSAGE-----

I've installed a Mixmaster/Ghio remailer combination on my
Linux machine with the address mix at squirrel.owl.de.

Here are the public keys:

 Type Bits/KeyID    Date       User ID
 pub  1024/0B11B275 1996/08/08 Squirrel Remailer <mix at squirrel.owl.de>

 -----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: 2.6.3ia

 mQCNAjIJ8IkAAAEEAJvmQTdUL2iLpKmZcnrtQuQWdw1zqt7oYVqkWeFa8J0qrunP
 smKvfTXmo52y2leLxbKZ6efADvrKq9ThXGF6qREVIdzTOnRYsVIwSSJjqBiDykAU
 cz8y/rEDes0oty4TRhysve976RwF3dLK7WU0RrDFj3VBLMhzyiQ+wVoLEbJ1AAUR
 tCdTcXVpcnJlbCBSZW1haWxlciA8bWl4QHNxdWlycmVsLm93bC5kZT6JARUCBRAy
 DQ4gvA9InihC/mkBAUlnCACgdpUBabYF9mQPaBC69YGxvcmoYQUxtqj7HlSpAAMr
 l0HlPNVUHuSqgo3Wo54uIHc4fFA2JYyxi/qETrQU5sHGOHq63H66uPylyzTLfE5v
 uIzbMuikNL2f9SIpdPamW2b+4Jep8UNlSGN0hKtbyedBDClJfPYbCXn9FKgwFcoo
 UyPTcfiAsV1f97cTGFM88thUVv6pAYNO4quangxnBEtdwY/mrr1xefw36TiC1yPo
 PNItxHEFRFxD2aEG5vA5hjRp/Sz5ZXZiY8K9X7hlt+n3MUXfKKz/OldWtF+Q9fOg
 a8Kmqj+duqlS2A4NbWp9emujOEzn2giI7+13B8MEyzVliQCVAgUQMgnwiSQ+wVoL
 EbJ1AQFKYwP/XqOGRvvjyd3anh42iAG0SASP9e/fIjD8bCymdEhJHdAsNy0H06ns
 oaLtH20tHN4BAgUo9i9H8h11+AygF4iJokGz1coP2BJI/O2o7YxR8SBWwk1SSrCb
 utbsi00uz/7QN1zb7Gn/sowUahhBsmhbJbkuur6EB5shBqyq0m/5jVE=
 =MqM9
 -----END PGP PUBLIC KEY BLOCK-----

 =-=-=-=-=-=-=-=-=-=-=-=
 squirrel mix at squirrel.owl.de 072821bee96df27f9defd3b41d216ac2 2.0.3

 -----Begin Mix Key-----
 072821bee96df27f9defd3b41d216ac2
 258
 AASyQ7WwBpuGeDdEHnfEZO3WXHbGWbtyz0EKeImP
 moWsMhfky9H/GoFt3qH10HsH2Hf5TbZBQFim7P2F
 cgvKNiitUwihSyZcTQEDPbhEIWMQCZdBZLDO8zId
 eAg3TUhwhHfjdILNyhMTOMyqZQckY+mrUTboT/z3
 nloJJdC4PSHPiwAAAAAAAAAAAAAAAAAAAAAAAAAA
 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
 AAAAAAAAAAAAAAAAAAAAAQAB
 -----End Mix Key-----

The Ghio remailer has the following features:

$remailer{"squirrel"} = "<mix at squirrel.owl.de> cpunk mix pgp hash latent cut ek"

My connection for email is via a UUCP link that is polled every two hours.
Do not expect quick turnaround of remailed messages.  List pingers
please note.  This can be a disadvantage or an advantage depending on your
needs and expectations.

Please read the help file before using the remailer.
You can get it by sending an empty mail with subject "remailer-help"
to mix at squirrel.owl.de.
I adapted and extended the original remailer help files and inserted a
section about reply blocks and pseudonyms.

C'punks, please mail questions and comments directly to me, as I'm
not subscribed to the cypherpunks list.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQEVAgUBMg9WB7wPSJ4oQv5pAQFoTgf+NABhSyEDQyzLoAC/FVDSvhSJtdbaXMFz
vQOxVpUk9DllNpDIkW8Wj/rdH7QDk2vma8bNAaBD3/7HOs8ygFLWlLC3ZB48TpTK
ghd/JT8VTvnHHQ3uM3XyXEwLkykTyJJhDuDBbnVzczCwEGQaaz/cpdQInVzQIOc7
GTNyRGGJX4ILzHNH5hfxZTDMfgCjF1qpvSqgT1qibhbViCH05zT4yykKcl83KE4v
M8bFGrw86CUrLoUww5xTmiRIvHbUFCtwwrvjAktAX1U6jUyrJjn8qsyPj8lvA9eB
qaRD1PwjJg57QYAkrHl0H11owpUZDPW7y76mBKYzQofPBCIuAkuW6g==
=zgfG
-----END PGP SIGNATURE-----

-- 
Johannes Kroeger		<jkroeger at squirrel.owl.de>
Send me mail with subject "send pgp-key" to get my PGP key





From geeman at best.com  Mon Aug 12 13:54:08 1996
From: geeman at best.com (I=(!isnum(self)))
Date: Tue, 13 Aug 1996 04:54:08 +0800
Subject: don't say "bomb" on the internet
Message-ID: <320F625E.1744@best.com>


Below is from EFF source.

Does anyone have specifics on where this piece of idiocy is supposedly
going from here?  When does Congress reconvene on this issue?

Any specific activities going on regarding this piece of crap?


[begin quote]========================================================================


This is the language that Feinstein inserted into the Defense 
Authorization Act.  It has been passed by the Senate.  This is not
good, but significantly different from her first effort last Spring (a 
similar amendment, to the S.735 anti-terrorism bill of 1995). This
language is technology-neutral.  However, it does have a very slippery
'intent' or 'knowledge' standard, and though the language of the bill 
does not directly focus on the Internet, all of Feinstein's commentary on 
the Senate floor and to the press have focused exclusively on 
"bomb-making information" on the Internet.  Though this new version of 
her Net censorship proposal is possibly constitutional, unlike the 
earlier one, a key question that all constituents and journalists need to 
ask of Sen. Feinstein is: If you are simply trying to criminalize online 
incitement of, or conspiracy to commit, murder by bomb, then what on 
earth does this bill do?  Both of these things are *already illegal* 
online or offline.



                                           S.1762

Department of Defense Authorization Act for Fiscal Year 1997 (Passed by the
Senate)

SEC. 1088. PROHIBITION ON THE DISTRIBUTION OF INFORMATION
RELATING TO EXPLOSIVE MATERIALS FOR A CRIMINAL PURPOSE.

       (a) UNLAWFUL CONDUCT- Section 842 of title 18, United States Code,
is amended by adding at the end the
       following new subsection:

       `(l) It shall be unlawful for any person to teach or demonstrate the
making of explosive materials, or to distribute by any means information
pertaining to, in whole or in part, the manufacture of explosive materials,
if the person intends or knows, that such explosive materials or
information will be used for, or in furtherance of, an activity that
constitutes a Federal criminal offense or a criminal purpose affecting
interstate commerce.'.

       (b) PENALTY- Section 844(a) of title 18, United States Code, is 
amended--

              (1) by striking `(a) Any person' and inserting `(a)(1) Any
person'; and

              (2) by adding at the end the following:

       `(2) Any person who violates subsection (l) of section 842 of this
chapter shall be fined under this title, imprisoned not more than 20 years,
or both.'.





From wombat at mcfeely.bsfs.org  Mon Aug 12 14:01:03 1996
From: wombat at mcfeely.bsfs.org (Rabid Wombat)
Date: Tue, 13 Aug 1996 05:01:03 +0800
Subject: (Off Topic) Re: FCC_ups
In-Reply-To: <199608120538.WAA29683@dns2.noc.best.net>
Message-ID: <Pine.BSF.3.91.960812153240.26183B-100000@mcfeely.bsfs.org>




On Sun, 11 Aug 1996, James A. Donald wrote:

> At 02:34 AM 8/12/96 -0400, Rabid Wombat wrote:
> > Anyone that wants to carry a large volume of traffic via the 'net will
> > find that either the market will dictate that they pay for the bandwidth
> > they use, or the FCC will. I don't see the FCC getting involved, unless
> > the "phone service via internet" providor tries to use the courts to get
> > out of paying for the bandwidth they use. 
> 
> Bandwidth costs almost nothing, unless you are doing full motion
> video.
> 

I disagree - the cost doesn't stop w/ the cost of the circuit itself - 
installation, CPE, maintainance, management, customer service (re the 
purchaser of the bandwidth, not the "voice customer") all contribute to 
the cost. None of these costs are realy "fixed" - all are fixed+marginal, 
so the costs increase as bandwidth is added.

Also, I've worked with a number of large sites, as well as a large ISP - 
the amount of RealAudio traffic is amazing.

> What is expensive is cutting that bandwidth up into little pieces 
> and delivering those pieces to the people who want to use it at
> the time that they want to use it.

Yes, but having enough bandwidth to service your customer base means 
having enough bandwidth to service peak periods of demand - otherwise, 
customer satisfaction will be low. What is your point? If x bandwidth is 
sufficient during "off-hours", but 6x bandwidth is needed for peak 
periods, then either the voice providor leases 6x bandwidth, or a 
higher-tier providor must provide the capacity for 6x bandwidth, and 
lease "bandwidth on demand" to the voice providor. The infrastructure 
must still support 6x bandwidth, with accompanying costs. Do you think 
"BigTelco" will lease bandwidth on demand without charging more for high 
levels of use during peak hours? Not on a large scale.

This reminds me of the old arguements that "bandwidth costs would come 
down so fast that the Internet would be essentially free."  Haven't seen 
that happen yet, either.

> 
> Thus those who retail bandwidth will have the bulk of the revenue,
> rather than those who wholesale it.

The breakup and the addition of competition and second-tier voice
providors hasn't killed AT&T yet. If anything does, it will be bloated
corporate structure, not 2nd tier competition. (They're working on that -
funny how years ago we spent gobs of tax dollars breaking up AT&T, and now
they've gone and done it to themselves voluntarily). Most second-tier
providors differentiate themselves through marketing and/or customer
service.  Customer service is a big expensive pain in the butt. Many
larger companies out-source it anyway, when they can get away with it. 
Larger companies will still retail large accounts, and leave the smaller, 
less profitable crumbs to the niche marketers.


I still see voice over the Internet as a hobby - nobody is going to spend 
$800 for a telephone, er "voice terminal." If I decide to, who will I 
call? Only others with similar equipment? That's not very functional. 
Yes, this new carrier could implement equipment in each CO to convert my 
call to POTS systems, so I can call my computerless Grandmama from my PC 
- what will this do to costs?

Most of corporate America is still grappling with learning to use email. 
I don't see the business customer buying into voice services via PC anytime 
soon. The equipment costs per user are too high. I started working with a 
whole slew of telephony and convergence products years ago - they've been 
very slow to catch on.

Yes, one day voice, video, and data will all be carried on the same
infrastructure - using ATM, or a similar technology. The convergence is
inevitable. Large corporate phone switches will communicate with the 
outside world via packet switched, rather than circuit switched 
networks. This isn't the same as the "save money on phone calls by 
using cheap Internet bandwidth and your PC"  sales pitch, however. 

ob crypto (for anyone who read this far): When packet switched voice 
systems become a reality, how can secure calls be placed to any number? 
Key exchange during call set-up? How long will this make the call set-up?
Ideas?

-r.w.





From jimbell at pacifier.com  Mon Aug 12 14:52:35 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 13 Aug 1996 05:52:35 +0800
Subject: US Power Outages
Message-ID: <199608121716.KAA09849@mail.pacifier.com>


At 11:02 PM 8/11/96 -0700, Bill Stewart wrote:
>At 06:15 PM 8/11/96 -0400, Dave Farber wrote:
>>attempt to explain that blackout and how to prevent such. We have not
>>progressed very far. The avalanche behavior of power systems is still not
>>well understood and techniques to prevent such failures are not obvious.
>
>It surprises me how little these systems appear to be monitored.
>It took some hours for them to decide that the brush fire on the
>California border didn't cause the system to shut down;
>you'd think they'd know quickly that the subsystem shut itself down
>or disconnected from the grid or whatever because of reason #17...


The story previously being promoted says that approximately at the 
Oregon/California border, a fire caused problems with the transmission line.

This morning, I read the new claim: extreme heat (presumably assisted by 
heat dissipated in the power line itself) cause the power cables near The 
Dalles (about 100 miles east of Portland, along the Columbia river) to 
stretch and sag, eventually shorting themselves out to trees near the ground.

I find this claim EXTREMELY hard to believe. The temperature coefficient of 
expansion of steel is about 10 ppm/degree C, which means that even if the 
power lines heated up 200 degrees C, that's only 2000 ppm longer, or about 
0.2%    I don't know the formula to determine the length of a catenary, and 
I'm too lazy to look it up right now,  but I'd imagine that this 0.2% 
increase in length won't increase the amount of sag by more than a factor of 
10 higher, or 2%.   That amount should be almost ignorable if the power line 
was competently installed and maintained.



>One of my concerns about the situation is that it's only a week
>or two after Clinton's speech about how The Government needs to protect the
>National Information Infrastructure for us.  I'm not paranoid enough
>to think that they did it, but I'm sure that within a week we'll
>see Al Gore or somebody making an NII Protection Agency speech
>and Louis Freeh explaining that we need enhanced wiretap underwriting
>to make sure that encryption-wielding hackers don't do it again.


I've long believed that if incidents such as these were the work of 
saboteurs, it is in the interest of the ordinary citizen that communication 
with those responsible is maintained.  If, on the other hand, the fact of 
the sabotage is covered up, that will only lead to more.  The government, on 
the other hand, has an illegitimate interest in seeing it hidden (where it 
can be hidden; and where the government can't see a good reason to publicize 
it), because if uncovered it would tend to force the government to actually 
deal with the dissatisfied citizenry: not merely the ones doing the 
sabotage, but also the ones who have heard what their motivations are and at 
least partly agree with them. 



Jim Bell
jimbell at pacifier.com





From snow at smoke.suba.com  Mon Aug 12 15:01:01 1996
From: snow at smoke.suba.com (snow)
Date: Tue, 13 Aug 1996 06:01:01 +0800
Subject: Police prepare stunning end for high-speed car chases
In-Reply-To: <199608101504.RAA03459@internal-mail.systemics.com>
Message-ID: <Pine.LNX.3.93.960812114406.3627P-100000@smoke.suba.com>


On Sat, 10 Aug 1996, Gary Howland wrote:
> Police prepare stunning end for high-speed car chases 
                                                                             |
     Could you please format your posts to 78 columns? It makes it difficult
to read on a standard terminal. 
>                                     BY GILES WHITTELL 
>                                     AND NIGEL HAWKES 
>          A high-powered electrical device under development at the Pentagon's Army Research
>          Laboratory in Adelphi, Maryland, is to be tested by police and border patrol agents and
>          even stop heart pacemakers. There is also the danger of loss of control when a car is
>          being driven at high speed. 
>          Counter-measures would include using old-fashioned engines with no electronics, or
>          perhaps surrounding the most delicate components with shielding. The best might be to
>          get hold of one of the stun guns and use it to disable pursuing police vehicles. 
> Original article at http://www.the-times.co.uk/news/pages/Times/timnwsnws01022.html?1060389
> 	Will old fashioned engines be outlawed?
> 	Will the "stun guns" be outlawed?
> 	Will susceptible electronic systems become mandatory?
> 	(and if so, why not just put a remote control switch in all cars?)

    One word: Pacemakers.

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From fletch at ain.bls.com  Mon Aug 12 15:06:29 1996
From: fletch at ain.bls.com (Mike Fletcher)
Date: Tue, 13 Aug 1996 06:06:29 +0800
Subject: Fun with M$
In-Reply-To: <199608121526.LAA07380@granite.cyg.net>
Message-ID: <9608121727.AA18460@outland.ain_dev>



> I don't see how anyone can call this a bug. Microsoft has chosen what Sun
> should have: leave the security to the user, don't take it away from

	Good, leave it to Joe Sixpack who can bareley figure out how
to move files around without deleting half of the system directory . . .

> everyone. Java has been sverly crippled by the removal of features that
> would have made applets truly usefull, like local disk access. By leaving

	Java has local disk access.  Java _APPLETS_ are not allowed to
access local disk (among other things) if the class is loaded from a
network source.  A class which is loaded from local disk has no such
restrictions.

> these abilities and allowing the user to choose whether or not to run the
> object, leaves the trusted objects to be truly usefull. Microsoft has even
> designed a system of trust verification for these objects throught the
> trust chain and the MS download service. For details on the MS download
> service look at the july 96 issue of Microsoft Systems Journal. Security
> should be a user/parent decision not a general ban to protect a few.

	You are just a free to grab the Java class files for an applet
and store them on your local disk as you are a CaptiveX component and let
them have full run of your system.

---
Fletch                                                     __`'/|
fletch at ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)      Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------







From ericd at shop.internet.net  Mon Aug 12 15:17:55 1996
From: ericd at shop.internet.net (Eric Davis)
Date: Tue, 13 Aug 1996 06:17:55 +0800
Subject: US Power Outages
Message-ID: <v02140b01ae3515f69181@[192.195.4.226]>



Also remember that you have to deal with capacitive/bleedoff issues as well.

It is hard to throw the off switch to an active 500,000 volt/??amp
transmission line, esp under heavy load. The power in transit has
gotta go somewhere.

This gets even more fun when you deal with long haul DC transmission
systems. These systems are the basis for a *very* large capacitor.
MILES of flown wire, air dielectric, and earth.

As metioned below, most all of the protection systems are in the
"protect my local equipment" mode.

So what do you do? The basis today is to watch voltage, current, and
waveform (freq/shape stability). "Protect mode" happens if one is too far
out of wack.

It would take far too much time to cross ref local data against other
remote monitoring stations to confirm validity. The time required to check
the data
would result in local system damage. Lets also not forget to protect the
power yard worker(s) standing under the entrance busses when the surge comes
knocking!

Eric


At 12:22 AM 8/12/96, Jim McCoy wrote:
>Lucky (crypto-leprechaun) wrote:
>> At 18:15 8/11/96, Dave Farber wrote:
>> >The avalanche behavior of power systems is still not
>> >well understood and techniques to prevent such failures are not obvious.
>> >Same can be said of telephone and computer networks at different levels.
>>
>> Does somebody here have a pointer to literature on this topic? A system in
>> which small localized disturbances can amplify, propagate through the
>> system, leading to catastrophic failure is the worst of all possible
>> designs. I fail to understand why a system as important as the power grid
>> would display this type of behavior. Why is the grid negatively dampened?
>
>Because the system designed to fail non-destructively rather than risk
>a power surge.  Part of the problem is that the power being controlled
>moves as fast as any information about the state of the network: all
>decisions must be made locally at the switch level.  When a major line
>fails the power generation stations can not just "turn off the juice" at
>the speed required, the power must either be redistributed or else the
>switch overloads and shuts down to prevent a massive power spike.  The
>power companies would rather face the ire of consumers without power for
>an evening than the outcry that would happen if every toaster, microwave,
>and computer on the west coast was fried by the spike caused by 3 gigawatts
>being dumped into grids that could not handle the load (not to mention the
>long-term blackouts caused by local switching equipment getting fried.)
>In this case the system must fail to prevent damage.
>
>The great east coast blackout was caused by a $50 switch which wore out.
>The switch happened to control a chunk of load which was re-routed on to
>another line, causing a cascade failure as the excess load caused other
>switches to fail when it was dumped on to those lines (and the excess
>load caused by these other switches tripping accellerated the failure.)
>Power distribution is not like telecom, if a phone switch dies the calls
>end; the failure does not endanger the upstream switch with overload
>from bits not going anywhere.
>
>Imagine that cars on highways had no brakes until they reached an offramp
>but the DOT could apply a kill-switch to segments between offramps (tying
>this thread into another non-crypto thread on the list :),if a failure in
>the roadway caused traffic to stop then all of the upstream traffic would
>have to be dumped off the road via offramps that were only one or two lanes.
>This would cause further bottlenecks and the kill-switch would need to be
>applied to more and more segments upstream to prevent the traffic stopped
>or being slowly bled off from causing more problems.  No imagine that
>offramp-to-offramp messages were transmitted via messengers travelling
>upstream in the carpool lane :)
>
>Even the power company's secret experiments in the cores of nuclear reactors
>have not found a way to get around the 186,000 km/s speed limit on everything.
>
>jim

-----------------------------------------------------
Eric Davis                        ericd at cyberfarm.com
Co-Founder MediaCast:       http://www.mediacast.com/
-----------------------------------------------------







From jimbell at pacifier.com  Mon Aug 12 15:29:07 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 13 Aug 1996 06:29:07 +0800
Subject: Unmetered Net Usage
Message-ID: <199608121741.KAA11226@mail.pacifier.com>


At 02:20 PM 8/11/96 -0700, Timothy C. May wrote:

>
>Will "unmetered" usage go away? It depends on a lot of factors. Right now,
>unmetered usage is a big enough marketing draw that it appears to
>outcompete metered usage plans. Sure, there are people like me who pay a
>flat rate (in my case, $20/month) and yet who are on for several hours a
>day. But the subscribers who also pay the $20/mo and yet who are on only
>briefly to check their mail are not clamoring to switch to metered usage.
>
>If Internet telephony becomes a big deal, I still suspect unmetered usage
>will be common. If the capacity isn't there, from the ISP through the
>various links to the other person's ISP then there will be stalls and
>delays. Think of it as evolution in action, like crowded freeways.

We need to consider separately costs of unmetered access to the ISP, and 
unmetered access to the Internet.  I expect that the main reason for these 
limited-time plans have little to do with Internet traffic, and a lot to do 
with local phone link limits.

One big cost for at least small ISPs is local telephone lines.  Due to the 
"infinite wisdom" of rate commissions, business-line charges are 
substantially higher than residential.  (and ISP's are businesses...)   A 
person who uses 6 hours per day of connection to his ISP is occupying at 
least 1/4th of the capacity of one phone line, and given typical circadian 
usage patterns, in practice he's using 1/3rd or more.  If the ISP's cost for 
that telephone line is $30 per month, then that user must be charged $10 per 
month for this service just to cover this cost.  That customer, however, 
might only be using a rather tiny fraction of the ISP's actual Internet-line 
capacity, except possibly when his Internet telephone is operating.  Also, 
the customer isn't inclined to occupy his own telephone for this length of 
time, either, especially if he has only one line.

So it seems to me that within 5 years or so, there ought to be a powerful 
incentive to wire up apartment complexes and business parks with alternative 
Internet/Internet-telephone connections, ones which bypass the phoneco for 
at least the first few hundred feet.  This, possibly in concert with a 
ISDN-driving concentrator or a cable-modem, should reduce the cost of the 
customer-to-the-ISP line to a very low value.  


Jim Bell
jimbell at pacifier.com





From farber at central.cis.upenn.edu  Mon Aug 12 15:30:52 1996
From: farber at central.cis.upenn.edu (Dave Farber)
Date: Tue, 13 Aug 1996 06:30:52 +0800
Subject: [off-topic] Re: US Power Outages
Message-ID: <2.2.32.19960812154246.00baecb8@linc.cis.upenn.edu>


I dnt have the reference handy bit IEEE Spectrum published in about May 66 a
real good description of why the Great Northeast Blackout happened.






From amehta at giasdl01.vsnl.net.in  Mon Aug 12 15:55:52 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Tue, 13 Aug 1996 06:55:52 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <1.5.4.32.19960812173700.002f9044@giasdl01.vsnl.net.in>


At 19:36 11/08/96 -0400, Perry E. Metzger wrote:
>
>Bart Croughs writes:
>> 	 But there is another axiom of economics which the
>> nationalist/socialist can use for his case against the free movement of
>> capital. This axiom states that the wages of workers depend on the
>> amount of capital invested. The more capital invested, the higher the
>> wages are.
>
>This must be some new axiom of economics that I had not heard of.
>
>>  If American companies are moving capital to Third World
>> countries because of the low wages in these countries, then the workers
>> in the Third World will of course be better off. But in the US, the
>> amount of capital will be lowered.
>
>????
>
>> So the American workers will be able to get other jobs, but these
>> jobs will pay less, because of the diminished amount of capital in
>> the US.
>
>This is truly one of the oddest economic theses I've seen in years.

Indeed. Bart makes a very remarkable assumption, which is that the total 
amount of capital in the fastest growing industry in human history  is constant.

As I mentioned in my note (which was a bit long by my standards, so you are
forgiven if you haven't read it) software producers are software consumers
as well. So, if the software industry grows in the world, it can only benefit
the producers in the US, who make most of the compilers and sophisticated
utilities that programmers need in order to develop software.

The danger to the US software writer comes from another direction, one which
this list is thoroughly familiar with: government policies, such
as ITAR. Gilmore,
I believe, plans to get the software written for secure Internet
routing outside the
US, to not fall foul of ITAR. As security, internet commerce and
other applications
needing crypto become a more important part of software development,
others might follow -- of course it won't hurt that the move reduces costs, but
that will not be the prime motivation.

This will not be the first industry that the US government
developed and nurtured,
only to hand on a platter to foreign competitors: CNC machine tools is an
example I am familiar with. For long, the writing was on the wall, but when the
debacle came, it was swift. If I'm not mistaken, the Japanese share in the US
market of CNC machining centers increased from 2% to 51% over a 2-year
period. The problem there, at least partly, was that government encouraged 
machine tool R&D and industry to cater to the needs of defense, rather than
the rest of us. Sounds familiar?

So, while US software isn't in any danger of losing quite that badly, as I have
explained, if the US loses revenue and capital in this sector, it will only 
have its own government to blame.

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From talon57 at well.com  Mon Aug 12 16:09:23 1996
From: talon57 at well.com (Brian D Williams)
Date: Tue, 13 Aug 1996 07:09:23 +0800
Subject: FCC_ups
Message-ID: <199608121836.LAA04772@well.com>



Disclaimer: All opinions are my own, I do not speak for Ameritech
or it's alliance partners.

Lucky Green writes:

>I am glad to see some movement in this area. I designed a similar
>system for a previous employer of mine. But the real choke point
>is the local loop. As of this day, the local telos still have a de
>facto monopoly in the local markets. The new competitors (the same
>old Phone Company) that we will see in the near future seem to
>show no desire to deliver the really interesting services that are
>now possible. They long distance carriers about to enter the local
>markets plan to offer the same old stuff at a (perhaps) somewhat
>lower price.

 First I would like to mention Lucky that I always enjoy your
posts. Second I would like to say that as I have mentioned
previously, the RBOC I work for filed for complete unbundling of
the local loop in March of 93. We are not the one's holding up the
show. 

>The company I used to work for has technology capable of
>delivering a 10 Mb/s Ethernet plus 100 ISDN B channels to your
>home, using the very same wires already in your wall. Keep this in
>mind next time you hear what great new services the local telcos
>are about to offer. Then demand better.

10 Mb/s ethernet and 100 ISDN B channels (64k each)? I would
certainly like to here more! Unfortunately as I have also
previously pointed out, point-to-point copper is a thing of the
past, it is rare and expensive now. The current fiber-to-the-curb
standard involves "slick 96" muxes which use 4 framed T-1's (1.536
Mb/s) to provide 96 voice channels.

Thanks for the info.

Brian





From ericd at shop.internet.net  Mon Aug 12 16:32:12 1996
From: ericd at shop.internet.net (Eric Davis)
Date: Tue, 13 Aug 1996 07:32:12 +0800
Subject: US Power Outages
Message-ID: <v02140b00ae350fc71d8b@[205.179.23.30]>


At 11:02 PM 8/11/96, Bill Stewart wrote:

>It surprises me how little these systems appear to be monitored.
>It took some hours for them to decide that the brush fire on the
>California border didn't cause the system to shut down;
>you'd think they'd know quickly that the subsystem shut itself down
>or disconnected from the grid or whatever because of reason #17...

The fire "story" was, I guess, a result of excessive media fodder.
(whatever sells the headlines....)

Example: This morning (Monday 7:00am PST)
STATION A: Replayed a recorded press briefing, with a head from PG&E,
stating that the cause is *not* yet known, however it *MIGHT* have something
to do with the excessive loads/demands on the system during the high
temp season. (AC units running, etc..)
       -- minutes later --
STATION B: A newsperson *read* the news. This person stated, "At a recent
press briefing, a PG&E official said the outage *WAS* caused by excessive loads.
(quoting the same briefing that I just heard, from the source, on STATION A)

Thank you Mass Media!

Eric

Reminds me of the aftermath of the last large SF quake.
I lived in Santa Cruz at the time. After the quake we all kicked
back and had a large yard party to kill the time. An, un-named, news
network was broadcasting, nation wide, live telephone calls from people
in the SF area. One call was from a person in Santa Cruz, or so he said.
He told the news network, and at the same time live to the nation, that
Santa Cruz was completely leveled, dead bodies everywhere, and only a
handfull of people seemed to have survive.
Needless to say my Grandparents in Tennessee were not to excited...

-----------------------------------------------------
Eric Davis                        ericd at cyberfarm.com
Co-Founder MediaCast:       http://www.mediacast.com/
-----------------------------------------------------







From jon at aggroup.com  Mon Aug 12 17:09:57 1996
From: jon at aggroup.com (Yanni)
Date: Tue, 13 Aug 1996 08:09:57 +0800
Subject: Unmetered Net Usage
Message-ID: <9608121340.AA47329@jon.clearink.com>


> So it seems to me that within 5 years or so, there ought to be a
> powerful incentive to wire up apartment complexes and business parks
> with alternative Internet/Internet-telephone connections, ones
> which bypass the phoneco for at least the first few hundred feet.
> This, possibly in concert with a ISDN-driving concentrator or
> a cable-modem, should reduce the cost of the customer-to-the-ISP line to
> a very low value.
>
> Jim Bell
> jimbell at pacifier.com

I can see it now. Apartments full of geeks because the apartments
were originally built with 100BaseX to each place and a T3 in the
basement going direct to the local ISP.

Tack on another $200/month or whatever to the apartment cost ( geeks
can afford that for sure ) and one might end up having a pretty nice
online melrose place.

I wonder if anybody has done that yet...

-jon


Jon (no h) S. Stevens        yanni at clearink.com
ClearInk WebMagus      http://www.clearink.com/
finger pgp at sparc.clearink.com for pgp pub key
We are hiring!
http://www.clearink.com/clearink/home/job.html





From jim at ACM.ORG  Mon Aug 12 17:15:58 1996
From: jim at ACM.ORG (Jim Gillogly)
Date: Tue, 13 Aug 1996 08:15:58 +0800
Subject: A ban on cryptography?
In-Reply-To: <ae34bfd606021004239d@[205.199.118.202]>
Message-ID: <199608122059.NAA03158@mycroft.rand.org>



tcmay at got.net (Timothy C. May) writes:
>Anyone know anything about the status of this bill?

>--begin bill excerpt--

>S.1666

>Department of Commerce Authorization Act for Fiscal Year 1997 (Passed by the
>Senate)

>SEC. 1042. PROHIBITION ON THE DISTRIBUTION OF INFORMATION
>RELATING TO USE OF CRYPTOGRAPHY FOR A CRIMINAL PURPOSE.

It's bogus.  THOMAS (http://thomas.loc.gov) shows S.1666 as a Hatch-sponsored
bill introduced 04/15/96:  A bill to authorize the Federal district court
for the Central Division of Utah to hold court in Provo and St.  George.

	Jim Gillogly
	20 Wedmath S.R. 1996, 20:59





From adamsc at io-online.com  Mon Aug 12 17:19:25 1996
From: adamsc at io-online.com (Chris Adams)
Date: Tue, 13 Aug 1996 08:19:25 +0800
Subject: Read; NOW
Message-ID: <199608122006.NAA07504@cygnus.com>


On 11 Aug 96 23:24:24 -0800, unix_code at geocities.com wrote:


>        Hi I'm Unix Code and have a few things to ask...(it may not go with
>Cryptography but go ahead and read)

I won't say anything if you won't...

# Chris Adams <adamsc at io-online.com> - Webpages for sale! Se habla JavaScript!
# Automatically receive my resume or PGPKEY by sending email with a subject
# of 'send PGPKEY' or 'send resume'. Capitalization counts so be careful!
# Web site: http://www.io-online.com/adamsc/adamsc.htp
 








From frissell at panix.com  Mon Aug 12 17:21:41 1996
From: frissell at panix.com (Duncan Frissell)
Date: Tue, 13 Aug 1996 08:21:41 +0800
Subject: US Power Outages
Message-ID: <2.2.32.19960812211716.00893f04@panix.com>


At 10:15 AM 8/12/96 -0800, jim bell wrote:
>This morning, I read the new claim: extreme heat (presumably assisted by 
>heat dissipated in the power line itself) cause the power cables near The 
>Dalles (about 100 miles east of Portland, along the Columbia river) to 
>stretch and sag, eventually shorting themselves out to trees near the ground.

The real cause was inadequate supply of nuclear power plants caused by
technophobe agitation.  

DCF






From wb8foz at nrk.com  Mon Aug 12 17:32:12 1996
From: wb8foz at nrk.com (David Lesher)
Date: Tue, 13 Aug 1996 08:32:12 +0800
Subject: Name search -- Enigma owner
Message-ID: <199608122123.RAA04344@nrk.com>


There was a person in .ch with with several Enigmas, including
a four-rotor Naval model. I think his name was ?Fro....?

Does anyone recall the person I mean?

-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From frissell at panix.com  Mon Aug 12 17:35:16 1996
From: frissell at panix.com (Duncan Frissell)
Date: Tue, 13 Aug 1996 08:35:16 +0800
Subject: Rumors of death of Anguilla Data are greatly exagerated.
Message-ID: <2.2.32.19960812211714.00887048@panix.com>


At 07:22 AM 8/12/96 -0400, Vincent Cate wrote:
>
>
>Think your lawyer would be willing to give his name and a statement on
>this?  If a cypherpunk ever got in trouble and could say, "I was told by
>the lawyer XYZZY this was legal", it might help.  :-)
>
>  --  Vince

I didn't say it was legal.  I said it wasn't fraud.

DCF






From jimbell at pacifier.com  Mon Aug 12 17:35:17 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 13 Aug 1996 08:35:17 +0800
Subject: Article on Electronic Commerce with a few too many assumptions
Message-ID: <199608122000.NAA19713@mail.pacifier.com>


At 10:32 PM 8/11/96 EDT, E. ALLEN SMITH wrote:
>[Permit me to recommend that you read this very interesting draft paper
>and send its author, Andrew Odlyzko, detailed comments.]
>                            Andrew Odlyzko
>                         AT&T Labs - Research
>                         amo at research.att.com
>                   Preliminary version, August 9, 1996

[lotsa stuff deleted]
>
>There are many examples in the marketplace of behavior that appears 
>even less fair.  For example, in 1990, IBM introduced the LaserPrinter 
>E, a lower cost version of its LaserPrinter.  The two version were
>identical, except that the E version printed 5 pages per minute
>instead of 10 for the regular one.  This was achieved (as was found by
>independent testers, and was not advertised by IBM) through the
>addition of additional chips to the E version that did nothing but
>slow down processing.  Thus the E model cost more to produce, sold for
>less, and was less useful.  However, as Deneckere and McAfee show in
>their paper [DeneckereM], which contains many more examples of this
>type (referred to as "damaged goods"), it can be better for all
>classes of consumers to allow such behavior, however offensive it
>might be to the general notions of fairness.  Consumers who do not
>need to print much, and are not willing to pay for the more expensive
>version, do obtain a laser printer.  Consumers who do need high
>capacity obtain a lower price than they might otherwise have to pay
>since the manufacturer's fixed costs are spread over more units.

I too find this concept offensive, at least to the extent that it is kept a 
secret from the marketplace. Even so, as a libertarian and free-market 
capitalist, I certainly see nothing wrong with "allowing such behavior," and 
indeed  I'd see something wrong with NOT "allowing" it.  Nevertheless, to 
the extent it occurs it should be well understood and identified for what it 
is.

You might recall the Intel 386SX microprocessor, which was the 16-bit-bus 
version of the 386 DX, which itself had a full 32-bit bus.  At the time the 
DX was selling for many hundreds of dollars, probably about $3-400 or so,  
Intel sold the SX for about $80.  However, chances are good that the only 
difference internally between these devices is the bus interface unit, so 
the size and complexity of these two chips would have been virtually 
identical, and thus their costs would likewise be the same.  The reason for 
their vast difference in price was this "damaged goods" concept.  (A similar 
situation occurred with the 486SX versus the 486DX.)





Jim Bell
jimbell at pacifier.com





From frissell at panix.com  Mon Aug 12 17:50:39 1996
From: frissell at panix.com (Duncan Frissell)
Date: Tue, 13 Aug 1996 08:50:39 +0800
Subject: A ban on cryptography?
Message-ID: <2.2.32.19960812211718.008814cc@panix.com>


At 03:53 AM 8/12/96 -0700, Timothy C. May wrote:
>
>       `(l) It shall be unlawful for any person to teach or demonstrate the
>use of cryptographic systems, or to distribute by any means information
>pertaining to, in whole or in part, the construction of digital ciphers,
>if the person intends or knows, that such cryptographic materials or
>information will be used for, or in furtherance of, an activity that
>constitutes a Federal criminal offense or a criminal purpose affecting
>interstate commerce.'.

Luckily, the nature of the Web is such that publicly placing something on a
server would probably never be held to fulfill your or Di Fi's intent
language.  You are clearly making it available to all comers.  No specific
customer at all since anyone can read it.  

DCF 






From tcmay at got.net  Mon Aug 12 18:05:01 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 13 Aug 1996 09:05:01 +0800
Subject: A ban on cryptography?
Message-ID: <ae34bfd606021004239d@[205.199.118.202]>




Anyone know anything about the status of this bill?

--begin bill excerpt--

                                           S.1666

Department of Commerce Authorization Act for Fiscal Year 1997 (Passed by the
Senate)

SEC. 1042. PROHIBITION ON THE DISTRIBUTION OF INFORMATION
RELATING TO USE OF CRYPTOGRAPHY FOR A CRIMINAL PURPOSE.

       (a) UNLAWFUL CONDUCT- Section 875 of title 18, United States Code,
is amended by adding at the end the
       following new subsection:

       `(l) It shall be unlawful for any person to teach or demonstrate the
use of cryptographic systems, or to distribute by any means information
pertaining to, in whole or in part, the construction of digital ciphers,
if the person intends or knows, that such cryptographic materials or
information will be used for, or in furtherance of, an activity that
constitutes a Federal criminal offense or a criminal purpose affecting
interstate commerce.'.


--end bill excerpt--

--Tim May

(P.S. it may not be real, but it _could_ be real.)

HOW TO MAKE A PIPE BOMB:
"Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack the powder. Don't even tap the bottom of the pipe to make it
settle.  You want the powder loose.  For maximum explosive effect, you need
dry, fine powder sitting loose in a very rigid container." (more
information at http://sdcc13.ucsd.edu/~m1lopez/pipe.html, or by using
search engines)







From bart.croughs at tip.nl  Mon Aug 12 18:08:46 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Tue, 13 Aug 1996 09:08:46 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB88A7.0A479540@groningen04.pop.tip.nl>




Sandy Sandfort wrote:

>On Sun, 11 Aug 1996, Bart Croughs wrote:

>> If American companies are moving capital to Third World
>> countries because of the low wages in these countries, then the
>> workers in the Third World will of course be better off. But in
>> the US, the amount of capital will be lowered. So the American
>> workers will be able to get other jobs, but these jobs will pay
>> less, because of the diminished amount of capital in the US.

>The fallacy in this argument is the assumption that because some
>American capital moves overseas, there will be less capital 
>available in the US for investment/wages. It doesn't contemplate
>infusion of foreign capital investments in American industries 
>that have a competitive advantage over their foreign competition.

At least you agree that wages are determined by the amount of capital invested! As to your argument, I don't see why the movement of American capital overseas would lead to the infusion of foreign capital investments in American industries. It seems to me that these two processes work independently. If they do work independently, then the movement of American capital overseas will lead to less capital in the U.S. 


      Bart Croughs













From bart.croughs at tip.nl  Mon Aug 12 18:11:59 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Tue, 13 Aug 1996 09:11:59 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB88A7.14E3A5C0@groningen04.pop.tip.nl>


Perry Metzger wrote:

>Bart Croughs writes:
>> 	 But there is another axiom of economics which the
>>nationalist/socialist can use for his case against the free movement of
>> capital. This axiom states that the wages of workers depend on the
>> amount of capital invested. The more capital invested, the higher the
>> wages are.

>This must be some new axiom of economics that I had not heard of.

It's not a sin to be ignorant, but to boast about it...
I recommend you read the great libertarian /austrian economists: Murray Rothbard, Henry Hazlitt, etc.


Bart Croughs






From iang at cs.berkeley.edu  Mon Aug 12 18:19:55 1996
From: iang at cs.berkeley.edu (Ian Goldberg)
Date: Tue, 13 Aug 1996 09:19:55 +0800
Subject: [NOISE] Newspapers and basic science (was: US Power Outages)
In-Reply-To: <v02120d06ae344a4cc94e@[192.0.2.1]>
Message-ID: <4uo8jp$t5o@abraham.cs.berkeley.edu>


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.3.89.9608112235.A16390-0100000 at netcom3>,
Z.B. <zachb at netcom.com> wrote:
>Now that may not sound like too much, but 
>the lines were carrying at least 3000Mw of electricity, enough "to power 
>3-1/2 Seattles for a day" (quote from local newspaper).

<GRUMBLE>
Watts are a measure of energy per unit time; it makes sense to say
"60 W powers a light bulb", not "60 W powers a light bulb for one hour".
</GRUMBLE>

But my _favourite_ example of this was a newspaper clipping I used to have
that said that in the previous month, the city had received "160 square
pounds of rain".   That just defied common sense.

   - Ian "closely followed by temperatures 'doubling' (which happens more
          often when they use Celcius)"

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMg+llkZRiTErSPb1AQHvDwQAqdxKaHm4PewE6e78gAGNTs/bBsbnXbKt
+kIpplEjU70eK+zREpbvemc2//dEkH4ilW1FKvkWef7Tc06kPghEHp5HfWGCq/oq
Je85MyEOrqrnoADO0ehS5iqnyLFb5lRX5ksciv+GtV4GcS8vnRF3m0ulQZONKBSG
9/wqC6Pmbgc=
=ozoT
-----END PGP SIGNATURE-----





From EALLENSMITH at ocelot.Rutgers.EDU  Mon Aug 12 18:20:31 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Tue, 13 Aug 1996 09:20:31 +0800
Subject: Advice from a CPSR conference organizer on conferences
Message-ID: <01I871902PNK9JD5LV@mbcl.rutgers.edu>


	Given various people on here interested in organizing cryptography
conferences, I thought the below would be interesting.
	-Allen

From: Phil Agre <pagre at weber.ucsd.edu>
X-URL: http://communication.ucsd.edu/pagre/rre.html
X-Mailing-List: <rre at weber.ucsd.edu> archive/latest/1259

Notes on organizing conferences

Phil Agre
August 1996


This article is adapted from the post mortem that I write immediately
after organizing the 1994 CPSR Annual Meeting, together with notes to
myself from other meetings I have been involved in organizing.  Its
purpose is to offer future organizers the benefit of our experience.

I accepted the job of program chair because I wanted to develop my skills
for organizing events, and I definitely learned some things along the way.
One thing I learned is apparently very subtle, since I've never seen or
heard of anybody explaining it.  The professional world has a special way
of defining identity: people are identified with issues.  When I started
planning the program, my initial approach was simply to start with the
most dynamic individuals in the general area that CPSR covers.  So I sent
out a batch of e-mail messages to well-connected personages, asking them
who we should get to speak.  Alas, few of them were able to say anything
very useful, saying (usually in a nice way) that they regarded my request
as overly vague.  I gather that one is supposed to decide first what
issues to cover, and then ask who is associated with that issue.  For
example, "who are some good people to speak on the political aspects
of building community networks?"  Or, "who is a good person to speak on
technology activism on issues affecting people with disabilities?"  This
is nearly the only form of question I could get answered.  Even a simple
variant like, "who has something fresh and original to say about topic X?"
didn't work very well.  It's as though everyone maintains a lookup table
in their heads, indexing people to issues.

Having started this way, some other problems then arise.  Sometimes you
can't get the number one speaker on a given issue to speak, so then you
ask who else you might get, and you'll get some more names.  It's good
to ask whether so-and-so is a good speaker or not.  Sometimes you'll hear
someone say something bad (or something diplomatically irrelevant) about
a potential speaker whom you haven't met, and such comments will probably
weigh heavily with you, for the simple reason that it's a disaster to
schedule an unskilled or irresponsible speaker on your program.  This
dynamic bothered me, since it seemed to have a built-in tendency to
reinforce a single individual's standing even though other people might
be equally talented; if someone already has a reputation as a speaker
in a given area, those other people don't get invited to speak, so they
can't develop reputations as speakers.  I had a certain amount of success
asking, "who deserves a chance to be heard on this issue?", and some
people even volunteered the names of people who they felt deserved a
chance.  This made me feel better.

Start early.  You need to get your publicity out in time for monthly
publications listing in their schedule.  I don't know when precisely this
is, since we didn't come close to making the deadline.  I didn't start
the publicity machinery for our October conference until we had every last
speaker pinned down in early summer.  Big mistake: people go on vacation
in the summer, and your rate of progress in assembling the program will
plummet starting in late June.  Identify your prominent, featured speakers
and get them pinned down first; they're the only ones you need to get your
publicity under way.  I found e-mail seductive; it's easy to publicize
something to the whole net in a few days, so I conveniently forgot that
large parts of the world don't read announcements on the net -- print
publicity is still absolutely necessary.

We had a professional PR person working for us.  She works at UCSD in the
PR office.  She's perfectly good at her job, but I've learned some lessons
for working with such people in the future.  One is to clarify goals.
My central goal was to get a lot of interesting people to attend our
meeting; this meant PR aimed at obtaining advance publicity.  UCSD's main
goal, though, was to get lots of press coverage on the day of the meeting
itself; this meant PR aimed at getting reporters to attend the meeting.
These two goals are equally valid, but they happen on different schedules.
Local advance publicity mostly happened in the three or four days before
the meeting, and with a little effort we did well.

We made some mistakes in the meeting brochure.  One was that the brochure
only mentioned the three main speakers, even though it had room for
much more.  This might not have been so bad, except that the three-line
summaries of those three speakers' speeches all sounded pretty similar.  I
have no way of knowing how much difference this made to the final turnout,
but I do think we should have taken more conscious care to identify broad
categories of people we wanted in attendance, and then making sure each
one sees something on the brochure that they find appealing.  When this
problem came up, we made a single-page (front and back of a green sheet of
paper) version of the electronic meeting announcement, including the full
program and registration information.  We ended up distributing hundreds
of these, and I am sure that they gave lots of people a good idea of what
the organization is about.

I made some mistakes when booking the speakers for the meeting.  I don't
regret any of the people we chose, though I ended up disagreeing with
a couple of them much more intensely than I had thought I would.  The
problem was with financial matters.  We had a $500-per-speaker budget for
people who were coming from outside California, so we had to minimize the
number of such people.  The problem is that some speakers simply cannot
attend for $500, since their travel expenses simply cannot be covered for
$500.  My response to this problem was denial: I just got vague and hoped
it would go away.  But of course it didn't.  Some speakers took losses
despite my clear statement of the $500 limit, and I should have been even
clearer with them that they should book flights etc right away to ensure
that their losses are not greater than they're happy with.  The reason
I didn't do these things was that I was focused on getting the people
to accept our invitations, especially in one case where our first choice
declined after weeks of hemming and hawing.  (If you're invited to speak
at a conference, please decide whether to accept right away.)

One thing we did right was to send out a press release.  The UCSD PR
person wrote it.  I thought that the press release, like all of the press
coverage, tended to trivialize things with buzzwords like "access to the
information superhighway".  But I was repeatedly assured that that's how
it is: you have to use words that people understand.  Anyway, we sent
our press release out on PR Newswire, and I mailed it to all of the local
computer press.  I also mailed it to an eccentric local newspaper that's
distributed free in coffee houses, and they reprinted it verbatim.  I
found that San Diego has all kinds of free publications that I hadn't even
heard of, including something called Terminal Velocity that's aimed at the
cyberculture and comics crowd -- 40,000 circulation.  Not to be sneezed at.

One issue was the phone number to use in the press release -- where should
people call for more information about the meeting?  At first I used the
CPSR number in Palo Alto since nobody here wanted to field a million phone
calls.  But this was a mistake.  Lots of people don't want to call long
distance, and once I broke down and started listing my own office phone
number, I only got a couple dozen calls, including several calls from very
interesting people.  The only category of calls that bothered me was from
people wanting technical help with their computers.  Most of these calls
were easy enough, since I could send them to local user groups, but one
of them was extremely obnoxious.  On the whole, being the contact person
listed in these publications was a far more positive experience than I
thought it would be.

Another thing we did right was outreach.  This was a principle of the
meeting from the beginning.  Think of the meeting as primarily an occasion
for organizing.  Call people on the phone, tell them about the meeting,
and ask them who you should be speaking with.  At the very beginning of
the process, write a small announcement of the meeting and invite people
to become involved and sent it out on the net; we got some excellent
contacts this way.  The Internet may not reach the masses yet, but we
found that San Diego now has a pretty reasonable density of Internet
penetration among computer people.  Announcements about CPSR events here
have reached all sorts of interesting people by being passed hand-to-hand
through the net.  We made dozens of phone calls along the way: computer
user groups, Latino organizations, city government, political activists,
commercial Internet providers, BBS operators, industry people, and so
forth.  People have heard about the "info highway", so your job is to get
your message boiled down to something that sounds like your interlocutor's
next step on their way to the net.  Don't try to "sell" your organization
or issue to someone who's not interested; rather, if they're already
interested in the issues then make the meeting process tangible for them.
We visited a number of computer user group meetings; I also called up the
organizers of several such meetings and asked if they would be willing to
announce the Annual Meeting, and sent them copies of the aforementioned
"green sheet" schedule.

Early on in the process, I organized a speaker series that Dave Noelle did
good publicity for, making posters and sending them to various people and
publications.  Since the first speaker's topic was privacy, the "Reader"
(free weekly tabloid) decided to feature her talk, and their article drew
a few dozen people.  We also sent the announcements out on the Internet,
and each talk had at least a couple dozen people.  At the beginning of
each talk, I introduced myself and told people about the conference.
We sent around a sign-up sheet.  We got a bit of a mailing list and some
good contacts from that process, but I cannot swear that it was really
worth all the effort.  Maybe we would have reached those people through
other channels.  The speaker series was intellectually worthwhile though.

The meeting weekend itself was so thoroughly organized, primarily by the
local librarians, that it's hard for me to draw any particular lessons
besides getting good people to do the work.  Typing this now, I can't
think of anything that went wrong that's worth telling you about.

Oh yes.  We got screwed by the student center, whose new management
decided that she wasn't interested in honoring the agreement we had made
with her predecessor.  Of course we didn't have it in writing, because
we had been assured that we didn't *need* to have it in writing.  After I
grouched at her a while, she told us that she would "honor your agreement"
by charging us 2.5 times what that agreement had called for.  I flipped
out and decided that we would move the meeting to an engineering lecture
hall that I could book for free because I'm a professor.  But hey -- if I
wasn't a professor then we could have been shafted.  So remember, get it
in writing.  No matter what conversations you've had with them, they've
always got more rules printed on sheets of paper that you've never heard
about.  You can't enforce your agreements until they're written down.

And beware of those extra little charges.  We were told that the banquet
would cost $X per person, but when the paperwork finally arrived, that
turned out to mean $X plus tax and gratuity plus a $400 "facility fee".
(I then got this infuriatingly condescending little speech to the effect
that this is a standard industry practice -- i.e., everyone does it --
and that I must therefore not know what I'm doing.  But setting out to
take revenge about such things will probably not serve your real goals.)
Get it in writing.

In doing the early outreach, I had to learn some lessons.  I know that
it's good to consult people: call them, visit them, tell them what you're
doing, and say "what advice do you have for me?".  This makes friends for
you and the organization and makes people feel included.  It also prevents
you from being perceived as grabbing someone else's turf -- that is,
claiming sovereignty over an issue that someone else has invested effort
identifying themselves with already.  Often the people you talk to will
actually have good advice for you.  (If they have an agenda or an axe then
you can usually figure out what it is and steer around it.)  Find out who
knows people and approach them this way.  They don't have to be obvious
allies.  Even people who specialize in elite networking in your city are
perfectly good candidates for this, though you should pick the highest
status individual in your organizing group to approach such people.  A
professor of any rank will do fine.  Get rid of your political jargon.
Be able to talk to people in language they can understand.  Evolve a bunch
of honest ways of explaining what the meeting is about.  If you cannot
come up with an honest way of explaining your meeting to someone then that
person is not part of your audience.  If they *ought* to be part of your
audience then you need to go back and redesign the meeting.

Anyway, this cycle of asking advice sometimes became clumsy when I was
speaking with someone who wanted to be a speaker at the meeting.  It's
hard to invite someone to participate in a meeting and simultaneously
tell them they can't speak at the meeting.  So decide ahead of time which
people might want to be speakers, and what you'll say when they explicitly
ask you to put them on the program.  The standard response is to hide
behind your program committee, saying "that would be great, I'll take
it up with the program committee".  But a lot of people don't buy that.
So you won't always end up on perfectly positive terms with people.

One way you can be helpful to people is to explicitly invite them to make
their organization's (or company's, or whatever) literature available on
the conference literature tables.  We had several books and journals being
advertised, along with several nonprofit Internet providers and local
computer organizations.  I'm sure we could have had many more if I had
gotten those literature invitations out earlier.

Anybody who isn't attending your meeting on a corporate expense account
will care a lot about how much it costs.  Make it cheap.  If you work with
professional meeting organizers, or people who are accustomed to the world
of expense accounts, you will have to resist their seemingly inexorable
impulses to make everything "nice" by piling on exotic banquets, racks
of A/V equipment, free notebooks for everyone, hotel rooms for speakers,
nice little selections of juices and cookies at breaks, and so on.  These
people mean well, but you will need to bring them back to fiscal reality
gently, step by step.

Make conscious choices about who should run panels, give opening and
closing remarks, introduce speakers, etc.  We made good choices, but I
wasn't thinking about the issue until very late.

If you have any speakers in wheelchairs, plan way ahead for their housing
and transportation.  Carefully walk the whole path that they will need
to travel from curbside to podium, and make extra sure that the necessary
doors will be unlocked for handicapped access, including bathrooms.

I didn't like the page I wrote about the Annual Meeting for the summer
issue of the CPSR Newsletter.  I *should* have written an advertisement
aimed at turning out the maximum number of CPSR members, most of whom
have had rather little personal contact with the organization and really
do need to be "sold" on the Annual Meeting, which after all requires a
real expenditure of time and money.  Instead I wrote a fancy think piece
about strategy and gave too much attention about our plans to connect to
the local community.  I'm glad that we connected to the local community,
but that was not the major message to emphasize for people from outside
the local community.

We put up a WWW page for the Annual Meeting program and registration.
It was fun, but I have no idea what difference it made.  I *do* know
that it's useless to put up a WWW page unless you advertise it by sending
messages to various mailing lists.

When you're about to choose a date for the meeting, make sure you ask
all of the people who know lots of organizations.  We had an unfortunate
conflict with a AAAS/ABA workshop on cyberspace ethics and law in
Washington.

Get people together early and brainstorm about the meeting.  People have
lots of great ideas.  Let their ideas influence you so that your thinking
is broadened and you're making your decisions more consciously than you
might be otherwise.

I was glad that we clarified early what jobs the National Office does.
They ended up doing some extra jobs, and we ended up doing pieces of
some things that I had originally been happy to let them do, but clear
assignments of tasks are good.

Draw on the experience of the people who have organized the meeting in
earlier years.  And then when you're done, write down your own experiences
to benefit others.

 - end -





From bart.croughs at tip.nl  Mon Aug 12 18:35:56 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Tue, 13 Aug 1996 09:35:56 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB88A7.0F5BA1C0@groningen04.pop.tip.nl>


My statement that the wages depend on the amount of capital invested, has received a bad press. I thought cypherpunks were economically literate, so I didn't explain the principle and I didn't give any sources for further reading. This proved to be a mistake.
	To avoid this kind of uninformed criticism in the future, I recommend my critics read the following books, which can all be ordered from Laissez-Faire Books: 1) The economics of liberty (ed. L. Rockwell); 2) The free market reader (ed. L. Rockwell) - both books were published by the Ludwig von Mises Institute. 3) Economics in one lesson - Henry Hazlitt. These three books contain popular essays about economics, following the principles of the austrian school, the most radical free market school in economics.

Some quotes:
	Henry Hazlitt in 'economics in one lesson' (p. 139): "The best way to raise wages, therefore, is to raise marginal labor productivity. This can be done by many methods: by an increase in capital accumulation - i.e. by an increase in the machines with which the workers are aided..."
	Murray Rothbard in 'the free market reader' (p. 31): "Wage rates are low in many foreign countries because capital equipment is small and technologically primitive. Unaided by much capital, worker productivity is far lower than in the United States."
	Lew Rockwell in 'the economics of liberty' (p. 26): "Wages are determined by the productivity of the individual laborer, which in turn is largely determined by the amount of capital invested per worker."
	I could go on, but I think this will suffice.

Now I will explain why the austrian economists are right.
Imagine Robinson Crusoe. In the beginning, he catches fish with his bare hands. He has no capital investment, and consequently he is not very productive. His wage will be low (he will not catch much fish). If there is more capital investment - if, for example, he has a fishing rod - he will catch more fish in less time. His productivity is higher. His wage is higher (more fish). If there is still more capital investment - if, for example, he has a boat and fishing nets - he will catch even more fish. His productivity is higher. His wage is higher. Etcetera. So, it's really not difficult to see that the Robin's standard of living depends on the amount of capital available on his island. The same goes for the rest of humanity.

Bart Croughs

	







From rah at shipwright.com  Mon Aug 12 19:10:56 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Tue, 13 Aug 1996 10:10:56 +0800
Subject: Rumors of death of Anguilla Data are greatly exagerated.
In-Reply-To: <9608121346.AB00628@anon.penet.fi>
Message-ID: <v0300782bae356bdcdf99@[206.119.69.46]>


At 6:51 PM -0400 8/12/96, Vince wrote:
> Many fortune 500 companies have offshore corporations for "self
> insurance".  Many many movies have corporations offshore just for that
> movie.  These are type of "clean" corporations that taxhavens like.

George Soros' Quantum Fund is an "NV" corporation, domiciled in the
Netherlands Antilles, for instance. We went over this about two years ago,
but the original  ;-) connotation of "e$" was eurodollar, or expatriate
dollars held outside the US banking system. For a decade or so, maybe
still, this was an excellent way to raise money for US corporations. Most
of the Fortune XX companies did this stuff, and probably still do, all to
avoid Uncle's sticky fingers.

While we may be talking about something else here entirely :-), remember
that tax avoidance is not necessarily tax evasion. And, of course,
jurisdiction shopping ("regulatory arbitrage") isn't necessarily breaking
the law.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From demo at offshore.com.ai  Mon Aug 12 19:18:54 1996
From: demo at offshore.com.ai (Vince)
Date: Tue, 13 Aug 1996 10:18:54 +0800
Subject: Rumors of death of Anguilla Data are greatly exagerated.
In-Reply-To: <9608121346.AB00628@anon.penet.fi>
Message-ID: <Pine.LNX.3.91.960812184538.6873A-100000@offshore>




> >  And Anguilla is first and foremost a taxhaven.  But it tries hard to be a
> >  very clean taxhaven (does not want drug money etc).  I think that "clean"
> >  corporations operating here tax free is a potentially huge market.
> 
> This is an illusion.  There ain't no such thing as a clean corporation
> operating in a clean tax haven.  Every overseas corp that is doing
> something they can't do without interference back onshore, is running the
> gauntlet.

In taxhaven industry jargon, "clean" means they are avoiding taxes only. 
No drugs, no money laundering, no violent crime, no stolen money, no
fraud. 

Many fortune 500 companies have offshore corporations for "self
insurance".  Many many movies have corporations offshore just for that
movie.  These are type of "clean" corporations that taxhavens like. 

   --  Vince






From EALLENSMITH at ocelot.Rutgers.EDU  Mon Aug 12 19:29:47 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Tue, 13 Aug 1996 10:29:47 +0800
Subject: Police on the Net
Message-ID: <01I876IU1AN89JD5RL@mbcl.rutgers.edu>



	First, I'd be interested in knowing some of those online reporting
addresses, and how much limits they place on what can be mailed to them...
persuading these cops to deal with the improper use of another's computer
(i.e., spam) would seem to be a distinct possibility in diverting them from
other activities. Second, it would appear possible (unless they're encrypting
it) to intercept some of these email lists of theirs - if necessary, by
forging a subscribe to an _overseas_ nymserver that isn't too well known
(unlike, say, anon.penet.fi). That's about on the same grounds as their
mention of "know thine enemy." (It is, of course, pretty certain that
various libertarian groups are among those monitored, such as cypherpunks.)
Third, this gives additional reasons not to give out one's address to anyone.
What people know about me is a post office box and my old address.
	-Allen

>   webslingerZ
>                      LONG ARM OF THE LAW IS GOING ONLINE
>      Copyright &copy 1996 Nando.net
>      Copyright &copy 1996 Seattle Post-Intelligencer
      
>   (Aug 10, 1996 00:05 a.m. EDT) -- When police "net" a crook these days,
>   cops may be referring to the Internet.
   
[...]

>   On the Internet, citizens anonymously report drug dealers to the
>   cyberpolice, check out crime in their neighborhoods, calculate their
>   risk of being murdered and communicate directly with the chief of
>   police.
   
>   Police say the Internet is a powerful and versatile law-enforcement
>   tool: Communication is immediate and crosses jurisdictional
>   boundaries, information is just a keystroke away and the cost is
>   commonly less than hiring a police officer.
   
>   "I think it's the most effective money you can spend to prevent
>   crime," said Bill Taylor, crime analyst for the Sacramento, Calif.,
>   Police Department, which has developed one of the nation's most
>   sophisticated Internet police sites.
   
>   More than 2,000 law-enforcement agencies have gone online, extending
>   the long reach of the law to millions of Internet users, said Ken
>   Reeves, a Microsoft manager who recently established a Web site
>   promoting new technology in law enforcement.
   
>   "They're creating virtual police," he said.
   
[...]

>   The Internet also has become a popular tool for police to communicate
>   among themselves.
   
>   Thousands of police officers subscribe to electronic mailing lists and
>   read electronic bulletin boards where they can discuss ethical issues
>   in private and exchange information about firearms, narcotics and
>   other sensitive topics.
   
>   "These are things you don't want to make public, but you need other
>   professionals to bounce off ideas," said Ira Wilsker, a former police
>   officer who is leading a series of U.S. Department of Justice seminars
>   on law enforcement and the Internet.
   
>   Run for and by police officers, the computer exchanges often offer
>   information that cannot be found elsewhere, Wilsker said. For example,
>   police raised the alarm on the Internet about illegal use of Rohypnol,
>   the notorious "date rape" sedative, more than a year before warnings
>   about the drug were issued through official channels, he said.
   
>   On the philosophy of know thy enemy, Wilsker said police also turn to
>   the Internet as an intelligence source, monitoring online chatter by
>   hate groups, drug users and others who discuss their views on computer
>   news groups. These news groups, though commonly thought of as private
>   communications, are open to public view.
   
>   The Internet also can be an effective people finder, he said.
   
>   For example, more than 90 million people and their telephone numbers
>   and addresses can be found at the Internet site www.switchboard.com,
>   making a nationwide search sometimes as simple as keying in a name, he
>   said. The service is free.
   
>   With an address in hand, Wilsker advises police to turn to
>   www.mapquest.com, which in seconds can pinpoint on a map the location
>   of a suspect's home.
   
>   "We use it for serving warrants where we don't know the area," he
>   said.
   
[...]

>   Still, the response to serious attempts at online policing at times
>   has been disappointing. The vast majority of people prefer to deal
>   directly with police than go online to report a crime. Chicago's
>   effort to elicit information about drug dealing over the Internet has
>   drawn only a smattering of responses. Some departments have dropped
>   their most-wanted postings on the Internet because they brought in so
>   few tips.
   
[...]

>    Copyright &copy 1996 Nando.net





From EALLENSMITH at ocelot.Rutgers.EDU  Mon Aug 12 19:30:13 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Tue, 13 Aug 1996 10:30:13 +0800
Subject: "X-Ray Gun" for imperceptible searches
Message-ID: <01I876465KRK9JD5RL@mbcl.rutgers.edu>


	I would wonder if a jamming device (preferably area-effect with a 
slowly randomly varying swathe of area, to avoid figuring out who was carrying
it) would be possible, or some variety of shielding (i.e., emitting waves
looking similar to flesh).
	-Allen

>   Direct Media
>                    NEW X-RAY GUN TRADES PRIVACY FOR SAFETY
>      Copyright &copy 1996 Nando.net
>      Copyright &copy 1996 The Associated Press

>   SANTA MONICA, Calif. (Aug 12, 1996 09:47 a.m. EDT) -- The latest
>   weapon against terrorism can see right through you.
   
>   The Passive Millimeter Wave Imager can X-ray through clothing to "see"
>   a concealed weapon, plastic explosives or drugs. A police officer can
>   surreptitiously aim it into a crowd from as far away as 90 feet.
   
>   The new X-ray gun is becoming a symbol for an unlikely alliance of
>   civil libertarians and gun owners who fear the fight against crime and
>   terrorism may be waged at the expense of personal freedoms.
   
>   "I'm incredibly concerned," said John Henry Hingson, a past president
>   of the National Association of Criminal Defense Lawyers, meeting here
>   this past week. "The entire nation could become a victim of illegal
>   searches and seizures and the law is powerless to protect them from
>   these police abuses."
   
>   But in these nervous times following the the crash of TWA Fight 800
>   and bombings at the Olympics, Oklahoma City and the World Trade
>   Center, many Americans are now willing to trade some of their privacy
>   and civil liberties for greater security.
   
>   A poll last week by the Los Angeles Times found that a majority of
>   people -- 58 percent -- said they would curtail some civil liberties
>   if it would help thwart terrorism. Thirteen percent said it would
>   depend on what rights were at stake. The poll didn't ask people to
>   single out any rights.
   
>   The Clinton administration has proposed increased wiretapping and
>   other anti-terrorism steps, and is doling out research grants for
>   cutting edge anti-crime technology that once may have been intended
>   for only military use.
   
[...]
   
>   Two models are being developed of the Passive Millimeter Wave Imager,
>   a creation of Massachusetts-based Millimetrix Corp.
   
>   The larger one, about the size of a shoebox, is mounted on a patrol
>   car and pointed at the unsuspecting person. The gadget doesn't send
>   out X-rays; instead, it picks up electromagnetic waves emitted by
>   human flesh.
   
>   Anything that stands in the way of those waves -- like a gun -- or
>   anything that emits weaker waves -- like a bag of cocaine or a plastic
>   explosive -- will show up on a little screen in the patrol car.
   
>   Clothes emit no waves. Neither do walls, allowing the device to be
>   used from even outside a room.
   
>   A second model is a smaller, battery-operated version that an officer
>   can operate by hand, like a radar gun.
   
>   Millimetrix hopes to field test the larger model soon at a police
>   agency.
   
>   Hingson argues the device runs roughshod over bans against illegal
>   searches and seizures. The law says police can stop and frisk a person
>   only when an officer has a "reasonable suspicion" the person is armed
>   or involved in a crime.
   
>   Millimetrix points out that while the imager can see through clothing,
>   it still leaves people some privacy. The device's display screen, the
>   company says, "does not reveal intimate anatomical details of the
>   person."
   
>   Chip Walker, spokesman for the National Rifle Association, noted that
>   devices like the imager threaten the legal rights of people in 31
>   states who are allowed to carry concealed weapons with proper
>   licenses.
   
>   "We certainly support efforts to disarm criminals, but we need to be
>   careful that we're not painting with too broad a brush here," he said.
   
>   Walker said that as troubling as terrorism is, people may be playing
>   into terrorists' hands by giving up their privacy.
   
>   "One of the broader issues is that if we start giving up certain civil
>   liberties, that essentially means that the terrorists are starting to
>   accomplish one of their goals," he said.





From David.K.Merriman at toad.com  Mon Aug 12 19:32:56 1996
From: David.K.Merriman at toad.com (David.K.Merriman at toad.com)
Date: Tue, 13 Aug 1996 10:32:56 +0800
Subject: 1024-bit keys
Message-ID: <199608121758.KAA09620@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: support at luckman.com, cypherpunks at toad.com
Date: Mon Aug 12 14:29:39 1996
In the documentation for Web Commander (page 7-50, item 19, top of page), 
under the process for getting a digital ID from VeriSign, you state:

"Also, please note that you cannot send keys longer than 512 to servers 
outside the United States."

I would like to ask for clarification on this point. Is this meant to say 
that a server inside the United States is not allowed to use a 512+ bit key 
with a client outside the U.S., or that a Web Commander server outside the 
U.S. may not employ a key of greater than 512 bits? In either case, what is 
the justification for such a statement/restriction? If a Federal 
regulation, could you please cite the Title and Section?

Thank you.

David Merriman

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome, encouraged, and PREFERRED. Visit my web
site at         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
I use Pronto Secure (tm) PGP-fluent Email software for Windows
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMg7PWsVrTvyYOzAZAQFo3QQAn2stH5ZtI2/SGt2qEwTWyhTnp6cMA3qC
hsukc3tEcvkaF75G2fdPdPkt/oyMpwU+X6jKk6kttbNNPSShrs7QtKgOoZS4FSU1
Zj+5sKrjUmluonly3JRJeZdIzWOOWGz6wd1pDBn90X9M9LzY+CBJT+yuoCWGVmh4
LJkvCJBkLrc=
=b+Ui
-----END PGP SIGNATURE-----






From frissell at panix.com  Mon Aug 12 19:35:28 1996
From: frissell at panix.com (Duncan Frissell)
Date: Tue, 13 Aug 1996 10:35:28 +0800
Subject: Searches
Message-ID: <2.2.32.19960812200659.008927dc@panix.com>


At 01:17 PM 8/9/96 -0400, Thomas C. Allard wrote:

>	In a landmark decision a federal court in New York has ruled
>that a CBS film crew and Secret Service agents are liable for filming and
>broadcasting a search of a private citizen's home. It is the first reported
>court decision to hold a television broadcaster liable for accompanying
>police agents on a search and filming it for the broadcast.

Just because someone at your door has a warrant or a contractual right to
search your place does not require you to allow anyone else in.  Par example:

Landlord of (A Member of This List):  The fire inspectors are here and would
like to inspect your apartment.

(A Member of This List):  They got a warrant?

Landlord of (A Member of This List):  No.

(A Member of This List):  Then they can't come in.

Landlord of (A Member of This List):  But I can enter the apartment with
reasonable notice under the rental agreement.

(A Member of This List):  You're welcome.  The Fire Inspectors aren't.

Landlord of (A Member of This List) who allowed a search of the rest of his
building was cited by the Fire Inspectors for an illegal apartment in the
basement.

DCF

"Why is it that when I'm faced with a reasonable request from a public
servant my immediate response is 'Load triple cannister'?"
  -- Cannister.  A cylindrical metal container filled with lead shot.
Designed to turn a field artillery piece into a very large shotgun.






From EALLENSMITH at ocelot.Rutgers.EDU  Mon Aug 12 20:04:15 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Tue, 13 Aug 1996 11:04:15 +0800
Subject: Yet another blame-the-Internet-for-child-porn
Message-ID: <01I876WBU7C89JD5RL@mbcl.rutgers.edu>



	They are, of course, failing to answer the question of why encouraging
people to consume _computer-generated_ child pornography should be considered
a justification for legal intervention, not to mention that such an effort
would also make putting _Lolita_ on the Internet illegal (text could drive
up demand for it as well, after all), or even political speech such as from
NAMBLA. (It's political speech just as much as material from neo-Nazis... or
from the Demopublicans.)
	There is also the lack of realization that someone can't be "exploited"
except in the Marxist sense on the Internet... only when the material is
originally made. Another point is that countries do differ on when is
considered old enough for voluntary participation in making pornography -
Tracy Lords material is legal in much of Europe, for instance.
	I'd also point to the media bias evident; they only quoted from
people who were in favor of governmental regulation. Fortunately, as even
one of the people at this "world congress" admitted, governmental regulation
of free speech on the Internet will ultimately fail. Prevent actual harm -
the _production_ of child pornography.
	-Allen

>   Centura
>                  WORLD CONGRESS TO FIGHT INTERNET CHILD PORN
>      Copyright &copy 1996 Nando.net
>      Copyright &copy 1996 Reuter Information Service
      
>   STOCKHOLM (Aug 11, 1996 12:29 p.m. EDT) - Distribution of child
>   pornography on the Internet seems destined to top the issues at the
>   world's first conference against sexual exploitation of children
>   opening later this month in Stockholm.
   
>   Activists are trying devise ways of keeping pedophiles from peddling
>   such material on the global computer network, which is already used as
>   a billboard to advertise prostitution and sex tourism and to exchange
>   adult pornography.
   
>   "The Internet is like heaven for the pedophile," said Toby Tyler, a
>   United States police officer who lectures at the Federal Bureau of
>   Investigation (FBI) academy on child abuse.
   
>   "As far as our ability to restrict the distribution of child
>   pornography and stop the sexual exploitation of children on the
>   Internet...it's not something that can be done."
   
>   Campaigners are concerned that unless urgent action is taken to stamp
>   out the Internet's distribution of child porn, whether it features
>   real children or just computer generated images, it could spark
>   greater demand for child pornography.
   
>   Tyler said the Internet has ended the days when pedophiles had to make
>   costly cross-border runs to buy child pornography in countries where
>   laws were laxer and penalties lighter.
   
>   Now they can obtain and distribute films and photos from their own
>   homes on the Internet with little risk of capture.
   
>   But not everyone agrees that regulating the internet or its 20 million
>   users worldwide is the right move.
   
>   Some advocates say the Internet represents free speech.
   
>   Others argue that the distribution of child pornography on the
>   Internet is not that widespread.
   
>   Margaret Healy from Bangkok-based End Child Prostitution in Asian
>   Tourism (ECPAT) said in a report prepared for the five-day Stockholm
>   conference which opens Aug. 27 that the regulation of child
>   pornography on computers presents special challenges and called on
>   governments to fund better training.
   
[...]

>    Copyright &copy 1996 Nando.net





From zachb at netcom.com  Mon Aug 12 20:11:49 1996
From: zachb at netcom.com (Z.B.)
Date: Tue, 13 Aug 1996 11:11:49 +0800
Subject: [NOISE] Newspapers and basic science (was: US Power Outages)
In-Reply-To: <4uo8jp$t5o@abraham.cs.berkeley.edu>
Message-ID: <Pine.3.89.9608121627.A22335-0100000@netcom11>


Well, all I remember is the 3-1/2 Seattles part - I put the"for a day" 
part in because I wasn't sure about it.  


Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127


On 12 Aug 1996, Ian Goldberg wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> <GRUMBLE>
> Watts are a measure of energy per unit time; it makes sense to say
> "60 W powers a light bulb", not "60 W powers a light bulb for one hour".
> </GRUMBLE>
> 
> But my _favourite_ example of this was a newspaper clipping I used to have
> that said that in the previous month, the city had received "160 square
> pounds of rain".   That just defied common sense.
> 





From sandfort at crl.com  Mon Aug 12 20:54:18 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Tue, 13 Aug 1996 11:54:18 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB88A7.0F5BA1C0@groningen04.pop.tip.nl>
Message-ID: <Pine.SUN.3.91.960812171348.20506E-100000@crl3.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Mon, 12 Aug 1996, Bart Croughs wrote:

> My statement that the wages depend on the amount of capital
> invested, has received a bad press. I thought cypherpunks were 
> economically literate, so I didn't explain the principle and I
> didn't give any sources for further reading. This proved to be
> a mistake.
> 	To avoid this kind of uninformed criticism in the future,
> I recommend my critics read the following books, which can all
> be ordered from Laissez-Faire Books...yada, yada, yada.

Been there, done that.  I repeat, the error that Bart made is
assuming that because some US-source capital gets redirected 
overseas, that the total amound of capital investment will 
decline thus producing the wage drop he is fretting about.
Unless he can show that foreign capital investment will not flow
to US workers who are "forced" into working in industries where
they have a comparative advantage, his argument must fail.  After
all, I--like the economists Bart cite--think international free
trade, the free flow of capital in persuit of the highest return
and division of labor are a GOOD thing.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From mpd at netcom.com  Mon Aug 12 21:02:30 1996
From: mpd at netcom.com (Mike Duvos)
Date: Tue, 13 Aug 1996 12:02:30 +0800
Subject: "X-Ray Gun" for imperceptible searches
In-Reply-To: <01I876465KRK9JD5RL@mbcl.rutgers.edu>
Message-ID: <199608130043.RAA02224@netcom15.netcom.com>


Color me skeptical.

"E. ALLEN SMITH" <EALLENSMITH at ocelot.Rutgers.EDU> writes:

 > The gadget doesn't send out X-rays; instead, it picks up
 > electromagnetic waves emitted by human flesh.

Would these electromagnetic waves be something distinct from the
blackbody spectrum of a human-sized blob of "mostly water" at the
appropriate temperature?

Or to put it another way, is this just a sophisticated IR imager
thickly coated in snake oil and marketing hype?

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $







From lzkoch at mcs.net  Mon Aug 12 21:17:58 1996
From: lzkoch at mcs.net (Lewis Koch)
Date: Tue, 13 Aug 1996 12:17:58 +0800
Subject: Snake Oil wanted
Message-ID: <199608130016.TAA23180@Kitten.mcs.com>



I am a journalist who has specialized in investigative reporting.  I have
been writing about and for the Net for about nine months, though I have
about three decades as a reporter/columnist/author.

There has been some discussion on this list of one story that I broke --
that of Deputy Attorney General Jamie S. Gorelick's speech "National
Security in the Information Age" delivered at the U.S. Air Force Academy 29
February 1996 in which she calls for the development of a "Manhattan
Project" to counter computer hackers.  The column and her complete speech
can be found at http://upside.master.com/online/columns/cybersense/9607.html
"U.S. Deputy Attorney General Jamie S. Gorelick Speaks Out Against Freedom
and Security on the Internet."

The story was published in a monthly column Cybersense which I write for
Upside Magazine's Website.

I am currently interested in writing about snake oil, especially as it
relates to claims about ensuring e-mail privacy, total computer security,
plug-and-play effortless encryption or hype relating to computer crime --
its origins, its prevalence, its prevention.

My Net audience is composed of people who perhaps pretend to more
sophistication that they truly have but who I think are most interested in
clarity.    

My areas of expertise are non-technical.  Over three decades, however, I
have proven record of investigative reporting.  

I have been fortunate to meet and rely on some very responsible people to
guide me through the technical thickets -- some of whom are members of this
List.

Any form of response is acceptable and all confidences will be respected.

     
Lewis Z. Koch
lzkoch at mcs.net
http://www.upside.com
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzHn8xwAAAEEANNKB31dvtigkO5ojKKBAjbrRhkTCrzg3vwhiQ0iS1Ubrxk8
HG/pMYjV4eCR3dZrekbI5/gvNPIG9yRdY8AA3THF761XWHiYZKyhQ8OHxNyjAgSA
jze+joT9559kQY++xiayAGK/0sd3P9ByUT+5yy3g9bNBV+vX9vA+Q6AhQTctAAUR
tA5semtvY2hAbWNzLm5ldA==
=YZQ8
-----END PGP PUBLIC KEY BLOCK-----






From bart.croughs at tip.nl  Mon Aug 12 21:25:18 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Tue, 13 Aug 1996 12:25:18 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB88AF.40553180@groningen04.pop.tip.nl>




Perry Metzger wrote:

> Bart Croughs writes:
> > 	 But there is another axiom of economics which the
> > nationalist/socialist can use for his case against the free movement of
> > capital. This axiom states that the wages of workers depend on the
> > amount of capital invested. The more capital invested, the higher the
> > wages are.

>I failed to note obvious counterexamples. Well known authors get giant
>advances for books written with manual typewriters. Minimum wage
>workers routinely operate expensive equipment. Workers doing the same
>job in different places using identical equipment that cost identical
>sums earn different salaries.

>Clearly, wages are defined by supply and demand -- not by "capital
>investment".


When economists say that wages are determined by the amount of capital invested, they mean on a regional/national level, not on the level of individuals.

Bart Croughs 










From tcmay at got.net  Mon Aug 12 21:39:31 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 13 Aug 1996 12:39:31 +0800
Subject: Police prepare stunning end for high-speed car chases
Message-ID: <ae35140a07021004ebf2@[205.199.118.202]>


At 4:46 PM 8/12/96, snow wrote:
>On Sat, 10 Aug 1996, Gary Howland wrote:

>>       Will old fashioned engines be outlawed?
>>       Will the "stun guns" be outlawed?
>>       Will susceptible electronic systems become mandatory?
>>       (and if so, why not just put a remote control switch in all cars?)
>
>    One word: Pacemakers.

Not just pacemakers, but also cars losing steering control (but not forward
speed, obviously) and thus plow into crowds. And airbags that perhaps get
triggered in all the ruckus, breaking the necks of infants (as has
happened).

Think of the liablility issues! Deliberately causing a car to lose control.
Mon Dieu!

I'm skeptical that this EM cannon will get deployed anytime soon.

(And I'm not ignorant of such technologies, having attended several of the
Nuclear and Space Radiation Effects Conferences. I also played around with
this as a minor plot element in a novel I was working on several years ago,
namely, a character killed in Los Alamos when the Electronic Engine Control
circuitry of his BMW was zapped while on a mountain road. This, by the way,
is a "side effect" of widely deploying such EM cannon technologies--people
using them on twisty mountain roads. I can think of some places near Big
Sur and around Devil's Slide where such a gizmo would produce real
interesting effects!)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From shamrock at netcom.com  Mon Aug 12 21:43:47 1996
From: shamrock at netcom.com (Lucky Green)
Date: Tue, 13 Aug 1996 12:43:47 +0800
Subject: FCC_ups
Message-ID: <v02120d03ae356356fa46@[192.0.2.1]>


At 11:36 8/12/96, Brian D Williams wrote:

> First I would like to mention Lucky that I always enjoy your
>posts. Second I would like to say that as I have mentioned
>previously, the RBOC I work for filed for complete unbundling of
>the local loop in March of 93. We are not the one's holding up the
>show.

Thanks for kind words. I am happy to hear that your RBOC is so enlightened.
I did not mean to exclusively blame the Baby Bells. There is plenty of
blame to go around. Look at the FCC's incomprehensible decision to require
that an ISDN line be billed as two lines, arguing that it requires double
the upstream bandwidth.

I know that I am repeating myself, but here is a brief primer on telco
realities:

There is plenty of upstream bandwidth, since everything but the local loop
is already running on fiber. The problem is in the local loop. In many
cities, there is simply no room left in the ducts to run even one more
wire. Anything, such as ISDN, that can get more lines out of the same
number of wires is a Good Thing to the telcos and the consumers. The
alternative is trenching. An often prohibitively expensive proposal,
especially in a downtown area. The FCC should encourage, not discourage the
use of such wire saving technology.

>10 Mb/s ethernet and 100 ISDN B channels (64k each)? I would
>certainly like to here more! Unfortunately as I have also
>previously pointed out, point-to-point copper is a thing of the
>past, it is rare and expensive now. The current fiber-to-the-curb
>standard involves "slick 96" muxes which use 4 framed T-1's (1.536
>Mb/s) to provide 96 voice channels.

Given the cost of running fiber to the home, the near and intermediate
future is definitely fiber to the curb. The technology we were developing
works beautifully with this set-up. To be more precise, the system provides
a 10Mbps Ethernet, 96 64bps ISDN B channels, a D and an M channel if using
iso-Ethernet based technology. But the key to getting all this bandwidth
isn't iso-Ethernet, it was our chip. This can be done at ~$600/home and for
a low as $100 per node. Yes, this will increase upstream bandwidth
requirements, but as I mentioned earlier, there is plenty of upstream
bandwidth. Last office I worked in was facing an alley full of loading
docks and trash binns. Six feet away from the door ran MFS's OC-48 SONET.

There are of course exceptions. If you live in a very old building, you
might have to rewire. My current apartment uses three wire cabling. I have
no idea what the third wire is good for. You can't run two POTS over three
wires. In a building like this you'd have to rewire. But few office
buildings are likely to have such lousy wiring.

Anyway, I hate to be a tease, but that's about as far as my NDA will let me go.

[Any further dialog in private email, please. Time to take this tread off-list.]



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From tcmay at got.net  Mon Aug 12 21:43:55 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 13 Aug 1996 12:43:55 +0800
Subject: [NOISE] Newspapers and basic science (was: US Power Outages)
Message-ID: <ae3526be0902100450ca@[205.199.118.202]>


At 11:53 PM 8/12/96, Z.B. wrote:
>Well, all I remember is the 3-1/2 Seattles part - I put the"for a day"
>part in because I wasn't sure about it.
>

Well, by putting in that "for a day" line, you made the news folk seem even
more ignorant than they actually may be! It was the "for a day" that made
the quote seem so stupid, as Ian's point below makes clear. (I had read
this stupid quote and just deleted the message, rather than get into the
difference between power and the integral of power.)

In the future, you might try leaving quotes alone, without improvements.

(One way is to add comments such as "[for a day?]", which readers can then
accept or reject as they wish.)

--Tim


>On 12 Aug 1996, Ian Goldberg wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>>
>> <GRUMBLE>
>> Watts are a measure of energy per unit time; it makes sense to say
>> "60 W powers a light bulb", not "60 W powers a light bulb for one hour".
>> </GRUMBLE>

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From bart.croughs at tip.nl  Mon Aug 12 21:47:04 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Tue, 13 Aug 1996 12:47:04 +0800
Subject: AW: National Socio-Economic Security Need for Encryption  Technology
Message-ID: <01BB88AF.3C1CDF00@groningen04.pop.tip.nl>


Timothy C. May wrote:

>At 10:31 PM 8/11/96, Bart  Croughs wrote:

>>         But there is another axiom of economics which the
>>nationalist/socialist can use for his case against the free movement of
>>capital. This axiom states that the wages of workers depend on the amount
>>of capital invested. The more capital invested, the higher the wages are.
>>If American

>I agree strongly. In my Econ 101 class, lo those many years ago, I was
>constantly reminded to "Remember the Croughs Axiom!"

I would be proud if I had discovered this axiom, but alas, I haven't. It's an axiom that is generally accepted among austrian economists (Rothbard, Hazlitt, etc). I don't know who actually discovered it.

>It is why MacDonald's workers, who work at a company which has invested
>truly vast sums of money in the capital of its outlets, pays its workers so
>much more than do the legal firms, advertising firms, etc., which have
>invested almost nothing in the capital of their facilities.

When economists say that wages depend on the amount of capital invested, they mean on a regional/national level, not on the level of individuals.
	Back to class!

Bart Croughs





From bart.croughs at tip.nl  Mon Aug 12 21:54:06 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Tue, 13 Aug 1996 12:54:06 +0800
Subject: National Socio-Economic Security Need for Encryption  Technology
Message-ID: <01BB88B2.33BB74E0@groningen04.pop.tip.nl>


Arun Mehta wrote:

>Indeed. Bart makes a very remarkable assumption, which is that the total 
>amount of capital in the fastest growing industry in human history  is constant.

I didn't make this assumption. When I say that when capital leaves the US, the amount of capital in the US will be lower, I mean that the amount of capital will be lower than it otherwise would have been. It will be *relatively* lower, and so the wages in the US will be *relatively* lower than when when the capital wouldn't have left the US. Of course, absolutely speaking the wages could still become higher. I thought this was so obvious that I didn't make this explicit. 


Bart Croughs





From sasa.roskar at uni-lj.si  Mon Aug 12 22:09:41 1996
From: sasa.roskar at uni-lj.si (sasa.roskar at uni-lj.si)
Date: Tue, 13 Aug 1996 13:09:41 +0800
Subject: Anguilla story...
Message-ID: <009A6C3F.D8665B7E.21@uni-lj.si>


Can someone please tell me the origin of this whole Anguilla story
that's been going around a lot for the past few days... I just
got onto the list two days ago, and I didn't catch the beginning
of it... thanks,

rok





From gelona at worldnet.att.net  Mon Aug 12 22:28:21 1996
From: gelona at worldnet.att.net (gelona)
Date: Tue, 13 Aug 1996 13:28:21 +0800
Subject: test-1
Message-ID: <320FD48A.6A9E@worldnet.att.net>


from:gelona at worldnet.net.att

To:cypherpunks at toad.com

::
Request~Remailing to :BuzzRBee at juno.com



Test-1 , done at 9.03





From 76702.3557 at compuserve.com  Mon Aug 12 22:43:45 1996
From: 76702.3557 at compuserve.com (David Kennedy)
Date: Tue, 13 Aug 1996 13:43:45 +0800
Subject: Hoax: A ban on cryptography?
Message-ID: <960813023753_76702.3557_CHN38-4@CompuServe.COM>


My mailer thinks the e$pam list pulled this from cypherpunks:

>>                                             S.1666
 
 Department of Commerce Authorization Act for Fiscal Year 1997 (Passed by the
 Senate) <<

And this is bogus, and as far as I can tell not a typo, it's complete hokum.

S.1666 is an obscure bill about courts in Utah.

A search of http://thomas.loc.gov on "encryption" reveals the expected bills,
PRO-CODE etc.

A search for the DoC Authorization Act reveals nothing, as far as I can tell
this bill has not been drafted let alone passed. I don't know enough about how
the DoC is funded to know if they get their own Authorization Act or receive
authorizations piecemeal and by the reconciliation.

Again, this is bogus.

!^NavFont02F02350014QGHHG|MG~HG85QG87HI}2126






From nobody at replay.com  Mon Aug 12 22:43:50 1996
From: nobody at replay.com (Anonymous)
Date: Tue, 13 Aug 1996 13:43:50 +0800
Subject: cybergangs
Message-ID: <199608130215.EAA20375@basement.replay.com>


Dimitri Vulis ranted thusly into the aether:

>Death to the Usenet Cabal! All power to the GruborBots!

Jeez, is there no place safe from Dimitri's Cabal rantings? There Is No Cabal
fnord. So there.

ObCypherpunks: It's worth noting that Dimitri's reputation capital is so devalued on Usenet that his vote wasn't accepted in the recent soc.religion.paganism CFV:

dlv at bwalk.dm.com                                             Dr. Dimitri Vulis
   ! Vote rejected by votetaker (untrusted site)

This is from Message-ID: <839564931.8926 at uunet.uu.net>, btw.







From fair at cesium.clock.org  Mon Aug 12 22:50:22 1996
From: fair at cesium.clock.org (Erik E. Fair (Time Keeper))
Date: Tue, 13 Aug 1996 13:50:22 +0800
Subject: "X-Ray Gun" for imperceptible searches
Message-ID: <v02140b09ae3588467e34@[17.255.9.110]>


I wonder how well the imager works through mylar or gold lame' clothing (or
other high-metal content clothing)?

        curious,

        Erik







From proff at suburbia.net  Mon Aug 12 23:04:42 1996
From: proff at suburbia.net (Julian Assange)
Date: Tue, 13 Aug 1996 14:04:42 +0800
Subject: Yet another blame-the-Internet-for-child-porn
In-Reply-To: <01I876WBU7C89JD5RL@mbcl.rutgers.edu>
Message-ID: <199608130140.LAA20673@suburbia.net>


> 	They are, of course, failing to answer the question of why encouraging
> people to consume _computer-generated_ child pornography should be considered
> a justification for legal intervention, not to mention that such an effort
> would also make putting _Lolita_ on the Internet illegal (text could drive
> up demand for it as well, after all), or even political speech such as from
> NAMBLA. (It's political speech just as much as material from neo-Nazis... or
> from the Demopublicans.)

I don't see what the FBI is complaining about. Child pornography traded
on the net makes produces of child pornography incredibly easy to
locate. The child porn peddlers and consumers caught on the network are
usually soft, chewy and coperative, responding well to all manner of
threats and inducements. Further the piracy in child pornography tends
to create a buyers market, drives prices down substantially, reducing
the incentive to produce original material at all.

--
"Of all tyrannies a tyranny sincerely  exercised for the good of its victims  
 may be the most  oppressive.  It may be better to live under  robber barons  
 than  under  omnipotent  moral busybodies,  The robber baron's  cruelty may  
 sometimes sleep,  his cupidity may at some point be satiated; but those who  
 torment us for own good  will torment us  without end,  for they do so with 
 the approval of their own conscience."    -   C.S. Lewis, _God in the Dock_ 
+---------------------+--------------------+----------------------------------+
|Julian Assange RSO   | PO Box 2031 BARKER | Secret Analytic Guy Union        |
|proff at suburbia.net   | VIC 3122 AUSTRALIA | finger for PGP key hash ID =     |
|proff at gnu.ai.mit.edu | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 |
+---------------------+--------------------+----------------------------------+





From schryver at radiks.net  Mon Aug 12 23:22:01 1996
From: schryver at radiks.net (Scott Schryvers)
Date: Tue, 13 Aug 1996 14:22:01 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
Message-ID: <199608130242.VAA11177@sr.radiks.net>


At 06:56 PM 8/12/96 EDT, you wrote:
Since metal blocks the waves and stands out on the screen one could affectively
block its use by putting up a fine metal mesh on the interior of all walls 
that are exterior to the house.  The same could be said for clothing that 
looks normal but has a metal mesh liner, like say a trench coat.

>	I would wonder if a jamming device (preferably area-effect with a 
>slowly randomly varying swathe of area, to avoid figuring out who was carrying
>it) would be possible, or some variety of shielding (i.e., emitting waves
>looking similar to flesh).
>	-Allen
>
>>   Direct Media
>>                    NEW X-RAY GUN TRADES PRIVACY FOR SAFETY
>>      Copyright &copy 1996 Nando.net
>>      Copyright &copy 1996 The Associated Press
>
>>   SANTA MONICA, Calif. (Aug 12, 1996 09:47 a.m. EDT) -- The latest
>>   weapon against terrorism can see right through you.
>   
>>   The Passive Millimeter Wave Imager can X-ray through clothing to "see"
>>   a concealed weapon, plastic explosives or drugs. A police officer can
>>   surreptitiously aim it into a crowd from as far away as 90 feet.
>   
>>   The new X-ray gun is becoming a symbol for an unlikely alliance of
>>   civil libertarians and gun owners who fear the fight against crime and
>>   terrorism may be waged at the expense of personal freedoms.
>   
>>   "I'm incredibly concerned," said John Henry Hingson, a past president
>>   of the National Association of Criminal Defense Lawyers, meeting here
>>   this past week. "The entire nation could become a victim of illegal
>>   searches and seizures and the law is powerless to protect them from
>>   these police abuses."
>   
>>   But in these nervous times following the the crash of TWA Fight 800
>>   and bombings at the Olympics, Oklahoma City and the World Trade
>>   Center, many Americans are now willing to trade some of their privacy
>>   and civil liberties for greater security.
>   
>>   A poll last week by the Los Angeles Times found that a majority of
>>   people -- 58 percent -- said they would curtail some civil liberties
>>   if it would help thwart terrorism. Thirteen percent said it would
>>   depend on what rights were at stake. The poll didn't ask people to
>>   single out any rights.
>   
>>   The Clinton administration has proposed increased wiretapping and
>>   other anti-terrorism steps, and is doling out research grants for
>>   cutting edge anti-crime technology that once may have been intended
>>   for only military use.
>   
>[...]
>   
>>   Two models are being developed of the Passive Millimeter Wave Imager,
>>   a creation of Massachusetts-based Millimetrix Corp.
>   
>>   The larger one, about the size of a shoebox, is mounted on a patrol
>>   car and pointed at the unsuspecting person. The gadget doesn't send
>>   out X-rays; instead, it picks up electromagnetic waves emitted by
>>   human flesh.
>   
>>   Anything that stands in the way of those waves -- like a gun -- or
>>   anything that emits weaker waves -- like a bag of cocaine or a plastic
>>   explosive -- will show up on a little screen in the patrol car.
>   
>>   Clothes emit no waves. Neither do walls, allowing the device to be
>>   used from even outside a room.
>   
>>   A second model is a smaller, battery-operated version that an officer
>>   can operate by hand, like a radar gun.
>   
>>   Millimetrix hopes to field test the larger model soon at a police
>>   agency.
>   
>>   Hingson argues the device runs roughshod over bans against illegal
>>   searches and seizures. The law says police can stop and frisk a person
>>   only when an officer has a "reasonable suspicion" the person is armed
>>   or involved in a crime.
>   
>>   Millimetrix points out that while the imager can see through clothing,
>>   it still leaves people some privacy. The device's display screen, the
>>   company says, "does not reveal intimate anatomical details of the
>>   person."
>   
>>   Chip Walker, spokesman for the National Rifle Association, noted that
>>   devices like the imager threaten the legal rights of people in 31
>>   states who are allowed to carry concealed weapons with proper
>>   licenses.
>   
>>   "We certainly support efforts to disarm criminals, but we need to be
>>   careful that we're not painting with too broad a brush here," he said.
>   
>>   Walker said that as troubling as terrorism is, people may be playing
>>   into terrorists' hands by giving up their privacy.
>   
>>   "One of the broader issues is that if we start giving up certain civil
>>   liberties, that essentially means that the terrorists are starting to
>>   accomplish one of their goals," he said.
>
PGP encrypted mail preferred.  
E-Mail me for my key.
Scott J. Schryvers <schryver at radiks.net>






From weld at l0pht.com  Mon Aug 12 23:26:53 1996
From: weld at l0pht.com (Weld Pond)
Date: Tue, 13 Aug 1996 14:26:53 +0800
Subject: "X-Ray Gun for imperceptible searches
Message-ID: <Pine.BSD/.3.91.960812223251.18576A-100000@l0pht.com>



This thing sounds like it could be easily defeated by sewing some "space 
blanket" material on the inside of coats, etc.  Maybe jackets that 
show up false positives with gun shaped cutouts will become 
fashionable with the already harrassed inner-city set.

      Weld Pond   -  weld at l0pht.com   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio






From dlv at bwalk.dm.com  Mon Aug 12 23:32:40 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Tue, 13 Aug 1996 14:32:40 +0800
Subject: Article on Electronic Commerce with a few too many
In-Reply-To: <199608122000.NAA19713@mail.pacifier.com>
Message-ID: <PePksD97w165w@bwalk.dm.com>


jim bell <jimbell at pacifier.com> writes:
> I too find this concept offensive, at least to the extent that it is kept a
> secret from the marketplace. Even so, as a libertarian and free-market
> capitalist, I certainly see nothing wrong with "allowing such behavior," and
> indeed  I'd see something wrong with NOT "allowing" it.  Nevertheless, to
> the extent it occurs it should be well understood and identified for what it
> is.

This reminds me of the recent revelation how a major disposable lens maker
was marketing three lines of lenses: cheap ones, good for a few days;
medium ones, good for a week; very expensive ones, good for a month.
You guessed it - the lenses inside the packaging were identical.

(I find that most self-described "libertarians" are actually fucking statists.)

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From bdolan at use.usit.net  Mon Aug 12 23:39:36 1996
From: bdolan at use.usit.net (Brad Dolan)
Date: Tue, 13 Aug 1996 14:39:36 +0800
Subject: US Power Outages
In-Reply-To: <2.2.32.19960812211716.00893f04@panix.com>
Message-ID: <Pine.SOL.3.91.960812183505.21176C-100000@use.usit.net>


Portland General Electric shut down a big, perfectly good nuke a couple 
of years ago since there was ample cheap power to replace it.

So they said.

bd


On Mon, 12 Aug 1996, Duncan Frissell wrote:

> At 10:15 AM 8/12/96 -0800, jim bell wrote:
> >This morning, I read the new claim: extreme heat (presumably assisted by 
> >heat dissipated in the power line itself) cause the power cables near The 
> >Dalles (about 100 miles east of Portland, along the Columbia river) to 
> >stretch and sag, eventually shorting themselves out to trees near the ground.
> 
> The real cause was inadequate supply of nuclear power plants caused by
> technophobe agitation.  
> 
> DCF
> 
> 





From perry at piermont.com  Mon Aug 12 23:50:26 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 13 Aug 1996 14:50:26 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB88AF.40553180@groningen04.pop.tip.nl>
Message-ID: <199608130329.XAA17152@jekyll.piermont.com>



Bart Croughs writes:
> >Clearly, wages are defined by supply and demand -- not by "capital
> >investment".
> 
> When economists say that wages are determined by the amount of capital
> invested, they mean on a regional/national level, not on the level of
> individuals.

So, you are saying that if everyone in the country spent their life
savings on building giant green pylons, the capital investment would
drive up everyone's wages? Wow! In fact, we could borrow money from
other countries to build more green pylons and drive up wages so fast
we could pay off the resultant debt!

Perry

(PS Please stop posting these things -- you may kill everyone watching
with laughter.)





From jimbell at pacifier.com  Tue Aug 13 00:02:16 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 13 Aug 1996 15:02:16 +0800
Subject: Article on Electronic Commerce with a few too many
Message-ID: <199608130312.UAA15239@mail.pacifier.com>


At 08:19 PM 8/12/96 EDT, Dr.Dimitri Vulis KOTM wrote:
>jim bell <jimbell at pacifier.com> writes:
>> I too find this concept offensive, at least to the extent that it is kept a
>> secret from the marketplace. Even so, as a libertarian and free-market
>> capitalist, I certainly see nothing wrong with "allowing such behavior," and
>> indeed  I'd see something wrong with NOT "allowing" it.  Nevertheless, to
>> the extent it occurs it should be well understood and identified for what it
>> is.
>
>This reminds me of the recent revelation how a major disposable lens maker
>was marketing three lines of lenses: cheap ones, good for a few days;
>medium ones, good for a week; very expensive ones, good for a month.
>You guessed it - the lenses inside the packaging were identical.
>
>(I find that most self-described "libertarians" are actually fucking 
statists.)

I don't see how that last statement follows anything that went before.  I 
made it explicitly clear that companies have a right to market in such ways; 
I also have a right to dislike those methods.  

As for other libertarians, I don't see that they're appreciably different.  So 
where did that last comment come from? 

BTW, your KOTM credential is outdated...are you trying to have it renewed?

Jim Bell
jimbell at pacifier.com





From sophi at best.com  Tue Aug 13 00:05:02 1996
From: sophi at best.com (Greg Kucharo)
Date: Tue, 13 Aug 1996 15:05:02 +0800
Subject: Rumors of death of Anguilla Data are greatly exaggerated
Message-ID: <199608130417.VAA01967@dns2.noc.best.net>


 In the Swiss system, who dictates to the banks thier policies about who
and what they can store?  Do the banks have enough influence to sway
lawmakers?  It seems to me that the issue is not illegality, but rather if
the depositor is a viable political entity with "something on the other
guy".  When the Nazis or Columbian drug dealers are still in power, the
Swiss look the other way.  As soon as these types fall to other forces, the
Swiss hand over the goods to the victors.  I think if you were to
sucessfully store information that a large power finds personally
objectionable, the best solution is to play  both sides.  Scenario; The
U.S. leans on the Anguilla authorities to close down Vince.  Vince goes to
the British consulate and negotiates for the depositing of some nasty
information about the Queen or something.  The British lean on the
Americans to lay off.
  A little far feteched but you get the idea.  And it would work in the
majority of situations.  I bet money stashed by Hitler and Goebbels got
confiscated after World War II.  But Gerhard Whelen got his loot when he
linked up with the CIA.



???????????????????????????????????????
Greg Kucharo
sophi at best.com
"People want chaos for about 5 minutes.  Then 
they want some money and a backrub."
                                -Bruce Sterling
???????????????????????????????????????





From perry at piermont.com  Tue Aug 13 00:05:24 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 13 Aug 1996 15:05:24 +0800
Subject: AW: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB88AF.3C1CDF00@groningen04.pop.tip.nl>
Message-ID: <199608130335.XAA17171@jekyll.piermont.com>



Bart Croughs writes:
> I would be proud if I had discovered this axiom, but alas, I haven't.
> It's an axiom that is generally accepted among austrian economists
> (Rothbard, Hazlitt, etc). I don't know who actually discovered it.

The truly hysterical part is that Tim and I are both (from what I can
tell) Austrians.

Perry






From alano at teleport.com  Tue Aug 13 00:07:30 1996
From: alano at teleport.com (Alan Olsen)
Date: Tue, 13 Aug 1996 15:07:30 +0800
Subject: "X-Ray Gun for imperceptible searches
Message-ID: <2.2.32.19960813034347.00ab6534@mail.teleport.com>


At 10:36 PM 8/12/96 -0400, Weld Pond wrote:

>This thing sounds like it could be easily defeated by sewing some "space 
>blanket" material on the inside of coats, etc.  

You could probibly build little clip on active jammers.  (With published
specs to the "Evil Internet(tm)".)  Such intrusive methods should be pretty
easy to screw up with proper detail on their operation.  (I expect the 2600
crowd will have jammer kits available soon.  And working ones a few months
after that...)

>Maybe jackets that 
>show up false positives with gun shaped cutouts will become 
>fashionable with the already harrassed inner-city set.

I want one that will make me show up as a multi-tentacled alien horror from
beyond space and time.  Why make them wig out and shoot you when you can
really mess with their minds...?




---
|"Computers are Voodoo -- You just have to know where to stick the pins."|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From jimbell at pacifier.com  Tue Aug 13 00:15:51 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 13 Aug 1996 15:15:51 +0800
Subject: Police prepare stunning end for high-speed car chases
Message-ID: <199608130343.UAA16999@mail.pacifier.com>


At 09:54 AM 8/12/96 -0700, Timothy C. May wrote:

>
>(And I'm not ignorant of such technologies, having attended several of the
>Nuclear and Space Radiation Effects Conferences. I also played around with
>this as a minor plot element in a novel I was working on several years ago,
>namely, a character killed in Los Alamos when the Electronic Engine Control
>circuitry of his BMW was zapped while on a mountain road. This, by the way,
>is a "side effect" of widely deploying such EM cannon technologies--people
>using them on twisty mountain roads. I can think of some places near Big
>Sur and around Devil's Slide where such a gizmo would produce real
>interesting effects!)

Why would you need an "EM Cannon" for this?  Just string a 1-car-sized loop 
of wire on the surface of a road, and off in the bushes hide a battery, 
DC-to-Hi voltage DC converter and 20kv+ capacitor, and a vacuum switch or 
some other switch arrangement.  When the car in question traverses the loop, 
short the switch and the car will be blasted with 20,000 volt-turns of 
induction.  Sure, most of it will pass harmlessly through the car's steel, 
but even iron has a limited "mu" which means that every electrical device in 
the car will be subjected to a certain amount of induced EMF, probably 
enough to at least reset a few microprocessors and possibly even destroy them.


Jim Bell
jimbell at pacifier.com





From tcmay at got.net  Tue Aug 13 00:16:16 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 13 Aug 1996 15:16:16 +0800
Subject: Hoax: A ban on cryptography?
Message-ID: <ae354cda0c021004454b@[205.199.118.202]>


At 2:37 AM 8/13/96, David Kennedy wrote:
>My mailer thinks the e$pam list pulled this from cypherpunks:
>

And I'll bet you're still looking for "Oceania" in your atlas?

This is one of the main reasons I hate it when my articles get "spammed" to
other lists, lists where people have no idea of who I am and no idea of my
sense of humor.

For the clueless, I simply took the "Defense Authorization" bill which had
been posted to Cypherpunks by geeman at best.com and replaced a few of the
words involving "explosives" with "cryptography." Oh, and I twiddled the
number of the bill to include "666." Finally, I even said "This may not be
real, but it could be" at the end.

Jeesh.

The worst part of having my stuff spammed, e-spammed, gurgitated, and
regurgitated is that I get letters from people saying "I saw this thing you
wrote on the Kangaroo Hopping List. What is "crypto"? Thanks a bunch,
dude."

Wake up.

And for those who forward my stuff, please include appropriate disclaimers
to your "spammees" that a) one should read things with an appreciation that
a post may be tongue in cheek, b) that back-spamming to another list is not
cool, and c) that I don't want to be bothered.


>>>                                             S.1666
>
> Department of Commerce Authorization Act for Fiscal Year 1997 (Passed by the
> Senate) <<
>
>And this is bogus, and as far as I can tell not a typo, it's complete hokum.
>
>S.1666 is an obscure bill about courts in Utah.
>
>A search of http://thomas.loc.gov on "encryption" reveals the expected bills,
>PRO-CODE etc.
>
>A search for the DoC Authorization Act reveals nothing, as far as I can tell
>this bill has not been drafted let alone passed. I don't know enough about how
>the DoC is funded to know if they get their own Authorization Act or receive
>authorizations piecemeal and by the reconciliation.
>
>Again, this is bogus.
>
>!^NavFont02F02350014QGHHG|MG~HG85QG87HI}2126

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From perry at piermont.com  Tue Aug 13 00:20:52 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 13 Aug 1996 15:20:52 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB88A7.14E3A5C0@groningen04.pop.tip.nl>
Message-ID: <199608130106.VAA16957@jekyll.piermont.com>



Bart Croughs writes:
> Perry Metzger wrote:
> 
> >Bart Croughs writes:
> >> 	 But there is another axiom of economics which the
> >>nationalist/socialist can use for his case against the free movement of
> >> capital. This axiom states that the wages of workers depend on the
> >> amount of capital invested. The more capital invested, the higher the
> >> wages are.
> 
> >This must be some new axiom of economics that I had not heard of.
> 
> It's not a sin to be ignorant, but to boast about it...  I recommend
> you read the great libertarian /austrian economists: Murray
> Rothbard, Henry Hazlitt, etc.

Perhaps I should start being more vicious when I'm using sarcasm.

Nowhere in the writings of any Austrian economist will you find anything
claiming that the wages for a given job are linked to capital
investment by the employer.

Perry





From alano at teleport.com  Tue Aug 13 00:22:56 1996
From: alano at teleport.com (Alan Olsen)
Date: Tue, 13 Aug 1996 15:22:56 +0800
Subject: "X-Ray Gun" for imperceptible searches
Message-ID: <2.2.32.19960813035436.00b058b4@mail.teleport.com>


At 06:42 PM 8/12/96 -0700, Time Keeper wrote:
>I wonder how well the imager works through mylar or gold lame' clothing (or
>other high-metal content clothing)?

You will be required to escrow such clothing with the proper government
authorities.  Inspections will be done by the Bureau of cocktails, discos,
and munitions according to strict rules set down by President Clinton, with
advisement from Former Sen. Bob Packwood. 

Actually they will just use harder radiation in those cases.  The higher
cases of radiation burns and sickness will be offset by the gains in
perceived public safety.

"Eyes melt. Skin explodes. Everybody dead!" - An unnamed source at the FBI.
---
|"Computers are Voodoo -- You just have to know where to stick the pins."|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From root at hellspawn.Berkeley.EDU  Tue Aug 13 00:48:07 1996
From: root at hellspawn.Berkeley.EDU (Damien Lucifer)
Date: Tue, 13 Aug 1996 15:48:07 +0800
Subject: Spam and Eggs. (fwd)
Message-ID: <Pine.LNX.3.91.960813004421.1425E-100000@HellSpawn>



I put together a few pages regarding remailers and net spamming. Nathan 
Waddoups <nathan at metareality.com> hosts a well written site dealing with 
the larger issue of netspam, and has graciously agreed to host the 
remailer pages.




---------- Forwarded message ----------
Date: Mon, 12 Aug 1996 17:06:25 -0700 (PDT)
From: Nate Waddoups <nathan at metareality.com>
Subject: Re: Spam and Eggs. 


I just finished adding your page.  You're linked from the main spam page:

	http://www.metareality.com/~nathan/visit.cgi/html.Spam

...and your page is at this address:

	http://www.metareality.com/~nathan/visit.cgi/spam/html.Remail

Groovy.
-----------------------------------------------------------------------------  
  <sig> see http://www.metareality.com/~nathan for more of the same </sig>   
Help stop junk email!  http://www.metareality.com/~nathan/visit.cgi/html.Spam








From jimbell at pacifier.com  Tue Aug 13 00:53:53 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 13 Aug 1996 15:53:53 +0800
Subject: "X-Ray Gun" for imperceptible searches
Message-ID: <199608130312.UAA15244@mail.pacifier.com>


At 05:43 PM 8/12/96 -0700, Mike Duvos wrote:
>Color me skeptical.
>
>"E. ALLEN SMITH" <EALLENSMITH at ocelot.Rutgers.EDU> writes:
>
> > The gadget doesn't send out X-rays; instead, it picks up
> > electromagnetic waves emitted by human flesh.
>
>Would these electromagnetic waves be something distinct from the
>blackbody spectrum of a human-sized blob of "mostly water" at the
>appropriate temperature?
>
>Or to put it another way, is this just a sophisticated IR imager
>thickly coated in snake oil and marketing hype?

That depends on what you mean by "IR."  Near-IR is about 300 Terahertz; I've 
seen some items in electronic magazines recently concerning systems that 
emit and receive around 1 terahertz.  Apparently, they can read writing in 
envelopes, etc.  It isn't clear whether this particular system is more like 
a thermal IR system, or one of those newer ones.

Chances are good that when such a system is produced, it will be produced 
WITHOUT any kind of recording system that must be installed.  The problem 
is, this leaves it open to interpretation as to what a cop saw, and judges 
and juries tend to be too deferential to cops who "are trying to protect 
us."  All a cop has to do is to claim he saw a gun, or drugs, or practically 
anthing else, and suddenly he has probable cause where he wouldn't have had 
it before.  Yet more abuse with no obvious benefit.

All the more reason to adopt an AP-type system:  The so-called "justice 
system" rarely punishes its own; if we are to have a realistic deterrent, 
the only way to do it is to let outsiders deal with abuse.


Jim Bell
jimbell at pacifier.com





From tcmay at got.net  Tue Aug 13 01:01:54 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 13 Aug 1996 16:01:54 +0800
Subject: Police prepare stunning end for high-speed car chases
Message-ID: <ae354f9a0d021004ea93@[205.199.118.202]>


At 4:43 AM 8/13/96, jim bell wrote:
>At 09:54 AM 8/12/96 -0700, Timothy C. May wrote:
>
>>
>>(And I'm not ignorant of such technologies, having attended several of the
>>Nuclear and Space Radiation Effects Conferences. I also played around with

>Why would you need an "EM Cannon" for this?  Just string a 1-car-sized loop
>of wire on the surface of a road, and off in the bushes hide a battery,
>DC-to-Hi voltage DC converter and 20kv+ capacitor, and a vacuum switch or
>some other switch arrangement.  When the car in question traverses the loop,
>short the switch and the car will be blasted with 20,000 volt-turns of
>induction.  Sure, most of it will pass harmlessly through the car's steel,
>but even iron has a limited "mu" which means that every electrical device in
>the car will be subjected to a certain amount of induced EMF, probably
>enough to at least reset a few microprocessors and possibly even destroy them.

Well, we're all operating based on speculation, as to intended modes of
operation, what the contracts may ask for, what may eventually get
delivered, etc.

Certainly the described mode, that of a police car _pursuing_ another car,
suggests a car-launched signal. Rewiring the nation's roads to include
buried cables in anticipation of a future use would be pretty expensive!

(And if the cops can plan for a suspect/fleeing car to pass a specific
location, low-tech solutions like laying a row of caltrops across the road
will do much the same thing as "zapping" (which may not even work.))

As to high-voltage zapping, on this I am _extremely_ skeptical, at least as
Jim's proposal above goes. Modern chips are equipped to deal with
high-voltage, having electrostatic discharge (ESD) provisions. Voltages a
lot higher than 20kv.

And getting this hv signal in to the interior of the engine compartment,
and past the various thermal and other shields would be a chore. Certainly
the rubber tires will provide an _awful_ lot of insulation!

No signal at the road level is going to get through the tires, at least not
until the dielectric breakdown of several inches of rubber and air is
achieved!

(And even then, what is the current path? Where does the current coming up
from the road surface go? Even lightning strikes, from above, where the
place for the current to flow is clearly down into the ground, have
virtually no effect on cars and especially not on the insides of cars.)

If cars routinely survive lightning strikes, involving hundreds of
thousands of of volts and fairly substantial currents, then I can't imagine
anything humans can plausibly do along the same lines having any effect.

I won't debate this further, though. I don't know just what the DARPA (or
whomever) contract is asking for. Maybe something can be built, maybe not.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From dlv at bwalk.dm.com  Tue Aug 13 01:23:54 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Tue, 13 Aug 1996 16:23:54 +0800
Subject: "X-Ray Gun" for imperceptible searches
In-Reply-To: <v02140b09ae3588467e34@[17.255.9.110]>
Message-ID: <6VZksD12w165w@bwalk.dm.com>


"Erik E. Fair" (Time Keeper) <fair at cesium.clock.org> writes:

> I wonder how well the imager works through mylar or gold lame' clothing (or
> other high-metal content clothing)?

Have you ever wondered why Tim May wears a protective layer of aluminum
foil on his head? (And lead foil wrapped around his balls.)

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From sryan at reading.com  Tue Aug 13 01:59:19 1996
From: sryan at reading.com (steven ryan)
Date: Tue, 13 Aug 1996 16:59:19 +0800
Subject: NT Remailers
Message-ID: <2.2.32.19960813034344.00308bf0@reading.com>


Hi,

Would anyone be so kind as to point me to any information on running a
remailer on Windows NT and the address for the remailer-owners mailing list?
A search of the places I expected might have this information didn't

Thanks,
 Steven
------------------------------------
Steven Ryan
Reading Access
PGP Fingerprint: E8 A2 C5 A2  7A C4 77 93  0A 1B 1D C6  B9 2F 36 9B
Finger me for my PGP public key
sryan at reading.com






From bart.croughs at tip.nl  Tue Aug 13 02:00:01 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Tue, 13 Aug 1996 17:00:01 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB88ED.98A382E0@groningen16.pop.tip.nl>


Sandy Sandfort wrote:

>Been there, done that.  I repeat, the error that Bart made is
>assuming that because some US-source capital gets redirected 
>overseas, that the total amound of capital investment will 
>decline thus producing the wage drop he is fretting about.
>Unless he can show that foreign capital investment will not flow
>to US workers who are "forced" into working in industries where
>they have a comparative advantage, his argument must fail.  After
>all, I--like the economists Bart cite--think international free
>trade, the free flow of capital in persuit of the highest return
>and division of labor are a GOOD thing.

I also belief that international free trade, the free flow of capital in pursuit of the highest return and the division of labor are a GOOD thing. But in specific cases, I want to know the specific reasons. 
	You claim that I must show that foreign capital investment will not flow back to US workers. But in my original post, I said:

"Of course there are advantages also for the US (shareholders will get higher returns, trade will increase), but how can you proof that these advantages will offset the disadvantage of the lowered amount of capital in the US? "

You haven't answered this question yet. I don't claim that the U.S. is worse off when US capital moves abroad. I only ask: how can you proof that the US isn't worse off when US capital moves abroad? If you don't know the answer, there's nothing to be ashamed of. I don't know the answer either. That's why I asked my question, in the hope that somebody could provide the answer, so that in the future I would  be able to rebut arguments against the free movement of capital.

Another thing: I don't assume that the *total amount* of capital will be lowered in the US when US capital moves abroad. I assume that the amount of capital in the US will be *relatively lower*. So the wages will be *relatively* lower (lower than when the capital wouldn't have left the US), but not necessarily lower in any absolute sense. I thought this was obvious, but since Arun Mehta also misunderstood me, maybe I should have been more explicit here.


Bart Croughs











From alanh at infi.net  Tue Aug 13 02:03:52 1996
From: alanh at infi.net (Alan Horowitz)
Date: Tue, 13 Aug 1996 17:03:52 +0800
Subject: "X-Ray Gun" for imperceptible searches
In-Reply-To: <01I876465KRK9JD5RL@mbcl.rutgers.edu>
Message-ID: <Pine.SV4.3.91.960812230929.6259R-100000@larry.infi.net>


CCW holders don't have a legal right to conceal their possession of 
weapon, from the police.

I believe that use of this device would be unconstitutional in a 
jurisdiction which doesn't license concealed carry - to wit, Vermont ONLY.
If you are a licensee, you exercise your privilege at the pleasure of the 
Sovereign.





From tcmay at got.net  Tue Aug 13 02:25:09 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 13 Aug 1996 17:25:09 +0800
Subject: "X-Ray Gun" for imperceptible searches
Message-ID: <ae355e0d0e0210044fa6@[205.199.118.202]>


At 3:12 AM 8/13/96, Alan Horowitz wrote:
>CCW holders don't have a legal right to conceal their possession of
>weapon, from the police.
>

I think the earlier remark was oriented toward "not scaring the horses"
rather than making a serious attempt to hide the presence of a gun from a
duly-authorized search.

People who carry concealed are _strongly_ encouraged to keep the fact of
their concealed carry hidden. No "careless" displays in bars, for example.
And no announcement to casual bystanders, and even to store security
guards.

The reason for this is simple: to avoid panic and overreaction ("He's got a
gun!!") and also to avoid having a concealed weapon used in a brandishing
situation to intimidate others.

Seen this way, the widespread deployment of metal detectors, millimeter
wave detectors, and other such gadgets would force major changes in CCW
laws.

Aside from the Constitutional issues, which are major.

I don't see how "remote scanning" of the population at large, without
probable cause, is much different from the cops listening in from a
distance with parabolic antennas. Both cases involve detection of signals
emitted from the target. And yet such long-distance interception is not
allowed without a warrant.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Tue Aug 13 02:44:21 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 13 Aug 1996 17:44:21 +0800
Subject: AW: National Socio-Economic Security Need for Encryption Technology
Message-ID: <ae3565a5100210041871@[205.199.118.202]>


At 3:35 AM 8/13/96, Perry E. Metzger wrote:
>Bart Croughs writes:
>> I would be proud if I had discovered this axiom, but alas, I haven't.
>> It's an axiom that is generally accepted among austrian economists
>> (Rothbard, Hazlitt, etc). I don't know who actually discovered it.
>
>The truly hysterical part is that Tim and I are both (from what I can
>tell) Austrians.

Indeed. While Perry and I disagree on some things, the relevance of the
Austrian School of Economics, and its University of Chicago satellite
campus, is not one of them.

If Croughs stays on this list long enough, he will surely see this. (And
find plenty of references to Hayek, Menger, Friedman, etc., in the
archives.)

The problem with the "Croughs Axiom" is not that there is not a _general_
correlation between average national wages and average national capital
investment--there is. A scatter plot of wages vs. capital investment for
the 200 or so nations would almost certainly show that the Ivory Coast has
low per capita wages and low per capita wages, Sweden has both higher wages
and higher capital investment per capita,  and so on. Correlation, of
course, is not causation.

No, the problem was that Croughs invoked this general _correlation_ (which
can arise for various reasons) to support his mercantilist protectionist
ideas. (He also didn't say he was talking of nations, which is why some of
us found the examples we did, e.g., MacDonald's vs. law firms, which have
the opposite correlation he described.)

And the cloud of ideas connected with somehow forcing capital investment to
remain in the U.S....well, the best way to do this is to alter the tax laws
so that America (for example) becomes a magnet for investment. (If one is
looking to help America, that is.)

In any case, the original notion, of somehow using cryptography policy to
support U.S. interests....well, I rather doubt that Menger, Von Mises,
Hayek, Hazlitt, or any of the others connected with the Austrian School
would buy Crough's protectionist arguments.

And I certainly know that jingoistic appeals to "America First!" are
inconsistent with the sentiments of many or even most on this list.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From JonWienk at ix.netcom.com  Tue Aug 13 03:13:30 1996
From: JonWienk at ix.netcom.com (JonWienk at ix.netcom.com)
Date: Tue, 13 Aug 1996 18:13:30 +0800
Subject: photographed license plates
In-Reply-To: <1.5.4.16.19960811231209.3c677258@arc.unm.edu>
Message-ID: <199608130335.UAA03631@dfw-ix9.ix.netcom.com>




At 08.23 AM 8/9/96 -0700, i am not a number! wrote:
>O, and I think they're talking more about putting up cameras at some 
>troubling intersections to take pictures of cars running red-lights.

http://www.panix.com/~sshah/ss-nyred.htm gives a detailed listing of New York 
City intersections where this is already being done.

http://www.eng.uci.edu/vtm/freeway.html describes the techniques used to monitor 
traffic speeds, etc. with a camera. Includes several pictorial examples.

http://www.azfms.com/faq.html (Arizona DOT) gives some interesting (but suspect) 
info about freeway / camera interaction, as well as a bunch of traffic webcams 
and links to similar sites. The claim is made that license plates can only be 
read by the camera when a vehicle is stopped...

http://www.best.com/%7Elspencer/geoch/ is a page hawking remote sensor devices 
(Butt-Sniffers) for identifying "gross polluter' vehicles. These same sensors 
are being deployed on California freeways in the Bay Area, and owners of "gross 
polluting" vehicles receive citations in the mail. The page includes details on 
the advantages of large companies using Butt-Sniffers on their employees' 
vehicles. "By finding gross polluting employee vehicles via remote sensing, and 
selectively repairing or scrapping them, the employer can gain AVR compliance." 
A great example of the (not-so) subtle arm-twisting CARB is doing to implement 
Smog Check II...

http://www.primenet.com/~rstbear/biffl.html Biff the Bear's Potty Cam! A great 
place for car-grabbing (and most other) bureaucrats to go.
Jonathan Wienke

"Today Americans would be outraged if U.N. troops entered Los Angeles to restore 
order; tomorrow they will be grateful! This is especially true if they were told 
there was an outside threat from beyond, whether real or promulgated, that 
threatened our very existence. It is then that all peoples of the world will 
pledge with world leaders to deliver them from this evil. The one thing every 
man fears is the unknown. When presented with this scenarios, individual rights 
will be willingly relinquished for the guarantee of their well being granted to 
them by their world government."
--Henry Kissinger in an address to the Bilderberg organization meeting at Evian, 
France, May 21, 1992. Transcribed from a tape recording made by one of the Swiss 
delegates.

"A conservative is a liberal who got mugged last night."
--Lee Rodgers

Key fingerprint =  30 F9 85 7F D2 75 4B C6  BC 79 87 3D 99 21 50 CB






From maverick at interconnect.net  Tue Aug 13 03:42:18 1996
From: maverick at interconnect.net (Sean Sutherland)
Date: Tue, 13 Aug 1996 18:42:18 +0800
Subject: Free Pronto Secure Offer
Message-ID: <19960813073339140.AAA83@maverick>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Tue Aug 13 02:29:17 1996
Whatever happened to that free offer for ProntoSecure for members of the 
Cpunk list?  Remembered hearing something about it awhile back, but I don't 
know exactly what it is.  Thanks.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Key: finger or email w/ 'send key' in subj.  http://www2.interconnect.net/maverick

iQEVAwUBMhAu3lZoKRrkPmSJAQFw1gf9GjVSbvqDnneHDc4YDE1z+L3A+ZB6GtS+
kN9kKloqQ4oKb8lzHhJoBrs0+BqaRf1+6bwPul6Eh6vf9FJ9VmifVBdC1oFcfVLZ
gqj++PfukYvTh5bZIEvzx6OMhm9V9AXM7ne8ySrDD0FfkDSI+PYC/ONsqmhej4wR
V4lfSyFm9dPCuvdD/C5YlIAhWD2BO0xUKpJjM6LtTmU+AHMC6qyjKvSv85HfIk2v
4cpHBY97iOmUQL/526D2ql0eQsZymg8ntN8Q6fXZ8AJt79zwfT3GeDG5fPg4iDEs
70LVtbqY73SqBpdRdYcTOJzrwPLJ2fLQrqgDjw+xO+kyogu70XdI5w==
=XlrN
-----END PGP SIGNATURE-----






From bart.croughs at tip.nl  Tue Aug 13 04:40:56 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Tue, 13 Aug 1996 19:40:56 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB88FA.3EEDE440@groningen16.pop.tip.nl>



Perry Metzger wrote:

>Bart Croughs writes:
>> I would be proud if I had discovered this axiom, but alas, I haven't.
>> It's an axiom that is generally accepted among austrian >>economists
>>(Rothbard, Hazlitt, etc). I don't know who actually discovered it.

>The truly hysterical part is that Tim and I are both (from what I can
>tell) Austrians.

>Perry

Well, if you are an Austrian, then maybe you should study the Austrians a bit more and write a bit less about them. In several posts I gave quotes from famous Austrian economists that support my statement that according to Austrian economists wages depend on the amount of capital invested. And all that you answer to this is that you're an Austrian yourself. What do you expect me to say? "Well, Austrian economists like Murray Rothbard and Henry Hazlitt think that wages depend on the amount of capital invested, but Perry Metzger disagrees and says he is an Austrian himself, so we can't conclude that according to Austrian economists wages depend on the level of capital invested?" For the moment, I think it's more reasonable to conclude that you don't understand the Austrians. But of course you can try to attack the arguments of the Austrian economists, and convince them that they are wrong and that they ought to adopt your point of view.


Bart Croughs










From poodge at econ.Berkeley.EDU  Tue Aug 13 04:45:55 1996
From: poodge at econ.Berkeley.EDU (Sam Quigley)
Date: Tue, 13 Aug 1996 19:45:55 +0800
Subject: non-secure network utilities - pointers?
Message-ID: <Pine.SUN.3.91.960813010527.1025D-100000@quesnay.Berkeley.EDU>



What cypherpunk-approved (tm) -- that is, cryptographically strong, 
freely available, and well-implemented (reliable) -- network utilities are 
available?  I'm willing to agree to US-only license agreement iff I have 
to...

I'm looking for secure telnet, ftp, talk, etc. that I can run over a 
potentially insecure network (and their respective daemons).

Is SSL the way to go?  (If so, what's the best implementation?)  What 
about other protocols?  Is there some comprehensive {web,ftp}site 
where I can find more information on this subject?

Please reply off-list to poodge at econ.berkeley.edu

thanks,
-sq






From bart.croughs at tip.nl  Tue Aug 13 04:47:21 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Tue, 13 Aug 1996 19:47:21 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB88FA.25D2E3C0@groningen16.pop.tip.nl>



Perry Metzger wrote:

>Perhaps I should start being more vicious when I'm using sarcasm.

>Nowhere in the writings of any Austrian economist will you find >anything
>claiming that the wages for a given job are linked to capital
>investment by the employer.

I already gave some quotes of Austrian economists in another post, but maybe you didn't read it, so here I go again:

	Henry Hazlitt in 'economics in one lesson' (p. 139): "The best way to raise wages, therefore, is to raise marginal labor productivity. This can be done by many methods: by an increase in capital accumulation - i.e. by an increase in the machines with which the workers are aided..."
	Murray Rothbard in 'the free market reader' (p. 31): "Wage rates are low in many foreign countries because capital equipment is small and technologically primitive. Unaided by much capital, worker productivity is far lower than in the United States."
	Lew Rockwell in 'the economics of liberty' (p. 26): "Wages are determined by the productivity of the individual laborer, which in turn is largely determined by the amount of capital invested per worker."
	
I could go on, but I think this will suffice.

As I already said in two of my other posts on this subject, when Austrian economists say that wages depend on the amount of capital invested, they mean on a regional/national level, not on the level of individuals.

Bart Croughs






From sparks at bah.com  Tue Aug 13 06:20:51 1996
From: sparks at bah.com (Charley Sparks)
Date: Tue, 13 Aug 1996 21:20:51 +0800
Subject: Fw: Police on the Net
Message-ID: <199608130953.FAA21599@booz.bah.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: EALLENSMITH at ocelot.Rutgers.EDU, cypherpunks at toad.com
Date: Tue Aug 13 05:55:50 1996
If any of us find the address, please post the addresses here.....
- -----Begin Included Message ----- 

Date: Mon, 12 Aug 1996 19:08 EDT
 From: "E. ALLEN SMITH" <EALLENSMITH at ocelot.Rutgers.EDU>
To: cypherpunks at toad.com
Cc: 


        First, I'd be interested in knowing some of those online reporting
addresses, and how much limits they place on what can be mailed to them...
persuading these cops to deal with the improper use of another's computer
(i.e., spam) would seem to be a distinct possibility in diverting them from
other activities. Second, it would appear possible (unless they're 
encrypting
it) to intercept some of these email lists of theirs - if necessary, by
forging a subscribe to an _overseas_ nymserver that isn't too well known
(unlike, say, anon.penet.fi). That's about on the same grounds as their
mention of "know thine enemy." (It is, of course, pretty certain that
various libertarian groups are among those monitored, such as cypherpunks.)
Third, this gives additional reasons not to give out one's address to 
anyone.
What people know about me is a post office box and my old address.
        -Allen
- ---- End of forwarded message ----

Cut to save space....
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCXAwUBMhBRJ+J+JZd/Y4yVAQHjYgQKAiBzkv0iVGlG1wNn3QLJwR/KymkzFeej
ByxF4uLs/IuQ9Np7Y0MZ64rmO7O85z6yoL0iZUegmwfQFuoVX+A3XrN0gtMzA3YR
dyTaOS63IJ5kyBggrSt0Yx6kVT5FtAIELbb3KVC7+oqa2nsc9/DuC24S3uKsSoDm
KZ7/qnHd1nM+Mw==
=2i9v
-----END PGP SIGNATURE-----






From daw at cs.berkeley.edu  Tue Aug 13 06:30:32 1996
From: daw at cs.berkeley.edu (David Wagner)
Date: Tue, 13 Aug 1996 21:30:32 +0800
Subject: (Off Topic) Re: FCC_ups
In-Reply-To: <199608120538.WAA29683@dns2.noc.best.net>
Message-ID: <4upjp5$tc@joseph.cs.berkeley.edu>


In article <Pine.BSF.3.91.960812153240.26183B-100000 at mcfeely.bsfs.org>,
Rabid Wombat  <wombat at mcfeely.bsfs.org> wrote:
> ob crypto (for anyone who read this far): When packet switched voice 
> systems become a reality, how can secure calls be placed to any number? 
> Key exchange during call set-up? How long will this make the call set-up?

This is easy.  Just use end-to-end encryption.  No sweat.  (So what if
call setup takes a half a second to do a public key encryption?  The phone
rings for a couple of seconds before the other guy picks it up anyhow.)

Well, there's that nasty key distribution and management problem (e.g.
who certifies the millions of public keys corresponding to everyone's
phone number?), but that's not specific to voice traffic, and this is
a well-known annoying problem.


The *real* challenge: how do you support sender- and recipient- anonymous
phone calls with strong security?  Have fun.





From bart.croughs at tip.nl  Tue Aug 13 06:46:51 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Tue, 13 Aug 1996 21:46:51 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB88FA.42D3D100@groningen16.pop.tip.nl>


Perry Metzger wrote:


>Bart Croughs writes:
>>When economists say that wages are determined by the amount of >>capital
>> invested, they mean on a regional/national level, not on the level of
>> individuals.

>So, you are saying that if everyone in the country spent their life
>savings on building giant green pylons, the capital investment would
>drive up everyone's wages? Wow! In fact, we could borrow money >from
>other countries to build more green pylons and drive up wages so >fast
>we could pay off the resultant debt!

>Perry

>(PS Please stop posting these things -- you may kill everyone >watching
>with laughter.)


No, I am not saying that if everyone in the country spent their life savings on building giant green pylons, the capital investment would drive up everyone's wages. You are suggesting that I'm saying this, but it's simply not true. This is called 'setting up a straw man'.

I am saying that the fact that American workers are better paid than workers in Third World countries, can be explained for a large part by the fact that there is much more capital invested in the US than in Third World countries. If you still don't understand this, I suggest you study my other posts on this subject, or better still, you study the works of the Austrian economists I've quoted before.


Bart Croughs






From sasa.roskar at uni-lj.si  Tue Aug 13 07:15:57 1996
From: sasa.roskar at uni-lj.si (sasa.roskar at uni-lj.si)
Date: Tue, 13 Aug 1996 22:15:57 +0800
Subject: PGP...
Message-ID: <009A6C9C.E823907E.18@uni-lj.si>


I'm confused.... if you don't want people to be able to read your
email, you code it with PGP or other encoders... but why give away
your key on your website to everyone? That makes your email readable
to everyone... doesn't it? Oh well... I hope someone can explain this
to me...

Roki





From dlv at bwalk.dm.com  Tue Aug 13 08:49:02 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Tue, 13 Aug 1996 23:49:02 +0800
Subject: AW: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <199608130335.XAA17171@jekyll.piermont.com>
Message-ID: <yeJLsD15w165w@bwalk.dm.com>


"Perry E. Metzger" <perry at piermont.com> writes:
> The truly hysterical part is that Tim and I are both (from what I can
> tell) Austrians.

So was Adolf Hitler.  End of thread.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From pjn at nworks.com  Tue Aug 13 09:14:13 1996
From: pjn at nworks.com (pjn at nworks.com)
Date: Wed, 14 Aug 1996 00:14:13 +0800
Subject: Read; NOW
Message-ID: <TCPSMTP.16.8.13.7.12.44.2645935021.661652@.nworks.com>


 >> 
 >>         Hi I'm Unix Code and have a few things to ask...(it may not go 
 >> with Cryptography but go ahead and read)

 > Sad.

 You read my mind.


 P.J.
 pjn at nworks.com


... Smell The Roses And Eventually You'll Inhale A Bee.

___ Blue Wave/QWK v2.20 [NR]







From anonymous-remailer at shell.portal.com  Tue Aug 13 09:20:40 1996
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 14 Aug 1996 00:20:40 +0800
Subject: thank god and phil...
Message-ID: <199608131125.EAA19626@jobe.shell.portal.com>


All I can say is thank God and Phil for PGP... My next X was using the 'puter last night and opened my email folders and was rooting around... I had to "fumble" my pass phrase and finally "give up" saying that the damn PGP was broke again... we all know it don't break !! This could have cost me a fortune in divorce court !!






From jk at stallion.ee  Tue Aug 13 09:42:28 1996
From: jk at stallion.ee (=?ISO-8859-1?Q?J=FCri_Kaljundi?=)
Date: Wed, 14 Aug 1996 00:42:28 +0800
Subject: non-secure network utilities - pointers?
In-Reply-To: <Pine.SUN.3.91.960813010527.1025D-100000@quesnay.Berkeley.EDU>
Message-ID: <Pine.GSO.3.93.960813125009.13713E-100000@nebula.online.ee>


 Tue, 13 Aug 1996, Sam Quigley wrote:

> I'm looking for secure telnet, ftp, talk, etc. that I can run over a 
> potentially insecure network (and their respective daemons).

SSH is one way to go, as besides secure rlogin and rsh you can also set up
secure encrypted tunnels between hosts for different applications, like X
or some other TCP/IP apps.

Have a look at http://www.ssh.fi/

SSLtelnet/SSLftp are an other option.

J�ri Kaljundi
AS Stallion
jk at stallion.ee






From frissell at panix.com  Tue Aug 13 09:46:08 1996
From: frissell at panix.com (Duncan Frissell)
Date: Wed, 14 Aug 1996 00:46:08 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <2.2.32.19960813100507.00a3f8d8@panix.com>


At 08:02 PM 8/11/96 -0400, Perry E. Metzger wrote:
>
>I failed to note obvious counterexamples. Well known authors get giant
>advances for books written with manual typewriters. Minimum wage
>workers routinely operate expensive equipment. Workers doing the same
>job in different places using identical equipment that cost identical
>sums earn different salaries.
>
>Clearly, wages are defined by supply and demand -- not by "capital
>investment".

In the long run, employers will bid wages up to the level of discounted
value of marginal product of the labor -- the present value of the future
"price" of the increase in output ascribable to the added worker.

It never ceases to amaze me that there are people in this country who
actually believe that the average American in poorer now than in 1970.  I
can only be those who were unconscious in 1970.    

DCF






From sparks at bah.com  Tue Aug 13 10:10:05 1996
From: sparks at bah.com (Charley Sparks)
Date: Wed, 14 Aug 1996 01:10:05 +0800
Subject: "X-Ray Gun" for imperceptible searches
Message-ID: <2.2.32.19960813094025.006c435c@pop1.jmb.bah.com>


I thought metal collanders on the cranium were to prevent space aliens from
reading our thoughts and controlling our minds.... Guess I'll have to come
up with a better solution... mine seems to have worked thus far, though

Charley
>
>"Erik E. Fair" (Time Keeper) <fair at cesium.clock.org> writes:
>
>> I wonder how well the imager works through mylar or gold lame' clothing (or
>> other high-metal content clothing)?
>
>Have you ever wondered why Tim May wears a protective layer of aluminum
>foil on his head? (And lead foil wrapped around his balls.)
>
>---
>
>Dr.Dimitri Vulis KOTM
>Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps
>






From trei at process.com  Tue Aug 13 11:03:11 1996
From: trei at process.com (Peter Trei)
Date: Wed, 14 Aug 1996 02:03:11 +0800
Subject: [NOISE] "X-Ray Gun" for imperceptible searches
Message-ID: <199608131142.EAA03419@toad.com>



Tim writes:

> I don't see how "remote scanning" of the population at large, without
> probable cause, is much different from the cops listening in from a
> distance with parabolic antennas. Both cases involve detection of signals
> emitted from the target. And yet such long-distance interception is not
> allowed without a warrant.

I vaguely remember another possibly relevant precedent, where a
judge ruled that a warrant was required before a thermal imager
could be used to look at a house suspected by the police of
being a (pot) grow house.

Peter Trei
trei at process.com





From mikev at is.co.za  Tue Aug 13 11:17:51 1996
From: mikev at is.co.za (Mike van der Merwe)
Date: Wed, 14 Aug 1996 02:17:51 +0800
Subject: PGP...
In-Reply-To: <009A6C9C.E823907E.18@uni-lj.si>
Message-ID: <3210771C.41C67EA6@is.co.za>


Hi

>I'm confused.... if you don't want people to be able to read your
>email, you code it with PGP or other encoders... but why give away
>your key on your website to everyone? That makes your email readable
>to everyone... doesn't it? Oh well... I hope someone can explain this
>to me...

Not really, because when you generate a key, you generate a key, two are
actually generated: one public and one private. 

The public key you give to *everyone*, put in you signature, in the
newspapers and in your .plan; wherever. You also then have a matching
private key, which you NEVER give out.

Now the mathematics are pretty simple, but I'll pass over it.
Essentially your public key will decode what your private key encrypts
and your private key will decode what your public key encodes. 

So if someone uses your public key to send a message to you, only you
can decode it, since ONLY you have the matching private key.

This is used for signing as well. If you encrypt your message with your
private key, only your public key and decode it, since ONLY you have the
matching private key, if your public key, which everyone has, can decode
it, then ONLY you could have sent it. So to sign and encrypt a message
to someone all that happens is you encrypt your message with your
private key and then again with their public key. And it will be signed
(only you could have sent it) and encrypted (only they can read it)

I should mention at this point that pgp handles all this, because it
sounds very complex and time-consuming. To encrypt a message you simply
type:

pgp -e PrivateLetter.txt sasa.roskar at uni-lj.si

--> call pgp [pgp] and encrypt [-e] a message [PrivateLetter.txt] to the
recipient [sasa.roskar at uni-lj.si]. Pgp will look sasa.roskar at uni-lj.si
up in your own public keyring and use that public key. Signing is just a
matter of saying -s as well

Hope this helps, and is accurate.

Later
Mike

-- 
I'm sure we will find out in a few years that Microsoft invented the
Net.  Or brought it to the masses.  Or saved it from a certain and
early demise.  Or all of the above. 
     JAMES SEYMOUR





From morgan at keilin.helsinki.fi  Tue Aug 13 11:23:59 1996
From: morgan at keilin.helsinki.fi (Joel Morgan)
Date: Wed, 14 Aug 1996 02:23:59 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <199608131316.QAA05679@keilin.helsinki.fi>


It seems clear that capital investment in tools will contribute to the
-productivity- of workers.  (Tools here meaning whatever machinery/
infrastructure is used to get work done.)

Bart Croughs quotes a number of economists who seem to be saying that
when capital investment leads to increased productivity (per worker)
this also leads to higher wages.

I'm not sure I understand -why- this should necessarily be so.  It's my
impression that in manufacturing industries, the more mechanized
production is, the more workers will get paid.  Then again, perhaps a
more mechanized industry will pay more because more mechanized
industries hire workers with higher skills (albeit fewer workers).

It's my impression that when a company makes capital investments which
increase productivity, the fruits of this increased worker productivity
are shared (to some extent) with the workers.  I can imagine a number of
reasons why this might be done, but it's not absolutely clear to me
that this would be a direct result of market forces.

-- 
=====================================================================
Joel.Morgan at Helsinki.FI              http://blues.helsinki.fi/~morgan
    "Over the mountains there are mountains."   -- Chang-rae Lee 
=====================================================================





From vince at offshore.com.ai  Tue Aug 13 11:28:04 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Wed, 14 Aug 1996 02:28:04 +0800
Subject: Rumors of death of Anguilla Data are greatly exaggerated
In-Reply-To: <Pine.LNX.3.91.960813094509.8391A-100000@offshore>
Message-ID: <Pine.LNX.3.91.960813094536.8354A-100000@offshore>




Greg Kucharo <sophi at best.com>
>  In the Swiss system, who dictates to the banks thier policies about who
> and what they can store?  Do the banks have enough influence to sway
> lawmakers?

It is not that any banks have something on some politician or anything
sneeky like you suggest. 

It is just that in a taxhaven, the government and the country are making
good money from the industry.  For example in Anguilla there might be
3,000 companies with the government averaging maybe $300 each per year, or
$1 mil/year (not sure of the real numbers). Also, the lawyers,
accountants, bankers, etc all make up a sizable part of the economy.  If
the Anguilla government ever make someone give information to the IRS it
would destroy this industry.  This would be bad for both the governments
revenue and the voters income, and so it is very doubtful they ever would. 

Also, the British want Anguilla to be a taxhaven.  They realize it is
a good way for a small country to make money.  They currently send
money to Anguilla every year, and if Anguilla can make plenty of money
from the taxhaven industry they won't need to.  So the British are
actually helping in a number of ways to get Anguilla established as 
a taxhaven.

  --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/






From an681132 at anon.penet.fi  Tue Aug 13 11:33:13 1996
From: an681132 at anon.penet.fi (an681132 at anon.penet.fi)
Date: Wed, 14 Aug 1996 02:33:13 +0800
Subject: Why should we trust the system?
Message-ID: <9608131321.AA13545@anon.penet.fi>



>> Previously, jonathon <grafolog at netcom.com> wrote:
>>
>>	I know of a very good way to ensure that judges do follow
>>	the standards that they claim to follow.
>>
>>	It works even better at making politicians keep all the
>>	election promises the make.
>>
>>	Has one drawback --- it reduces the number of people willing
>>	to carry out those two functions to virtually zero.  OTOH, that
>>	probably would be a very good thing.  

> Previously, jim bell <jimbell at pacifier.com> wrote:
> That's odd...I know of one also!    B^)

Ok, please clue in the clueless.

--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From gary at systemics.com  Tue Aug 13 11:58:48 1996
From: gary at systemics.com (Gary Howland)
Date: Wed, 14 Aug 1996 02:58:48 +0800
Subject: Police prepare stunning end for high-speed car chases
In-Reply-To: <ae35140a07021004ebf2@[205.199.118.202]>
Message-ID: <3210858B.7D55368C@systemics.com>


Timothy C. May wrote:
> 
> At 4:46 PM 8/12/96, snow wrote:
> >On Sat, 10 Aug 1996, Gary Howland wrote:
> 
> >>       Will old fashioned engines be outlawed?
> >>       Will the "stun guns" be outlawed?
> >>       Will susceptible electronic systems become mandatory?
> >>       (and if so, why not just put a remote control switch in all cars?)
> >
> >    One word: Pacemakers.
> 
> Not just pacemakers, but also cars losing steering control (but not forward
> speed, obviously) and thus plow into crowds. And airbags that perhaps get
> triggered in all the ruckus, breaking the necks of infants (as has
> happened).
> 
> Think of the liablility issues! Deliberately causing a car to lose control.
> Mon Dieu!

Somehow I don't think they'll give a damn about killing passengers
and/or pedestrians (after all, they'd shoot them if they were in
range, wouldn't they?)

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From bart.croughs at tip.nl  Tue Aug 13 12:15:02 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Wed, 14 Aug 1996 03:15:02 +0800
Subject: National Socio-Economic Security Need for Encryption  Technology
Message-ID: <01BB892E.FDB63BA0@groningen13.pop.tip.nl>


Duncan Frissel wrote:

>In the long run, employers will bid wages up to the level of discounted
value of marginal product of the labor -- the present value of the future
"price" of the increase in output ascribable to the added worker.<

You are right. Wages are determined by the productivity of labor. But the productivity of labor in its turn is for a large part determined by the amount of capital invested. So, there is no contradiction here.

>It never ceases to amaze me that there are people in this country who
actually believe that the average American in poorer now than in 1970.  I
can only be those who were unconscious in 1970.<

I think you're probably right again, but I never said that the average American is poorer now than in 1970. Again, no contradiction here.

Bart Croughs    













From umwalber at cc.UManitoba.CA  Tue Aug 13 12:42:00 1996
From: umwalber at cc.UManitoba.CA (Sean Walberg)
Date: Wed, 14 Aug 1996 03:42:00 +0800
Subject: PGP...
In-Reply-To: <009A6C9C.E823907E.18@uni-lj.si>
Message-ID: <Pine.SOL.3.91.960813085749.9206A-100000@merak.cc.umanitoba.ca>


-----BEGIN PGP SIGNED MESSAGE-----

Nope.  With PGP you get 2 keys... One you keep secret (secret key), the 
other you make public (public key).  This way, if I want to send you a 
message, I don't need to talk to you to arrange for a session key or any 
passcodes, because PGP takes care of it.  

Say you wanted to send me a message...

You check your keyring (pgp -kv), but alas my key isn't there.  So you go 
to the keyserver (http://www-swiss.ai.mit.edu/~bal/pks-toplev.html), and 
retreive my key into a file (sean.asc).  Then you run pgp on it (pgp 
sean.asc) and it gets integrated into your keyring.

Now you type your message to me, and encrypt it with *my* public key, and 
*sign it with your private key* (pgp -sea message_to_sean.txt 0xD12B3419).  
Then you send it off to me.  (The 0xD12B3419 is my key id, and is 
displayed when you play with my key)

When I get it, I can export it to a file (message.asc), and run pgp on it 
(pgp message.asc).  Hey, it is signed, so I grab your key from the 
server, and pgp message.asc it again.  Since you encrypted it with my 
public key, _only my secret key_ can decrypt it, not even you can see 
it!  Also, since only you have access to your secret key, (if your 
signature checks out), I know it had to have been you who wrote the 
message and it was not tampered with.  (To be technically correct, I 
don't exactly know it was you, since I haven't trusted your key at this 
point, but we'll let that one slide)

- From this point, we can send and receive messages pretty easily, since we 
don't have to snarf keys.  It is also a bit easier than I make it out to 
be, because there are many automation tools out there for pgp.

Sean


On Tue, 13 Aug 1996 sasa.roskar at uni-lj.si wrote:

> I'm confused.... if you don't want people to be able to read your
> email, you code it with PGP or other encoders... but why give away
> your key on your website to everyone? That makes your email readable
> to everyone... doesn't it? Oh well... I hope someone can explain this
> to me...
> 
> Roki
> 

- ------------------------------------------------------------------
Sean Walberg                              umwalber at cc.umanitoba.ca
The Web Guy                  http://home.cc.umanitoba.ca/~umwalber 
UNIX Group, U. of Manitoba          PGP Key Available from Servers


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: Processed by mkpgp, a Pine/PGP interface.

iQCVAwUBMhCMc982JgvRKzQZAQEjYAP/SWjf2z2lZjYzBKVRMo9fcaMEZXiQSal2
YRjhzIXI9LyOF+mEz+KvPscJEsKqwM0JQl64ZpYhvp2junRly292jflIpxsnSJSS
ZteKoFJ+JE2Rd4TMDHbojucAEN4ZrW0G5y6RUcT5ntkKKWCzjGnYhSeM//bb9mOe
ccq+A8aI9dY=
=j2nK
-----END PGP SIGNATURE-----





From vince at offshore.com.ai  Tue Aug 13 12:55:40 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Wed, 14 Aug 1996 03:55:40 +0800
Subject: Anguilla story...
In-Reply-To: <Pine.LNX.3.91.960813085122.8261A@offshore>
Message-ID: <Pine.LNX.3.91.960813095908.8354B-100000@offshore>



> From: sasa.roskar at uni-lj.si
> 
> Can someone please tell me the origin of this whole Anguilla story
> that's been going around a lot for the past few days... I just
> got onto the list two days ago, and I didn't catch the beginning
> of it... thanks,

In a nut shell, taxbomber.com was on my system in Anguilla.  He was
selling "camoflauge passports".  One David Evans of Bloomberg Business
News wrote an article where he quoted taxbombers page saying something
like "it is illegal to use these passports to open up bank accounts, but
there is little chance of getting caught". I got a call from my lawyer who
had seen the article (along with just about everyone else in Anguilla) and
he told me that was illegal in Anguilla and I should cancle the account. 
I did and taxbomber moved to another provider in another country. 

1) A number of cypherpunks are dissapointed that I did not fight to my
death to defend this guy. 

2) If the guy did not mention where his site was, the reporter probably
would never have mentioned Anguilla and me in the article.

3) If something is illegal in one country and legal in another, the guy
can move.  Going after the provider in one country will not stop him.

4) Anguilla is a taxhaven.  Anything that gives the country a bad name
hurts the clean business, where most of the money is.  

  --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/






From rah at shipwright.com  Tue Aug 13 13:12:44 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Wed, 14 Aug 1996 04:12:44 +0800
Subject: Hoax: A ban on cryptography?
In-Reply-To: <ae354cda0c021004454b@[205.199.118.202]>
Message-ID: <v03007815ae36385562b4@[206.119.69.46]>


At 5:01 PM -0400 8/12/96, Timothy C. May wrote:
> At 2:37 AM 8/13/96, David Kennedy wrote:
> >My mailer thinks the e$pam list pulled this from cypherpunks:
<snip>

> Wake up.
>
> And for those who forward my stuff, please include appropriate disclaimers
> to your "spammees" that a) one should read things with an appreciation that
> a post may be tongue in cheek, b) that back-spamming to another list is not
> cool, and c) that I don't want to be bothered.

Yeah. What he said. I hope the cypherpunks list will accept my apologies.


There are firm rules about this to e$pam subscribers, and, while I haven't
had much occasion to enforce it lately, I might have to, which means
kicking the offenders off e$pam.

Strike one, Mr. Kennedy.

The rule is, if you're on a list with derivative content, particularly one
with as large a source-base as e$pam, do NOT reply directly to the source
list, in this case cypherpunks.

In the case of e$pam, there's a subsidiary discussion list, e$, which was
set up for this purpose. Use it. e$ has even gotten to the point where it's
generating its own traffic, now, which is nice.

To e$pam readers, if you want to talk on cypherpunks, or cyberia,
austrianecon, or any or the other 100 or so lists and newsgroups e$pam is
filtered from, sign on to the source list itself, read the traffic there
for a while, and *then* post something. In other words, become a *member*
of the list, and have some manners.

Again, I apologise for any inconvenience this may have caused to the
cypherpunks list.

BTW, I thought Tim's hoax was a good one, but, given that it hadn't shown
up anywhere else on the net, (and congress isn't in session :-)), it was
pretty easy to spot. It *did* give one pause, though.

Cheers,
Bob Hettinga


-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From adam at homeport.org  Tue Aug 13 13:25:56 1996
From: adam at homeport.org (Adam Shostack)
Date: Wed, 14 Aug 1996 04:25:56 +0800
Subject: (Off Topic) Re: FCC_ups
In-Reply-To: <4upjp5$tc@joseph.cs.berkeley.edu>
Message-ID: <199608131233.HAA09323@homeport.org>


David Wagner wrote:

| The *real* challenge: how do you support sender- and recipient- anonymous
| phone calls with strong security?  Have fun.

	Caller calls 1-900-stopper via an international callback
service.  Caller uses Stopper to reach callee's phone number.  Callee,
taking responsibility for their own privacy, uses a forward that she
placed on a pay phone in Grand Central to a cheese box* in the
Seychelles to her real phone.

	Oh, you want authentication and MITM protection?

	Only caller<-->callee needs authentication, for the DH key that
they share for the call.  The other encryption is point to point
transport layer stuff; its nice that its there, but a MITM can listen
in, and only get one or two phone #s.  The chain is as strong as its
strongest link, namely the photuris style authentication of the
caller<->callee.

(A cheese box is a forwarder that works outside of the switch; call
#1, it dials #2, then connects it to line 1.  So called because the
first one the police found was in a cheese box.)

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From combee at sso-austin.sps.mot.com  Tue Aug 13 13:33:19 1996
From: combee at sso-austin.sps.mot.com (Ben Combee)
Date: Wed, 14 Aug 1996 04:33:19 +0800
Subject: [NOISE] Geek Apartments
In-Reply-To: <9608121340.AA47329@jon.clearink.com>
Message-ID: <9608131541.AA26416@sso-austin.sps.mot.com>


* I can see it now. Apartments full of geeks because the apartments 
* were originally built with 100BaseX to each place and a T3 in the 
* basement going direct to the local ISP.
* 
* Tack on another $200/month or whatever to the apartment cost ( geeks 
* can afford that for sure ) and one might end up having a pretty nice 
* online melrose place.
* 
* I wonder if anybody has done that yet...

Yes, it has already happened, although in a slightly different
context.  The Georgia Tech campus dormatories got wired with Ethernet
back in 1994, and there was quite a rush by the sizable geek
population to get dorm rooms in the buildings slated to get
installation first.  It worked out quite well, especially the privacy
aspects, as the dorm routers encrypted all packets so only the
intended Ethernet node could receive it (at least that is what they
said).  

So, in this case it was only 10BaseT and gatech.edu as the ISP, but it
still was very neat.

-- 
Ben Combee, Software Developer (Will write assembly code for food)
Motorola > MIMS > MSPG > CTSD > Advanced ICs > Austin Design Center
E-mail: combee at sso-austin.sps.mot.com   Phone: (512) 891-7141





From bart.croughs at tip.nl  Tue Aug 13 13:33:42 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Wed, 14 Aug 1996 04:33:42 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB892E.F84FC960@groningen13.pop.tip.nl>


Timothy May wrote:

>The problem with the "Croughs Axiom" is not that there is not a _general_
correlation between average national wages and average national capital
investment--there is. <

As I said, I would be proud if the axiom that wages are determined by the amount of capital invested was discovered by me, but it really isn't, so there is no reason to keep calling it the "Croughs axiom". This is no display of false modesty. This axiom was already accepted by Austrian economists when I wasn't even born. See my quotes of Rothbard, Hazlitt, etc. in one of my previous posts on this subject.

>A scatter plot of wages vs. capital investment for
the 200 or so nations would almost certainly show that the Ivory Coast has
low per capita wages and low per capita wages, Sweden has both higher wages
and higher capital investment per capita,  and so on.<

I couldn't agree more.

> Correlation, of course, is not causation.<

Sometimes correlation and causation don't go together; sometimes they do. In this case, they go together. I mentioned the reasoning behind this in a previous post on this subject, but maybe you didn't read this, so I will repeat it here:
"Imagine Robinson Crusoe. In the beginning, he catches fish with his bare hands. He has no capital investment, and consequently he is not very productive. His wage will be low (he will not catch much fish). If there is more capital investment - if, for example, he has a fishing rod - he will catch more fish in less time. His productivity is higher. His wage is higher (more fish). If there is still more capital investment - if, for example, he has a boat and fishing nets - he will catch even more fish. His productivity is higher. His wage is higher. Etcetera. So, it's really not difficult to see that Robin's standard of living depends on the amount of capital available on his island. The same goes for the rest of humanity."

:>No, the problem was that Croughs invoked this general _correlation_ (which
can arise for various reasons) to support his mercantilist protectionist
ideas.<

This general correlation between wages and the amount of capital invested does not arise for various reasons; it arises for the reason explained above. But of course there are reasons why there is more capital investment in the U.S. than there is in Third World countries. The main reason is that economic activities were and are hindered by the Third World governments more than by the U.S. government.
	As I already explained in a previous post on this subject, I have no mercantilist protectionist ideas. Even when the movement of US capital abroad would lead to a drop in wages for US workers,  I would still support the free movement of capital, simply because I subscribe to the libertarian non-aggression axiom. (And no, I didn't discover this axiom either. Alas.) 

> (He also didn't say he was talking of nations, which is why some of
us found the examples we did, e.g., MacDonald's vs. law firms, which have
the opposite correlation he described.)<

I didn't say I was talking about nations, because I thought this would be obvious for anyone who knows a bit about economics. Maybe I should have been more explicit here.

>And the cloud of ideas connected with somehow forcing capital investment to
remain in the U.S....well, the best way to do this is to alter the tax laws
so that America (for example) becomes a magnet for investment. (If one is
looking to help America, that is.)<

I couldn't agree more. But this still doesn't answer the question I asked in my original post.

>In any case, the original notion, of somehow using cryptography policy to
support U.S. interests....well, I rather doubt that Menger, Von Mises,
Hayek, Hazlitt, or any of the others connected with the Austrian School
would buy Crough's protectionist arguments.<

I don't understand. Do you mean to say that I had the notion of using cryptography policy to support U.S. interests? Read my posts again, I can't find this notion in my posts.
	It agree that Menger, Von Mises, Hayek or Hazlitt could probably answer the question I asked in my original post, which I will repeat here for the sake of clarity:
	 "If American companies are moving capital to Third World countries because of the low wages in these countries, then the workers in the Third World will of course be better off. But in the US, the amount of capital will be lowered. So the American workers will be able to get other jobs, but these jobs will pay less, because of the diminished amount of capital in the US. (As I said in another post on this subject, I mean that these jobs will pay *relatively less*, that is: less than they would have been paid if the American capital wouldn't have left the U.S.)
	Of course there are advantages also for the US (shareholders will get higher returns, trade will increase), but how can you proof that these advantages will offset the disadvantage of the lowered amount of capital in the US? "
	 
So I agree that the Austrian economists could probably answer my question, but in their books I wasn't able to find the answer, and these economists are not on this list. So I hoped that others on this list who had knowledge of Austrian economics could answer this question.  That's really the only reason I asked my question: I wanted to be able to rebut protectionist arguments more effectively.You seem to be acquainted with the Austrian economists, but so far, you didn't answer my question.

>And I certainly know that jingoistic appeals to "America First!" are
inconsistent with the sentiments of many or even most on this list.<

I know, that's why it's so disappointing that nobody has been able to answer my question thus far. And, as I said earlier, I share this sentiment; that's why I'm on the list. I just want to be able to defend my sentiments better against protectionist arguments.
	


Bart Croughs





From anonymous-remailer at shell.portal.com  Tue Aug 13 13:36:13 1996
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 14 Aug 1996 04:36:13 +0800
Subject: Police prepare stunning end for high-speed car chases
In-Reply-To: <199608101504.RAA03459@internal-mail.systemics.com>
Message-ID: <199608131558.IAA08092@jobe.shell.portal.com>


> Why don't they just have government access to car engines?  They
> could just require car manufacturers to include remote shutdown
> devices for the engines.

Well, then Carhacker arrives and shutdown any engine he can find :)





From an681132 at anon.penet.fi  Tue Aug 13 13:42:09 1996
From: an681132 at anon.penet.fi (an681132 at anon.penet.fi)
Date: Wed, 14 Aug 1996 04:42:09 +0800
Subject: don't say "bomb" on the internet
Message-ID: <9608131553.AA14051@anon.penet.fi>



Previously "I=(!isnum(self))" <geeman at best.com> wrote:
<snip>
>       `(l) It shall be unlawful for any person to teach or demonstrate the
>making of explosive materials, or to distribute by any means information
>pertaining to, in whole or in part, the manufacture of explosive materials,
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From jamesd at echeque.com  Tue Aug 13 13:52:31 1996
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 14 Aug 1996 04:52:31 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <199608131531.IAA19743@dns1.noc.best.net>


At 09:29 AM 8/13/96 +-200, Bart  Croughs wrote:
> In several posts I gave quotes from famous Austrian economists 
> that support my statement that according to Austrian economists 
> wages depend on the amount of capital invested. 

You are wrong, and Perry is wrong, or rather you are misleading,
and Perry is wrong.

The statement "wages depend on the amount of capital invested". 
can have several meanings.  In the hands of the Austrians, it 
does not have the implications that you force 
on it, and this is what Perry ought to be complaining about,
though instead he is saying something quite different.

Obviously if everyone saves more money and invests it those
things that they find most profitable, this will raise both
total income and wages.

Obviously if the government takes control of other peoples
capital, and directs it to those places it finds most 
socially desirable, this will lower both total income
and wages.   

I assume we are in agreement so far.

Next question:  If the government restrains american businessmen
from investing outside America, will this alter the balance of
power between capital and labor inside America, in favor of labor,
while altering it against labor outside America.

Well if nothing else changed, yes it would, and if Perry denied
this he was wrong.

But of course capital is international, because it belongs to 
individuals, not to nations.  Since large amounts of money flow
in and out of the US, a bureaucratic intervention that
aimed to have the desired effect would have to be extensive
and drastic, amounting to fascist style socialism.

Again, I assume we are in agreement on this.

Next question:

     Competition between labor in the third world, and labor in 
     the US.

In those cases where labor is a minor factor in production, then 
the price of labor would be dominated by the cheapest source of labor.

Or rather the cheapest source of labor that is not controlled
by a government that capriciously robs and enslaves.  At present
the cheapest such labor source is probably Thailand, which is not
actually all that cheap these days, but is one hell of a lot cheaper
than the US.

But for *desirable jobs*, such as software engineering, the jobs
that people are getting excited about, the cost of labor in Thailand
is roughly comparable to the cost in America.

The kind of jobs that are being taken by cheap unskilled Thai labor,
are the jobs you cannot get anyone to do in America except for 
illegal immigrants.

We would expect this, because in any area where labor is the dominant
factor of production (such as engineering) a large supply of cheap 
labor will very swiftly CREATE the necessary capital.

Again, you might point to India as an infamous counter example, since
engineering labor is vastly cheaper in India.

But this is not a result of supply and demand causing an extreme 
misdistribution of wealth between capital and labor, but is a reflection of
the fact that an engineer who is subject to the power of the Indian
government is not worth very much, as is demonstrated by the fact
that companies with Indian engineering teams often spend a lot of money
to get their employees out of India.

Demand for Indian programmers is less than supply not because capital
has somehow failed to flow to India, but because an engineer in India
is not free to produce the value that engineers elsewhere are free
to produce.

To say the same thing another way:  The primary capital for engineers
is that held within engineers heads.  Therefore controls on capital
flows are controls on engineers, which are likely to benefit those 
doing the controlling, not those controlled.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From sandfort at crl.com  Tue Aug 13 14:01:21 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Wed, 14 Aug 1996 05:01:21 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB88FA.42D3D100@groningen16.pop.tip.nl>
Message-ID: <Pine.SUN.3.91.960813084034.17718E@crl10.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

I've just had an insight with regard to Bart's ongoing capital 
debate.  In response to Perry's "green pylon" post, Bart wrote:

> I am saying that the fact that American workers are better paid
> than workers in Third World countries, can be explained for a
> large part by the fact that there is much more capital invested
> in the US than in Third World countries.

Bart's error lies in his confusion of the terms "captial" and
"capital investment."  While capital may be used to make capital
investments, there are other things it can be spent for as well
(wages, taxes, supplies, etc.).  

If Bart were to use the term "infrastructure" then it would be
clear that the ebb and flow of mere capital would have relatively
little to do with infrastructure influenced wages.  


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From geeman at best.com  Tue Aug 13 14:12:46 1996
From: geeman at best.com (I=(!isnum(self)))
Date: Wed, 14 Aug 1996 05:12:46 +0800
Subject: Hoax: A ban on cryptography?
In-Reply-To: <960813023753_76702.3557_CHN38-4@CompuServe.COM>
Message-ID: <3210A92B.4C45@best.com>


The "hoax" is a dramatization of possible legislation based on the 
language used in Di Fi's anti-bomb-making-rhetoric legislation proposed 
and passed in the Senate.

I posted that bill, and asked the list if anyone knew the status.  Tim 
May responded with the dramatized crypto version and asked "What is the 
status of _this_ bill" [emphasis added] .... and if I interpret 
correctly, the intent was

1. to chide
2. to dramatize

What if that WERE a bill being proposed??




David Kennedy wrote:
> 
> My mailer thinks the e$pam list pulled this from cypherpunks:
> 
> >>                                             S.1666
> 
>  Department of Commerce Authorization Act for Fiscal Year 1997 (Passed by the
>  Senate) <<
> 
> And this is bogus, and as far as I can tell not a typo, it's complete hokum.
> 
> S.1666 is an obscure bill about courts in Utah.
> 
> A search of http://thomas.loc.gov on "encryption" reveals the expected bills,
> PRO-CODE etc.
> 
> A search for the DoC Authorization Act reveals nothing, as far as I can tell
> this bill has not been drafted let alone passed. I don't know enough about how
> the DoC is funded to know if they get their own Authorization Act or receive
> authorizations piecemeal and by the reconciliation.
> 
> Again, this is bogus.
> 
> !^NavFont02F02350014QGHHG|MG~HG85QG87HI}2126





From David.K.Merriman at toad.com  Tue Aug 13 14:22:07 1996
From: David.K.Merriman at toad.com (David.K.Merriman at toad.com)
Date: Wed, 14 Aug 1996 05:22:07 +0800
Subject: Fw: 1024-bit keys
Message-ID: <199608131404.HAA06583@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: spencer at luckman.com, cypherpunks at toad.com
Date: Tue Aug 13 10:36:48 1996
Absent any ability to cite a chapter-and-verse for making such a statement, 
and considering the vagueness of it, I would suggest that it either be 
clarified, justified, or removed.

I would think that, in it's present form, that statement leaves Luckman in 
no small amount of jeopardy: if true, but misunderstood because of lack of 
reference, anyone violating it may seek redress against Luckman in the 
event of prosecution by some law enforcement agency. If untrue, Luckman 
could be considered equally liable for any real or perceived lost income 
because of an erroneous limitation, when it's incorrectness is discovered.

- -----Begin Included Message ----- 

Date: Mon, 12 Aug 1996 17:00:42 -0700
 From: Spencer Yuen <spencer at luckman.com> (by way of Technical Support via 
Heidi <heidi at luckman.com>)
To: merriman at shiner.amaonline.com
Cc: 

David,

to my knowledge- it's the latter. U.S. prevents Verisign from deploying 
keys
greater than 512 bits to Web servers outside the U.S.. And no, I can't
tell you the Federal Regulation, Title, Section. 

>"Also, please note that you cannot send keys longer than 512 to servers 
>outside the United States."
>
>I would like to ask for clarification on this point. Is this meant to say 
>that a server inside the United States is not allowed to use a 512+ bit 
key 
>with a client outside the U.S., or that a Web Commander server outside the 
>U.S. may not employ a key of greater than 512 bits? In either case, what 
is 
>the justification for such a statement/restriction? If a Federal 
>regulation, could you please cite the Title and Section?
>


=====================================================================
|       Spencer Yuen              |       Luckman Interactive       |
|       spencer at luckman.com       |       (213) 614-0966            |
|       Quality Assurance         |        ext. 145                 |
=====================================================================

________________________________________________________________________
Heidi Lou Bailey
(h) 213.664.8669
(w) 213.614.0966 ext. 137

The world is stinky and the world is smelly. That makes for a nice day
                              ////          
                             (0 0)          
                        **ooO*(_)*Ooo**
________________________________________________________________________

"To affect the quality of the day, that is the highest of the arts."

          *     *
        *   * *   *
  >>--- *         *  NICK-->
         *       *
           *   *
             *



- ---- End of forwarded message ----
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome, encouraged, and PREFERRED. Visit my web
site at         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
I use Pronto Secure (tm) PGP-fluent Email software for Windows
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMg/qSMVrTvyYOzAZAQGTtgQAr0TQQs7hkR8VvjhFUvOoLY4eScAI86Z7
qJ4HLHtniZExAueAYrL/fyh1tRi5RbuwtL49KdzhWF8d9nYNddzqc8O1ybb4yt3O
2TU96gDOfjFmv6mLTlWv+LfWIiYBXzNvGT1DYSeZO8atyPTW1BOX7ES/y3t1XPco
FDwfFR9NUM4=
=V0EI
-----END PGP SIGNATURE-----






From jimbell at pacifier.com  Tue Aug 13 14:23:08 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 14 Aug 1996 05:23:08 +0800
Subject: Police prepare stunning end for high-speed car chases
Message-ID: <199608131643.JAA19738@mail.pacifier.com>


At 02:15 PM 8/12/96 -0700, Timothy C. May wrote:
>At 4:43 AM 8/13/96, jim bell wrote:
>>At 09:54 AM 8/12/96 -0700, Timothy C. May wrote:
>>
>>>
>>>(And I'm not ignorant of such technologies, having attended several of the
>>>Nuclear and Space Radiation Effects Conferences. I also played around with
>
>>Why would you need an "EM Cannon" for this?  Just string a 1-car-sized loop
>>of wire on the surface of a road, and off in the bushes hide a battery,
>>DC-to-Hi voltage DC converter and 20kv+ capacitor, and a vacuum switch or
>>some other switch arrangement.  When the car in question traverses the loop,
>>short the switch and the car will be blasted with 20,000 volt-turns of
>>induction.  Sure, most of it will pass harmlessly through the car's steel,
>>but even iron has a limited "mu" which means that every electrical device in
>>the car will be subjected to a certain amount of induced EMF, probably
>>enough to at least reset a few microprocessors and possibly even destroy 
them.
>
>Well, we're all operating based on speculation, as to intended modes of
>operation, what the contracts may ask for, what may eventually get
>delivered, etc.
>
>Certainly the described mode, that of a police car _pursuing_ another car,
>suggests a car-launched signal. Rewiring the nation's roads to include
>buried cables in anticipation of a future use would be pretty expensive!

Yes, it would be rather impractical for _that_ particular application.  


>(And if the cops can plan for a suspect/fleeing car to pass a specific
>location, low-tech solutions like laying a row of caltrops across the road
>will do much the same thing as "zapping" (which may not even work.))

The one place where this might be practical is on highways where these units 
can be placed fairly sparsely and still have a 

Even so, I think that non-police applications are more "interesting."



>As to high-voltage zapping, on this I am _extremely_ skeptical, at least as
>Jim's proposal above goes. Modern chips are equipped to deal with
>high-voltage, having electrostatic discharge (ESD) provisions. Voltages a
>lot higher than 20kv.

That's based on a certain source model.  You know, a specific capacitor in 
series resistance to limit the current.  However, if the current was induced 
from a low-impedance circuit, damaging currents might flow even if the EMF 
within a certain shielded loop in the car never exceeded a few tens of volts.

>
>And getting this hv signal in to the interior of the engine compartment,
>and past the various thermal and other shields would be a chore. Certainly
>the rubber tires will provide an _awful_ lot of insulation!

No, Tim, remember that I'm postulating an _inductively_ coupled system.  
Loop on ground, loops in the car, etc.  Magnetic coupling.  Conduction 
through car tires would be irrelevant the the functioning of this system. 
Wouldn't hurt it; wouldn't help it.

(Side note:  BTW, car tires are not non-conductive.  Check it out someday 
with a ohmmeter.)


Jim Bell
jimbell at pacifier.com





From geoff at commtouch.co.il  Tue Aug 13 14:26:36 1996
From: geoff at commtouch.co.il (geoff)
Date: Wed, 14 Aug 1996 05:26:36 +0800
Subject: Fw: Re: Free Pronto Secure Offer
Message-ID: <19960813152643711.AAA272@[194.90.26.157]>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Tue Aug 13 18:39:12 1996

on Aug 13 Sean Sutherland wrote:

> Whatever happened to that free offer for ProntoSecure for members of
> the Cpunk list?  Remembered hearing something about it awhile back, 
> but I don't know exactly what it is.  Thanks.

The offer is still on. A free copy of Pronto Secure in exchange for 
feedback. Open to anyone on the c'punk list.

http://www.commtouch.com/p1.htm         for download.
http://www.commtouch.com/testers.htm    for users' impressions.
http://www.commtouch.com/s-mail.html    for description.

Announcement:   Effective immediately.  New list price for Pronto 
- ------------    Secure is $99.  Contact secure at commtouch.com if  
                group discounts required.



- ---------------------------------------------------------------
Geoff Klein, Pronto Secure Product Manager;   www.commtouch.com 
My PGP public Key 1814AD45 can be obtained by sending a message
to geoff at commtouch.co.il with "Get PGP Key" as the subject.
- ----------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBMhChpkLv5OMYFK1FAQFE/gP+NVaU5a+fdU5YuGLPDrD02DuXgfc/skZP
sKUuE2yJcBV1N7ITjWJEkf98hgWr688G71lJ2+1JGob1bLBF5bBDT3M2ag5eX5Dl
dARvhjtcU4+bDxOrnOsJ4wlAyTZ1WmfmaDoe5IPKdgAu+6gTDS+3dq31vm2oFaud
/2qazWTTUwA=
=jFNk
-----END PGP SIGNATURE-----






From frissell at panix.com  Tue Aug 13 14:47:34 1996
From: frissell at panix.com (Duncan Frissell)
Date: Wed, 14 Aug 1996 05:47:34 +0800
Subject: Econopunks FAQ, Ver. 0.98
Message-ID: <2.2.32.19960813144043.00887ef8@panix.com>


What is a Fair Price for a good or service?

There is no such thing as a Fair Price.  There are only the prices paid by
willing buyers and sellers.  These are generally called market prices.  Many
factors influence price including cost of production and product
characteristics but the only determinants are the desire of market actors to
complete transactions at given prices.  You may think that you are smart
enough to decide what a good or service should sell for, but if you're not
putting cash on the barrel head, you're not even part of the process of
arriving at the "price".

*******

Just a suggestion to future Econopunks posters: Try not to post the
economics equivalent of the "Can't you make an unbreakable code by running
the plaintext through a Caesarian Cypher 7500 times?" question.

DCF

"No good or service should be sold for more than its cost of production --
therefore, all you folks who are ripping off your employers must report to
the slave barracks where you will be provided with triple bunks (hot
bunked), all the rice and beans needed to sustain life, a multivitamin
tablet daily, and loads of clean water."






From sandfort at crl.com  Tue Aug 13 14:53:43 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Wed, 14 Aug 1996 05:53:43 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB88ED.98A382E0@groningen16.pop.tip.nl>
Message-ID: <Pine.SUN.3.91.960813081445.17718D-100000@crl10.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Tue, 13 Aug 1996, Bart Croughs wrote:

> You claim that I must show that foreign capital investment
> will not flow back to US workers. But in my original post, I
> said:
> 
> "Of course there are advantages also for the US (shareholders
> will get higher returns, trade will increase), but how can you
> proof that these advantages will offset the disadvantage of the
> lowered amount of capital in the US? "
> 
> You haven't answered this question yet. I don't claim that the
> U.S. is worse off when US capital moves abroad. I only ask: how
> can you proof that the US isn't worse off when US capital moves
> abroad?

The movement of capital from the US was an *assumption* in Bart's
argument.  He has done nothing to show that it would in fact
happen.  When he proves that, they it would be reasonable to
expect me to offer proof that foreign capital will flow to the US.

It seems just as likely to me that US source capital will NOT 
flow overseas if it can be profitably invested in other US
industries that retain--or gain--competitive advantage from 
relative changes in productivity, supply and demand, or whatever.

In my experience, Americans are loathe to invest money overseas
unless it is highly profitable.  The reason is obvious.  They
understand--or think they understand--the rules here.  In 
historical terms, US investments have been more stable and safer
than investments overseas.  (Which is why, by the way, that the
US is the worlds largest tax haven in the world, but I digress.)

Thus, until Bart can support his highly dubious assertion that
capital that flows away from some non-competitive US industries
will necessarily flow offshore, there is no need for me to prove
that such a situation will probably lead to a counterbalancing
foreign capital flow into the US.  So far, Bart has not yet met
his burden of proof.

While I'm sure per capita capital investment is a *factor* in 
determining how high wages are, it certainly is not the only
factor.  It appears that Bart has fixated on this one to the
exclusion of other (probably more important) factors.

> If you don't know the answer, there's nothing to be ashamed of.

It is just this sort of unnecessary condescending snottiness that
create the clear impression that Bart is an asshole.  Perhaps he
is a fine chap and this is just his style, but I find it very
offensive an counter-productive in this discussion.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From shamrock at netcom.com  Tue Aug 13 14:58:53 1996
From: shamrock at netcom.com (Lucky Green)
Date: Wed, 14 Aug 1996 05:58:53 +0800
Subject: (Off Topic) Re: FCC_ups
Message-ID: <v02120d0bae366adef979@[192.0.2.1]>


At 3:01 8/13/96, David Wagner wrote:

>The *real* challenge: how do you support sender- and recipient- anonymous
>phone calls with strong security?  Have fun.

Sender anonymous phone calls are easy. You route them through PipeNet,
assuming every PipeNet node has a telephony gateway. Recipient anonymous
phone calls a harder to implement.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From an681132 at anon.penet.fi  Tue Aug 13 15:16:02 1996
From: an681132 at anon.penet.fi (an681132 at anon.penet.fi)
Date: Wed, 14 Aug 1996 06:16:02 +0800
Subject: Why should we trust the system? & a little off topic
Message-ID: <9608131358.AA28171@anon.penet.fi>



> Preiously, jim bell <jimbell at pacifier.com>
> <snip>  However, hours after it was publicly revealed that the Atlanta 
> 911 center screwed up, wasting 10 minutes looking up the address of 
> "Centennial park,"  <snip>

After watching the news during the coverage of the 911 call, I couldn't
help but  notice the free computer advertisement.  I don't suppose that
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From shamrock at netcom.com  Tue Aug 13 15:16:07 1996
From: shamrock at netcom.com (Lucky Green)
Date: Wed, 14 Aug 1996 06:16:07 +0800
Subject: [NOISE] "X-Ray Gun" for imperceptible searches
Message-ID: <v02120d0cae366bab297f@[192.0.2.1]>


At 9:27 8/13/96, Peter Trei wrote:

>I vaguely remember another possibly relevant precedent, where a
>judge ruled that a warrant was required before a thermal imager
>could be used to look at a house suspected by the police of
>being a (pot) grow house.

Wrong. No warrant was used and the bust was upheld in court.




-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From amehta at giasdl01.vsnl.net.in  Tue Aug 13 15:17:11 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Wed, 14 Aug 1996 06:17:11 +0800
Subject: India, Productivity, and Tropical Climes
Message-ID: <1.5.4.32.19960813173132.002f7834@giasdl01.vsnl.net.in>


At 13:15 11/08/96 -0700, Timothy C. May wrote:
>At 4:17 AM 8/11/96, Arun Mehta wrote:
>>One of the
>>reasons that IBM was thrown out of India in the mid seventies was
>>their practice of shipping only outdated computers from the US to
>>India.

>This I tend to disagree with. I recall that India had some laws in the
>1970s which required companies to dislose trade secrets to them. As a
>result, IBM chose not to stay in India. I recall that Coca-Cola also
>refused to turn over the formula for Coke, but this may've been urban
>legend. The IBM case is pretty well-documented. IBM would've sold the
>latest and greatest technology to India if: a) it was profitable to them,
>b) if India could've paid for a 370/90 or whatever in 1975, c) if COCOM
>regulations would have allowed such a sale (doubtful, given the Ghandi
>dynasty's cozying up to the Sovs in the 70s.
>
>I don't think shipment of "old technology" to India was at all on IBM's
>list of concerns, certainly not back then.

Sorry, the response took a while: George Fernandes, who was the
industries minister at the time, is an acquaintance, so I thought
I'd get the story from the horse's mouth.

In the aftermath of the oil crisis, India was short of foreign
exchange, so it passed the Foreign Exchange Regulation Act (FERA)
under which foreign equity in an Indian company could only exceed
40% if the company was hi-tech or  produced something of critical
national importance. The government saw no reason why precious
foreign exchange should go out as profits on the sale of
toothpaste or cola. Coke claimed that its secret formula
qualified it as a hi-tech company, and so it should be allowed
100% ownership of its Indian subsidiary. The government saw no
reason why: that was easy. The Indian government wasn't asking
Coke to reveal its formula, merely dilute its holding to 40%. That one was easy.

As regards IBM, its agreement with the government of India, under
which it was allowed to operate in the country, stipulated that
it would produce here, and transfer some technology. Instead, as
the government found, all it did was sell time on second-hand
computers (1401's as I recall, and this was mid  to late '70s).
IBM was asked to either dilute, or live up to its original
agreement, which it wasn't prepared to do, so it left.
>
>As attractive as this sounds, historically this has not happened. And as
>many will tell you, the climate of the Bay Area in particular and
>California in general is extremely benign and delightful. The average
>winter temperature is only about 10C cooler than summer temperatures.

Didn't Mark Twain say that the coldest winter he had ever
experienced was a summer in San Francisco? I do agree, SF and
environs are great: but US immigration laws being what they are,
not everyone can move there -- some day, "routing around" might
make those places more attractive which have the least
restrictive immigration laws.

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From dlv at bwalk.dm.com  Tue Aug 13 15:33:03 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Wed, 14 Aug 1996 06:33:03 +0800
Subject: cybergangs
In-Reply-To: <199608130215.EAA20375@basement.replay.com>
Message-ID: <LTuLsD1w165w@bwalk.dm.com>


nobody at replay.com (Anonymous) writes:

> Dimitri Vulis ranted thusly into the aether:
> 
> >Death to the Usenet Cabal! All power to the GruborBots!
> 
> Jeez, is there no place safe from Dimitri's Cabal rantings? There Is No Cabal
> fnord. So there.

There is no place on the 'net safe for the Usenet Cabal or the fucking statists
who call themselves "libertarians".

> 
> ObCypherpunks: It's worth noting that Dimitri's reputation capital is so deva
> 
> dlv at bwalk.dm.com                                             Dr. Dimitri Vuli
>    ! Vote rejected by votetaker (untrusted site)
> 
> This is from Message-ID: <839564931.8926 at uunet.uu.net>, btw.
> 
> 


---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From jbash at cisco.com  Tue Aug 13 16:03:02 1996
From: jbash at cisco.com (John Bashinski)
Date: Wed, 14 Aug 1996 07:03:02 +0800
Subject: India, Productivity, and Tropical Climes
In-Reply-To: <1.5.4.32.19960813173132.002f7834@giasdl01.vsnl.net.in>
Message-ID: <199608131901.MAA02656@mort>


> Didn't Mark Twain say that the coldest winter he had ever
> experienced was a summer in San Francisco?

Mark Twain also said (from memory, and probably not exact): "In India,
'cold weather' is merely a polite phrase used to distinguish weather
that will melt a brass doorknob from weather that will only make it mushy.".

Sorry, couldn't resist...

					-- John B.
					   Very near San Francisco





From jamesd at echeque.com  Tue Aug 13 16:04:29 1996
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 14 Aug 1996 07:04:29 +0800
Subject: PGP...
Message-ID: <199608131531.IAA19761@dns1.noc.best.net>


At 12:39 PM 8/13/96 +0100, sasa.roskar at uni-lj.si wrote:
> I'm confused.... if you don't want people to be able to read your
> email, you code it with PGP or other encoders... but why give away
> your key on your website to everyone? That makes your email readable
> to everyone... doesn't it? Oh well... I hope someone can explain this
> to me...

Public keys and private keys:

Private key only you know,  Public key everybody knows.

You use private key to sign, you use the other guys 
public key to encrypt, so that no one but him can read
the message, not even you, unless you kept the original
copy.

Public key does not decrypt.

Other guy uses his private key to decrypt the message you sent
him.

What one man knows, nobody knows, what two men know, everyone
knows.  If you had to share keys in order to communicate, the
keys would not stay secret very long.

Public key encrypts and verifies signature.  Private key encrypts
and signs.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From tcmay at got.net  Tue Aug 13 16:06:06 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 14 Aug 1996 07:06:06 +0800
Subject: Anguilla story...
Message-ID: <ae360f510002100460a6@[205.199.118.202]>


At 2:24 PM 8/13/96, Vincent Cate wrote:

>In a nut shell, taxbomber.com was on my system in Anguilla.  He was
>selling "camoflauge passports".  One David Evans of Bloomberg Business
>News wrote an article where he quoted taxbombers page saying something
>like "it is illegal to use these passports to open up bank accounts, but
>there is little chance of getting caught". I got a call from my lawyer who
>had seen the article (along with just about everyone else in Anguilla) and
>he told me that was illegal in Anguilla and I should cancle the account.
>I did and taxbomber moved to another provider in another country.
>
>1) A number of cypherpunks are dissapointed that I did not fight to my
>death to defend this guy.

I think you're overstating the case made by some of us, or, at least, by me.

What I said was that your policies need to be spelled out, and that I saw
little evidence of "fraud" in what the guy was doing. And that if you cut
off accounts (without warning, it sounds like) based on fairly flimsy (it
seems to me, and to Duncan, and to others) advice, then certain
reputational consequences are likely to follow.

By the way, from what you quote this guy as saying ("it is illegal to use
these passports to open up bank accounts, but there is little chance of
getting caught"), I _still_ see no fraud. People can make all sorts of
claims, often they throw in claims of illegality or "pirate" status just to
add a frisson of the dangerous to their marketing campaign.

Cancelling an account on such a basis is rarely wise. That "everyone else
in Anguilla" read the account may be the real reason, of course. Not that
this reason instills much confidence....

>2) If the guy did not mention where his site was, the reporter probably
>would never have mentioned Anguilla and me in the article.

Is this the real issue, that what he was doing brought bad publicity to you
and to Anguilla?

These issues need to be aired. Of course you have every right to run things
as you wish, modulo contractual arrangements you may have entered into with
your customers and your Internet providers. But we on this list have
certain ideas about what an "offshore information provider" should provide.

Contrast this case with the well-publicized cases recently where Neo-Nazi
material is being hosted on U.S. web sites. After getting a lot of
publicity, the web site providers stood firm and said they were not in the
business of removing such sites, even if they brought a lot of bad
publicity and even if they were in fact in violation of the laws of some
countries whose citizens could access the sites. I don't claim camouflage
passports = Neo-Nazi sites, but their are certainly some similarities. So,
if I opened an account on "Offshore Information Services" and placed such
materials there, and this got heavily publicized ("Anguilla a Center for
Neo-Nazi Revival!"), would my account be cancelled?

Again, I'm not saying you don't have the "right" to do so, only that you
ought to carefully consider such issues, and carefully articulate a policy
of what is acceptable and what is not acceptable, and how you will deal
with customers who have some material (or even some marketing claims) which
may conflict with your policies.

--Tim May

HOW TO MAKE A PIPE BOMB:
"Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack the powder. Don't even tap the bottom of the pipe to make it
settle.  You want the powder loose.  For maximum explosive effect, you need
dry, fine powder sitting loose in a very rigid container." (more
information at http://sdcc13.ucsd.edu/~m1lopez/pipe.html, or by using
search engines)







From daros at cryptonet.it  Tue Aug 13 16:06:11 1996
From: daros at cryptonet.it (Paolo Da Ros)
Date: Wed, 14 Aug 1996 07:06:11 +0800
Subject: National Socio-Economic Security Need for Encryption
Message-ID: <199608131554.RAA03474@relay.cryptonet.it>


At 07.54 11/08/96 -0400, you wrote:
>Forwarded by Robert Hettinga
>
>-----------------------------------------------------------------------
>X-Sender: amehta at giasdl01.vsnl.net.in
> Mime-Version: 1.0
> Date: Sun, 11 Aug 1996 10:17:31 +0600
> To: cypherpunks at toad.com
> From: Arun Mehta <amehta at giasdl01.vsnl.net.in>
> Subject: Re: National Socio-Economic Security Need for Encryption
>   Technology
> Sender: owner-cypherpunks at toad.com
> Precedence: bulk
>
>
>At 02:05 10/08/96 -0700, Timothy C. May wrote:
> >At 12:15 PM 8/10/96, Scottauge at aol.com wrote:
> >>I was watched CBS reports a couple nights ago about how all these blue
collar
> >>and now white collar jobs are going across seas.
> >
> >Where do I begin? First, what does "taking jobs away from us" mean? That we
> >own these jobs? And who is "us"?
> 
> Well said. 

Sure. jobs belong to people which are the more competitive to perform them
(which ask less to do the some job or ask the same to do a better job).
Since markets are going to be "global", as a consumer or a reseller I can
buy wherever I want whatever I want -well, almost, and crypto, remailers etc
can help-. 
The improvements in the competitive position of US economy have one of their
roots in the loss of purchase power by the american workforce (less to do
the same job, or the same to do a better job).
This is something I guess Germans are going to experience.
In Italy there is an old tradition of using devaluation as a competitive
mean (ask the french government and french industrialists what they thought
after the IT Lira lost 30% in  a few months, back in 1992-3).  

> 
> >>So a possible way to protect jobs is to protect the knowledge on how to do
> >>them.

I don't think it's possible to "protect jobs". This translates into blocking
the market mechanisms, which constantly, by mean of the competition, push
toward better quality, lower prices and/or new products. Right or wrong,
market wins. If ideas are worth money, they spread.

To confirm the simmetry of politics on the two sides of the pond, I was told
the US right (newt gingrich) has on this issue the same idea here in Italy
is supported by the far left (the Rifondazione Comunista party). The idea is
to make mandatory a label on every third world product which states the
amount of child labor embedded in the product. 
I see in this "moral" approach to economy two possible outcomes: the first
is that nobody buys such products, (the goal of the proposal) based on child
exploitation (and so the child is not exploited anymore, and starves to
death while smiling to his first world "friends"); the second is that lots
of people buy the product not because of its features, price etc, but to
help the poor child. In this way, the moral approach to economic issues has
two immoral possible outcomes (I enjoy these paradoxes, it's one of the few
things I still like of Marx).

The problem is that there are millions of hungry people, and a simple
solution is not available. Who says he has it is a liar.

> 
> To some extent this happens automatically -- for instance, if you
> live in the Silicon valley, your knowledge levels are higher on
> account of higher frequency of user meets, conferences, etc. But,
> to the extent you use the Internet as an information source, it
> is available internationally. So you cannot have it both ways:
> use an open forum like the Internet, and hope to keep knowledge bottled in.

The only choice we first world citizens have is to run faster, try to invent
new products or new ways to produce old products.  I have been told that the
quality of eastern europe programmers is very high, and we cannot compete
with people which makes one tenth or less than we do (well, we CAN compete,
if we accept to make the same...).

BTW, from the very little I know about some members of this list, it looks
like they are "creme de la creme": very bright people, wide vision of the
issues, eclectic culture (at least two of the brightest of them share my
love for LISP machines, so my ego gets comforted...), and constant research
of the best market position for themselves. Unfortunately, individuals can
easily switch and try to improve their position, national economies have a
far bigger momentum to win to achieve the same result. Besides, if everybody
could so easily switch, the improvement -a higher relative position- could
not exist at all.

> 
> In earlier generations of computing, monopolistic organizations
[snip]
> projects such as Iridium, Odyssey, Teledisc and Globalstar
> threaten to change all this, little impact will be felt until the
> end of the decade. In any case, telecom facilities in the
> industrialized countries will most likely continue to be
> considerably superior, providing workers there with an ongoing
> competitive advantage.

This is an extra-optimistic view. In  one of my previous job at a very large
European system integrator, three years ago, I was told that "SW projects
used to be 7 years long, are 7 months long, and we shall prepare for the
moment when they will be 7 days long". So workers there will have a
competitive advantage (perhaps) at doing a shrinking amount of work. 
Given their age, many members of the list are accustomed to shrinking
markets and new skills acquisitions (see Artificial Intelligence back in the
80s), as is possible to understand from the fact that they are positioned in
one of the hottest spots in one of the fastest growing markets. So I assume
many are familiar with the job-kiling role of technology. The competitive
disadvantage of industrialized countries workers is provided by these
workers themselves when they put competitive advantage of their know-how in
new products or technologies.


> 
> Further, as economists such as Paul Krugman point out, developing
> countries lack the means for sustained growth ("Which Asian
> Model?", Newsweek, November 20, 1995). Those economies that have

I wouldn't trust a newsmagazine on such a critical topic. And (hope you
don't take this as a chauvinistic european statement) expecially NOT an
American newsmagazine. Nice photos, poor content.

> shown dramatic growth, such as the East Asian, have relied
> essentially on low-cost inputs, rather than on their efficient

If you know how many are the chinese, you could come to the conclusion that
as soon as they improve their agricolture, HUNDRED MILLIONS low-cost people
(input?) are available to exploit new markets. So, low cost input shortage
is not an issue.
Yes, their economic model could reach a critical point when they reach, say,
a 6K$ gdp pro capita, but by then their gdp should be 1.200.000.000 * 6.000
US$, i.e. 7.2 trillion US$. (today their GDP pro capita should be around
900US$, i.e 1.08 TrnUS$, growing at 10% per year)

> utilization. Professor Alwyn Young of Boston has in fact come to
> the surprising conclusion that Singapore's total factor

very surprising indeed. If I'm not wrong, singapore has a GDP pro capita
around 12K$. And productivity is what defines the GDP. Should productivity
in Singapore really be so low, I can't understand how capital intensive
industries (semiconductors, for instance) could have been established there
by so well managed western companies like HP or TI etc

> productivity (which measures such efficiency) is so poor as to be
> comparable to that of the Soviet Union. He points out that "at
> just the time that everybody was ranting about how magnificent
> Japan was, it ceased to catch up."

Well. yen was at 300. Now it is at 108. It means that to buy -say- fine
Californian Wine -apart from customs, which is an issue, of course- a few
years ago a japanese blue collar had to spend -say- 2 hours. Now 40 minutes
(the example is not very good, but should explain my thinking).

> 
> Cheap inputs is not a long-term phenomenon, as companies looking
> for good programmers in India are increasingly discovering.
> Programmer salaries in India are rapidly rising. While many
> youngsters are keen to become programmers, India lacks adequate

the real killer here is technology, not low-cost programmers from India.
All the recent emphasis on Intranets is emphasis on a dramatic
standardization of everyting; GUI, security, infrastructure, access to data
etc. Standardization means better productivity, and productivity is "less
people to do the same job".


[snip]
> >>Perhaps there is a larger picture in the world that the cyperpunks mailing
> >>list is missing.  That cryptography is not just for personal privacy, but
> >>could involve job security also - as a matter of fact, the income base for

Job security doesn't exist. There used to be in eastern europe, but it
didn't work. Job security output were Trabants (funny east german cars) or
poor quality state restaurants.

> >>this whole country.

I think the picture is far larger than that of the simple right to the
privacy. You don't care of your privacy when your stomach is empty, and
there is too much people with his stomach empty. So, many things will change
as many poor people become richer and many middle(or low) -income people
become poorer. 

I think one of the things which will have an impact on this change is going
to be the net, and crypto is a net-enabler (uno of the most important, I
would say). So, cypherpunks are going to be exposed to all the important
things to happen. I don't think they alone will be in the position to change
nothing, but they will bring an informed point of view in the discussion.

I once dreamed to change the world, or at least to control the way things
had to go. Now the situation is so complex that I could feel satisfied just
being able to understand what's happening and how we will face change. My
enrollment in this list is because lots if bright people submit ideas on the
topic here, and this is of the greatest value.

> 
[snip]
> 
> My prediction is that with the blessings of the Internet, the
> next generation of multiracial programmers, even those that were
> born in the USA, will be more likely to be found on the beaches

I'm not sure there will be something like "the next generation of
programmers". Not in the sense world is going to end, but in the sense that
possibly, in the new world which is coming to birth in these years, there
will be no need of programmers (but a few hundreds of them...).


> of tropical islands than in the fog of San Francisco. When you
> can work in the shade of a palm tree, even if you should earn
> less, it's worth it :-)
> 
> Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
> http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key
> 
>
>
>--------------------------------------------------
>The e$ lists are brought to you by:
>
>Take Your Business Online with Intertrader Ltd, Edinburgh, U.K.
>Visit http://www.intertrader.com or email info at intertrader.com
>
>Making Commerce Convenient (tm) - Oki Advanced Products - Marlboro, MA
>Value-Checker(tm) smart card reader= http://www.oki.com/products/vc.html
>
>Where people, networks and money come together: Consult Hyperion
>http://www.hyperion.co.uk                    info at hyperion.co.uk
>
>See your name here. Be a charter sponsor for e$pam, e$, and Ne$ws!
>See http://thumper.vmeng.com/pub/rah/ or e-mail rah at shipwright.com
>for details...
>-------------------------------------------------
>
>






From droelke at rdxsunhost.aud.alcatel.com  Tue Aug 13 16:07:49 1996
From: droelke at rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Wed, 14 Aug 1996 07:07:49 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
Message-ID: <9608131856.AA05229@spirit.aud.alcatel.com>



If foil or metal mesh would block it, then many recently built houses
would be already set.  Usually that 1/2 - 1 inch styrofoam used 
on almost all exterior walls has a reflective layer of foil to help
keep the heat/cold out.

Then again, this sounds like hype-ed up infra-red technology
to me, in which case seeing through walls is B.S.

Dan

> 
> At 06:56 PM 8/12/96 EDT, you wrote:
> Since metal blocks the waves and stands out on the screen one could affectively
> block its use by putting up a fine metal mesh on the interior of all walls 
> that are exterior to the house.  The same could be said for clothing that 
> looks normal but has a metal mesh liner, like say a trench coat.
> 
> >	I would wonder if a jamming device (preferably area-effect with a 
> >slowly randomly varying swathe of area, to avoid figuring out who was carrying
> >it) would be possible, or some variety of shielding (i.e., emitting waves
> >looking similar to flesh).
> >	-Allen
> >
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke at aud.alcatel.com                             Richardson, TX






From amehta at giasdl01.vsnl.net.in  Tue Aug 13 17:07:25 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Wed, 14 Aug 1996 08:07:25 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <1.5.4.32.19960813185919.002f9d2c@giasdl01.vsnl.net.in>


Bart  Croughs wrote:
>I don't assume that the *total amount* of capital will be
lowered in the US when US capital moves abroad. I assume that the
amount of capital in the US will be *relatively lower*. So the
wages will be *relatively* lower (lower than when the capital
wouldn't have left the US), but not necessarily lower in any
absolute sense. I thought this was obvious, but since Arun Mehta
also misunderstood me, maybe I should have been more explicit here.

>	Henry Hazlitt in 'economics in one lesson' (p. 139): "The best
way to raise wages, therefore, is to raise marginal labor
productivity. This can be done by many methods: by an increase in
capital accumulation - i.e. by an increase in the machines with
which the workers are aided..."

Pardon me, but I'm still confused. When Hazlitt talks about how
many machines are employed, surely that's "absolute" capital, not
relative. If US capital is invested abroad sensibly, such that it
enriches the investors, they have more money to invest in
machines at home and thereby increase local productivity (and wages). 

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From tcmay at got.net  Tue Aug 13 17:20:29 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 14 Aug 1996 08:20:29 +0800
Subject: More on "Fraud" and Anguilla
Message-ID: <ae361bb5020210044a27@[205.199.118.202]>



I've been thinking about this whole "Taxbomber" issue of "fraud." (I'm
still not completely sure whether Taxbomber lost his account at Offshore
Information Services Ltd. because:

a) what he was offering actually violated Anguillan law (was there a
determination that selling camouflage passports violates a specific
statute?)

b) what he was offering constituted fraud (to whom? His customers certainly
knew what they were buying. To potential victims in the future?)

c) he brought unwelcome attention to Anguilla in general and to Offshore
Information Services Ltd. in particular. (Vince's mention that the whole
island had read the story suggests something to this.)

d) he violated some particular clause of his service agreement with
Offshore Information Services Ltd.


>From Vince's homepage (http://online.offshore.com.ai/)

"Could You Use a Virtual Presence Offshore?

       Do you have an offshore corporation and need an offshore web site?
       If your offshore corporation does business from offshore is it tax free?
       Is your country trying to censor the Internet?
       Can talking about abortion on the net get you in trouble?
       Are they censoring information about an ex-president in your country?
       Are your political views suppressed where you live?
       Is Amway the only multi-level-marketing company allowed in your country?"

Now I read from this that Vince is encouraging "multi-level-marketing
companies" to use his service. Am I wrong on this?

Another name for this, commonly used, is "pyramid scheme." Or "Ponzi
scheme." There are many summaries of MLM on the Net. Here's one, from
http://www.best.com/~vandruff/mlm1.html :

(begin quote)

"For most MLMs, the product is really a mere diversion from the real
profit-making dynamic. To anyone familiar with MLMs, the previous
discussion
(which focused so much on the fact that MLMs are "doomed by design" to
reach market saturation and thus put the people who are legitimately trying
to sell the product into a difficult situation) may seem to miss the point.
The product or service may well be good, and it might oversaturate at some
point, but let's get serious. The product is not the incentive to join an
MLM. Otherwise people might have shown an interest in selling this
particular
product or service before in the real world. The product is the excuse to
attempt to legitimate the real money-making engine. It's "the cover."

"Intuitively, we all know what is really going on with MLMs. Just don't use
the word "pyramid"!

""You see, if you can convince 10 people that everyone needs this product
or service, even though they aren't buying similar products available in
the
market, and they can convince 10 people, and so on, that's how you make the
real money. And as long as you sell to a few people along the way, it is
all legal." Maybe. . . ."

(end quote)

Now, personally, and from a libertarian free-market free-choice
perspective, I have no problem with pyramid schemes. I think of them as
examples of evolution in action, like gambling.

But I rather suspect that setting up a pyramid scheme in the towns of
Anguilla would generate reaction by the authorities. (To be sure, certain
MLM enterprises escape prosecution in the U.S., some get closed down...I
have no idea which would be acceptable to the Anguillan authorities and
which would go too far.)

Why do I mention all this stuff? Why focus on Vince's invitation for MLMs
to set up shop on his service?

This should be clear. Operating a pyramid scheme is arguably more a
clearcut case of "fraud" than selling pieces of paper to willing buyers.

The items in Vince's list are certainly more consistent (which is good)
with what we expect "data havens" to support. I just can't square the name,
"Offshore Information Services Ltd.," (which is also good), and the list I
quoted above with Vince's recent comments about wanting "clean" businesses!
It seems from his recent comments that he wants nice, simple "widget
makers" to offer nice, simple, legal-in-all-jurisdictions "tax avoiders."

When I asked if his site would accept or tolerate "Let's kill the Queen"
screeds, he replied  "Not acceptable.  This is not the market I am after.
I don't see the profit in it."

Well, as Steve Martin used to say, "Ex-c-u-u-s-e me!" Namely, this appears
to conflict directly with two of Vince's suggestions for why his site is
attractive, namely:

      "Are they censoring information about an ex-president in your country?
       Are your political views suppressed where you live?"

Suggestions that Brits ought to rise up and kill the monarchy are of course
time-honored political expressions, common in Scotland, Ireland, Wales, and
even in parts of Merry Old England herself. This has even happened in the
past.

And a certain Iranian exile, living in Paris in the 1970s, routinely called
for the killing of the Shah. I imagine Khomeini would've had his Anguilla
account revoked. "Not acceptable.  This is not the market I am after.  I
don't see the profit in it."

I'm sorry to be so harsh to Vince and his fledgling service. But we have a
duty (to the themes of our list) to call a spade a spade. A nominal data
haven which invites customers to do the things Vince describes in his home
page, but then which cuts and runs when the heat is applied....well, this
is not a good thing.

--Tim May




Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From rpowell at algorithmics.com  Tue Aug 13 17:22:37 1996
From: rpowell at algorithmics.com (Robin Powell)
Date: Wed, 14 Aug 1996 08:22:37 +0800
Subject: photographed license plates
In-Reply-To: <Pine.SUN.3.91.960810194513.13080C-100000@tipper.oit.unc.edu>
Message-ID: <96Aug13.165923edt.20481@janus.algorithmics.com>


>>>>> In article <Pine.SUN.3.91.960810194513.13080C-100000 at tipper.oit.unc.edu>, Simon Spero <ses at tipper.oit.unc.edu> writes:

    > In the UK they now use cameras to deter speeding; the cameras are 
    > triggered by vehicles passing by which exceed the speed-limit, so in 
    > theory it's only naughty people who get photographed. Interestingly 
    > enough, there are far more places with camera warning signs than there 
    > are actual cameras; the actual cameras are moved around at random. Even 
    > though most of the time there isn't a camera there, almost everbody 
    > seemed to slow down in the marked areas; probably because there's almost 
    > 100% chance of being caught if there is a camera there. 

In Ontario, they tried this on some of the major highways.  The most
interesting thing about it was that it was proved time and time again
that the technology was not up to snuff: there was an almost 0% chance
of being caught.  When the license plate wasn't obscured or unreadable
(which it usually was) the computerized mailing system made some
stupid mistake that allowed the person to get off if they challenged
it.

The interesting thing is that the project was scrapped for these
reasons when the next government came in, but studies showed that it
_succeeded_ in lowering peoples speed limits.  I personally drove
consistantly about 20-40km over the speed limit while this was in
effect, cuz I knew it sucked, but apparently I was in the minorty.

-Robin





From rollo at artvark.com  Tue Aug 13 17:27:20 1996
From: rollo at artvark.com (rollo at artvark.com)
Date: Wed, 14 Aug 1996 08:27:20 +0800
Subject: cypher-illiteracy
Message-ID: <v03007801ae368223d722@[206.183.203.4]>


David Lesher or Mike Duvos or somebody said, Re: FPGAs and Heat (Re:
Paranoid Musings)
> That's one of the things that killed Thinking Machines.  It turned out
> that a standard supercomputer with PIM chips for memory could give the
> same performance for less money.

See:

http://cesdis.gsfc.nasa.gov/linux/beuwolf/beuwolf.html

I had a bit of difficulty connecting with the URL, finally discovering that
it's "beowulf", not "beuwolf". So try:

http://cesdis.gsfc.nasa.gov/linux/beowulf/beowulf.html

Also, re pipe bombs, attempting to access the URL
http://sdcc13.ucsd.edu/~m1lopez/pipe.html
yields (as of Tue, Aug 13, 1996(13:31 MDT))
The requested URL /~m1lopez/pipe.html was not found on this server.

Rollo Silver / Amygdala | e-mail: rollo at artvark.com
216M N. Pueblo Rd, #107 | Website: http://www.artvark.com/artvark/
Taos, NM 87571 USA      | Voice: 505-751-9601; FAX: 505-751-7507







From blancw at microsoft.com  Tue Aug 13 17:38:39 1996
From: blancw at microsoft.com (Blanc Weber)
Date: Wed, 14 Aug 1996 08:38:39 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <c=US%a=_%p=msft%l=RED-81-MSG-960813204534Z-26547@tide19.microsoft.com>


>From: 	Bart  Croughs
>
>You haven't answered this question yet. I don't claim that the U.S. is worse
>off when US capital moves abroad. I only ask: how can you proof that the US
>isn't worse off when US capital moves abroad? 
.............................................................


You have to be able to imagine the advantages, and you can only imagine
them when you have the background to understand the difference between
having fewer choices rather than more, a limited market base rather than
an open one full of unlimited opportunity, and the increased domestic
tensions from frustrated consumers who are likely to set up blackmarkets
as work-arounds to the lack of desired goods & services. 

Essentially, you have to want to see, and work for, the difference
resulting from unprotected markets.   I think people who put up a lot of
objections are afraid and do not want any proof of their error.   You'd
have to hold their nose to the figures, and even then they might close
their eyes....

   ..
Blanc



>
>
>
>
>





From winn at Infowar.Com  Tue Aug 13 17:43:25 1996
From: winn at Infowar.Com (winn at Infowar.Com)
Date: Wed, 14 Aug 1996 08:43:25 +0800
Subject: InfoWar Press Release
Message-ID: <199608132059.QAA17393@mailhost.IntNet.net>


Information Warfare:

Electronic Civil Defense

NCSA Press Release
National Computer Security Association
10 South Courthouse Avenue
Carlisle, PA 17013 

For Information Contact:

Kevin Stevens - PRESSMarketing/CommunicationsNCSA(717) 258-1816 ext.
224(717) 243-8642 Faxemail: kstevens at ncsa.com	Robert Steele -
SponsorChairman & CEOOpen Source Solutions(703) 242-1701(703) 242-1711
Faxemail:ceo at oss.net	Winn Schwartau - SponsorPresident & CEOInterpact,
Inc.(813) 393-6600(813) 393-6361 Faxemail:winn at infowar.com

INFORMATION WARFARE: CONFERENCE ON ELECTRONIC CIVIL DEFENSE
September 4-5-6, 1996
Crystal Gateway Marriott Hotel
1700 Jeferson Davis Highway
Arlington, VA 22202

August 14, 1996; Carlisle, PA.  International security experts,
including military general officers responsible for C3I, intelligence
and security professionals from government agencies, and corporate
information assurance and security executives will review
state-of-the-art techniques in countermeasures necessary to combat
information warfare attacks against the information infrastructures of
the United States and allied nations.  Leaders from industry,
government and the international scene will also discuss policy options
for defense as well as response to attacks.

Information Warfare is likely to influence both military operations
other than war (OOTW), and the violent peace with which both law
enforcement and corporate security professionals must concern
themselves. Electronic Civil Defense for the 21st Century is the focus
of this conference.

Information Warfare represents a direct threat to governments,
financial and business information systems of corporations and private
businesses, and the personal privacy of ordinary citizens.  Information
Warfare is a relatively low cost method for less- developed
nation-states or underground organizations and trans-national gangs to
acquire technology, along with tactical and strategic economic
information, from more-developed nations, governments,
corporate/business entities, and individuals.  

Information Warfare is also a means for terrorists, criminals, or
politically-motivated splinter groups to attack their enemies.  Methods
for launching Information Warfare attacks can be done anonymously and
remotely, circumvent laws and detection, and employ an array of
clandestine electronic and human intelligence techniques.
 
Electronic Civil Defense is the guiding concept which unites all
aspects of a nation�s information infrastructure into a unified
mindset.  It�s purpose is to prepare for, and where necessary,
counteract the effects of organized and unorganized attempts on the
part of individuals, terrorist elements, criminal enterprises, or rouge
nations to subvert friendly nations, commercial institutions, and armed
forces through malicious destruction of critical information systems
assets such as banking, medical, or defense-related systems. 

The conference is sponsored by two internationally known experts: Mr.
Winn Schwartau (author of INFORMATION WARFARE: Chaos on the Electronic
Superhighway); and, Mr. Robert Steele (author of various works which
focus on the common theme of "Smart People, Dumb Nations: Bad
Business"), and by the National Computer Security Association (NCSA),
Carlisle, PA.

Speakers include: Dr. Peter Tippett, President, NCSA; Steve Katz, CISO,
Citibank; Sally Katzen, Administrator for Information and Regulatory
Affairs, OMB; Drs. Anders Eriksson and Peter Wallstroem, National
Defense Research Establishment, Dept. of Defense Analysis, Sweden; Dr.
Leroy Pearce, Canada; General Jim McCarthy, USAF (Ret); Capt. Gregory
Blackburn, Director of Information Warfare, OSD/C3I; Air Vice Marshall
Brendon O�Loughlin, Australian Defense Attach�; Ron Eward, Martech,
Inc.; Michael Logan, Federal Planning Associate, American Red Cross;
William W. Donovan, FEMA; Greg Brown, IBM Business Recovery Services;
Danielle Cailloux, Judge, Committee on Intelligence, Belgium; Col.
Charles Dunlap, Judge Advocate, USAF; and many more experts. 

To obtain detailed program and registration information, send a fax
with your return address, and fax number or email address to +(717)
243-8642 attn. Conference Registrar.  Download information from NCSA
Web Site at <http://www.ncsa.com>.  Send email to <infowar at ncsa.com>,
or if a CompuServe member, GO NCSA.

PRESS ADVISORY:  Press passes for the conference are available for $100
- luncheon included. Fax or email requests for press passes to: Kevin
Stevens, <kstevens at ncsa.com>, Marketing/Communications, NCSA.  Proof of
press credentials, including photo identification, are required.


<----  End Forwarded Message  ---->

Peace
Winn

		        Winn Schwartau - Interpact, Inc.
		        Information Warfare and InfoSec
		       V: 813.393.6600 / F: 813.393.6361
			    Winn at InfoWar.Com






From pstira at escape.com  Tue Aug 13 18:00:57 1996
From: pstira at escape.com (pstira at escape.com)
Date: Wed, 14 Aug 1996 09:00:57 +0800
Subject: photographed license plates
In-Reply-To: <Pine.SUN.3.91.960810194513.13080C-100000@tipper.oit.unc.edu>
Message-ID: <Pine.BSI.3.91.960813174438.12576B-100000@escape.com>



For anybody with interest in this happening in the U.S., please note that
such a practice (cameras and speed tracking devices, resulting in tickets 
being sent to the offending party) has been talked about, in somewhat 
closed circles, for years.  A couple of years ago, 2600 Magazine ran an 
article listing most of the intersections with said devices.  You can 
probably find it in their web page's index of back issues to pick it up.
(http://www.2600.com).

ObCrypto: Has anyone had any experience working with the Sidewinder 
Firewall and encryption and/or S/key or SecurID?  What are drawbacks with 
using DESlogin with a firewall?  or any encrypted transmissions for that 
matter?  Is there anyway to bypass the obvious (sniffing).

Thanks :)
Millie, from her boyfriends account :)
sfuze at sunspot.tiac.net

"Remailers? Why bother? These days they'll find you no matter WHAT you use."






From pstira at escape.com  Tue Aug 13 18:11:30 1996
From: pstira at escape.com (pstira at escape.com)
Date: Wed, 14 Aug 1996 09:11:30 +0800
Subject: Anguilla / taxbomber - legality
In-Reply-To: <Pine.LNX.3.91.960811004757.1724B-100000@offshore>
Message-ID: <Pine.BSI.3.91.960813175054.12576C-100000@escape.com>


I have never, nor do I ever plan to, use any sort of documentation other 
than that which this police state shoves down my throat, but I do wish to 
point something QUITE OBVIOUS out, which is that MANY places sell camoflauge
passports, including Delta Press, several "police supply catalogs", 
alternative book catalogs (Such as Eden Press, which I *know* some of you 
have used, judging by your explosives knowledge ;)), and so on.  There is 
NO reason to single out taxbombers site for camo passports.  They *do* 
have legitimate usages, including terrorist situations when you don't 
want to be identified as an American (on a plane hijacking for example, 
American's are "white meat", because our country understands and responds 
to public sympathy much more than most -- whatever THAT means).  What I 
am trying to get at is that camoflauge passports are NOT illegal -- they 
are for countries which no longer exist and are unusable at customs, at 
any foreign checkin point, and so on.  They have specific usages, and 
specific reasons for being cheap (running between 50 to 500 bucks, tops).

The other passports?  Go to most 2nd or third world countries, offer to 
buy so much land, and I'd be surprised if you don't walk away with some 
sort of official documentation.  There's a difference between being a 
broker (which it is my understanding taxbomber is) and being a forger or 
smuggler.  But then, I do not know the parties in question and can only 
make assumptions.

Loompanics has several books about getting foreign passports. for a bunch 
of people who do not care for the lack of freedom in encryption, privacy, 
etc, you sure seem like (pardon my phrasing) hard-asses when it comes to 
other peoples much of the time... :)

What's that saying about liberty not going away all at once, but being 
nibbled away, for expedience and by parts?

Millie, from her boyfriends account.
(if you have a beef with me, send it to
sfuze at sunspot.tiac.net -- otherwise, have a nice day :))







From pstira at escape.com  Tue Aug 13 18:14:43 1996
From: pstira at escape.com (pstira at escape.com)
Date: Wed, 14 Aug 1996 09:14:43 +0800
Subject: Massively parallel carbon-unit-based voice pattern matching
In-Reply-To: <Pine.BSF.3.91.960811185455.24521B-100000@mcfeely.bsfs.org>
Message-ID: <Pine.BSI.3.91.960813180607.12576D-100000@escape.com>


This CAN be infiltrated. (1) take into account line noise. (2) take into 
account recordings, cut and paste, and hell, audio programs are 
INCREDIBLE nowadays. (3) take into account problems like illness, which 
changes voice, inflection, etc., like puberty (hehe, no comment), like 
just about anything which requires some range or variability.

This seems to be about as secure, remotely, as NFS <G>.

Ta,
Millie, from my b/friends accout.
bug me, not him:   sfuze at tiac.net







From jimbell at pacifier.com  Tue Aug 13 18:31:32 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 14 Aug 1996 09:31:32 +0800
Subject: [NOISE] "X-Ray Gun" for imperceptible searches
Message-ID: <199608132155.OAA09738@mail.pacifier.com>


At 09:27 AM 8/13/96 -6, Peter Trei wrote:
>
>Tim writes:
>
>> I don't see how "remote scanning" of the population at large, without
>> probable cause, is much different from the cops listening in from a
>> distance with parabolic antennas. Both cases involve detection of signals
>> emitted from the target. And yet such long-distance interception is not
>> allowed without a warrant.
>
>I vaguely remember another possibly relevant precedent, where a
>judge ruled that a warrant was required before a thermal imager
>could be used to look at a house suspected by the police of
>being a (pot) grow house.
>Peter Trei
>trei at process.com

There was just such a decision in Washington state about a year ago, as I 
recall.  However, as I recall there has been a contradictory decision 
elsewhere, so the law isn't clear.

It seems to me that the main problem with such "evidence" is not the search 
itself, but the interpretation of the results:  Having a hot house isn't a 
crime, and indeed it was not practically detectable before IR viewers.  And 
an IR viewer only tells you the house is hot; it doesn't say why its hot.  
Apparently, when the "justice system" gets a new toy, it subtly adjusts its 
standards to use that toy, regardless of minor issues such as right and 
wrong.  


Jim Bell
jimbell at pacifier.com





From jgrasty at gate.net  Tue Aug 13 18:46:09 1996
From: jgrasty at gate.net (Joey Grasty)
Date: Wed, 14 Aug 1996 09:46:09 +0800
Subject: South Florida Cypherpunks Meeting Reminder
Message-ID: <199608132238.SAA52914@osceola.gate.net>


Y'all:

The South Florida Cypherpunks will meet at Hops Grill & Bar
in Boynton Beach, FL on Saturday, August 17 at 2:00 PM.  As
always, our meeting place is at a microbrewery, and this one
has some very fine brews.

Jim Ray will show off his Snake Oil bottle, signed by Phil
Zimmermann, who wrote PGP.  I will also hand out copies of my
WinSock Remailer to anyone who wants to check it out.  Other than 
that, we have no agenda, other than discussing cypherpunkology 
and drinking some fine brews.

Directions:

Take I-95 to Boynton Beach Blvd and go west.  When you get
to Congress Ave., turn right (north) and go one stoplight 
until you get to Old Boynton Beach Blvd.  Turn left (west)
and go behind Longhorn Steakhouse and turn right into
the parking lot behind Longhorn Steakhouse.  Hops is just
north of Longhorn on Congress Ave.

  Hops Grill & Bar
  545 N. Congress Ave.
  Boynton Beach, FL.

In addition, the Cypherpunks Brewmaster, Jim Ray, is brewing 
up a special "cypherpunks summer dark" brew for the meeting.  (I
sampled some of the brew before bottling, and BBBUUURP! it was
good.)  We will enjoy his fine beer at my house following the 
meeting.  I'll pass out maps to my house in Deerfield Beach
for anyone who wants to go.

Please send me a note if you plan to attend so that I can alert
the restaurant on how many will attend.  Send me your
key and fingerprint for keysigning if it hasn't been signed by any
cypherpunks before.

Regards,


--
Joey Grasty
jgrasty at gate.net [home -- encryption, privacy, RKBA and other hopeless causes]
jgrasty at pts.mot.com [work -- designing pagers]
"Anyone who considers arithmetical methods of producing random digits is,
of course, in a state of sin." -- John Von Neumann
PGP = A7 CC 31 E4 7E A3 36 13  93 F4 C9 06 89 51 F5 A7





From rich at c2.org  Tue Aug 13 18:51:01 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 14 Aug 1996 09:51:01 +0800
Subject: [NOISE] Geek Apartments
In-Reply-To: <9608131541.AA26416@sso-austin.sps.mot.com>
Message-ID: <Pine.GUL.3.95.960813140118.5632A-100000@Networking.Stanford.EDU>


On Tue, 13 Aug 1996, Ben Combee wrote:

> Yes, it has already happened, although in a slightly different
> context.  The Georgia Tech campus dormatories got wired with Ethernet
> back in 1994, and there was quite a rush by the sizable geek

The graduate residences at Stanford were built with 10Base2 in 1986, and 50%
of the undergrad dorms were wired with 10BaseT by 1993. So there.

> population to get dorm rooms in the buildings slated to get
> installation first.  It worked out quite well, especially the privacy
> aspects, as the dorm routers encrypted all packets so only the
> intended Ethernet node could receive it (at least that is what they
> said).  

The "secure hubs" at GATech don't do encryption -- no way could that be done
at wire speed. What they do is fill the data portion of the Ethernet packet
with nulls. Everyone gets to see the source and destination MAC address and
length of every packet, but only the recipient (or a very clever spoofer --
most of the "secure hubs" on the market have a few vulnerabilities) gets
the data.

If you run a packet sniffer, all you get are CRC errors (in order to
maintain wire speed, the non-destination ports don't compute one). 

As far as real-world geek apartments go, I heard of one in Manhattan that
worked exactly as described. I don't know whether they run "secure hubs."
Presumably they would -- I can't think of a major manufacturer's manageable
10BaseT hub that lacks MAC address lockout features.

OTOH, I've heard tell that several of the residential coax experiments run
promiscuously. Everything your neighbor does online, you can see with the
right software.

-rich






From pstira at escape.com  Tue Aug 13 18:52:38 1996
From: pstira at escape.com (pstira at escape.com)
Date: Wed, 14 Aug 1996 09:52:38 +0800
Subject: [NOISE] Geek Apartments
In-Reply-To: <9608131541.AA26416@sso-austin.sps.mot.com>
Message-ID: <Pine.BSI.3.91.960813182541.20862A-100000@escape.com>


Hmm... My old school (Stevens Institute of Technology) did this LONG 
before 94... Before 90, in fact :)

Just a point of reference. (brag brag brag)... Incidentally, there was a 
REASON it wasn't a neccessarily good idea -- the dropout/flunkout rate 
was astronomical from everyone netting long before netting was pop-oo-lah.

:)
Millie.
sfuze at tiac.net
write me at the above address, not the one this is written from :)





From sasa.roskar at uni-lj.si  Tue Aug 13 18:53:46 1996
From: sasa.roskar at uni-lj.si (sasa.roskar at uni-lj.si)
Date: Wed, 14 Aug 1996 09:53:46 +0800
Subject: Changing the headers
Message-ID: <009A6D03.6A10B362.18@uni-lj.si>


Can someone please tell me how you can change the From: header
in the email? I know it's possible... my computer teacher used
to do it all the time... but how? (unfortunatelly his explanation
was to hard to comprehend for me at the time). Thanks a lot...
And in case it helps... I'm using a VAX.. regular text account.
If it makes any difference. Doesn't it have something to do woth
getting into the mail port? 

Roki





From mccoy at communities.com  Tue Aug 13 19:03:51 1996
From: mccoy at communities.com (Jim McCoy)
Date: Wed, 14 Aug 1996 10:03:51 +0800
Subject: [NOISE] Re: photographed license plates
Message-ID: <v02140b00ae36c4403679@[204.179.128.40]>



rpowell at algorithmics.com writes:
>Simon Spero <ses at tipper.oit.unc.edu> writes:
>     > In the UK they now use cameras to deter speeding [...]
>
> In Ontario, they tried this on some of the major highways.  The most
> interesting thing about it was that it was proved time and time again
> that the technology was not up to snuff: there was an almost 0% chance
> of being caught.  When the license plate wasn't obscured or unreadable
> (which it usually was) the computerized mailing system made some
> stupid mistake that allowed the person to get off if they challenged
> it.

One problem with using such systems in the US (I have no idea about traffic
laws in Ontario so maybe this was the loophole you mentioned) is that even
with a perfect shot of the license plate the system only identifies a car,
not a driver.  Speeding tickets are given to drivers, not necessarily to
the owner of the speeding car.  Here in the states the easy challenge to
such a ticket would be "it was not me driving when that photo was taken" and
the burden of proof is on the prosecution to prove that you were the driver.
Since some states do not require front license plates the cameras take shots
of the tail end of the car, not the best angle for identifying drivers.

jim








From secure at commtouch.com  Tue Aug 13 19:11:44 1996
From: secure at commtouch.com (Pronto Secure Beta Feedback)
Date: Wed, 14 Aug 1996 10:11:44 +0800
Subject: Replace Key
Message-ID: <199608132251.SAA00435@spirit.hks.net>


-----BEGIN PGP SIGNED MESSAGE-----

Type Bits/KeyID    Date       User ID
pub  1024/998463CD 1996/04/01 Pronto Secure Beta <secure at commtouch.com>

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i

mQCNAzFf7jAAAAEEAMI8wSoVVRRv0Sr68myImRaQH9N/uvZ2agoJHgxk70NYkQhp
BD72rz/7lO4HK51pe/9kTTFsZPAUoTG+xdWAgSrclG1auTjHQPnb/9m/H4SYKi4n
hcNDrq3HmbaHYZjsJGAUHdWV7Kj82z1ad39nCS2yjuh396RcpSbCxfqZhGPNAAUR
tClQcm9udG8gU2VjdXJlIEJldGEgPHNlY3VyZUBjb21tdG91Y2guY29tPokAlQMF
EDFgONAmwsX6mYRjzQEB7M8D/0yjy/7i6ICm9Qa6ff8skvnZdKrPJYqgnOg14Nx5
2DKGbSAbwnvq94UaQ0tCqsQNrKRO0pWOnBIOT++3oibKl39tTi/uQV4vtSPvSvia
xUp4emtY/hhhls7Nbv0TcHPysjT8cp4vtRk7zpFbCsNIKIk7tAWF3U7OSEc/sLCg
ixxW
=Ovh1
- -----END PGP PUBLIC KEY BLOCK-----




- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMhEG2SoZzwIn1bdtAQG3xQF/Vlb4Cy/l1JVTHBiMZ0AWl+TuhjjjRRFz
T3mDP76QBCPrmftAA68a1krz0wOl6Dh6
=1HZk
-----END PGP SIGNATURE-----





From vince at offshore.com.ai  Tue Aug 13 19:21:01 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Wed, 14 Aug 1996 10:21:01 +0800
Subject: Anguilla / taxbomber - legality
In-Reply-To: <Pine.BSI.3.91.960813175054.12576C-100000@escape.com>
Message-ID: <Pine.LNX.3.91.960813183116.10632A@offshore>





On Tue, 13 Aug 1996, <pstira at escape.com> wrote:
> What I 
> am trying to get at is that camoflauge passports are NOT illegal -- 

They may not be illegal in the USA (yet?) but my lawyer says they
are illegal in Anguilla.  This is a different country.  We do have
our own laws. 

  --  Vince
 
-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/






From gt4436c at prism.gatech.edu  Tue Aug 13 19:48:54 1996
From: gt4436c at prism.gatech.edu (Jeremy Mineweaser)
Date: Wed, 14 Aug 1996 10:48:54 +0800
Subject: [NOISE] Geek Apartments
Message-ID: <2.2.32.19960813234024.00c5ebcc@glc20.residence.gatech.edu>


At 10:41 AM 8/13/96 -0500, you wrote:
>* I can see it now. Apartments full of geeks because the apartments 
>* were originally built with 100BaseX to each place and a T3 in the 
>* basement going direct to the local ISP.
>
>Yes, it has already happened, although in a slightly different
>context.  The Georgia Tech campus dormatories got wired with Ethernet
>back in 1994, and there was quite a rush by the sizable geek
>population to get dorm rooms in the buildings slated to get
>installation first.  It worked out quite well, especially the privacy
>aspects, as the dorm routers encrypted all packets so only the
>intended Ethernet node could receive it (at least that is what they
>said).  
>
>So, in this case it was only 10BaseT and gatech.edu as the ISP, but it
>still was very neat.

Thanks to the Olympics, Georgia Tech now has 100% Ethernet availability
in its dormitories.  Currently the system utilizes a fiber-optic campus backbone
with network hardware in each building providing a 10BaseT port to each
student.  Work is underway to install ATM hardware and upgrade ports to
100Mb/s networking technology.
  Jeremy L. Mineweaser   | GCS/E d->-- s:- a--- C++(+++)$ ULC++(++++)>$ P+>++$
gt4436c at prism.gatech.edu | L+>++ E-(---)  W++ N+  !o-- K+>++  w+(++++) O-  M--
                         | V-(--) PS+(--) PE++ Y++>$ PGP++>+++$ t+() 5 X+ R+()
    *ai*vr*vx*crypto*    | tv(+)  b++>+++ DI+(++)  D+  G++ e>+++  h-() r-@ !y- 







From rich at c2.org  Tue Aug 13 19:51:16 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 14 Aug 1996 10:51:16 +0800
Subject: The Ostrich Method of dealing with ITAR: PGP from OnNet
Message-ID: <199608132359.QAA27531@infinity.c2.org>


-----BEGIN PGP SIGNED MESSAGE-----

This message is sent from an evaluation version of FTP OnNet32 2.0, which has PGP-
compatible encryption built-in.

This software is distributed from http://www.ftp.com/mkt_info/onnet32/mail/mail_dl.htm
which doesn't have a hell of a lot as technical enforcement of ITAR goes.

You may download the software through the Anonymizer, www.anonymizer.com,  if you
wish.

Unfuckingbelievable.

By the way, encrypting and decrypting large messages with OnNet is about 10 times
faster than with Private Idaho/PGP for DOS on my P6-200 running NT 3.51. The
user interface is pretty good, too.

Somebody pinch me.

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.9

iQBVAgUBMhEXDJNcNyVVy0jxAQHDXQH/aQSrU3ZqhOJXGanSDnS/o+DdsH2GMKcI
6A8J3cGZAZ3ESK30GxwozdHpBjJRHIww4i/rrxK9aBNpzm/vQnovXg==
=8dGx
-----END PGP SIGNATURE-----






From wb8foz at nrk.com  Tue Aug 13 20:18:40 1996
From: wb8foz at nrk.com (David Lesher)
Date: Wed, 14 Aug 1996 11:18:40 +0800
Subject: photographed license plates
In-Reply-To: <199608130335.UAA03631@dfw-ix9.ix.netcom.com>
Message-ID: <199608132339.TAA01485@nrk.com>


I note those plastic cover for plates "to keep them clean"
seem to be more & more popular.


-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From bdolan at use.usit.net  Tue Aug 13 20:29:35 1996
From: bdolan at use.usit.net (Brad Dolan)
Date: Wed, 14 Aug 1996 11:29:35 +0800
Subject: RANT re: National Socio-Economic Security Need for Encryption
In-Reply-To: <Pine.SUN.3.91.960813081445.17718D-100000@crl10.crl.com>
Message-ID: <Pine.SOL.3.91.960813181223.17545A-100000@use.usit.net>




On Tue, 13 Aug 1996, Sandy Sandfort wrote:
> 
> 
> In my experience, Americans are loathe to invest money overseas
> unless it is highly profitable.  The reason is obvious.  They
> understand--or think they understand--the rules here.  In 
> historical terms, US investments have been more stable and safer
> than investments overseas.  (Which is why, by the way, that the
> US is the worlds largest tax haven in the world, but I digress.)
>

Which is why it is possible to be angry about NAFTA and the Mexican 
bailout without being a protectionist.

Why should I pay taxes to my government so it can protect capital 
investments in Mexico, thereby reducing one of my selling points as an 
American worker?

... and while I'm ranting...

Can somebody explain why:

1. Good jobs of the future are knowledge jobs which require little 
capital investment.

and

2. We need a capital gains tax cut to encourage capital investment to 
stimulate the growth of good jobs of the future.

?

bd
 





From sandfort at crl.com  Tue Aug 13 20:56:05 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Wed, 14 Aug 1996 11:56:05 +0800
Subject: INVITATION
Message-ID: <Pine.SUN.3.91.960813165151.14951B-100000@crl2.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Below, is the invitation to my next costume party.  Everyone on 
Cypherpunks is invited.  I hope to see a lot of you there.  The
last party was a HUGE success; this one should be even better.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


                     I'M NOT 50 YET!

             The Pleasure of Your Company is
               Cordially Requested at the:

                    Second Occasional
                    Anarcho-Dilettante
                Pick-Your-Own-Damned-Theme
                     Masquerade Ball
                 And Hallowe'en Rehearsal

                          7:00 PM
                     FRIDAY THE 13TH
                      September 1996
              650 Kenwyn Road (at McKinley)
                       Oakland, CA

         Lots of stuff happened on September 13th.
          We're not going to tell you which one
            to commemorate.  That's up to you.
          Check out the birthdays and historical
           events listed below.  Pick one or go
            with something else.  Your choice.

         But no matter what theme you pick, it's
           still a masquerade ball, so you MUST
           wear a costume (or at least a mask).
                      NO EXCEPTIONS

                    THE ENTERTAINMENT

         At 8:00pm there will be a Dance Recital
            featuring Rainbeau, Gracie, Tish,
           Blythe, Michelle and special guests.
              You DO NOT want to miss this.

         (Please, adults only. We regret that our
          house is very unsuitable for children.)

                       DOOR PRIZES

         Around Midnight, there will be a drawing
          for valuable and/or unique Door Prizes.
              (You must be present to win.)

                         THE EATS

       I'm poorer this time around, so don't expect
         a complete buffet as with past parties.
      There will be some snacks and soft drinks, but
       you are encouraged to bring things to share.
                    As always, BYOB

                         RSVP

            Whether or not you plan to attend,
            we need to hear from you.  Please
         give one of your hosts a call so we can
          plan on your presence OR your absence.

          Invited guests may bring other persons
         with prior approval of the hosts.  This
         means if there are people you would like
         to bring, call a host to get permission
                for each of those people.

                        THE HOSTS

         Head Anarchist in Charge, Sandy Sandfort
              510-839-3441/sandfort at crl.com

        House Hosts with the Most, Gracie & Zarkov
                510-832-2044/emyrt at aol.com

          Communications Officer, Sameer Parekh
                510-547-3617/sameer at c2.org


                 SEPTEMBER 13 IN HISTORY

Birthdays:

1755--Oliver Evans, pioneered high-pressure steam engine.
1766--Samuel Wilson ("Uncle Sam").
1851--Walter Reed, US Army physician (yellow fever work).
1857--Milton Hershey, candy maker.
1860--General John J. "Black Jack" Pershing, hero of WW I.
1876--Sherwood Anderson, US author ("Winesburg Ohio").
1894--J.B. Priestley, English critic, playwright, and
      novelist ("Lost Empires").
1905--Claudette Colbert (Claudette Chauchoin), actress.
1910--Chu Berry, saxophonist.
1916--Ronald Dahl, author ("Charlie and the Chocolate
      Factory").
1925--Mel Torme, singer.
1928--Ernest L. Boyer, educator.
1928--Robert Indiana, artist.
1937--Fred Silverman, TV producer.
1938--Judith Martin, "Miss Manners", author, journalist.
1939--Larry Speakes, former White House spokesman.
1944--Jacqueline Bisset, actress ("Rich and Famous").
1944--Peter Cetera, singer and songwriter.
1948--Nell Carter, actress.
1962--Cypherpunk, "Lucky Green."

On this day...

 122--Building of Hadrian's Wall began.
1592--Michel de Montaigne, French essayist, died.
1759--British defeated French at Abraham near Quebec City.
1759--James Wolfe, British General, died.
1788--Congress authorized the 1st US national election.
1788--New York City selected as location for US government.
1789--US received its first loan.
1803--Commodore John Barry, First American commodore who
      fought in the Revolutionary War, died.
1814--Battle over Ft. McHenry which inspired "The Star
      Spangled Banner."
1826--Rhinoceros 1st seen in NYC.
1899--1st automobile fatality.
1943--Chiang Kai-Shek became president of China.
1946--Ted Williams hit his only inside-the-park homer.
1946--Host Sandy Sandfort was -6 days old.
1950--70,000 UN troops landed at Inchon harbor (Korea).
1971--Attica State Prison stormed.
1983--Menachem Begin resigned as Israeli Prime Minister.
1988--Hurricane Gilbert hit the Caribbean.

            Another version of this invitation
             and a street map can be found at:

            http://www.c2.org/party/masquerade

P.S.  We love you so much, we want to make sure you do not
miss any of our party.  Therefore, you will be fined a
Sprint fee (10 cents a minute, "one minute, two minutes...)
for each minute you arrives after 8:00pm.  The party starts
at 7:00, so you get an hour for free.  The late fee money
will be used to defray costs.  (We're not kidding.  At the
last party, more than $100 was collected.)






From EALLENSMITH at ocelot.Rutgers.EDU  Tue Aug 13 20:56:34 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Wed, 14 Aug 1996 11:56:34 +0800
Subject: Police prepare stunning end for high-speed car chases
Message-ID: <01I88ETCWWHC9JD663@mbcl.rutgers.edu>


	A: How possible is it to insulate cars from these effects? B: If it
can't be insulated from with reasonable levels of effort, it would appear to be
perfectly usable against cop cars. If the emitter is in a transparent baloon
1000 feet up, I doubt they're going to be able to track back to the user.
	-Allen





From alanh at infi.net  Tue Aug 13 20:58:32 1996
From: alanh at infi.net (Alan Horowitz)
Date: Wed, 14 Aug 1996 11:58:32 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
In-Reply-To: <9608131856.AA05229@spirit.aud.alcatel.com>
Message-ID: <Pine.SV4.3.91.960813210636.24684M-100000@larry.infi.net>


On Tue, 13 Aug 1996, Daniel R. Oelke wrote:

> If foil or metal mesh would block it, then many recently built houses
> would be already set.  Usually that 1/2 - 1 inch styrofoam used 
> on almost all exterior walls has a reflective layer of foil to help
> keep the heat/cold out.


  Take a course in Tempest practices.  Casual residential practice 
implemented by construction workers do not a vault make.





From wombat at mcfeely.bsfs.org  Tue Aug 13 21:06:05 1996
From: wombat at mcfeely.bsfs.org (Rabid Wombat)
Date: Wed, 14 Aug 1996 12:06:05 +0800
Subject: [NOISE] Geek Apartments
In-Reply-To: <9608131541.AA26416@sso-austin.sps.mot.com>
Message-ID: <Pine.BSF.3.91.960813201707.29349A-100000@mcfeely.bsfs.org>




On Tue, 13 Aug 1996, Ben Combee wrote:

> installation first.  It worked out quite well, especially the privacy
> aspects, as the dorm routers encrypted all packets so only the
> intended Ethernet node could receive it (at least that is what they
> said).  

I'm not familiar with the GA Tech network, but they probably didn't
"encrypt at the router."  They most likely used concentrators which would
send a the original packet only to the concentrator port registered for
the MAC (layer 2) address involved, and sent a packet with the payload
overwritten with "junk" out the other ports, to comply with ethernet rules
whereby all devices "see" the packet. Not encryption at all, but it does
defeat sniffing (on the local segment only) if configured in this manner. 

- r.w.





From cdaemon at goblin.punk.net  Tue Aug 13 21:12:46 1996
From: cdaemon at goblin.punk.net (Checkered Daemon)
Date: Wed, 14 Aug 1996 12:12:46 +0800
Subject: RANT re: National Socio-Economic Security Need for Encryption
In-Reply-To: <Pine.SOL.3.91.960813181223.17545A-100000@use.usit.net>
Message-ID: <199608140124.SAA14313@goblin.punk.net>


Brad Dolan asks:
 
> ... and while I'm ranting...
> 
> Can somebody explain why:
> 
> 1. Good jobs of the future are knowledge jobs which require little 
> capital investment.
 
a)  Knowledge jobs require tremendous capital investment, as in degrees,
training, continual updating of skills, etc.  If the knowledge  worker
cannot recoup these investment costs via a higher salary, she will not
invest in the training.

b)  Knowlegde jobs require computers, automation equipment, etc. for the
knowledge to be applied to in order to create wealth.  These also require
capital investment.

c)  As rote manufacturing jobs are replaced by "quasi-intelligent" machinery,
human job focus switches to designing, caring for, and replacing those machines.
Example:  The ATM replaces the bank teller, requiring new jobs in ATM design,
manufacturing, repair, and the control of the computer network in the back-
ground.

Good jobs of the future may be knowledge jobs, but they require tremendous
capital investment, both by employee and employer.
 
> 2. We need a capital gains tax cut to encourage capital investment to 
> stimulate the growth of good jobs of the future.
 
In theory, this results in less spending and more saving.  More saving 
results in more investment capital (instead of spending on consumption),
lowering borrowing costs and resulting in business expansion, stimulating
both hiring and salaries to grow (at least until the Federal Reserve gets
into the act).

The second argument is that corporate earnings are actually taxed twice,
once at the  corporate level, and again when they are distributed to
share-holders as either dividends or as capital gains.

In actual practice, well, your mileage may vary.  For further info, see
any Macro Economics 101  textbook.

-- 
Checkered Daemon                              cdaemon at goblin.punk.net

Delirium:  There must be a word for it ... the thing that lets you know that
           TIME is happening.  IS there a word?
Sandman:   CHANGE.
Delirium:  Oh.  I was AFRAID of that.





From bakillin at iAmerica.net  Tue Aug 13 21:18:04 1996
From: bakillin at iAmerica.net (Brett Killins)
Date: Wed, 14 Aug 1996 12:18:04 +0800
Subject: addenendum
Message-ID: <321143D0.7115@iamerica.net>


The link on 
http://www.gatech.edu/lcc/idt/Miscellaneous/Glass_Houses/Organizations/Cypherpunks.html
that points to the hotwired article on the cypherpunks has changed from
http://www.hotwired.com/wired/1.2/features/cryptorebels.html   to
http://www.hotwired.com/wired/1.2/features/crypto.rebels.html.  Or 
perhaps a typo?  You may also want to include a link to 
http://www.hotwired.com/wired/1.2/features/crypto.rebels.sidebars.html

Brett





From mab at research.att.com  Tue Aug 13 21:19:06 1996
From: mab at research.att.com (Matt Blaze)
Date: Wed, 14 Aug 1996 12:19:06 +0800
Subject: key escrow idea from David Satelin of MIT Lincoln Labs
Message-ID: <199608140019.UAA04803@nsa.research.att.com>


My comments included below Rivest's message.
-matt

------- Forwarded Message

Received: from amontillado.research.att.com (amontillado.research.att.com [135.104.21.154]) by nsa.research.att.com (8.7.3/8.7.3) with ESMTP id QAA04438 for <mab-local at nsa.research.att.com>; Tue, 13 Aug 1996 16:17:05 -0400 (EDT)
Received: from research.research.att.com (research.att.com [135.104.117.5]) by amontillado.research.att.com (8.7.5/8.7) with SMTP id QAA24830 for <mab at issr.research.att.com>; Tue, 13 Aug 1996 16:20:09 -0400 (EDT)
Received: from theory.lcs.mit.edu by research; Tue Aug 13 16:17:17 EDT 1996
Received: from swan.lcs.mit.edu by theory.lcs.mit.edu (5.65c/TOC-1.2S) 
	id AA05040; Tue, 13 Aug 96 16:16:20 EDT
From: rivest at theory.lcs.mit.edu (Ron Rivest)
Received: by swan.lcs.mit.edu (5.65c/TOC-1.2C) 
	id AA00335; Tue, 13 Aug 96 16:16:20 EDT
Date: Tue, 13 Aug 96 16:16:20 EDT
Message-Id: <199608132016.AA00335 at swan.lcs.mit.edu>
To: jim at rsa.com, gnu at toad.com, whitfield.diffie at eng.sun.com,
        mab at research.att.com, denning at cs.georgetown.edu
Cc: staelin at ll.mit.edu, mld at hq.lcs.mit.edu
Subject: Crypto Policy Variant


Hi --

Here is another MIT professor's (Dave Staelin's) suggestion for a
national crypto policy.  I thought you might be interested in seeing
it; given the difficulty of the debate, any variant, even if only
slightly different from previous ones, should be considered.  Feel
free to pass this note around, or to post it...

Here is Staelin's idea:
	(1) You can use any crypto you want, but you must keep a record
	    of the crypto keys you used.
	(2) The government can ask for the crypto keys later, if they have
	    a court order, just as they can ask for any of your other papers
	    or documents.  You must give the key(s) to them, just as you
            must turn over your private papers in such a situation.
            (There would have to be an appropriate penalty for losing the
            key...)

The attractive feature of this proposal is that it puts encrypted
communications in the same category as private papers; the government
is required to give notice to (at least one of) the affected
individual(s) _before_ the search can be undertaken.  This cures what is
in my mind a defect in the current wire-tapping laws.  

DISCUSSION

In a variant of Staelin's proposal (my twist) you could append to each
encrypted message an encrypted form of the message key.  The
encryption could be with the public-key of a trusted third party who
will not (and legally may not) reveal the message key without
notifying you first (or ensuring that you have been appropriately
served with the corresponding warrant).  For example, the ACLU might
be such a TTP.  This protects the government's right to access and
protects the individual from the penalties (or benefits) of losing the
key.  This procedure is technically simple; what is more complex is
ensuring that the TTP's are appropriately registered and protected
from undue government influence.  The use of such a TTP would in any
case be optional; the communicants need not use a TTP if they
understand their obligation to keep the crypto keys around for some
period of time afterwards.  

In Staelin's proposal government gains access to the communications,
but does not gain "real-time access" as desired by the FBI.  This loss
may be tolerable, given the benefit obtained (forcing access to be
made in accordance with the Constitutional requirements for
notification before search).  The use of wiretapping encrypted
communications as a preventive measure might be severely limited, but
its use as a means of gathering evidence to force a conviction would
be preserved.

For international communications, each communicant might be required to
use a TTP that is bound to honor the laws of his country (which TTP to be
used should be the choice of the communicant).  

It may be seem a bit strange to force individuals to keep around
information (keys) that they no longer really need.  However, this is
more-or-less the case for financial records right now.



CONCLUSION

The fundamental idea is to give the government a right to access
encrypted communication in return for a guarantee that access may not
be obtained until there is BOTH proper legal authorization AND proper
prior notice to (at least one of) the communicants.

Is this workable??


------- End of Forwarded Message

[Matt's comments follow]

The requirement to store your keys for some period of time would,
I think, be very unusal, legaly.

As far as I know there are virtually no records that an ordinary
individual is required to keep today under criminal penalty of law.
One has to keep tax records if one expects to be able to document
deductions if audited, but for people without deductions, no records
need be kept (and even those who do but who destroy their records
risk having their deductions disallowed, but face criminal penalties
only if the govenment can prove you intended fraud.  Not having
records does not by itself constitute fraud, as far as I know).

According to the original message:
	The attractive feature of this proposal is that it puts
	encrypted communications in the same category as private
	papers; the government is required to give notice to (at
	least one of) the affected individual(s) _before_ the search
	can be undertaken.  This cures what is in my mind a defect
	in the current wire-tapping laws.

Yes and no.  True, it makes it impossible to recover communication
without the knowledge of one party.  But it still goes well beyond
the  norms for private papers.  The vast majority of private papers
are, according to the law, just that - private.  One is under no
obligation to maintain "private papers" in any particular manner
or for any period of time.   Only very limited types of private
papers (none for most people) have to be maintained at all.  While,
in general, the government can get a court order to force one to
turn over documents that exist, one is not obligated to keep
documents that are otherwise of no use in order to be ready should
a court order happen sometime in the future.  One can burn one's
old love letters any time one feels like it.

But enough philosophy.  There are technical reasons to consider
this proposal a bad idea.

The main technical problem with the Staelin proposal is the
requirement that the user maintain a large store of no longer useful
but highly sensitive data in a secure manner for a period of time.
This introduces an obvious storage burden (how does an encrypting
phone or network connection store old keys?) that would make many
kinds of otherwise simple encryption hardware and software far more
complex and difficult to design and expensive to implement and
operate.  Consider a secure phone (like the TSD 3600 or STU III).
A critical design feature of these devices is that they never have
to emit secret keys outside their internal security boundaries.
Consider, too, software that runs on PCs and workstations.
Ordinarily, software that establishes, say, a secure Internet
connection has no need to store any secret associated with the
session anywhere.  And that's a good thing - the file systems on
most computers aren't secure enough to store keys, so including
the key storage feature required by the Staelin scheme would entail
implementing some kind of secure storage system that isn't otherwise
needed by the application.  Even if the design complexity is solved,
there is the problem of maintaining the stored keys in a secure
manner, introducing what would in most cases be a more serious
security vulnerability than any other aspect of the application
(since the keys would continue to exist long after the secure
session has ended).   Under the Staelin proposal, the design,
implementation, and use of encryption software and hardware becomes
much more complex, so complex that I honestly don't think we know
how to do it.  I touch on these points in discussing key escrow in
general in my Senate testimony,
ftp://research.att.com/dist/mab/testiomny.txt





From cjs at netcom.com  Tue Aug 13 21:28:03 1996
From: cjs at netcom.com (cjs)
Date: Wed, 14 Aug 1996 12:28:03 +0800
Subject: Whoa there, speederpunks! WAS: Police prepair stunning end..
In-Reply-To: <199608131643.JAA19738@mail.pacifier.com>
Message-ID: <199608140140.SAA28926@netcom21.netcom.com>


Whoa there, speederpunks!

I've let a couple of these messages go past me without comment, but I
think I'd like to throw in a couple cents on this one.

1) I'd like to assure y'all, as someone who has had a run in with a
   couple bad alternators, that loosing electrical power will not 
   cause you to go careening off the side of the road.

   Granted, you might be a in fix if your a nine year old kid running
   from the cops in a '64 volvo, or some other arian super-car, and the
   power steering went out. But if that were to ever happen, it would be
   because you ran over a few curbs at ludicrus speed -- not because
   Johnny Flatfoot hosed ya down with an EM cannon.

2) Someone was curious why they don't just throw some high voltage
   cables across road and wait for the fire works. Well, this is a
   no-brainer too. In order for that to work, you sorta have to get me
   to do two things 1) drive down your street and 2) drive over your
   wires. Assuming that I have a reson for not being caught, I might
   not be too cooperative at doing that either. And of course the last
   consideration is that the guy putting down the wires might not get
   out of the way fast enough -- y'all come down to texas and ask the
   armadillo's why thats a problem.

3) It is really pointless to bicker about this. To quote from a not so
   popular Mark Hamel flick, "Radio, kid. Faster then rubber." Use the
   force, luke.

4) I would think that y'all would be happy that someone is doing all
   the tough work of constructing these devices. I think we all know
   that the first space cadet to haul one of these things into Kabrini
   Park is gonna loose it. From there its just a matter of time until
   every speed racer has one of these "inventions" mounted on his car
   and junior is wanting to order one from the 'Amazing Devices' ad in
   the back of Popular Science (in fact, I think you already can).

   From there, I think that a practical and portable EM cannon could
   become the HOT urban warfare weapon of the next decade. Bonnie and
   Clyde are going to look like amateurs when any rank and file with a
   mortage can buzz the bank and take them off-line for a day. Not to
   mention what you could do to a hospital, police station, air plane,
   traffic signal, grocery store, U-FO, and anything else that uses 1s 
   and 0s. All safely and anonymously I might add -- a concealed EM 
   cannon isn't gonna draw any attention, even when you fire it.

Thats my two cents,
Bye y'all.

Christopher





From mab at research.att.com  Tue Aug 13 21:28:51 1996
From: mab at research.att.com (Matt Blaze)
Date: Wed, 14 Aug 1996 12:28:51 +0800
Subject: resend: key escrow idea from David Staelin of MIT Lincoln Labs
Message-ID: <199608140124.VAA04963@nsa.research.att.com>


My first send of this message was garbled and truncated.  Here it is again.
Sorry.

My comments included below Rivest's message.
-matt

------- Forwarded Message

Received: from amontillado.research.att.com (amontillado.research.att.com [135.104.21.154]) by nsa.research.att.com (8.7.3/8.7.3) with ESMTP id QAA04438 for <mab-local at nsa.research.att.com>; Tue, 13 Aug 1996 16:17:05 -0400 (EDT)
Received: from research.research.att.com (research.att.com [135.104.117.5]) by amontillado.research.att.com (8.7.5/8.7) with SMTP id QAA24830 for <mab at issr.research.att.com>; Tue, 13 Aug 1996 16:20:09 -0400 (EDT)
Received: from theory.lcs.mit.edu by research; Tue Aug 13 16:17:17 EDT 1996
Received: from swan.lcs.mit.edu by theory.lcs.mit.edu (5.65c/TOC-1.2S) 
	id AA05040; Tue, 13 Aug 96 16:16:20 EDT
From: rivest at theory.lcs.mit.edu (Ron Rivest)
Received: by swan.lcs.mit.edu (5.65c/TOC-1.2C) 
	id AA00335; Tue, 13 Aug 96 16:16:20 EDT
Date: Tue, 13 Aug 96 16:16:20 EDT
Message-Id: <199608132016.AA00335 at swan.lcs.mit.edu>
To: jim at rsa.com, gnu at toad.com, whitfield.diffie at eng.sun.com,
        mab at research.att.com, denning at cs.georgetown.edu
Cc: staelin at ll.mit.edu, mld at hq.lcs.mit.edu
Subject: Crypto Policy Variant


Hi --

Here is another MIT professor's (Dave Staelin's) suggestion for a
national crypto policy.  I thought you might be interested in seeing
it; given the difficulty of the debate, any variant, even if only
slightly different from previous ones, should be considered.  Feel
free to pass this note around, or to post it...

Here is Staelin's idea:
	(1) You can use any crypto you want, but you must keep a record
	    of the crypto keys you used.
	(2) The government can ask for the crypto keys later, if they have
	    a court order, just as they can ask for any of your other papers
	    or documents.  You must give the key(s) to them, just as you
            must turn over your private papers in such a situation.
            (There would have to be an appropriate penalty for losing the
            key...)

The attractive feature of this proposal is that it puts encrypted
communications in the same category as private papers; the government
is required to give notice to (at least one of) the affected
individual(s) _before_ the search can be undertaken.  This cures what is
in my mind a defect in the current wire-tapping laws.  

DISCUSSION

In a variant of Staelin's proposal (my twist) you could append to each
encrypted message an encrypted form of the message key.  The
encryption could be with the public-key of a trusted third party who
will not (and legally may not) reveal the message key without
notifying you first (or ensuring that you have been appropriately
served with the corresponding warrant).  For example, the ACLU might
be such a TTP.  This protects the government's right to access and
protects the individual from the penalties (or benefits) of losing the
key.  This procedure is technically simple; what is more complex is
ensuring that the TTP's are appropriately registered and protected
from undue government influence.  The use of such a TTP would in any
case be optional; the communicants need not use a TTP if they
understand their obligation to keep the crypto keys around for some
period of time afterwards.  

In Staelin's proposal government gains access to the communications,
but does not gain "real-time access" as desired by the FBI.  This loss
may be tolerable, given the benefit obtained (forcing access to be
made in accordance with the Constitutional requirements for
notification before search).  The use of wiretapping encrypted
communications as a preventive measure might be severely limited, but
its use as a means of gathering evidence to force a conviction would
be preserved.

For international communications, each communicant might be required to
use a TTP that is bound to honor the laws of his country (which TTP to be
used should be the choice of the communicant).  

It may be seem a bit strange to force individuals to keep around
information (keys) that they no longer really need.  However, this is
more-or-less the case for financial records right now.



CONCLUSION

The fundamental idea is to give the government a right to access
encrypted communication in return for a guarantee that access may not
be obtained until there is BOTH proper legal authorization AND proper
prior notice to (at least one of) the communicants.

Is this workable??

------- End of Forwarded Message

[Matt's comments follow]

The requirement to store your keys for some period of time would,
I think, be very unusal, legaly.

As far as I know there are virtually no records that an ordinary
individual is required to keep today under criminal penalty of law.
One has to keep tax records if one expects to be able to document
deductions if audited, but for people without deductions, no records
need be kept (and even those who do but who destroy their records
risk having their deductions disallowed, but face criminal penalties
only if the govenment can prove you intended fraud.  Not having
records does not by itself constitute fraud, as far as I know).

According to the original message:
	The attractive feature of this proposal is that it puts
	encrypted communications in the same category as private
	papers; the government is required to give notice to (at
	least one of) the affected individual(s) _before_ the search
	can be undertaken.  This cures what is in my mind a defect
	in the current wire-tapping laws.

Yes and no.  True, it makes it impossible to recover communication
without the knowledge of one party.  But it still goes well beyond
the  norms for private papers.  The vast majority of private papers
are, according to the law, just that - private.  One is under no
obligation to maintain "private papers" in any particular manner
or for any period of time.   Only very limited types of private
papers (none for most people) have to be maintained at all.  While,
in general, the government can get a court order to force one to
turn over documents that exist, one is not obligated to keep
documents that are otherwise of no use in order to be ready should
a court order happen sometime in the future.  One can burn one's
old love letters any time one feels like it.

But enough philosophy.  There are technical reasons to consider
this proposal a bad idea.

The main technical problem with the Staelin proposal is the
requirement that the user maintain a large store of no longer useful
but highly sensitive data in a secure manner for a period of time.
This introduces an obvious storage burden (how does an encrypting
phone or network connection store old keys?) that would make many
kinds of otherwise simple encryption hardware and software far more
complex and difficult to design and expensive to implement and
operate.  Consider a secure phone (like the TSD 3600 or STU III).
A critical design feature of these devices is that they never have
to emit secret keys outside their internal security boundaries.
Consider, too, software that runs on PCs and workstations.
Ordinarily, software that establishes, say, a secure Internet
connection has no need to store any secret associated with the
session anywhere.  And that's a good thing - the file systems on
most computers aren't secure enough to store keys, so including
the key storage feature required by the Staelin scheme would entail
implementing some kind of secure storage system that isn't otherwise
needed by the application.  Even if the design complexity is solved,
there is the problem of maintaining the stored keys in a secure
manner, introducing what would in most cases be a more serious
security vulnerability than any other aspect of the application
(since the keys would continue to exist long after the secure
session has ended).   Under the Staelin proposal, the design,
implementation, and use of encryption software and hardware becomes
much more complex, so complex that I honestly don't think we know
how to do it.  I touch on these points in discussing key escrow in
general in my Senate testimony,
ftp://research.att.com/dist/mab/testimony.txt .

While Ron's twist decreases some of the burden on the user it
eliminates the main benefit of the Staelin proposal - that one
cannot obtain cleartext without the knowledge of at least one party.
The TTP could be compelled (as the phone company is now for regular
wiretaps) to keep the request secret, under court order.  And the
design complexity problem doesn't even go away - in fact, it gets
worse, since now there's a protocol with a third party involved.

-matt








From wb8foz at nrk.com  Tue Aug 13 21:35:21 1996
From: wb8foz at nrk.com (David Lesher)
Date: Wed, 14 Aug 1996 12:35:21 +0800
Subject: Police prepare stunning end for high-speed car chases
In-Reply-To: <01I88ETCWWHC9JD663@mbcl.rutgers.edu>
Message-ID: <199608140153.VAA01982@nrk.com>


> 
> 	A: How possible is it to insulate cars from these effects? 

D
I
E
S
E
L

-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From tcmay at got.net  Tue Aug 13 21:35:32 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 14 Aug 1996 12:35:32 +0800
Subject: India, Productivity, and Tropical Climes
Message-ID: <ae36805704021004eebb@[205.199.118.202]>


At 5:31 PM 8/13/96, Arun Mehta wrote:
>At 13:15 11/08/96 -0700, Timothy C. May wrote:

>Sorry, the response took a while: George Fernandes, who was the
>industries minister at the time, is an acquaintance, so I thought
>I'd get the story from the horse's mouth.

Thanks for supplying more details. I'm not convinced, though, of all the
points. India still royally screwed itself, reputation-wise.


>>As attractive as this sounds, historically this has not happened. And as
>>many will tell you, the climate of the Bay Area in particular and
>>California in general is extremely benign and delightful. The average
>>winter temperature is only about 10C cooler than summer temperatures.
>
>Didn't Mark Twain say that the coldest winter he had ever
>experienced was a summer in San Francisco? I do agree, SF and
>environs are great: but US immigration laws being what they are,
>not everyone can move there -- some day, "routing around" might
>make those places more attractive which have the least
>restrictive immigration laws.

Here I feel compelled as a Loyal American to point out something that often
gets lost in the comments about America doesn't let enough immigrants in,
how it discriminates against immmigrants, etc. The thing to remember is
that virtually none of the countries which the most vocal critics are from
have anything approaching the U.S. policy about immigration!

Mexicans and U.S. critics of U.S. policy cite the "border problem."
However, Americans cannot work in Mexico except under extreme limitations.
Americans in Mexico cannot send their children to Mexican public schools.
And so on. This was described in "The Treasure of the Sierra Madre," where
two Americans are stranded in Mexico, unable by law to work. Things haven't
changed much.

And what about immigration to Japan? Or Hong Kong? Or Taiwan? Ask the boat
people still rotting in camps, or turned back to sea to sink. How about
immigration into Switzerland, or Sweden, or France?

I don't have any knowledge about the situation on immigrating to India--I
don't know too many Americans who have, except some friends of friends who
moved to Goa some years back.

Personally, I favor open borders--but no public schooling, no tax-funded
handouts, no welfare, no child support, no public hospitals, etc.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From cdaemon at goblin.punk.net  Tue Aug 13 22:04:37 1996
From: cdaemon at goblin.punk.net (Checkered Daemon)
Date: Wed, 14 Aug 1996 13:04:37 +0800
Subject: Econopunks FAQ, Ver. 0.98
In-Reply-To: <2.2.32.19960813144043.00887ef8@panix.com>
Message-ID: <199608140212.TAA14564@goblin.punk.net>


> 
> What is a Fair Price for a good or service?
> 
> There is no such thing as a Fair Price.  There are only the prices paid by
> willing buyers and sellers.  These are generally called market prices.  Many
> factors influence price including cost of production and product
> characteristics but the only determinants are the desire of market actors to
> complete transactions at given prices.  

A Fair Price could be construed as a price agreed upon by a willing buyer
and a willing seller WITHOUT outside interference.

The extra  $150 I have to spend to get a computer without MS Windows 95
on it so I can run Linux comes to mind ...

-- 
Checkered Daemon                              cdaemon at goblin.punk.net

Delirium:  There must be a word for it ... the thing that lets you know that
           TIME is happening.  IS there a word?
Sandman:   CHANGE.
Delirium:  Oh.  I was AFRAID of that.

(My other SIG is a large, famous company whose opinions are not necessarily
mine.)





From vince at offshore.com.ai  Tue Aug 13 22:05:28 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Wed, 14 Aug 1996 13:05:28 +0800
Subject: More on "Fraud" and Anguilla
In-Reply-To: <Pine.LNX.3.91.960813211740.11064B-100000@offshore>
Message-ID: <Pine.LNX.3.91.960813221825.11082C-100000@offshore>



> I've been thinking about this whole "Taxbomber" issue of "fraud."

Again, what I said was my lawyer called and said it was illegal to sell
fake passports in Anguilla.  The fraud was taxbomber saying he never sold
fake passports in his post to the net of "feel sorry for me my ISP made me
relocate even though I never sold fake passports". 

> (I'm
> still not completely sure whether Taxbomber lost his account at Offshore
> Information Services Ltd. because:
> 
> a) what he was offering actually violated Anguillan law (was there a
> determination that selling camouflage passports violates a specific
> statute?)

My lawyer, probably the top lawyer in the country, said it is illegal in
Anguilla. I don't have a copy of that law. 

> b) what he was offering constituted fraud (to whom? His customers certainly
> knew what they were buying. To potential victims in the future?)

Not clear if it is defined as fraud by the law. 
 
> c) he brought unwelcome attention to Anguilla in general and to Offshore
> Information Services Ltd. in particular. (Vince's mention that the whole
> island had read the story suggests something to this.)

This is part of it.  If nobody knew where he was things might have
continued as they were.  I mention it as a lesson learned.
 
> d) he violated some particular clause of his service agreement with
> Offshore Information Services Ltd.

We did not have any contract.  I have since posted a page with the policy. 
Fair point.

> Now I read from this that Vince is encouraging "multi-level-marketing
> companies" to use his service. Am I wrong on this?
> 
> Another name for this, commonly used, is "pyramid scheme." Or "Ponzi
> scheme." 

Well, multi-level marketing does not need to be pyramid scheme, but 
you are right that it could be bad news.  So I have taken off that
encouragement from my web page.  Thanks.

  --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/






From vince at offshore.com.ai  Tue Aug 13 22:05:36 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Wed, 14 Aug 1996 13:05:36 +0800
Subject: Anguilla story...
In-Reply-To: <Pine.LNX.3.91.960813211651.11064A-100000@offshore>
Message-ID: <Pine.LNX.3.91.960813220355.11082B-100000@offshore>



Tim
>Vince:
> >In a nut shell, taxbomber.com was on my system in Anguilla.  He was
> >selling "camoflauge passports".  One David Evans of Bloomberg Business
> >News wrote an article where he quoted taxbombers page saying something
> >like "it is illegal to use these passports to open up bank accounts, but
> >there is little chance of getting caught". I got a call from my lawyer who
> >had seen the article (along with just about everyone else in Anguilla) and
> >he told me that was illegal in Anguilla and I should cancle the account.
> >I did and taxbomber moved to another provider in another country.
> >
> >1) A number of cypherpunks are dissapointed that I did not fight to my
> >death to defend this guy.
> 
> I think you're overstating the case made by some of us, or, at least, by me.

Your not dissapointed?

> What I said was that your policies need to be spelled out, and that I saw
> little evidence of "fraud" in what the guy was doing.

Ok.  I now have a link from my main page to a page with my policy.

What I said (or meant to) was that MY LAWYER SAID IT WAS ILLEGAL IN 
ANGUILLA.  

In my first post I quoted the wrong part and said "this is fraud by
taxbomber - he did sell fake passports".  I meant to quote a part
where he said something like "I never sold fake passports".

It may be covered in the anti-fraud sections of the laws.

> And that if you cut
> off accounts (without warning, it sounds like)

He got a little warning, then only web access was cut off.  And I forwarded
his email and was the nameserver for his domain name so that he could move
right away to another site.  Then he sent a message to the Internic to
move the management of his domain to another site.  

> based on fairly flimsy (it
> seems to me, and to Duncan, and to others) advice, then certain
> reputational consequences are likely to follow.

Understood.

> By the way, from what you quote this guy as saying ("it is illegal to use
> these passports to open up bank accounts, but there is little chance of
> getting caught"), I _still_ see no fraud.

Not saying that is fraud.  The most I said was encouraging fraud.  It
has been pointed out that under common law using another name is not 
fraud.  However, under certain countries laws using a fake passport
to open a bank account may be defined as fraud.

> >2) If the guy did not mention where his site was, the reporter probably
> >would never have mentioned Anguilla and me in the article.
> 
> Is this the real issue, that what he was doing brought bad publicity to you
> and to Anguilla?

It is both a lesson to be learned, and part of the overall situation.

> These issues need to be aired. Of course you have every right to run things
> as you wish, modulo contractual arrangements you may have entered into with
> your customers and your Internet providers. But we on this list have
> certain ideas about what an "offshore information provider" should provide.

Sure.  And you can run your offshore services as you wish.  I like mine
better.  :-)

> Contrast this case with the well-publicized cases recently where Neo-Nazi
> material is being hosted on U.S. web sites.

If selling fake passports is illegal in Anguilla, and the US has freedom
of speech, they are not comparable. 

  --  Vince
 
-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/






From sophi at best.com  Tue Aug 13 22:17:49 1996
From: sophi at best.com (Greg Kucharo)
Date: Wed, 14 Aug 1996 13:17:49 +0800
Subject: Anguilla...etc.
Message-ID: <199608140219.TAA14383@dns2.noc.best.net>


  While Tim may be right that nobility is lost when backing down to the
authorities, the fact is that this game has little to do with noble
purposes.  Check that, obvious noble purposes.  While most on this list
would agree that free flow of information is noble we have all seen that
this is otherwise with people in power.  As I stated in my last post, the
Swiss have maintained thier "haven" for many years by playing both sides. 
In accomodating everyone they avoid harassment.
   This way the Swiss maintain a good system and live to fight another day.
???????????????????????????????????????
Greg Kucharo
sophi at best.com
"People want chaos for about 5 minutes.  Then 
they want some money and a backrub."
                                -Bruce Sterling
???????????????????????????????????????





From tcmay at got.net  Tue Aug 13 22:40:14 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 14 Aug 1996 13:40:14 +0800
Subject: Capital and Taxes
Message-ID: <ae36838e05021004b025@[205.199.118.202]>


At 10:18 PM 8/13/96, Brad Dolan wrote:

>... and while I'm ranting...
>
>Can somebody explain why:
>
>1. Good jobs of the future are knowledge jobs which require little
>capital investment.
>
>and
>
>2. We need a capital gains tax cut to encourage capital investment to
>stimulate the growth of good jobs of the future.
>
>?

Sure, as an investor in some small companies and a high-risk startup, I'll
give some thoughts on what motivates _me_, and why a capital gains tax cut
would help the economy.

First of all, let's dispense with any confusion between "capital
investment" and anything related to "capital goods" or "capital equipment."
The two things are not at all the same.

Consider a business that needs (or claims/hopes/plans) $1M in initial seed
money to get rolling. Sure, some businesses get started with less, or with
nothing, and finance growth out of sales. But a million bucks is not at all
uncommon for a startup company that needs some work to be done before sales
get started.

Note that this million dollars has nothing to do with buying "capital
investment," in the sense I think you mean (and in the sense I think Bart
Croughs meant). It may all go to salaries for, say, 5 people for a year or
two, plus office expenses, some other expenses, etc. Maybe even $50K worth
of computers. This a "knowledge-intensive" company with very little needed
in capital equipment.

How is this money raised, and what calculations does a potential investor
make about the risks, rewards, returns on investment, etc.?

For one thing, the gains on such an investment over some time period
(typically 3-6 years) are _capital gains_. These are now taxed at a
marginal rate of 28% Federal plus whatever state and local taxes may apply,
Here in California, the effective total marginal tax rate is 38-40%,
depending on some factors. (In several industrialized countries the capital
gains tax rate is zero, or nearly zero.)

But this 38% rate doesn't even tell the whole story. Suppose that I want to
make a $100K investment in this company my friends are trying to start.
Money has a cost, both in the "rent" that is charged on it, or the "rent"
that _could have_ been charged to another for an alternate use, and on
something else that's terribly important: taxes must be paid on other
assets sold to raise the $100K. For example, if I own shares in Intel,
bought many years ago, I have to sell $160,000 worth of Intel stock, send a
$60,000 check to Uncle Sam and Uncle Pete, and then send the remaining
$100,000 to my friends. If the new investment *doubles*, my $100,000 gain
is taxed at 38% and I'm left with a gain of about $62,000.

It doesn't take a number theorist to see that I may as well have not even
bothered. So long as I just sit on the Intel stock, no taxes are owed.
Sounds like a no brainer to me.

Yes, taxes will _someday_ have to be paid...but many of us are hoping,
praying, and pleading for a cut in the capital gains tax rate...at least a
rollback to the 22% rate of yesteryear (and 4% or less in states). This
huge "backlog" of unrealized capital gains (aka gains on paper, but not yet
taxable) is what is being spoken of when people like Jack Kemp and Steve
Forbes speak of "unleashing" the capital gains now tied up due to the high
tax rates.

(Letting capital flow more easily will also make for a more efficient
market. It may be that I would've liquidated much of my Intel holdings had
the tax penalty not been so high.)

There are many more things I could say, but this is already too long. Just
don't think in terms of "capital" as just being "capital equipment." It is
really "investment" in all its many forms.

"Free the capital--and I don't mean D.C."

--Tim May, author of "DOS Capital"

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From wb8foz at nrk.com  Tue Aug 13 22:40:51 1996
From: wb8foz at nrk.com (David Lesher)
Date: Wed, 14 Aug 1996 13:40:51 +0800
Subject: [NOISE] Geek Apartments
In-Reply-To: <2.2.32.19960813234024.00c5ebcc@glc20.residence.gatech.edu>
Message-ID: <199608140306.XAA02313@nrk.com>


CWRU ran:
{hope I get it correct}
	2 pieces CAT 5
	Monomode
	Multimode
	2 pieces CAT1 for phone
	Thinnet
and something else to every "room" around. Even the payphone kiosk
in Stosacker Hall.

-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From jimbell at pacifier.com  Tue Aug 13 22:51:50 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 14 Aug 1996 13:51:50 +0800
Subject: Political Burnout
Message-ID: <199608140257.TAA28772@mail.pacifier.com>


To those of you who are tired of the Republican National Convention.  And 
particularly to those who are ALREADY tired of the Democrat National 
Convention, despite the fact that it hasn't started yet.

Remember those irritating signs beside the road, advertising some new 
apartment complex or housing development that you pass on the way home?  You 
know, the ones which say, "If you lived here, you'd be home by now."

Well, as you watch these conventions (conventia?), imagine a sign on the 
Information Superhighway, just up ahead.  It says:

"If your country were operated under the principles of 'Assassination 
Politics', not only would this convention be over by now, it wouldn't have 
even started!"

We return you to your regularly scheduled farce.


Jim Bell
jimbell at pacifier.com





From jgrasty at gate.net  Tue Aug 13 22:57:17 1996
From: jgrasty at gate.net (Joey Grasty)
Date: Wed, 14 Aug 1996 13:57:17 +0800
Subject: WinSock Remailer Now Available By E-Mail
Message-ID: <199608140213.WAA93882@osceola.gate.net>


-----BEGIN PGP SIGNED MESSAGE-----

The first alpha release of the WinSock Remailer is now available via
e-mail.  Due to problems setting up user authentication on my homepage
at

  http://www.c2.net/~winsock/

I have decided to distribute it via e-mail until I can get user 
authentication working.

In order for you to receive the WinSock Remailer, I have to be reasonably 
sure that you are a US or Canadian citizen or permanent resident.  
Therefore, you will need to review a copy of the License Agreement and 
fill out the required information.  Then clear-sign the agreement with PGP 
and mail it to me at jgrasty at gate.net.  Don't forget to tell me where I can
find your PGP public key so that I can check the signature.  No signed
license agreement, no remailer.

In order for me to have a good feeling that you are not a foreign national,
I need to have the following information check out:

a.  Verify that your address is within the boundaries of the US or Canada.
    I will do this by checking if you are in a public address database such
    as "88 Million Households Phone Book".
b.  Verify that your name and e-mail address is the same as in your public 
    key.

This is basically the same method that Netscape is using at:

  http://wwwus.netscape.com/eng/US-Current/

to verify citizenship or permanent residency, but the process is not
automated.

I don't like having to enforce clearly unconstitutional ITAR regulations,
but I'm not ready for an extended stay at Club Fed.

- ---------------------------cut here-----------------------------------
WinSock Remailer License Agreement

This is the license agreement between Joey Grasty and the end user
of the WinSock Remailer.

Name of User: <your name>
Street Address:  <your street address>
Town, State, Country: <town>, <state or province>, <country>
Phone Number: <your phone number>
E-mail Address: <your e-mail address>
Where to find your PGP Public Key: <instructions>


1. Joey Grasty grants to you a non-exclusive, non-sublicensable, 
license to use this Alpha version of the WinSock Remailer (the 
"Software"), in binary executable form for evaluation and trial use 
purposes only.  

2. JOEY GRASTY MAKES NO REPRESENTATIONS ABOUT THE SUITABILITY OF THIS
SOFTWARE OR ABOUT ANY CONTENT OR INFORMATION MADE ACCESSIBLE BY THE
SOFTWARE, FOR ANY PURPOSE.  THE SOFTWARE IS PROVIDED 'AS IS' WITHOUT
EXPRESS OR IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT.  THIS SOFTWARE
IS PROVIDED GRATUITOUSLY AND, ACCORDINGLY, JOEY GRASTY SHALL NOT BE LIABLE
UNDER ANY THEORY OR ANY DAMAGES SUFFERED BY YOU OR ANY USER OF THE
SOFTWARE.  JOEY GRASTY DOES NOT HAVE ANY OBLIGATION TO SUPPORT THIS 
SOFTWARE OR ISSUE ANY UPDATES IN THE FUTURE.

3. While Joey Grasty intends to distribute a commercial release of the
Software, Joey Grasty reserves the right at any time not to release a
commercial release of the Software or, if released, to alter prices,
features, specifications, capabilities, functions, licensing terms,
release dates, general availability or any other characteristics of the
commercial release as he sees fit.

4. Title, ownership rights, and intellectual property rights in and to
the Software shall remain in Joey Grasty and/or its suppliers.  You agree
to abide by the copyright law and all other applicable laws of the
United States including, but not limited to, export control laws.

5. Joey Grasty may terminate this License at any time by delivering notice
to you and you may terminate this License at any time by destroying or
erasing your copy of the Software and notifying Joey Grasty of this action
forthwith.  This License is personal to you and you agree not to assign your 
rights herein.  This License shall be governed by and construed in accordance 
with the laws of the State of Florida and, as to matters affecting copyrights, 
trademarks and patents, by U.S.  federal law.  This License sets forth the entire
agreement between you and Joey Grasty.

6. Use, duplication or disclosure by the Government of any locality, state 
or country, its elected officials or employees, is forbidden.

7. You may not download or otherwise export or reexport the Software or
any underlying information or technology except in full compliance with
all United States and other applicable laws and regulations.  In
particular, but without limitation, none of the Software or underlying
information or technology may be downloaded or otherwise exported or
reexported (i) into (or to a national or resident of) Cuba, Haiti,
Iraq, Libya, Yugoslavia, North Korea, Iran, or Syria or (ii) to anyone
on the US Treasury Department's list of Specially Designated Nationals
or the US Commerce Department's Table of Deny Orders.  By downloading
the Software, you are agreeing to the foregoing and you are
representing and warranting that you are not located in, under control
of, or a national or resident of any such country or on any such list.

8. JOEY GRASTY OR ITS SUPPLIERS SHALL NOT BE LIABLE FOR (a) INCIDENTAL,
CONSEQUENTIAL, SPECIAL OR INDIRECT DAMAGES OF ANY SORT, WHETHER ARISING IN
TORT, CONTRACT OR OTHERWISE, EVEN IF JOEY GRASTY HAS BEEN INFORMED OF THE
POSSIBILITY OF SUCH DAMAGES, OR (b) FOR ANY CLAIM BY ANY OTHER PARTY. THIS
LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL
INJURY TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. FURTHERMORE,
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR
CONSEQUENTIAL DAMAGES, SO THIS LIMITATION AND EXCLUSION MAY NOT APPLY TO
YOU.

9.  HIGH RISK ACTIVITIES.  The Software is not fault-tolerant and is not
designed, manufactured or intended for use or resale as on-line control
equipment in hazardous environments requiring fail-safe performance, such
as in the operation of nuclear facilities, aircraft navigation or
communication systems, air traffic control, direct life support machines,
or weapons systems, in which the failure of the Software could lead
directly to death, personal injury, or severe physical or environmental
damage ("High Risk Activities").  Joey Grasty and its suppliers specifically
disclaim any express or implied warranty of fitness for High Risk
Activities.

Clear-sign this agreement with your PGP public key and e-mail it to 
jgrasty at gate.net.

- -------------------------------cut here------------------------------------

Thank you for your patience with this crude form of distribution.

Regards,


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMhE2UsODO2V89BZZAQGOLAL9GU15R4N/6xIZCJGYaQ0Vlw4e7rqP06+d
YH5806om50v/+8P9OKrxBOECEHPJLirFQcITXsYMn/DkVAcTVTrz9rKfJdzToeyB
Bwr4vgpMqKw4oZnFGJa1PvUotSjTnETT
=Arts
-----END PGP SIGNATURE-----

--
Joey Grasty
jgrasty at gate.net [home -- encryption, privacy, RKBA and other hopeless causes]
jgrasty at pts.mot.com [work -- designing pagers]
"Anyone who considers arithmetical methods of producing random digits is,
of course, in a state of sin." -- John Von Neumann
PGP = A7 CC 31 E4 7E A3 36 13  93 F4 C9 06 89 51 F5 A7





From dlv at bwalk.dm.com  Tue Aug 13 23:01:16 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Wed, 14 Aug 1996 14:01:16 +0800
Subject: Anguilla...etc.
In-Reply-To: <199608140219.TAA14383@dns2.noc.best.net>
Message-ID: <TPsmsD30w165w@bwalk.dm.com>


"Greg Kucharo" <sophi at best.com> writes:
>   While Tim may be right that nobility is lost when backing down to the
> authorities, the fact is that this game has little to do with noble
> purposes. ...

Nor was there any activity from the authorities.

A while back, when Vince first started advertizing his site, I asked him a few
hypothetical questions, and he said roughly this: If client X posts something
to Usenet from Vince's site, and if Y dislikes X's article so much that he
mailbombs X, then Vince would pull X's plug. (I have the exact quote saved.)
I lost interest right then. I'm not surprised that Vince acted dishonorably by
pulling a client's plug with no warning for a very flimsy reason.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From minow at apple.com  Tue Aug 13 23:36:39 1996
From: minow at apple.com (Martin Minow)
Date: Wed, 14 Aug 1996 14:36:39 +0800
Subject: [NOISE] Re: photographed license plates
In-Reply-To: <v02140b00ae36c4403679@[204.179.128.40]>
Message-ID: <v03007802ae36fdc0b789@[17.219.103.200]>


Regarding photographing cars for speeding, mccoy at communities.com (Jim McCoy)
notes that a drive could challenge a photo ticket by stating that

>"it was not me driving when that photo was taken"

When this was tried in (I believe) Sweden, the driver was told that
the ticked would be canceled.

Then, he was told that henceforth, he would be *required* to maintain
a log of precisely who was driving, the date, time, and the beginning and
ending odomoter. Required, that is, as a condition of keeping his license.
And that he must produce this log whenever a police officer requested it.

Amazing how this improved the driver's memory.

There is another problem that these tickets could cause. (This could
be an urban legend, of course): a former work collegue was speeding
in Switzerland. His wife opened the letter with the ticket -- and
photograph. The passenger was not his wife, and the location differed
from where my former collegue's wife expected her (soon to be former)
husband to be.

Drive carefully.

Martin Minow
minow at apple.com











From jamesd at echeque.com  Tue Aug 13 23:37:20 1996
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 14 Aug 1996 14:37:20 +0800
Subject: India, Productivity, and Tropical Climes
Message-ID: <199608140439.VAA28846@dns2.noc.best.net>


At 11:31 PM 8/13/96 +0600, Arun Mehta wrote:
> As regards IBM, its agreement with the government of India, under
> which it was allowed to operate in the country, stipulated that
> it would produce here, and transfer some technology. Instead, as
> the government found, all it did was sell time on second-hand
> computers (1401's as I recall, and this was mid  to late '70s).
> IBM was asked to either dilute, or live up to its original
> agreement, which it wasn't prepared to do, so it left.

Every single foreign computer company left during roughly the same 
period, as did almost all foreign companies and anybody who had a choice.

The reasons generally given by those who left, for this mass exodus, 
which eventually sent the government into insolvency, is that Indian 
]officials were arrogant, rude, dishonest, corrupt, continually broke 
contracts and agreements, and attempted to exercise direct power over 
everyone and everything.

If indian government officials have a different version, I would not
regard that version as coming "from the horses mouth"
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From tcmay at got.net  Tue Aug 13 23:49:09 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 14 Aug 1996 14:49:09 +0800
Subject: Anguilla...etc.
Message-ID: <ae369cb70602100499a1@[205.199.118.202]>


At 2:21 AM 8/14/96, Greg Kucharo wrote:
>  While Tim may be right that nobility is lost when backing down to the
>authorities, the fact is that this game has little to do with noble
>purposes.  Check that, obvious noble purposes.  While most on this list
>would agree that free flow of information is noble we have all seen that
>this is otherwise with people in power.  As I stated in my last post, the
>Swiss have maintained thier "haven" for many years by playing both sides.
>In accomodating everyone they avoid harassment.
>   This way the Swiss maintain a good system and live to fight another day.

Let me be clear that I am not talking about "noble motives." In the sense
of somone sacrificing himself for the good of the herd, blah blah.

Rather, there is an "archetype," if you will, of what a "remailer" is, what
a "data haven" is, what a "tax shelter" is, etc. While we cannot reasonably
expect a remailer to exactly match the archetype, we can point out obvious
deficiencies.

For "data havens," we have very few examples, compared to operational
remailers. We have the fictional form in Bruce Sterling's "Islands in the
Net," some of whose plot twists have some parallels to the current Anguilla
situation. Another is the form described in Ross Anderson's "Eternity
Service."

What might we expect of a true data haven? I've tried to describe several
of the attributes in my earlier posts, mainly by asking questions about
specific examples (bomb-building instructions, "Kill the monarchy" screeds,
etc.).

Interestingly, with several of these examples, Vince has said that he is
not interested in having this kind of material on his site. His invitation
for Multi-Level Marketers to avoid U.S. and other laws by locating on his
service has now been withdrawn, from his latest comments. (To the person
who sent me mail explaining that MLM schemes are not illegal in the U.S.,
indeed, some are legal and some are not. I said as much. And for those
which are legal in the U.S. or France or wherever, they would hardly have
any need to use Vince's service, would they? I surmised from his invitation
that he was encouraging MLM/pyramid scheme operators to avoid their
parochial fraud laws and use the services in Anguilla.)

I plan to do more looking at just who is left, who is using Offshore
Information and what kinds of services they are offering. Not to harass
Vince, of course, but to better look at the envelope of what is considered
OK and what is not.

If i find that all the "juicy" stuff is gone and all that is left is
booking sailing cruises around the Carribbean, I'll hardly call it a "data
haven." Which is not to say it's not still a useful and profitable business
for Vince, just that it has no Cypherpunk relevance.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jamesd at echeque.com  Tue Aug 13 23:59:08 1996
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 14 Aug 1996 14:59:08 +0800
Subject: More on "Fraud" and Anguilla
Message-ID: <199608140439.VAA28830@dns2.noc.best.net>


At 10:29 PM 8/13/96 -0400, Vincent Cate wrote:
> Again, what I said was my lawyer called and said it was illegal to sell
> fake passports in Anguilla.  The fraud was taxbomber saying he never sold
> fake passports in his post to the net of "feel sorry for me my ISP made me
> relocate even though I never sold fake passports". 

He never sold fake passports.  If his passports had been marked 
"United States of America" or some such they would indeed be
fake.  They were not fake.  Who says that only generally recognized
governments of major nations are entitled to issue passports?

> > a) what he was offering actually violated Anguillan law (was there a
> > determination that selling camouflage passports violates a specific
> > statute?)

> My lawyer, probably the top lawyer in the country, said it is illegal in
> Anguilla. I don't have a copy of that law. 

You should.

The fact that you do not indicates alarming willingness to bend over,
which is inconsistent with the way you represent your service in 
your ad.  Amend the ad, or employ more spine.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From ravage at einstein.ssz.com  Wed Aug 14 00:03:02 1996
From: ravage at einstein.ssz.com (Jim Choate)
Date: Wed, 14 Aug 1996 15:03:02 +0800
Subject: 2600 (the magazine)
Message-ID: <199608140527.AAA06157@einstein>



Hi all,

The current issue of 2600 is out. I bought mine at Barnes & Nobles.

It has a couple of articles on cryptography as well as a port scanner
program for Linux.


                                                  Jim Choate






From tcmay at got.net  Wed Aug 14 00:09:53 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 14 Aug 1996 15:09:53 +0800
Subject: Anguilla...etc.
Message-ID: <ae36aa4d09021004cad4@[205.199.118.202]>


At 3:25 AM 8/14/96 Moscow Time, Dr.Dimitri Vulis KOTD wrote:
>"Greg Kucharo" <sophi at best.com> writes:
>>   While Tim may be right that nobility is lost when backing down to the
>> authorities, the fact is that this game has little to do with noble
>> purposes. ...
>
>Nor was there any activity from the authorities.
>
>A while back, when Vince first started advertizing his site, I asked him a few
>hypothetical questions, and he said roughly this: If client X posts something
>to Usenet from Vince's site, and if Y dislikes X's article so much that he
>mailbombs X, then Vince would pull X's plug. (I have the exact quote saved.)
>I lost interest right then. I'm not surprised that Vince acted dishonorably by
>pulling a client's plug with no warning for a very flimsy reason.

"Acted dishonorably"?

Really, Dimitri, are all Russians this rude? (Seeing the battles on Usenet
between the "Sovoks" and the "Gruborbots," I'm beginning to think so.)

While I think the Anguilla situation is an interesting one to analyze, I
avoid such loaded terms as "dishonorable."

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From wombat at mcfeely.bsfs.org  Wed Aug 14 00:32:38 1996
From: wombat at mcfeely.bsfs.org (Rabid Wombat)
Date: Wed, 14 Aug 1996 15:32:38 +0800
Subject: [NOISE] Geek Apartments and Etherpunks
In-Reply-To: <Pine.GUL.3.95.960813140118.5632A-100000@Networking.Stanford.EDU>
Message-ID: <Pine.BSF.3.91.960814043926.771A-100000@mcfeely.bsfs.org>




On Tue, 13 Aug 1996, Rich Graves wrote:

> On Tue, 13 Aug 1996, Ben Combee wrote:
> 
> 
> The "secure hubs" at GATech don't do encryption -- no way could that be done
> at wire speed. What they do is fill the data portion of the Ethernet packet
> with nulls. Everyone gets to see the source and destination MAC address and
> length of every packet, but only the recipient (or a very clever spoofer --
> most of the "secure hubs" on the market have a few vulnerabilities) gets
> the data.

What vulnerabilities? I've heard tell of some(?) that "leak" unscrambled 
packets if flooded with extreme traffic levels, but have never seen or 
verified this. Got any specifics?

> 
> If you run a packet sniffer, all you get are CRC errors (in order to
> maintain wire speed, the non-destination ports don't compute one). 
> 
> As far as real-world geek apartments go, I heard of one in Manhattan that
> worked exactly as described. I don't know whether they run "secure hubs."
> Presumably they would -- I can't think of a major manufacturer's manageable
> 10BaseT hub that lacks MAC address lockout features.

Most manufacturers offer SNMP-manageable hubs, but these don't offer 
MAC-layer security. That usually costs a lot extra. The MAC-layer feature 
is not widely used.

> 
> OTOH, I've heard tell that several of the residential coax experiments run
> promiscuously. Everything your neighbor does online, you can see with the
> right software.
> 

If it is Ethernet (or any baseband technology, AFAIK), and on coax, then 
of course it is "promiscuous." All devices must see the packet; they're 
on a bus. The 10T hubs also follow the "all devices must see the packet 
rule", but by design; a packet is received on the "recieve" pair of one 
port, and transmitted on the "xmit" pairs of all ports. The secure hubs 
overwrite the data payload with "junk" first - no encryption involved, 
nothing to crack, and, as you've pointed out, without recomputing CRC.

btw - if I were in an apartment environment, I'd want the "secure hubs",
and would verify that they're actually in the secure mode. They usually
have a "learning" mode, where they simply register the MAC address most
recently assigned to each port (sort of like learning bridges - this saves
a lot of manual entry). Of course, if left in this mode, they don't do a
thing for security. On the flip side, if sucured, and you change network
cards, or bring that laptop home from the office, etc. you won't be able
to use it without the intervention of the hub's administrator. 

And yes, packet sniffers are easy to get a hold of; freeware is abundant. 
Anyone can easily use one on a segment they've got access to.

- r.w.


> -rich
> 
> 





From nobody at replay.com  Wed Aug 14 00:38:57 1996
From: nobody at replay.com (Anonymous)
Date: Wed, 14 Aug 1996 15:38:57 +0800
Subject: [NOISE] Statists get to make choices, too.
Message-ID: <199608140545.HAA13218@basement.replay.com>


Dr. Dimitri Vulis KOTM writes:

>There is no place on the 'net safe for the Usenet Cabal or the fucking statists
>who call themselves "libertarians".

Oh, sure there is. The Misguided Cabal Dupes [tm] have decided they prefer
the relative order of the current system to the chaos of a disbarred
lawyer's vision. News admins have simply taken extra steps to make sure
that their services won't be disrupted by a few individuals who style
themselves the "Usenet Freedom Knights." I'm sure the Fucking Statists have
taken similar steps.

Your right to rant doesn't override my right to ignore you. Isn't that
really what this country's supposed to be about? The right to be left
alone?







From rich at c2.org  Wed Aug 14 00:52:19 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 14 Aug 1996 15:52:19 +0800
Subject: [NOISE] Geek Apartments and Etherpunks
In-Reply-To: <Pine.BSF.3.91.960814043926.771A-100000@mcfeely.bsfs.org>
Message-ID: <Pine.GUL.3.95.960813221411.8341A-100000@Networking.Stanford.EDU>


[Any lingering cypherpunk-relevant curiosity should probably be directed to
http://cougar.haverford.edu/resnet96/repeaters.html ]

On Wed, 14 Aug 1996, Rabid Wombat wrote:
> On Tue, 13 Aug 1996, Rich Graves wrote:
> > On Tue, 13 Aug 1996, Ben Combee wrote:
> > 
> > The "secure hubs" at GATech don't do encryption -- no way could that be done
> > at wire speed. What they do is fill the data portion of the Ethernet packet
> > with nulls. Everyone gets to see the source and destination MAC address and
> > length of every packet, but only the recipient (or a very clever spoofer --
> > most of the "secure hubs" on the market have a few vulnerabilities) gets
> > the data.
> 
> What vulnerabilities? I've heard tell of some(?) that "leak" unscrambled 
> packets if flooded with extreme traffic levels, but have never seen or 
> verified this. Got any specifics?

Change your MAC address to be the same as the hub's. 3Com recently fixed
this. Others might not have. 

> > As far as real-world geek apartments go, I heard of one in Manhattan that
> > worked exactly as described. I don't know whether they run "secure hubs."
> > Presumably they would -- I can't think of a major manufacturer's manageable
> > 10BaseT hub that lacks MAC address lockout features.
> 
> Most manufacturers offer SNMP-manageable hubs, but these don't offer 
> MAC-layer security. That usually costs a lot extra. The MAC-layer feature 
> is not widely used.

That was true six months ago, but 3Com, Allied, Cabletron, Synoptics, HP,
UB, and others now include it as a matter of course. Asante is the notable
exception. There are some kooks out there, like the people at RIT, who think
that everyone needs switched ports; and a few cheapskates, like management
at a major university in the Palo Alto area, who stick with Asante because
it's cheapest, and trust students to be nice (or at least nice enough to get
caught). 

> btw - if I were in an apartment environment, I'd want the "secure hubs",
> and would verify that they're actually in the secure mode. They usually
> have a "learning" mode, where they simply register the MAC address most
> recently assigned to each port (sort of like learning bridges - this saves
> a lot of manual entry). Of course, if left in this mode, they don't do a
> thing for security.

Sure they do. You'd have a reasonable assurance that wherever you went,
you'd be the only one seeing your packets -- assuming the backbone is
secure, which you need to assume anyway if you're not doing packet, session,
or application-layer encryption (which is the ultimate goal). The roving
portable computer is a pretty common case nowadays. The only thing a static
table gets you is intruder control. 

-rich






From null at null.gov  Wed Aug 14 01:14:21 1996
From: null at null.gov (I=(!isnum(self)))
Date: Wed, 14 Aug 1996 16:14:21 +0800
Subject: yet ANOTHER "Internet == child porn "story.
Message-ID: <32117610.271D@null.gov>


Again on today's CBS all-news stn.
An elementary school teacher arrested for exchanging, or whatever, 
kiddieporn on the Internet.

The reporter was duly dramatic and ominous sounding.

Damn I wish I knew how many kiddie porners were doing their whatver OFF 
the 'net.  Maybe, my fine friends, we're catching MORE o' them because 
they are on the net and clueless, rather than in back alleys and hard to 
find.

------------------------------------------------------------------

Recommended reading:

"Manufacture of Consent", Noam Chomsky.

Altho I hate much of his politics, that one's right on.





From mab at research.att.com  Wed Aug 14 01:20:00 1996
From: mab at research.att.com (Matt Blaze)
Date: Wed, 14 Aug 1996 16:20:00 +0800
Subject: key escrow idea from David Satelin of MIT Lincoln Labs
In-Reply-To: <199608140509.WAA06467@mail.pacifier.com>
Message-ID: <199608140548.BAA05495@nsa.research.att.com>



[Please include me on any mail you want me to see, as I don't
read the cypherpunks list these days]

>
>>In Staelin's proposal government gains access to the communications,
>>but does not gain "real-time access" as desired by the FBI.  This loss
>>may be tolerable, given the benefit obtained (forcing access to be
>>made in accordance with the Constitutional requirements for
>>notification before search).
>
>It sounds like you're saying that the government must inform the target of 
>the wiretap BEFORE doing it.  ("notification before search")  Right?  That 
>would at least be better than the status quo.
>
You may be confused.  I hope it was clear that I didn't write that.
That text was part of the message from Ron Rivest that I included in my
message.
>
...

>>------- End of Forwarded Message
>>
>
...

>As far as I'm aware, if the police serve an ordinary search warrant at a 
>particular address, they  can't prohibit the targets of that warrant from 
>telling anyone else of this.  It seems to me that the main reason police 
>have gotten used to the idea of doing search warrants secretly is that the 
>local phonecos have been monopolies so long, and they're so used to 
>cooperating with government and the cops (as evidenced by the fact that 
>police regularly got illegal wiretaps before 1968), that this has soaked in 
>as being expected.  Indeed, the pre-'68 illegal wiretaps prove beyond a 
>shadow of a doubt that government and the telephone company never have had 
>any sort of arm's-length relationship, and strongly suggest that the 
>Constitutionality of wiretapping (vis a vis the constitutionality of 
>phoneco's claimed responsibility to keep the whole thing secret) has never 
>been legitimately tested.
>
>Remember, since the phoneco has had no competition, they've never been at 
>risk from being shunned by customers who object to this secret cooperation.  
>A more "realistic" position, I think, would be to conclude that if there was 
>true competition, customers would be able to negotiate varying levels of 
>non-cooperation in order to win customers.  I suspect that post-Ruby 
>Ridge/post-Waco, there would be a substantial fraction of the public who 
>would conclude that it cannot trust its own government.
>

Well, I don't know what went on before 1968, but these days phone companies
don't keep wiretap orders secret because they are being nice to the police,
they keep them secret because the court order for the weretap also orders
them to.  Perhaps you aren't aware of this, but when a third party  is
ordered to turn over records or access to something, the order often
includes a provision that prohibits them from revealing the order to the
subject.  This is not unique to phone records; orders for bank records
frequently have secrecy provisions as well.

-matt





From shamrock at netcom.com  Wed Aug 14 01:25:40 1996
From: shamrock at netcom.com (Lucky Green)
Date: Wed, 14 Aug 1996 16:25:40 +0800
Subject: [off-topic] Locating cell phones with power off?
Message-ID: <v02120d07ae3717374bfb@[192.0.2.1]>


I seem to remember that somebody once mentioned that cell phones transmit
signal even with the power switch off. Supposedly, you have to take out the
batteries to cut the signal. The more I am thinking about it, the less
sense it makes. Can somebody here please confirm (or deny) this rumor?

TIA,



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From bdolan at use.usit.net  Wed Aug 14 01:30:22 1996
From: bdolan at use.usit.net (Brad Dolan)
Date: Wed, 14 Aug 1996 16:30:22 +0800
Subject: Capital and Taxes
In-Reply-To: <ae36838e05021004b025@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.960814013949.25101A-100000@use.usit.net>




On Tue, 13 Aug 1996, Timothy C. May wrote:
> 
> But this 38% rate doesn't even tell the whole story. Suppose that I want to
> make a $100K investment in this company my friends are trying to start.
> Money has a cost, both in the "rent" that is charged on it, or the "rent"
> that _could have_ been charged to another for an alternate use, and on
> something else that's terribly important: taxes must be paid on other
> assets sold to raise the $100K. For example, if I own shares in Intel,
> bought many years ago, I have to sell $160,000 worth of Intel stock, send a
> $60,000 check to Uncle Sam and Uncle Pete, and then send the remaining
> $100,000 to my friends. If the new investment *doubles*, my $100,000 gain
> is taxed at 38% and I'm left with a gain of about $62,000.
> 
> It doesn't take a number theorist to see that I may as well have not even
> bothered. So long as I just sit on the Intel stock, no taxes are owed.
> Sounds like a no brainer to me.
> 
> Yes, taxes will _someday_ have to be paid...but many of us are hoping,
> praying, and pleading for a cut in the capital gains tax rate...at least a
> rollback to the 22% rate of yesteryear (and 4% or less in states). This
> huge "backlog" of unrealized capital gains (aka gains on paper, but not yet
> taxable) is what is being spoken of when people like Jack Kemp and Steve
> Forbes speak of "unleashing" the capital gains now tied up due to the high
> tax rates.


Now imagine that I want to make that $100K investment or, more 
realistically, that I want to invest $100K in my kid's college education.
I'm going to have to earn wages of $160K and pay $60K in tax.  It would 
make me cranky if the guy next door could just clip $100K of coupons, tax 
free, to pay for his kid's education.

While I'm sure Steve Forbes could, I can't think of a moral argument why 
income from selling stock should be taxed at a rate lower (or higher) than 
than income from wages.

Jamie Whitten, late chairman of the House Appropriations Committee once 
said, "All anyone wants is a special advantage over the next fellow.  
Understand that, and you've understood the intent of every law ever passed."

I think that applies to tax law.

bd





From jimbell at pacifier.com  Wed Aug 14 01:38:35 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 14 Aug 1996 16:38:35 +0800
Subject: key escrow idea from David Satelin of MIT Lincoln Labs
Message-ID: <199608140509.WAA06467@mail.pacifier.com>


At 08:19 PM 8/13/96 -0400, Matt Blaze wrote:
>My comments included below Rivest's message.
>------- Forwarded Message from Rivest
>Here is another MIT professor's (Dave Staelin's) suggestion for a
>national crypto policy.  I thought you might be interested in seeing
>it; given the difficulty of the debate, any variant, even if only
>slightly different from previous ones, should be considered.  Feel
>free to pass this note around, or to post it...
>
>Here is Staelin's idea:
>	(1) You can use any crypto you want, but you must keep a record
>	    of the crypto keys you used.
>	(2) The government can ask for the crypto keys later, if they have
>	    a court order, just as they can ask for any of your other papers
>	    or documents.  You must give the key(s) to them, just as you
>            must turn over your private papers in such a situation.
>            (There would have to be an appropriate penalty for losing the
>            key...)
>
>The attractive feature of this proposal is that it puts encrypted
>communications in the same category as private papers; the government
>is required to give notice to (at least one of) the affected
>individual(s) _before_ the search can be undertaken.  This cures what is
>in my mind a defect in the current wire-tapping laws.  

While I agree that there is a defect in current wire-tapping laws,  it's a 
lot more serious than this.   The defect, I think, is that wiretapping is 
thoroughly unconstitutional.  The reason I believe it's unconstitutional is 
that unlike any other kind of search warrant that preceeded it, a wiretap 
warrant authorizes a continuing violation of privacy. It also allows police 
to violate that privacy secretly.  Indeed, as I understand it current 
practice is to not inform the target of the tap even once the tap is 
removed.  It appears far more likely that the technical fact that wiretaps 
can be done without informing the target has allowed the cops to 
conveniently re-interpret the Constitution to assume that no notification is 
necessary.

 Regular search warrants simply allow police to visit a location, ONCE, and 
collect evidence.  The police must show up, identify themselves, and do 
their search, and LEAVE.  Once they're gone, privacy is restored.  And the 
target is informed of the police's interest, and so the police are motivated 
to not engage in "shotgun wiretaps" against people who aren't likely worthy 
of them.  I contend that there is no logical reason to believe that the 
current practice of wiretapping is anticipated by any other search warrant.  

The _reason_ wiretaps are done in a manner so hostile to privacy and the 
Constitution, I believe, is that when they were "legalized" in 1968, police 
had already had a long history of doing them illegally, but because they 
were illegal they couldn't be entered into evidence in court.  That 
legalization was ostensibly a compromise to  make them admissable, but also 
make the police obey the law.  The problem is that since the police were 
ALREADY violating the law, any "compromise" they were likely to agree to 
would have been strongly weighted against a Constitutional interpretation. 
(If you already have 3/4s of the loaf, why give it up?)  

In fact, the police gave up NOTHING:  If they were able to get illegal 
wiretaps before 1968, there is no reason to believe that they couldn't get 
them after 1968.

 If, on the other hand, the police had genuinely obeyed the law and 
Constitution before 1968, more effective protections against violations of 
privacy would have been obtainable in exchange for legalizing wiretaps.  For 
example, they might have been forced to agree to informing the target of 
every wiretap when it is removed, or maybe even informing them when the tap 
is placed!  This will appear quite odd to the police, who will claim that 
wiretaps won't do any good against informed targets, but then again they 
probably objected to being prohibited from using thumbscrews and beating 
confessions out of prisoners.  The fact is, not every police practice which 
is arguably useful is bound to be Constitutional.

Another problem is with item 2 above:  It amounts to an obvious violation of 
the 5th amendment to the Constitution, because it criminalizes the refusal 
to provide evidence  against yourself.  Even worse, it requires that you 
maintain, effectively, all conversations done by electronic/encrypted means. 
   It is somewhat as if you were required to carry a tape recorder around 
and keep a record of every conversation you ever have, to be released to the 
cops whenever they get a search warrant.

Rivest may be an excellent cryptographer, but a constitutional scholar he 
ain't.

>DISCUSSION
>In a variant of Staelin's proposal (my twist) you could append to each
>encrypted message an encrypted form of the message key.  The
>encryption could be with the public-key of a trusted third party who
>will not (and legally may not) reveal the message key without
>notifying you first (or ensuring that you have been appropriately
>served with the corresponding warrant).  For example, the ACLU might
>be such a TTP.  This protects the government's right to access and
>protects the individual from the penalties (or benefits) of losing the
>key.  This procedure is technically simple; what is more complex is
>ensuring that the TTP's are appropriately registered and protected
>from undue government influence.  The use of such a TTP would in any
>case be optional; the communicants need not use a TTP if they
>understand their obligation to keep the crypto keys around for some
>period of time afterwards.

What about an alternate system that takes  a poll, and requires a vote of 
90% or more to allow the government to get the escrowed key?  If the target 
is REALLY a "big bad criminal" then likely they'll get approval.  OTOH, if 
the government had just "done a Waco" and a substantial fraction of the 
population were seriously pissed, the government wouldn't have a prayer.
  
(not that I'd find even this system "acceptable," but at least it would be 
better...  The problem is, none of these proposals reflect any recognition 
that there may come a time where it would be far better for society to NOT 
give the government the evidence it wants.  This "government is always 
right" patina is wearing mighty thin.)

>In Staelin's proposal government gains access to the communications,
>but does not gain "real-time access" as desired by the FBI.  This loss
>may be tolerable, given the benefit obtained (forcing access to be
>made in accordance with the Constitutional requirements for
>notification before search).

It sounds like you're saying that the government must inform the target of 
the wiretap BEFORE doing it.  ("notification before search")  Right?  That 
would at least be better than the status quo.


>  The use of wiretapping encrypted
>communications as a preventive measure might be severely limited, but
>its use as a means of gathering evidence to force a conviction would
>be preserved.
>
>For international communications, each communicant might be required to
>use a TTP that is bound to honor the laws of his country (which TTP to be
>used should be the choice of the communicant).  
>
>It may be seem a bit strange to force individuals to keep around
>information (keys) that they no longer really need.  However, this is
>more-or-less the case for financial records right now.

However, people aren't obligated to keep financial records around, or keep 
them in a form the cops can read.


>CONCLUSION
>
>The fundamental idea is to give the government a right to access
>encrypted communication in return for a guarantee that access may not
>be obtained until there is BOTH proper legal authorization AND proper
>prior notice to (at least one of) the communicants.

Two giant steps backward!  I genuinely don't see that I, as an ordinary 
citizen, am EVER likely to be a victim of a crime which could be prevented 
or solved by the system as Rivest describes it.  OTOH, I believe that it is 
almost certain that my rights will continue to be abused by a government 
which will be able to use this system to protect itself from being removed, 
either by vote or by gunfire.  I conclude that proposals like this will 
rarely be used to protect ordinary citizens, and are almost entirely 
intended to buttress the government.


>Is this workable??

NO!

>------- End of Forwarded Message
>
>[Matt's comments follow]
[much deleted]
>While Ron's twist decreases some of the burden on the user it
>eliminates the main benefit of the Staelin proposal - that one
>cannot obtain cleartext without the knowledge of at least one party.
>The TTP could be compelled (as the phone company is now for regular
>wiretaps) to keep the request secret, under court order. 

Which, of course, is yet another problem with the current wiretap system.  
Given the 1st amendment, I see NOTHING which should allow the government to 
prohibit a third party (the phoneco) from telling me of the police's 
interest.  I realize that this is "assumed without question" by the various 
suck-ups who populate government and probably most lawyers, but it seems to 
me that one of the disadvantages of the government going outself itself to 
obtain evidence SHOULD BE that in doing so, it reveals its interests to 
those third parties.

As far as I'm aware, if the police serve an ordinary search warrant at a 
particular address, they  can't prohibit the targets of that warrant from 
telling anyone else of this.  It seems to me that the main reason police 
have gotten used to the idea of doing search warrants secretly is that the 
local phonecos have been monopolies so long, and they're so used to 
cooperating with government and the cops (as evidenced by the fact that 
police regularly got illegal wiretaps before 1968), that this has soaked in 
as being expected.  Indeed, the pre-'68 illegal wiretaps prove beyond a 
shadow of a doubt that government and the telephone company never have had 
any sort of arm's-length relationship, and strongly suggest that the 
Constitutionality of wiretapping (vis a vis the constitutionality of 
phoneco's claimed responsibility to keep the whole thing secret) has never 
been legitimately tested.

Remember, since the phoneco has had no competition, they've never been at 
risk from being shunned by customers who object to this secret cooperation.  
A more "realistic" position, I think, would be to conclude that if there was 
true competition, customers would be able to negotiate varying levels of 
non-cooperation in order to win customers.  I suspect that post-Ruby 
Ridge/post-Waco, there would be a substantial fraction of the public who 
would conclude that it cannot trust its own government.

I can think of at least one suck-up lawyer who will pooh-pooh this, claiming 
that wiretaps are now legal, but when looked at from a pre-1968 standpoint, 
wiretaps were illegal, so it seems logical that customers should have been 
entitled to insist that telephone companies obey the law.  It's hard to 
avoid the conclusion that the reason this kind of illegal behavior was done 
by the cops as well as the phonecos is the fact that no phoneco ever had to 
fear loss of any kind of profit as a consequence of illegal cooperation.  

Indeed, I doubt that any telephone company EVER _publicly_ refused an 
illegal wiretap request by police. (By this, I mean the phoneco informed the 
public of an illegal request on its own initiative.)  The total or 
near-total absence of such practices would make it clear that nothing that 
occurred before 1968 could possibly be considered  the norm for 
constitutionality, casting further doubt on the 1968 "compromise."

It doesn't seem likely (from a constitutional standpoint, anyway) that the 
"normal" level of cooperation that police can get from a monopolized, 
regulated industry should, retroactively, become considered to be the 
"constitutional" amount of cooperation that the cops can legally expect to 
get from everyone else.


Jim Bell
jimbell at pacifier.com





From Wyntermute at postoffice.worldnet.att.net  Wed Aug 14 01:41:08 1996
From: Wyntermute at postoffice.worldnet.att.net (Justin Card)
Date: Wed, 14 Aug 1996 16:41:08 +0800
Subject: (Off Topic) Re: FCC_ups
In-Reply-To: <199608120538.WAA29683@dns2.noc.best.net>
Message-ID: <3210496C.5153@postoffice.worldnet.att.net>


David Wagner wrote:

> The *real* challenge: how do you support sender- and recipient- anonymous
> phone calls with strong security?  Have fun.

If you're only encrypting/decrypting at each end, couldn't a key
exchange like Diffie-Hellman work?  Or is this not the "anonymous"
feature you were looking at?

-- 
Wyntermute





From mikev at is.co.za  Wed Aug 14 02:18:44 1996
From: mikev at is.co.za (Mike van der Merwe)
Date: Wed, 14 Aug 1996 17:18:44 +0800
Subject: Changing the headers
In-Reply-To: <009A6D03.6A10B362.18@uni-lj.si>
Message-ID: <32117D4F.59E2B600@is.co.za>


Hi again :-)

Changing the from header is easy -- load netscape and change your from
addy... 

Or else you can telnet to port 25 of any given smtp server and type help
-- the rest is great fun. If memory serves, type HELO (one "l") to
introduce yourself, then declare the recipient and the sender and
finally any headers and the message. But type help -- smtp servers are
very friendly.

Later
Mike

-- 
I'm sure we will find out in a few years that Microsoft invented the
Net.  Or brought it to the masses.  Or saved it from a certain and
early demise.  Or all of the above. 
     JAMES SEYMOUR


http://titus.is.co.za/mikev





From loki at infonex.com  Wed Aug 14 02:23:39 1996
From: loki at infonex.com (Lance Cottrell)
Date: Wed, 14 Aug 1996 17:23:39 +0800
Subject: WinSock Remailer Now Available By E-Mail
Message-ID: <ae371e2b04021004e72d@[206.170.115.3]>


I would be happy to distribute it from my site, along side Mixmaster.

        -Lance

At 3:15 PM 8/13/96, Joey Grasty wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>The first alpha release of the WinSock Remailer is now available via
>e-mail.  Due to problems setting up user authentication on my homepage
>at
>
>  http://www.c2.net/~winsock/
>
>I have decided to distribute it via e-mail until I can get user
>authentication working.
>
>In order for you to receive the WinSock Remailer, I have to be reasonably
>sure that you are a US or Canadian citizen or permanent resident.
>Therefore, you will need to review a copy of the License Agreement and
>fill out the required information.  Then clear-sign the agreement with PGP
>and mail it to me at jgrasty at gate.net.  Don't forget to tell me where I can
>find your PGP public key so that I can check the signature.  No signed
>license agreement, no remailer.
>
>In order for me to have a good feeling that you are not a foreign national,
>I need to have the following information check out:
>
>a.  Verify that your address is within the boundaries of the US or Canada.
>    I will do this by checking if you are in a public address database such
>    as "88 Million Households Phone Book".
>b.  Verify that your name and e-mail address is the same as in your public
>    key.
>
>This is basically the same method that Netscape is using at:
>
>  http://wwwus.netscape.com/eng/US-Current/
>
>to verify citizenship or permanent residency, but the process is not
>automated.
>
>I don't like having to enforce clearly unconstitutional ITAR regulations,
>but I'm not ready for an extended stay at Club Fed.
>
>- ---------------------------cut here-----------------------------------
>WinSock Remailer License Agreement
>
>This is the license agreement between Joey Grasty and the end user
>of the WinSock Remailer.
>
>Name of User: <your name>
>Street Address:  <your street address>
>Town, State, Country: <town>, <state or province>, <country>
>Phone Number: <your phone number>
>E-mail Address: <your e-mail address>
>Where to find your PGP Public Key: <instructions>
>
>
>1. Joey Grasty grants to you a non-exclusive, non-sublicensable,
>license to use this Alpha version of the WinSock Remailer (the
>"Software"), in binary executable form for evaluation and trial use
>purposes only.
>
>2. JOEY GRASTY MAKES NO REPRESENTATIONS ABOUT THE SUITABILITY OF THIS
>SOFTWARE OR ABOUT ANY CONTENT OR INFORMATION MADE ACCESSIBLE BY THE
>SOFTWARE, FOR ANY PURPOSE.  THE SOFTWARE IS PROVIDED 'AS IS' WITHOUT
>EXPRESS OR IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY
>AND FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT.  THIS SOFTWARE
>IS PROVIDED GRATUITOUSLY AND, ACCORDINGLY, JOEY GRASTY SHALL NOT BE LIABLE
>UNDER ANY THEORY OR ANY DAMAGES SUFFERED BY YOU OR ANY USER OF THE
>SOFTWARE.  JOEY GRASTY DOES NOT HAVE ANY OBLIGATION TO SUPPORT THIS
>SOFTWARE OR ISSUE ANY UPDATES IN THE FUTURE.
>
>3. While Joey Grasty intends to distribute a commercial release of the
>Software, Joey Grasty reserves the right at any time not to release a
>commercial release of the Software or, if released, to alter prices,
>features, specifications, capabilities, functions, licensing terms,
>release dates, general availability or any other characteristics of the
>commercial release as he sees fit.
>
>4. Title, ownership rights, and intellectual property rights in and to
>the Software shall remain in Joey Grasty and/or its suppliers.  You agree
>to abide by the copyright law and all other applicable laws of the
>United States including, but not limited to, export control laws.
>
>5. Joey Grasty may terminate this License at any time by delivering notice
>to you and you may terminate this License at any time by destroying or
>erasing your copy of the Software and notifying Joey Grasty of this action
>forthwith.  This License is personal to you and you agree not to assign your
>rights herein.  This License shall be governed by and construed in accordance
>with the laws of the State of Florida and, as to matters affecting copyrights,
>trademarks and patents, by U.S.  federal law.  This License sets forth the
>entire
>agreement between you and Joey Grasty.
>
>6. Use, duplication or disclosure by the Government of any locality, state
>or country, its elected officials or employees, is forbidden.
>
>7. You may not download or otherwise export or reexport the Software or
>any underlying information or technology except in full compliance with
>all United States and other applicable laws and regulations.  In
>particular, but without limitation, none of the Software or underlying
>information or technology may be downloaded or otherwise exported or
>reexported (i) into (or to a national or resident of) Cuba, Haiti,
>Iraq, Libya, Yugoslavia, North Korea, Iran, or Syria or (ii) to anyone
>on the US Treasury Department's list of Specially Designated Nationals
>or the US Commerce Department's Table of Deny Orders.  By downloading
>the Software, you are agreeing to the foregoing and you are
>representing and warranting that you are not located in, under control
>of, or a national or resident of any such country or on any such list.
>
>8. JOEY GRASTY OR ITS SUPPLIERS SHALL NOT BE LIABLE FOR (a) INCIDENTAL,
>CONSEQUENTIAL, SPECIAL OR INDIRECT DAMAGES OF ANY SORT, WHETHER ARISING IN
>TORT, CONTRACT OR OTHERWISE, EVEN IF JOEY GRASTY HAS BEEN INFORMED OF THE
>POSSIBILITY OF SUCH DAMAGES, OR (b) FOR ANY CLAIM BY ANY OTHER PARTY. THIS
>LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL
>INJURY TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. FURTHERMORE,
>SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR
>CONSEQUENTIAL DAMAGES, SO THIS LIMITATION AND EXCLUSION MAY NOT APPLY TO
>YOU.
>
>9.  HIGH RISK ACTIVITIES.  The Software is not fault-tolerant and is not
>designed, manufactured or intended for use or resale as on-line control
>equipment in hazardous environments requiring fail-safe performance, such
>as in the operation of nuclear facilities, aircraft navigation or
>communication systems, air traffic control, direct life support machines,
>or weapons systems, in which the failure of the Software could lead
>directly to death, personal injury, or severe physical or environmental
>damage ("High Risk Activities").  Joey Grasty and its suppliers specifically
>disclaim any express or implied warranty of fitness for High Risk
>Activities.
>
>Clear-sign this agreement with your PGP public key and e-mail it to
>jgrasty at gate.net.
>
>- -------------------------------cut here------------------------------------
>
>Thank you for your patience with this crude form of distribution.
>
>Regards,
>
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.2
>
>iQB1AwUBMhE2UsODO2V89BZZAQGOLAL9GU15R4N/6xIZCJGYaQ0Vlw4e7rqP06+d
>YH5806om50v/+8P9OKrxBOECEHPJLirFQcITXsYMn/DkVAcTVTrz9rKfJdzToeyB
>Bwr4vgpMqKw4oZnFGJa1PvUotSjTnETT
>=Arts
>-----END PGP SIGNATURE-----
>
>--
>Joey Grasty
>jgrasty at gate.net [home -- encryption, privacy, RKBA and other hopeless causes]
>jgrasty at pts.mot.com [work -- designing pagers]
>"Anyone who considers arithmetical methods of producing random digits is,
>of course, in a state of sin." -- John Von Neumann
>PGP = A7 CC 31 E4 7E A3 36 13  93 F4 C9 06 89 51 F5 A7

----------------------------------------------------------
Lance Cottrell   loki at obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://www.obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------







From enzo at ima.com  Wed Aug 14 02:55:33 1996
From: enzo at ima.com (Enzo Michelangeli)
Date: Wed, 14 Aug 1996 17:55:33 +0800
Subject: India, Productivity, and Tropical Climes
In-Reply-To: <199608140439.VAA28846@dns2.noc.best.net>
Message-ID: <Pine.WNT.3.95.960814145122.-981433H-100000@stanley.ima.net>


On Tue, 13 Aug 1996, James A. Donald wrote:

> At 11:31 PM 8/13/96 +0600, Arun Mehta wrote:
> > As regards IBM, its agreement with the government of India, under
> > which it was allowed to operate in the country, stipulated that
> > it would produce here, and transfer some technology. Instead, as
> > the government found, all it did was sell time on second-hand
> > computers (1401's as I recall, and this was mid  to late '70s).
> > IBM was asked to either dilute, or live up to its original
> > agreement, which it wasn't prepared to do, so it left.
> 
> Every single foreign computer company left during roughly the same 
> period, as did almost all foreign companies and anybody who had a choice.
> 
> The reasons generally given by those who left, for this mass exodus, 
> which eventually sent the government into insolvency, is that Indian 
> officials were arrogant, rude, dishonest, corrupt, continually broke 
> contracts and agreements, and attempted to exercise direct power over 
> everyone and everything.

Not only: until at least five or six years ago, the trade unions had
forced limits to the yearly increase in number of computers per year in
the banking sector (if I remember well, 2% a year for private institutions
and 1% for government owned). The government duly obliged, of course.

Tropical climate or "corporate greed" has nothing to do with inefficiency
and poverty: just compare the cases of Hong Kong or Singapore.
Rather, corrupt and populistic governments are the key factor.

Enzo






From fstuart at vetmed.auburn.edu  Wed Aug 14 03:11:13 1996
From: fstuart at vetmed.auburn.edu (Frank Stuart)
Date: Wed, 14 Aug 1996 18:11:13 +0800
Subject: [SIGNAL] Microsoft's Internet Explorer
Message-ID: <199608140728.CAA20496@snoopy.vetmed.auburn.edu>


Sorry, no rants, economic theories, or chemistry questions, but...

According to C-Net Radio (http://www.cnet.com/), Microsoft will be including
128-bit SSL encryption in their Internet Explorer 3.0 for Win 95 and NT 4.0.

It took a bit of digging but I finally found the Microsoft press release at
"http://www.microsoft.com/corpinfo/press/1996/aug96/128SECpr.htm".

                          | (Douglas) Hofstadter's Law:
                          | It always takes longer than you expect, even 
Frank Stuart              | when you take into account Hofstadter's Law.





From bea at algonet.se  Wed Aug 14 04:02:44 1996
From: bea at algonet.se (Bjorn E. Andersson)
Date: Wed, 14 Aug 1996 19:02:44 +0800
Subject: PGP...
Message-ID: <v03007803ae37330e4634@[10.0.2.15]>


-----BEGIN PGP MESSAGE-----
Version: 2.6.3ia
Comment: Processed by MacPGP Control

hIwD0O5h7jwcSMUBA/4kz1M5yeeYwTZGfB2hjpVNq1aAylyGKoWm+U65XhBCf+Wm
nb0f9vtG5nUrULgofLnTJaLpJcULOlQfhwYk0LyZztK6uU/eG2Oam5q2xLKbFS5x
qhDYjGAXKW166DhJmZJ4nfEvTJAW2rLo1fVdrhTUwhCRSGzQy5ivOytJtWu2KYUB
DAPUje/lPvqhFQEH/0uYS1kYyZLRYCioI6JAQYfNDYENX/HD2a0tbTp4NiS1Fm1U
rNPgHmn1hgqGgQlHfUu/l2Cl5l/T9/hXpF4hdxJk/PcbHbmctpaYw4wutwnym0GI
H5+ws8NXHUz7giABKnJJ1ayO55FM6pTjVtk9jTZY1X8rA4qNuypawAyfrfNAQMI8
+FV/8+mSODkt1RGJPBG/ltLSfxhBlTbEm84pdTXkOfPFq3m4N4vfuj8dfvcHnEtU
JJ9X45AIIY6A3hDLiE/H1Mb6JsL6Mp8y/OUrTjtO2tpX40f2XxaAOsBa8Zsi/Z2o
ZrqX0aOaqqcjeSqtP1CqK3U/ah2U4xbUrq3yGImmAAAGoN/9XAMkQHKAYDTqWraE
9l7+cv9NjZ4NwC0yQEQPb9fojNTBb+9JrGEJ4OLcbpE7efDQVmZzjxpKlUGP7V61
iQc8qC7TdpdRHUFxUTpKyGNgHxEow39mqKGS9isrrcNDG31MUVxOUwVfDhgJ/2Ja
V1RnpY18JsOMsJZVe645a5XOcGpZAZdax9LKFriHPO402VKV1YyB2O1VmOrHXWDH
1cpxbggcfFHQMOJ30wsPOHug/xsvegAKNonn08owVXt13F43MOJVzgV+NaSwjugD
QrThoDC/D8tFfNPe47Xkl5ZsIm0L74EQZWBYXXIOHxJD/jlbXFehHQpLcboya3C9
1wrLdchGT49s2op1svai0Fjjc8Y4RI7+eMH9eiK06tDGYnFJ3MejY9lVMrUEAmDD
MheXP8tHO1Z5Ae8W52ytN7/qT+fOkYS548KahcpWj6dohTPFhAEOFnlertTBIahV
UwaoLe0Fbv+9QQ78yBXwmJ+7lC9a0k+RXKfW7qrmgFTcyGi6wX45r3sNlVup2XaL
NZ9TGGvkpG9hJ6ZvfiwAiRNOfHIj3NNzHq/Mojd+4Wi4jARzhSZLjoF3wN6oK+uD
e86A3aFcqDSNODTilvWqJMpTiglQBbTANoX124DeNybXHO8LS2n9jHsVqP5TpTiM
onX5gdQcewbqfeQd1+go6lAUZMGgyRyRVKXIkF6qcE9aCgbt3JfWEQVOXohKOxeo
uIDBAijBTSEqLFzwLgB7zdmRDcMvJ2eTSrdZ40rt/6mCGyUqRJZyEjrj7HvcBWP8
Kz12280rwLv6K/EDVTweBcG+YS84JqMbyiJ8XXWmeMx6W3d/Bo3GHanHbkK6mAQs
taHrG0HWoRbpLkLt8b0eNCeZREbFdQzmhsSSXLdB53DTN+m4EG5y41QrMf2npP+K
An5g5cMHjpMF04GmVR20+n2MO/FXeou8IViERBWeDtM/r84RwXPvJp6WiZMp7szg
iCZWEOjui+ND+mAyZ7gkLT+NWLZX4ABpXhf+ewaxhFMCr4wYL8CKoSaXGpA/unLh
diKm0g6pCj3MvJ8Z1DxisstnIruJw/rxc4UXBbODydHaljzm5iaW9r/1LV9OdB9V
y7pRqyjj8Z310hvHgXbzWFQNeaPfAkSbE3cYJeW/sNgOB666P60AdQgUXdQssqLG
nvH0avMOTTR6X/SbUM0yxpNDWPKNBGbx2dZMxPQd7pEUinGXUBf2dxDwbmBOWCad
vwQwtI56v75gpO0kPKpelprfrV+S1lJIHBUli8BT+y9j2q+43Gxmmr9ljS4dIUSV
LPuEABIrXkt3cJOtQfu4vKE8wHre1iyY+VSWVmAoDTVciL73o9IBqrH7/sU3p6Az
hbp45h+vU2DdHS8GJjQNAffZNT9VX6FE+HarOAOHYuXv1YkQO+r6VO5D1jaJ+dh6
oIFaNNqORusRoruF59V4Hi0YvwxRhxdfp3NZsN0UpIaj39NB4Kkghgbb29GMAk6D
03mxHh8WPhSZ9kp5B0txC8WTk7LZQucrhwtTbWtLj9SWqm6R6w6X4u6c6SjNEvKg
sSO4HagyqvMjmkyq3W7lglPxK85UlUYo/t928BNl5T6fiHMxYUt6pjJarJOavd0U
BK7HQkHkMnuyDZrvEXa+1kSaaOMbxfmqhIQmcHYVpvxSjWDt3r/3kAUEwmZBFgRq
em4W6NWXPRdt6e1U02K8YS1QrO5MrqVMaRGl2SGfOZYGPjueiT7GEceH77bSQ5dD
QDnUzFdLDP7t24ZOCmTGQnVpaZeLDAuCyUfwtHqFD5HSRKlIhefYH5qh5RKpPjVh
4SvDm7e474R8DRJc6o6yPDa+0AJnb1BK2coFefFcMLO+Vg/+DiXEFcLBTDK4RTfT
o/INu7nNbIqGbeOBBoNHX+4k7E7BVjqYcqoBqviFaRxKAPxvQsC6ITU2loXjjXUl
9ljhKQ4VMqwCrE8a/mMl4VxA+92Q6IBbj7o0l7c5t3SqNPyragZItNKyZTclfSVZ
+UxbFrkQmJ89yHjiAVw6KqBfoc2lEv74kGAOEoyMPjbLi7z6Ko9E3/lvsf3m+BRz
IUpMZqlCOGuR4Gsay27YtL50cuDh2gpLTPKqZzdnTzIL2J/SOt/Y/gNuCMOQy/1p
ZjEI3Gm1s0URExAphfiO6rN13n6s2x9wQecYOw7bnFMAz13arDkPPT3FfCN9GiFh
hXjtqhkjlF0AVe/7xVXhM8lEqBWampBOv52qsDi3gRveFMEAbzwxihJN8++xFfuC
mUA=
=Um3c
-----END PGP MESSAGE-----








From ben at EdelWeb.fr  Wed Aug 14 04:34:38 1996
From: ben at EdelWeb.fr (Ben)
Date: Wed, 14 Aug 1996 19:34:38 +0800
Subject: South Florida Cypherpunks Meeting Reminder
In-Reply-To: <199608132238.SAA52914@osceola.gate.net>
Message-ID: <Pine.SUN.3.95.960814104551.4380C-100000@mercier.gctech.edelweb.fr>


> The South Florida Cypherpunks will meet at Hops Grill & Bar
> in Boynton Beach, FL on Saturday, August 17 at 2:00 PM.  As
> always, our meeting place is at a microbrewery, and this one
> has some very fine brews.

Is there anyone who would be interested in a Paris(France) cpunks meeting?

Ben.
____
Ben Samman.................................................ben at edelweb.fr
Paris, France                      Illudium Q36 Explosive Space Modulator







From jk at stallion.ee  Wed Aug 14 05:06:33 1996
From: jk at stallion.ee (=?ISO-8859-1?Q?J=FCri_Kaljundi?=)
Date: Wed, 14 Aug 1996 20:06:33 +0800
Subject: [SIGNAL] Microsoft's Internet Explorer
In-Reply-To: <199608140728.CAA20496@snoopy.vetmed.auburn.edu>
Message-ID: <Pine.GSO.3.93.960814121701.27605D-100000@nebula.online.ee>


 Wed, 14 Aug 1996, Frank Stuart kirjutas:

> According to C-Net Radio (http://www.cnet.com/), Microsoft will be including
> 128-bit SSL encryption in their Internet Explorer 3.0 for Win 95 and NT 4.0.

As M$IE 3.0 is now available for download from www.microsoft.com, I did
notice there is also a 128-bit version there, which requires you to first
fill in data about you. Unfortunately microsoft.com is so slow right now,
that I did not have a chance to try to download 128-bit version by filling
in my favourite US politicians name. 

I believe the 128-bit M$IE 3.0 should be allowed to stored on some
european crypto sites like hacktic, as it is free to everyone - with
Netscape Navigator you would be breaking the copyright, with M$IE only
ITAR.

J�ri Kaljundi
AS Stallion
jk at stallion.ee






From vince at offshore.com.ai  Wed Aug 14 07:09:56 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Wed, 14 Aug 1996 22:09:56 +0800
Subject: Passports - "fake" vs "counterfeit"
In-Reply-To: <199608140439.VAA28830@dns2.noc.best.net>
Message-ID: <Pine.LNX.3.91.960814070828.12021A@offshore>



On Tue, 13 Aug 1996, James A. Donald wrote:
>
> He never sold fake passports.  If his passports had been marked 
> "United States of America" or some such they would indeed be
> fake.  They were not fake.  

Websters defines fake with "to treat so as to falsify", "pretend",
"simulate", "imitation", "impostor", "sham", "faud", and "counterfeit". 
The passports fit most of these definitions.  A word applies if any of the
definitions work. 

If the passports had been marked "US of A" they would have been
"counterfeit". I did not say they were counterfeit (he clearly would not
be permitted to sell counterfeit passports).  

So his passports are not "counterfeit", but they are "fake". 

   --  Vince
 
-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/





From perry at alpha.jpunix.com  Wed Aug 14 07:12:10 1996
From: perry at alpha.jpunix.com (John Perry)
Date: Wed, 14 Aug 1996 22:12:10 +0800
Subject: new type2.list/pubring.mix
Message-ID: <199608141058.FAA17233@alpha.jpunix.com>


-----BEGIN PGP SIGNED MESSAGE-----

Hello Everyone,

	There is an updated type2.list/pubring.mix combination
available for the mixmaster remailer software. You can get it via WWW
from www.jpunix.com or by anonymous FTP from ftp.jpunix.com. Of note
is the addition of the squirrel remailer. Welcome aboard!

- -- 
 John Perry - perry at alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry at jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhGxS1OTpEThrthvAQERXgP9FQJK5byJ2bXPIy1jwzZSBt6qNgMRCXph
rqDRijUxehiSpmis5mq3gTtH/CcA7wAqkxLfO9izE3sC4HqWCd7B5D7KLZx9VPNG
kZvUfQrZjzubLtz4ly0DtEDtnbKTEFLZ1tJL1ZUnZgsKTLEmeEIsXDc6r5zaGC0F
E/U+SBe2oOg=
=gYJD
-----END PGP SIGNATURE-----





From bea at algonet.se  Wed Aug 14 08:00:12 1996
From: bea at algonet.se (Bjorn E. Andersson)
Date: Wed, 14 Aug 1996 23:00:12 +0800
Subject: Re- PGP
Message-ID: <v03007801ae376b562c80@[10.0.2.15]>


Sorry for the noise, I did a Cc by mistake.

Bjorn A.








From vince at offshore.com.ai  Wed Aug 14 08:00:22 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Wed, 14 Aug 1996 23:00:22 +0800
Subject: Anguilla - commercial and mailbombing policies
In-Reply-To: <Pine.LNX.3.91.960814072543.12056A-100000@offshore>
Message-ID: <Pine.LNX.3.91.960814073103.12075A-100000@offshore>



Dr.Dimitri Vulis KOTM <dlv at bwalk.dm.com>
> 
> A while back, when Vince first started advertizing his site, I asked him
>a few hypothetical questions, and he said roughly this: If client X posts
>something to Usenet from Vince's site, and if Y dislikes X's article so
>much that he mailbombs X, then Vince would pull X's plug. (I have the
>exact quote saved.) I lost interest right then. I'm not surprised that
>Vince acted dishonorably by pulling a client's plug with no warning for a
>very flimsy reason. 

That question was about commercial ads, and I said "As long as I am not
mailbombed I don't care about how you post.".  I did *not* say I would
pull the plug (full exchange below).  From your other questions it looked
like there was no chance of you being a customer so I did not fully
explain. 

I have been mailbombed around a dozen times in the last year and never cut
anyone off.  Details below (I too have the exact quote)... 

Dimitri:
> e) to spam usenet with commercial ads.

Vince:
>e) I think you would have to spam more than 100 groups to get my
>system mail bombed.  As long as I am not mailbombed I don't
>care about how you post.

First, yes, that 100 groups is off the wall.

What I meant was you can send out commercial ads and I don't care at all. 
If you get mailbombed, that is another issue.  

If mailbombed then it goes toward your traffic.  You get 100 MB/month of
traffic with a domain name, and if you go over that amount of traffic the
cost is $1/MB.  If you have prepaid by check, and I don't know who you
are, and your account goes below $0, I would cut you off till more money
came in. 

Sorry for not explaining that.

 --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/






From vince at offshore.com.ai  Wed Aug 14 08:08:00 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Wed, 14 Aug 1996 23:08:00 +0800
Subject: Anguilla - legal action or lack thereof
In-Reply-To: <Pine.LNX.3.91.960814072543.12056A-100000@offshore>
Message-ID: <Pine.LNX.3.91.960814075142.12075B-100000@offshore>



Dr.Dimitri Vulis KOTM <dlv at bwalk.dm.com>
> 
> "Greg Kucharo" <sophi at best.com> writes:
> >   While Tim may be right that nobility is lost when backing down to the
> > authorities, the fact is that this game has little to do with noble
> > purposes. ...
> 
> Nor was there any activity from the authorities.

There were activity from the authorities.  They had copies of the article
and were very concerned about it and calling around asking people who knew
me about this.  They have not started any legal action about this. 
However, my work permit is up for renewal.  They would not ever have to
take legal action to shut me down, just decide not to renew my work
permit, and I would have to leave the island. 

My lawyer says it is illegal to sell fake passports in Anguilla. So
defending this guy could easily have been a fight to my death as an
Anguilla ISP.  Not defending him means he relocates to another ISP. This
is the Internet guys, relocating a domain is not such a big deal. 
Taxbomber is using it as a reason for publicity, but he lost no email and
his web pages were not down long.  Remember regulatory arbitrage.  If one
country does not want something, there are other countries. 

I am going to apply for a 3 year work permit next time (they only gave out
1 year ones till very recently - since I applied).  Assuming I get this,
I will be in a somewhat more secure position.

   --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/





From bart.croughs at tip.nl  Wed Aug 14 08:10:35 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Wed, 14 Aug 1996 23:10:35 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB89EA.F7C73200@groningen08.pop.tip.nl>



Joel Morgan wrote:

>It seems clear that capital investment in tools will contribute to the
-productivity- of workers.  (Tools here meaning whatever machinery/
infrastructure is used to get work done.)

Bart Croughs quotes a number of economists who seem to be saying that
when capital investment leads to increased productivity (per worker)
this also leads to higher wages.

I'm not sure I understand -why- this should necessarily be so.  It's my
impression that in manufacturing industries, the more mechanized
production is, the more workers will get paid.  Then again, perhaps a
more mechanized industry will pay more because more mechanized
industries hire workers with higher skills (albeit fewer workers).

It's my impression that when a company makes capital investments which
increase productivity, the fruits of this increased worker productivity
are shared (to some extent) with the workers.  I can imagine a number of
reasons why this might be done, but it's not absolutely clear to me
that this would be a direct result of market forces.<

Increased productivity of workers leads to higher wages for workers because
of competition between employers. If a worker produces the worth of $3000 
per month for his boss, and his boss is only willing to give him $2000 
salary, then there are other employers who would be happy to give this man
a job at a higher wage. They still profit if they give him a wage of $2100 
instead of $2000. This process goes on until the salary of the worker equals 
his marginal productivity.

Bart Croughs






From bart.croughs at tip.nl  Wed Aug 14 08:16:12 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Wed, 14 Aug 1996 23:16:12 +0800
Subject: National Socio-Economic Security Need for Encryption  Technology
Message-ID: <01BB89EA.F3642600@groningen08.pop.tip.nl>


Arun Mehta wrote:

>>Bart  Croughs wrote:
>I don't assume that the *total amount* of capital will be
lowered in the US when US capital moves abroad. I assume that the
amount of capital in the US will be *relatively lower*. So the
wages will be *relatively* lower (lower than when the capital
wouldn't have left the US), but not necessarily lower in any
absolute sense. I thought this was obvious, but since Arun Mehta
also misunderstood me, maybe I should have been more explicit here.

>	Henry Hazlitt in 'economics in one lesson' (p. 139): "The best
way to raise wages, therefore, is to raise marginal labor
productivity. This can be done by many methods: by an increase in
capital accumulation - i.e. by an increase in the machines with
which the workers are aided..."

Pardon me, but I'm still confused. When Hazlitt talks about how
many machines are employed, surely that's "absolute" capital, not
relative. If US capital is invested abroad sensibly, such that it
enriches the investors, they have more money to invest in
machines at home and thereby increase local productivity (and wages). <<

If investors use their capital to invest abroad, this capital cannot at the same
 time be used to invest at home. Only after the investors decide not to invest
 abroad any more, they can invest it at home. But I was not talking about
 investors who decide to stop investing abroad and start investing at home. I
 was talking about investors who decide to invest abroad instead of at home,
 and the effect of such a decision on the wages in the US. Maybe in the future
 these investors will have more money, and will decide to stop investing abroad
 and start investing at home. But in the mean time, all the capital that's
 invested abroad diminishes the amount of capital invested at home, and so
 causes the wages at home to be less than they otherwise would have been
 (but not necessarily less in any absolute sense).

Bart Croughs






From bart.croughs at tip.nl  Wed Aug 14 08:29:20 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Wed, 14 Aug 1996 23:29:20 +0800
Subject: National Socio-Economic Security Need for Encr
Message-ID: <01BB89EA.DA36D600@groningen08.pop.tip.nl>



Chris Adams wrote:

>On 12 Aug 96 19:17:00 -0800, bart.croughs at tip.nl wrote:

>Now I will explain why the austrian economists are right.
Imagine Robinson Crusoe. In the beginning, he catches fish with his bare hands. He has no capital investment, and consequently he is not very productive. His wage will be low (he will not catch much fish). If there is more capital investment - if, for example, he has a fishing rod - he will catch more fish in less time. His productivity is higher. His wage is higher (more fish). If there is still more capital investment - if, for example, he has a boat and fishing nets - he will catch even more fish. His productivity is higher. His wage is higher. Etcetera. So, it's really not difficult to see that the Robin's standard of living depends on the amount of capital available on his island. The same goes for the rest of humanity.<


To a limited extent, that holds water.  However, how would you explain,
say, some of the construction work around here where a huge, expensive
piece of equipment is being run by some guy making less than the Cal
Trans worker with the flags?  Or guys I know who are making low-middle
class wages working on a $10,000 computer hooked up to a $1,500,000+
molding machine?  Also: lawyers -  You're getting charged $200 a billing
hour by someone who probably doesn't even use a typewriter (After all,
secretaries aren't just for oggling).  Although legal references might be
somewhat expensive, it doesn't compare to the money gained.
Also: computers.  I know people who are making an incredible amount on
old machines.  They might be using a few dollars in software (probably
2-3 hours worth at most)  and are working on a cheesy old machine. 
However, because some of these $6.25/hr typists have been putting useful
information into it, it is worth the trouble to pay someone $50/hr to fix
it.  Neither of them has invested much compared to what they're getting
in return.<

When economists say that wages depend on the amount of capital invested, 
they mean on a regional/national level, not on the level of individuals.

>Your argument only works with 2 givens: 1) A larger investment will
return at least a corresponding increase in productivity.<

This tends to be the case. If a larger investment doesn't return a corresponding
 increase in productivity, the investment will generally not be made. Happily, no
 one wants to waste his money on investments that are not productive. 

>and 2) the worker is self-employed - otherwise there are too many factors involved.
If #1 is true, *someone* will be making more money, but not necessarily
the worker.<

Yes, it's the worker who will make more money. Why? As I explained in
 another post on this subject:

"Increased productivity of workers leads to higher wages for workers because
of competition between employers. If a worker produces the worth of $3000 
per month for his employer, and his employer is only willing to give him a wage of $2000 , then there are other employers who would be happy to give this man
a job at a higher wage. They still profit if they give him a wage of $2100 
instead of $2000. This process goes on until the salary of the worker equals 
his marginal productivity."

Bart Croughs









From bart.croughs at tip.nl  Wed Aug 14 08:31:59 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Wed, 14 Aug 1996 23:31:59 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB89EA.FB826540@groningen08.pop.tip.nl>


Blanc Weber wrote:

>>From: 	Bart  Croughs
>
>You haven't answered this question yet. I don't claim that the U.S. is worse
>off when US capital moves abroad. I only ask: how can you proof that the US
>isn't worse off when US capital moves abroad? 
.............................................................


You have to be able to imagine the advantages, and you can only imagine
them when you have the background to understand the difference between
having fewer choices rather than more, a limited market base rather than
an open one full of unlimited opportunity, and the increased domestic
tensions from frustrated consumers who are likely to set up blackmarkets
as work-arounds to the lack of desired goods & services. 

Essentially, you have to want to see, and work for, the difference
resulting from unprotected markets.   I think people who put up a lot of
objections are afraid and do not want any proof of their error.   You'd
have to hold their nose to the figures, and even then they might close
their eyes....<

You are wrong. I'm not in error; I don't think the US is worse off when US
 capital moves abroad. I just want to know how you can proof it, so I would be
 able to rebut protectionist arguments. I don't know how to prove it. And, 
unfortunately, neither do you. Rhetoric is no proof.

 Bart Croughs






From bdolan at use.usit.net  Wed Aug 14 08:32:13 1996
From: bdolan at use.usit.net (Brad Dolan)
Date: Wed, 14 Aug 1996 23:32:13 +0800
Subject: Schlafly on crypto
Message-ID: <Pine.SOL.3.91.960814075845.22879A-100000@use.usit.net>


Subject: Clinton Is Trying to be Big Brother -- Phyllis Schlafly Column 8/8/96


                    Clinton Is Trying to be Big Brother



     August 8, 1996                             by Phyllis Schlafly

     We hope the appropriate government agencies will soon solve the
     recent terrorist crimes and punish the criminals. But all
     Americans who care about civil liberties should vigorously resist
     President Clinton's attempt to use the terrorist attacks as an
     excuse to carry on his all-out war against the personal privacy of
     law-abiding Americans.

     This mind-set was first revealed in the Clinton health care bill,
     which would have given the government computer access to the
     medical records of all Americans. Fortunately, that totalitarian
     takeover of the health care industry was rejected.

     The Clinton Administration's education legislation now pending in
     Congress would put personal information about all schoolchildren
     -- academic, medical, attitudinal, behavioral, and family -- into
     an expanded Labor Market Information database available to the
     government, as well as to prospective employers.

     Now the Clinton Administration is trying to make it illegal for
     individual Americans to have private conversations with one
     another. That's the real meaning of its effort to control
     encryption technology, and it's a direct assault on the First
     Amendment.

     It would be downright ridiculous to assert that the First
     Amendment guarantees our right to speak in public but not in
     private. It would be just as ridiculous to say that we have
     freedom to speak in words that the government can understand, but
     not in words the government can't decipher.

     Americans have the right to speak to one another in private,
     behind closed doors, and we should likewise have the right to
     speak to one another in code and to put our coded messages on
     computer in a process called encryption. Americans would not
     tolerate the government opening and reading the letters we send
     through the mails, and we should not tolerate the government
     opening and reading our encrypted, or coded, messages sent via
     computer.

     Yet, Attorney General Janet Reno, FBI Director Louis Freeh, and
     Vice President Al Gore are all demanding the authority to read our
     encrypted messages. In a speech to the Commonwealth Club of
     California, Reno bluntly stated her demand for "ensuring law
     enforcement access to encrypted data.''

     Reno boasted that there is "a consensus'' that the government
     should create a system known as "Key Escrow'' (i.e., a supposedly
     "neutral third party''), to which all Americans should be forced
     to "entrust'' the keys to their encrypted messages, and to which
     the government would have access. On the contrary, there is no
     such consensus.

     Do you trust Janet Reno with access to your private messages? Do
     you trust the FBI to keep your files confidential?

     The Clinton Administration is already doing 30 to 40 percent more
     federal telephone wiretaps and other electronic surveillance than
     the last year of the Bush Administration. Those figures don't even
     include national security wiretaps or the hundreds of extensions
     granting more time for wiretap orders already issued.

     FBI Director Freeh wrote the New York Times last November that
     "There is no intention to expand the number of wiretaps or the
     extent of wiretapping." Four months later, FBI documents revealed
     that the FBI does, in fact, plan to increase electronic
     surveillance 54 percent by 1998 and 130 percent by 2004.

     On July 12, Al Gore announced that the Administration will
     continue to push for the adoption of a massive public key
     infrastructure to give the government access to all encrypted
     communications. In a blatant bid for a police-state surveillance
     society, Gore warned about "the dangers of unregulated encryption
     technology."

     A neutral panel of the National Research Council was set up to
     make policy recommendations about encryption. The panel called on
     the government to abandon its efforts to restrict encryption.

     The NSC panel concluded that increased use of encryption would
     enhance our national security, not diminish it. Thirteen out of
     its 16 members had security clearances with access to secret
     information, and they saw no national security reason to justify
     the Clinton policy.

     The Clinton Administration bases its campaign to control private
     encryption on the alleged need to fight crime through wiretapping.
     However, the NSC panel concluded that the ability of the private
     sector to transfer confidential financial and other data over the
     information highway without interception is far more important.

     New technologies have given government awesome power to spy on
     individuals. The Filegate investigation accidentally uncovered the
     shocking news that, as soon as Bill Clinton entered the White
     House in 1993, he secretly spent $400,000 on software to create a
     highly sophisticated computer database to track detailed
     political, financial, attitudinal, and personal biographical
     information on 200,000 people, including members of Congress and
     the media. Known as WHODB for White House Office Data Base, the
     system was nicknamed Big Brother.

     Encryption is a First Amendment issue, not a crime issue. If the
     Clinton Administration is allowed to control encryption, it would
     be the biggest expansion of federal power since the passage of the
     Income Tax Amendment in 1913.


EAGLE FORUM -- eagle at eagleforum.org
PO Box 618
Alton, IL  62002
Phone: 618-462-5415
 ----------------------------------------------
Are you on our E-mail list?

Tell a friend about us!

http://www.eagleforum.org






From vince at offshore.com.ai  Wed Aug 14 08:48:40 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Wed, 14 Aug 1996 23:48:40 +0800
Subject: Anguilla - A DataHaven?
In-Reply-To: <Pine.LNX.3.91.960814080828.12056B-100000@offshore>
Message-ID: <Pine.LNX.3.91.960814081442.12075C-100000@offshore>



Tim:
> Rather, there is an "archetype," if you will, of what a "remailer" is, what
> a "data haven" is, what a "tax shelter" is, etc. While we cannot reasonably
> expect a remailer to exactly match the archetype, we can point out obvious
> deficiencies.

1)  Anguilla has secrecy laws.  Professional relationships are confidential.
    There are strong secrecy laws.  I have not given out taxbomber's
    name, nor will I as I could face legal action if I did.

2)  Anguilla has no sales or income taxes.  A business does not need to
    report anything about income, sales, etc, to the government (or anyone
    else).  If a guy wants to sell his data and keep 100% of the profits
    instead of 50% or 60%, then Anguilla would be a haven for him.

3)  We don't have the same laws as other countries, so there are things
    that can be done here.  For example, we can export encryption 
    software.  Also, we will have bingo.com in Anguilla.

There are deficiencies from a cypherpunk or Libertarian point of view. And
these are interesting.  And exactly what I want to do is changing. As I
said, Anguilla is not the datahaven of cypherpunks wet dreams.  I am sure
there are no datahavens that match the cypherpunk concept of an ideal
datahaven, yet. 

But I think the term DataHaven applies as well to Anguilla as any other
place I know of.  

Tim, we would all be very happy if you were to locate a country that could
be the site of the ideal datahaven, and finance a couple cypherpunks to
setup there.  It would be a big help to our cause.  Could you do this? 

In the mean time, people may have to exist in cyberspace (like
www.taxbomber.com) without having a totally secure physical location. 
This is not the end of the world, or really even that painful.  If done
right you could be down for only an hour - just long enough for
nameservers to change.  Taxbomber is now setup to do it very fast next
time, if the need ever comes.  Tim, I think you have even advocated this
approach, not stressing the physical location, just the cyberspace
location.  No? 

   --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/






From stend at grendel.austin.texas.net  Wed Aug 14 09:58:05 1996
From: stend at grendel.austin.texas.net (Firebeard)
Date: Thu, 15 Aug 1996 00:58:05 +0800
Subject: Capital and Taxes
In-Reply-To: <ae36838e05021004b025@[205.199.118.202]>
Message-ID: <199608141319.IAA23659@grendel.austin.texas.net>


>>>>> Brad Dolan writes:

BD> Now imagine that I want to make that $100K investment or, more
BD> realistically, that I want to invest $100K in my kid's college
BD> education.  I'm going to have to earn wages of $160K and pay $60K
BD> in tax.  It would make me cranky if the guy next door could just
BD> clip $100K of coupons, tax free, to pay for his kid's education.

BD> While I'm sure Steve Forbes could, I can't think of a moral
BD> argument why income from selling stock should be taxed at a rate
BD> lower (or higher) than than income from wages.

	Because, when you work harder (or more), you are (presumably)
producing more and adding to the economy.  When you leave money in an
inefficient investment, you aren't.  Of course, this is all based on
the premise that income taxes are moral in the first place. (;

-- 
#include <disclaimer.h>                               /* Sten Drescher */
ObCDABait:      For she doted upon their paramours, whose flesh is as the
flesh of asses, and whose issue is like the issue of horses.  [Eze 23:20]
Unsolicited solicitations will be proofread for a US$500/KB fee.





From amehta at giasdl01.vsnl.net.in  Wed Aug 14 10:00:48 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Thu, 15 Aug 1996 01:00:48 +0800
Subject: National Socio-Economic Security Need for Encryption  Technology
Message-ID: <1.5.4.32.19960814130043.00311c1c@giasdl01.vsnl.net.in>


At 08:33 13/08/96 -0700, James A. Donald wrote:

>the fact that an engineer who is subject to the power of the Indian
>government is not worth very much, as is demonstrated by the fact
>that companies with Indian engineering teams often spend a lot of money
>to get their employees out of India.
>
>Demand for Indian programmers is less than supply not because capital
>has somehow failed to flow to India, but because an engineer in India
>is not free to produce the value that engineers elsewhere are free
>to produce.
>
Whoa! In economies that are highly de-coupled, incomes and prices
can easily find quite different equilibria. Of course, the
situation changes when trade increases. If you visited Italy in
the mid-'70s, prices were much lower than, say, in Germany.
Somewhere in the late '70s and early '80s, prices (and I hope
wages too) rose to "international" levels.

Why hasn't it happened in India? One reason for sure is that
despite all the talk of free trade, free movement of people does
not take place. Otherwise, plumbing, gardening, and all kinds of
services could have been provided in Western countries by
Indians, reducing supply and raising wages in India. 

It really  doesn't have much to do with "the power of the Indian
government" (except that I wish they had negotiated better at
GATT so that when the free flow of goods was talked about, the
flow of services was also treated at par). India has its faults,
but it still is a relatively democratic and free country. And
yes, capital has "somehow failed to flow to India,"  and for this
the restrictive policies of government are to blame.
Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From amehta at giasdl01.vsnl.net.in  Wed Aug 14 10:06:04 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Thu, 15 Aug 1996 01:06:04 +0800
Subject: [NOISE] Re: photographed license plates
Message-ID: <1.5.4.32.19960814130126.0031caac@giasdl01.vsnl.net.in>


At 16:04 13/08/96 -0800, Jim McCoy wrote:
>Here in the states the easy challenge to
>such a ticket would be "it was not me driving when that photo was taken" and
>the burden of proof is on the prosecution to prove that you were the driver.

In Germany, as I recall, if you use this argument, the cops
require you to thereafter maintain a log of who drives the car when.

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From dcrocker at brandenburg.com  Wed Aug 14 10:40:24 1996
From: dcrocker at brandenburg.com (Dave Crocker)
Date: Thu, 15 Aug 1996 01:40:24 +0800
Subject: PGP...
In-Reply-To: <009A6C9C.E823907E.18@uni-lj.si>
Message-ID: <v03007800ae3784a734eb@[205.214.160.100]>


Responses you've gotten have foccussed on defining public versus private
key.  Some have cited how they are used, but I'd like to emphasize this:

Message authentication:

  Make a "hash" of the message, i.e., compute a short, unique tag of the
message.  (A common algorithm for this is MD5.)  Then "encrypt" the hash
using the SENDER's private key.  Anyone wishing to authenticate the message
uses the SENDER's public key to "decrypt" the hash and check it against the
message receive (i.e., recompute a new hash and compare it to the received
one.)


Message privacy:

  Encrypt the message data.  (A common algorithm is DES or, more recently,
triple DES.  PGP uses IDEA.)  To get acceptable performance, encryption is
done using a symmetric key algorithm, rather than a much slower asymmetric
(public) key algorithm.  Then "encrypt" the symmetric key using the
RECEIVER's public key.  The RECEIVER uses their private key to decrypt the
symmetric key and then uses the symmetric key to decrypt the data.


	Note that these two different functions use private keys in an
essential opposite manner, or reverse relationship.

d/


--------------------
Dave Crocker                                            +1 408 246 8253
Brandenburg Consulting                             fax: +1 408 249 6205
675 Spruce Dr.                                 dcrocker at brandenburg.com
Sunnyvale CA 94086 USA                       http://www.brandenburg.com

Internet Mail Consortium               http://www.imc.org, info at imc.org







From jad at dsddhc.com  Wed Aug 14 11:24:11 1996
From: jad at dsddhc.com (John Deters)
Date: Thu, 15 Aug 1996 02:24:11 +0800
Subject: 2600 (the magazine)
Message-ID: <2.2.32.19960814143736.0036474c@labg30>


At 12:27 AM 8/14/96 -0500, Jim Choate <ravage at einstein.ssz.com> wrote:

>The current issue of 2600 is out. I bought mine at Barnes & Nobles.
>
>It has a couple of articles on cryptography as well as a port scanner
>program for Linux.

I browsed the article on "cryptography" briefly on Monday.  I think using
the term "cryptography" to describe it is a bit strong.  The author is
encouraging people to basically XOR data with a repeating key (a modified
Vigniere) and then proclaims it forever unbreakable.

I was somewhat unimpressed.

"Why the hell doesn't Janet Reno outlaw this kind of irresponsible magazine?
They're showing KIDS how to encrypt data, for God's sake!"

Actually, one of us (he says, ducking the responsibility personally) should
probably write an article for them on how to use PGP.  (Maybe something that
doesn't use words bigger than "warez".)  I got it!  A one pager.  Paragraph
one gives the URL to Joel's PGP QuickStart (a description and a link is on
Joel's tools page at http://www.eskimo.com/~joelm/tools.html and the
executable itself is at ftp://ftp.eskimo.com/u/j/joelm/Install.exe [plug
plug]) and says, "run this program to install PGP."  The rest of the page
can be devoted to "how to hide your kewl viruses from your clueless teachurz".

Hmm.  Maybe I will write that article.  After all, they give out a free
subscription to authors (and since I buy the rag anyway) it might be worth
it.  But if someone wants to beat me to it, go for it.  I feel my ambition
slipping steadily away, and I haven't even got out of the e-mail phase
yet...  :-)

John
--
J. Deters  "Captain's log, stardate 25970-point-5.  I am nailed to the hull."
+-------------------------------------------------------+
| NET:   jad at dsddhc.com (work)    jad at pclink.com (home) |
| PSTN:  1 612 375 3116 (work)    1 612 894 8507 (home) |
| ICBM:  44^58'33"N by 93^16'42"W Elev. ~=290m (work)   |
| PGP Key ID:  768 / 15FFA875                           |
+-------------------------------------------------------+






From wb8foz at nrk.com  Wed Aug 14 11:31:10 1996
From: wb8foz at nrk.com (David Lesher)
Date: Thu, 15 Aug 1996 02:31:10 +0800
Subject: Passports - "fake" vs "counterfeit"
In-Reply-To: <Pine.LNX.3.91.960814070828.12021A@offshore>
Message-ID: <199608141447.KAA04659@nrk.com>


I'm confused here.

Vince runs a system.
A user did something Vince's attorney said might be a no-no.
Vince pulled the plug.
Tim objects.

Right?

I suggest the cure is a law, to keep Vince from booting
people off his system without due process.

-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From sparks at bah.com  Wed Aug 14 11:38:17 1996
From: sparks at bah.com (Charley Sparks)
Date: Thu, 15 Aug 1996 02:38:17 +0800
Subject: Another CP Meeting request
Message-ID: <199608141457.KAA29438@pop1.jmb.bah.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Wed Aug 14 10:54:01 1996
Anyone Interested in a DC Metro meeting ?? ( VA, MD, DC )

> The South Florida Cypherpunks will meet at Hops Grill & Bar
> in Boynton Beach, FL on Saturday, August 17 at 2:00 PM.  As
> always, our meeting place is at a microbrewery, and this one
> has some very fine brews.

Is there anyone who would be interested in a Paris(France) cpunks
 meeting?

Ben.
____
Ben Samman.................................................ben at edelweb.fr
Paris, France                      Illudium Q36 Explosive Space Modulator




-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCXAwUBMhHoi+J+JZd/Y4yVAQHM3AQMDkTqRIAigy6G5GggdRaXrlBpQrypoXJV
sbODRhUFxeP5+mHONfIIntyT+2AO7bW7RA+nSBMF6b/wNT779fGQ2/dZ7rPTzeAL
Ob9ltsTr1tdf0T9zMmM+szZER9qJ9bGQ8w6tCektO+BbuV3x/OCwBXAzFS5t1yax
1w1A2+Z9dViyVw==
=88D0
-----END PGP SIGNATURE-----






From jimbell at pacifier.com  Wed Aug 14 11:38:59 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 15 Aug 1996 02:38:59 +0800
Subject: Capital and Taxes
Message-ID: <199608141511.IAA27228@mail.pacifier.com>


At 02:01 AM 8/14/96 -0400, Brad Dolan wrote:
>On Tue, 13 Aug 1996, Timothy C. May wrote:

>> Yes, taxes will _someday_ have to be paid...but many of us are hoping,
>> praying, and pleading for a cut in the capital gains tax rate...at least a
>> rollback to the 22% rate of yesteryear (and 4% or less in states). This
>> huge "backlog" of unrealized capital gains (aka gains on paper, but not yet
>> taxable) is what is being spoken of when people like Jack Kemp and Steve
>> Forbes speak of "unleashing" the capital gains now tied up due to the high
>> tax rates.
>
>
>Now imagine that I want to make that $100K investment or, more 
>realistically, that I want to invest $100K in my kid's college education.
>I'm going to have to earn wages of $160K and pay $60K in tax.  It would 
>make me cranky if the guy next door could just clip $100K of coupons, tax 
>free, to pay for his kid's education.
>
>While I'm sure Steve Forbes could, I can't think of a moral argument why 
>income from selling stock should be taxed at a rate lower (or higher) than 
>than income from wages.

Perhaps you've forgotten double-taxation.  When a company makes a profit, it 
is taxed at the full corporate tax rate.  Paid to a stockholder, it is AGAIN 
taxed at the citizen's rate.  It's a ripoff, and the strange thing is a lot 
of citizen-dolts don't understand this or understand its implications.

It would be fairer to tax either once the corporation, or the individual, 
but not both.  Now, capital gains is merely the effect of increased value 
that hasn't yet been paid in dividend.  It would make sense, therefore, to 
simply not tax "income from selling stock" since the taxes have already been 
paid.

Jim Bell
jimbell at pacifier.com





From legg at sun1plus.liebert.com  Wed Aug 14 11:56:33 1996
From: legg at sun1plus.liebert.com (Jim Legg)
Date: Thu, 15 Aug 1996 02:56:33 +0800
Subject: Schlafly on crypto
Message-ID: <9608141523.AA02130@sun1plus.liebert.com>





> Subject: Clinton Is Trying to be Big Brother -- Phyllis Schlafly Column
8/8/96
> 

[snip!]

Beware when politicos speak!

Phyllis Schlafly would think nothing of trying to ban speech on the
internet when it is
something that she doesn't agree with.

-jim-






From perry at piermont.com  Wed Aug 14 11:57:31 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 15 Aug 1996 02:57:31 +0800
Subject: non-secure network utilities - pointers?
In-Reply-To: <Pine.SUN.3.91.960813010527.1025D-100000@quesnay.Berkeley.EDU>
Message-ID: <199608141527.LAA21142@jekyll.piermont.com>



Sam Quigley writes:
> What cypherpunk-approved (tm) -- that is, cryptographically strong, 
> freely available, and well-implemented (reliable) -- network utilities are 
> available?  I'm willing to agree to US-only license agreement iff I have 
> to...


Try SSH and friends -- they are a pretty good thing.

http://www.ssh.fi/, I believe.

Perry





From mwohler at ix.netcom.com  Wed Aug 14 11:57:31 1996
From: mwohler at ix.netcom.com (Marc J. Wohler)
Date: Thu, 15 Aug 1996 02:57:31 +0800
Subject: Stopped Clock. Was: Schlafly on Crypto
Message-ID: <199608141549.IAA12562@dfw-ix12.ix.netcom.com>


At 07:59 AM 8/14/96 -0400, you wrote:
>Subject: Clinton Is Trying to be Big Brother -- Phyllis Schlafly Column 8/8/96

It makes me ill to agree with Schlafly on any issue, but 'Even a stopped
clock.......


Unrepentant Liberial






From maldrich at grci.com  Wed Aug 14 12:04:22 1996
From: maldrich at grci.com (Mark O. Aldrich)
Date: Thu, 15 Aug 1996 03:04:22 +0800
Subject: Citation for NSA Type III & IV Crypto products
Message-ID: <Pine.SCO.3.93.960814103710.12800A-100000@grctechs.va.grci.com>


C'punks:

Most who are familiar with the Fed's crypto products are aware that the
NSA categorizes crypto products by "type."  Type I is specified as being
for classified protections (and relying upon classified key) and Type II
being for SBU/other (with unclassified-only key).  I recall, however, that
there were also categories called Type III and Type IV.  I think that Type
III had to do with industry use, with Government-generated key.  Type IV I
can't recall at all.  Now, I can't find the citation where these things
were described.  The EPL cites only Type I & II, Dockmaster has proven of
no use, and the search engines can't find anything on the Net. 

Does anyone recall where a discussion of these types can be found?

TIA.

------------------------------------------------------------------------- 
|Just as the strength of the Internet is  |Mark Aldrich                 |
|chaos, so the strength of our liberty    |GRCI INFOSEC Engineering     |
|depends upon the chaos and cacophony of  |maldrich at grci.com            |
|the unfettered speech the First Amendment|MAldrich at dockmaster.ncsc.mil |
|protects - District Judge Stewart Dalzell|                             |
|_______________________________________________________________________|
|The author is PGP Empowered.  Public key at:  finger maldrich at grci.com |
|    The opinions expressed herein are strictly those of the author     |
|         and my employer gets no credit for them whatsoever.           |
-------------------------------------------------------------------------






From perry at piermont.com  Wed Aug 14 12:04:57 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 15 Aug 1996 03:04:57 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB88FA.42D3D100@groningen16.pop.tip.nl>
Message-ID: <199608141517.LAA21122@jekyll.piermont.com>



Bart Croughs writes:
> If you still don't understand this, I suggest you study my other
> posts on this subject, or better still, you study the works of the
> Austrian economists I've quoted before.

I'm reminded of a wonderful scene from "A Fish Called Wanda" (pardon
the inexactitude of the quote):

"Idiots don't read philosophy."
"Sure they do. They just don't understand it."

Perry





From perry at piermont.com  Wed Aug 14 12:05:36 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 15 Aug 1996 03:05:36 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB88FA.25D2E3C0@groningen16.pop.tip.nl>
Message-ID: <199608141525.LAA21133@jekyll.piermont.com>



Bart Croughs writes:
> 
> >Nowhere in the writings of any Austrian economist will you find
> >anything claiming that the wages for a given job are linked to
> >capital investment by the employer.
> 
> I already gave some quotes of Austrian economists in another post, but =
> maybe you didn't read it, so here I go again:
> 
> 	Henry Hazlitt in 'economics in one lesson' (p. 139): "The best way to =
> raise wages, therefore, is to raise marginal labor productivity. This =
> can be done by many methods: by an increase in capital accumulation - =
                 ^^^^^^^^^^^^
> i.e. by an increase in the machines with which the workers are aided..."

You should read your own quotes.

No one claimed that you can't increase productivity and income on
average under some circumstances by increased capital investment. What
was being made fun of was the simplistic misunderstanding of what the
underlying mechanisms are. Prices, including the price of labor, are
set purely by the marketplace. Under some circumstances, incomes will
be determined by investment levels made by employers. Under others,
they will not.  The important feature is the market principle, not the
capital investment. The point of my "green pylons" posting was to note
that it is the market direction of the investment and not the
investment that is important. Impediments to trade create wastes of
capital just as surely as burning cash in the marketplace does. If you
were really an Austrian, and not a confused person, you would know
that all the Austrians and Chicago School people are for completely
free trade, something you don't seem to get in your expositions on
capital flows.

Perry





From dlv at bwalk.dm.com  Wed Aug 14 12:06:53 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Thu, 15 Aug 1996 03:06:53 +0800
Subject: Anguilla...etc.
In-Reply-To: <ae36aa4d09021004cad4@[205.199.118.202]>
Message-ID: <1VHNsD33w165w@bwalk.dm.com>


tcmay at got.net (Timothy C. May) writes:
> At 3:25 AM 8/14/96 Moscow Time, Dr.Dimitri Vulis KOTD wrote:
> >"Greg Kucharo" <sophi at best.com> writes:
> >>   While Tim may be right that nobility is lost when backing down to the
> >> authorities, the fact is that this game has little to do with noble
> >> purposes. ...
> >
> >Nor was there any activity from the authorities.
> >
> >A while back, when Vince first started advertizing his site, I asked him a f
> >hypothetical questions, and he said roughly this: If client X posts somethin
> >to Usenet from Vince's site, and if Y dislikes X's article so much that he
> >mailbombs X, then Vince would pull X's plug. (I have the exact quote saved.)
> >I lost interest right then. I'm not surprised that Vince acted dishonorably
> >pulling a client's plug with no warning for a very flimsy reason.
>
> "Acted dishonorably"?
>
> Really, Dimitri, are all Russians this rude? (Seeing the battles on Usenet
> between the "Sovoks" and the "Gruborbots," I'm beginning to think so.)
>
> While I think the Anguilla situation is an interesting one to analyze, I
> avoid such loaded terms as "dishonorable."

If you don't see why Vince's actions are dishonorable (and, by the way, far
ruder than anything anyone could say on any mailing list), then there's
no sense in my wasting time to explain it to you.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From shamrock at netcom.com  Wed Aug 14 12:12:55 1996
From: shamrock at netcom.com (Lucky Green)
Date: Thu, 15 Aug 1996 03:12:55 +0800
Subject: [SIGNAL] Microsoft's Internet Explorer
Message-ID: <v02120d0dae379f5d9e93@[192.0.2.1]>


At 12:22 8/14/96, J�ri Kaljundi wrote:
> Wed, 14 Aug 1996, Frank Stuart kirjutas:
>
>> According to C-Net Radio (http://www.cnet.com/), Microsoft will be including
>> 128-bit SSL encryption in their Internet Explorer 3.0 for Win 95 and NT 4.0.
>
>As M$IE 3.0 is now available for download from www.microsoft.com, I did
>notice there is also a 128-bit version there, which requires you to first
>fill in data about you. Unfortunately microsoft.com is so slow right now,
>that I did not have a chance to try to download 128-bit version by filling
>in my favourite US politicians name.

I don't see the 128 bit version. URL?



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From jk at stallion.ee  Wed Aug 14 12:23:23 1996
From: jk at stallion.ee (=?ISO-8859-1?Q?J=FCri_Kaljundi?=)
Date: Thu, 15 Aug 1996 03:23:23 +0800
Subject: [SIGNAL] Microsoft's Internet Explorer
In-Reply-To: <v02120d0dae379f5d9e93@[192.0.2.1]>
Message-ID: <Pine.GSO.3.93.960814182110.21263A-100000@nebula>


 Wed, 14 Aug 1996, Lucky Green asked:

> I don't see the 128 bit version. URL?

Neither do I anymore, but it was there yesterday. It was on the page,
where you chose the version. After that there was a form asking for your
(US citizens) name, address and phone number. After that the connection
got so slow I could not submit the form.

I believe Microsoft might have messed up something with the ITAR rules and
because of problems they do not give out the 128-bit version anymore. Or
it might have been an error and they really did not have an uncrippled
version yesterday.

J�ri Kaljundi
AS Stallion
jk at stallion.ee






From frissell at panix.com  Wed Aug 14 12:40:47 1996
From: frissell at panix.com (Duncan Frissell)
Date: Thu, 15 Aug 1996 03:40:47 +0800
Subject: Imprisoned Capital
Message-ID: <2.2.32.19960814153840.008802ec@panix.com>


At 02:12 PM 8/14/96 +-200, Bart  Croughs wrote:
>If investors use their capital to invest abroad, this capital cannot at the
same
> time be used to invest at home. Only after the investors decide not to invest
> abroad any more, they can invest it at home. But I was not talking about
> investors who decide to stop investing abroad and start investing at home. I
> was talking about investors who decide to invest abroad instead of at home,
> and the effect of such a decision on the wages in the US.

There is no straightforward link between amount of capital invested and
productivity or wages.  If there were, some steel plants in the Soviet Union
would have had the best paid and most productive workers on earth.
Additionally, countries which prevent capital outflows don't receive capital
inflows and thus become poorer.

DCF






From freematt at coil.com  Wed Aug 14 12:41:24 1996
From: freematt at coil.com (Matthew Gaylor)
Date: Thu, 15 Aug 1996 03:41:24 +0800
Subject: Thursday, 15 August: Join Matthew Gaylor in Club Wired's Electronic Frontiers Chat
Message-ID: <v0213050aae37679928be@[198.4.94.246]>


Thursday, 15 August
6 p.m. PDT
Matthew Gaylor, in Electronic Frontiers

Join Gaylor and host Jon Lebkowsky on Thursday, 15 August at 6 p.m. PDT
(Friday 01:00 GMT) in Electronic Frontiers.

     http://www.hotwired.com/eff/


[Note from Matthew Gaylor: I'll be online at ClubWired discussing
cyberlibertarianism and other pro-individual rights issues. I'm sure you'll
want to join the discussion.  I hope to see you there.]


****************************************************************************
Subscribe to Freematt's Alerts: Pro-Individual Rights Issues
Send a blank message to: freematt at coil.com with the words subscribe FA
on the subject line. List is private and moderated (7-30 messages per week)
Matthew Gaylor,1933 E. Dublin-Granville Rd.,#176, Columbus, OH  43229
****************************************************************************







From jimbell at pacifier.com  Wed Aug 14 12:46:11 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 15 Aug 1996 03:46:11 +0800
Subject: key escrow idea from David Satelin of MIT Lincoln Labs
Message-ID: <199608141555.IAA00344@mail.pacifier.com>


At 01:48 AM 8/14/96 -0400, Matt Blaze wrote:

>>Remember, since the phoneco has had no competition, they've never been at 
>>risk from being shunned by customers who object to this secret cooperation.  
>>A more "realistic" position, I think, would be to conclude that if there was 
>>true competition, customers would be able to negotiate varying levels of 
>>non-cooperation in order to win customers.  I suspect that post-Ruby 
>>Ridge/post-Waco, there would be a substantial fraction of the public who 
>>would conclude that it cannot trust its own government.
>>
>
>Well, I don't know what went on before 1968, but these days phone companies
>don't keep wiretap orders secret because they are being nice to the police,
>they keep them secret because the court order for the weretap also orders
>them to.  Perhaps you aren't aware of this, but when a third party  is
>ordered to turn over records or access to something, the order often
>includes a provision that prohibits them from revealing the order to the
>subject.  This is not unique to phone records; orders for bank records
>frequently have secrecy provisions as well.

Well, that's just the problem.  These are clear violations of the 1st 
amendment.  The law may authorize a search, but the Constitution is supposed 
to limits them to "reasonable" ones.  And it says nothing about _secret_ 
ones, either.   The effectiveness of the search itself can't possibly be 
compromised by releasing the fact of the search AFTER it occurs, which means 
that the inclusion of such a secrecy order can't even conceivably be 
supported under the US Constitution.

 Think of this as a two-pan balance:  On the one side is the 1st amendment, 
a very important issue.  One the other side is...nothing.  Or, perhaps more 
accurately, no _constitutional_ issues.  Remember, the Constitution does not 
guarantee the effectiveness of the  entire investigative process; it merely 
addresses one portion of it, the search. (and even there, it doesn't 
guarantee a successful search!)   If the government claims that the process 
is crippled by releasing the fact of the search, then I'm afraid that this 
is not an adequate reason to violate free-speech rights.  (When the famous 
Miranda warning decision was made by the Supreme Court, cops said that it 
would cripple their investigations.)

You may say, of course, "that's not how they currently interpet it," but my 
response is simple:  Any talk of tolerating any sort of key-escrow (GAK) 
system must presume that the people running it are no more honest than they 
are today.  If the cops (and the government in general) so generously 
misinterprets the government's "rights" with regard to wiretapping, there is 
simply no reason to believe that any restrictions they claim to be willing 
to respect now will actually be followed once such a plan is approved.  
Don't try to get out of this:  You can't ignore past abuses.  And if they 
were willing to do illegal taps before 1968, this tells you how inclined 
they are to obey the law.

We've been handed an opportunity:  The government wants to change its 
wiretap powers, and unlike previous times the public is actually aware of 
what's happening and can object.  I think we must take this opportunity to 
entirely re-think the search-warrant/wiretap process.  Rather than blindly 
accept the opinions of crooked judges who got where they are by 
demonstrating their willingness to "get along by going along,"  we should 
strip away all the decades of scheming, and delete the entire process.

My opinion is that wiretaps are, inherently, unreasonable searches within 
the meaning of the Bill of Rights. Interestingly, support for this 
interpretation was shown when the media stated that Japan's Constitution 
prohibited wiretapping.  This was portrayed as being somewhat of an oddity.  
But in reality, that Constitution was forced on Japan after WWII, by the US. 
 Curiouser and curiouser, that happened during a time frame (pre 1968) in 
which wiretapping was illegal in the US, and probably believed to be 
unconstitutional as well.  Since the US Constitution hasn't changed since 
then, at least with respect to searches, the only realistic conclusion is 
that the thing that's changed is the interpretation of the US Constitution, 
and not for any sound reasons either.  (That Japanese Constitution, 
apparently not subject to such convenient re-interpretation, stands as it 
was when adopted, at least on this one issue.)

In fact, the timing for this change is suspicious:  1968 was certainly a 
rather tumultuous year, what with anti-Vietnam war protests, assassinations 
and such.  Not only in the US, but even more so in France, with the student 
riots.   The motivation to adopt an unconstitutional wiretapping law must 
have been substantial.  And given the fact that public polls on the concept 
of wiretaps repeatedly show it to be opposed by a majority of the 
population, I think the burden of proof is on the Denning-types to show that 
they're appropriate.




Jim Bell
jimbell at pacifier.com





From rah at shipwright.com  Wed Aug 14 12:51:44 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Thu, 15 Aug 1996 03:51:44 +0800
Subject: DCSB: The Transnationality of Digital Cash
Message-ID: <v03007801ae37a4ffab57@[206.119.69.46]>


-----BEGIN PGP SIGNED MESSAGE-----BY SAFEMAIL 1.0-----



                 The Digital Commerce Society of Boston

                               Presents

                             Tatsuo Tanaka
                  Center on Japanese Economy & Business
                          Columbia University

                  "The Transnationality of Digital Cash"


                        Tuesday, September 3, 1996
                               12 - 2 PM
                   The Downtown Harvard Club of Boston
                     One Federal Street, Boston, MA



Tatsuo Tanaka is from the Center for Global Communications at the International
University of Japan. He is currently a Visiting Research Fellow at Columbia
University's Center on Japanese Economy & Business.

Government analysts like to stress the anonymity and security concerns of
digital cash, particularly money laundering and tax evasion.  However,
probably the most important economic consequence of digital cash to
nation-states is its transnationality.  Theoretically speaking, any bank
can issue digital cash any country's currency, even on a fractional reserve
basis, without permission from that nation-state's central bank, and
everybody in the world can use it as if that cash were issued by the
country itself. This unprecedented transnationality could make a country's
financial system unstable in terms of money supplies or exchange rates.
Tanaka goes through a possible scenario in which nation-states and
cyberspace conflict over the authority to issue digital cash, including a
possible resolution of the problem.


This meeting of the Digital Commerce Society of Boston will be held on
Tuesday, September 3, 1996 from 12pm - 2pm at the Downtown Branch of the
Harvard Club of Boston, One Federal Street. The price for lunch is $27.50.
This price includes lunch, room rental, and the speaker's lunch. ;-).  The
Harvard Club *does* have dress code: jackets and ties for men, and
"appropriate business attire" for women.

We need to receive a company check, or money order, (or if we *really* know
you, a personal check) payable to "The Harvard Club of Boston", by
Saturday, August 31, or you won't be on the list for lunch.  Checks
payable to anyone else but The Harvard Club of Boston will have to be sent
back.

Checks should be sent to Robert Hettinga, 44 Farquhar Street, Boston,
Massachusetts, 02131. Again, they *must* be made payable to "The Harvard
Club of Boston".

If anyone has questions, or has a problem with these arrangements (We've had
to work with glacial A/P departments more than once, for instance), please
let us know via e-mail, and we'll see if we can work something out.

Planned speakers for DCSB are:

 October     Philippe LeRoux      Stock Exchanges and the Web
 November    Philip S. Corwin     Regulatory Barriers to Internet Commerce

We are actively searching for future speakers.  If you are in Boston on the
first Tuesday of the month, and you would like to make a presentation to the
Society, please send e-mail to the DCSB Program Commmittee, care of Robert
Hettinga, rah at shipwright.com .

For more information about the Digital Commerce Society of Boston, send
"info dcsb" in the body of a message to majordomo at ai.mit.edu .  If you want
to subscribe to the DCSB e-mail list, send "subscribe dcsb" in the body of a
message to majordomo at ai.mit.edu .

Looking forward to seeing you there!

Cheers,
Robert Hettinga
Moderator,
The Digital Commerce Society of Boston


-----BEGIN PGP SIGNATURE-----BY SAFEMAIL 1.0-----
Version: 2.6.i

iQCVAwUBMhHz1/gyLN8bw6ZVAQGJlQQApgYjtBSEW+g3cF9qsO3SVF3dFn5ObPa6
WoP7nhldO2XbLgFQOsBqXWv+pUHu9aAxo2TaHFtqegCrr5eEbVutjKhFGdOCZqRT
QoFElygD3hKE7sITW6VM9hQaq37eylRapNuvMLo6Q49/BwuDYcWQSkCVQsBlKkP7
lp7JBVIHkMY=
=WlRo
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From jamesd at echeque.com  Wed Aug 14 13:11:16 1996
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 15 Aug 1996 04:11:16 +0800
Subject: National Socio-Economic Security Need for Encryption   Technology
Message-ID: <199608141547.IAA25312@dns1.noc.best.net>


At 08:33 13/08/96 -0700, James A. Donald wrote:
> > the fact that an engineer who is subject to the power of the Indian
> > government is not worth very much, as is demonstrated by the fact
> > that companies with Indian engineering teams often spend a lot of money
> > to get their employees out of India.
> > 
> > Demand for Indian programmers is less than supply not because capital
> > has somehow failed to flow to India, but because an engineer in India
> > is not free to produce the value that engineers elsewhere are free
> > to produce.

At 07:00 PM 8/14/96 +0600, Arun Mehta wrote:
> Whoa! In economies that are highly de-coupled, incomes and prices
> can easily find quite different equilibria.

So?  What does this have to do with the price of fish?

Are Informix campuses "highly decoupled economies".

The fact is a company like Informix has a campus in India, and
it has campuses in the US that are largely staffed by Indian teams,
and it will pay big bucks to get its people out of India, even
though it has to pay them more than ten times as much in the US.

An Indian programmer doing the same job for the same company is
more than ten times as valuable to that company if he is not 
subject to the power of the Indian government, as proven by that
companies actions.

Plainly Informix does not like the power of the Indian government,
which is no surprise as a few years ago just about every company on
earth utterly detested the power of the Indian government and would
not touch the place with a ten foot pole.

> India has its faults,
> but it still is a relatively democratic and free country.

Under democracy, people get the government they deserve and 
get it good and hard.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From mp at the-wire.com  Wed Aug 14 13:12:18 1996
From: mp at the-wire.com (M. Plumb)
Date: Thu, 15 Aug 1996 04:12:18 +0800
Subject: Toronto Signing Party (fwd)
Message-ID: <Pine.SUN.3.91.960814123204.2119A-100000@psyche.the-wire.com>



---------- Forwarded message ----------
Date: Wed, 14 Aug 1996 04:10:26 -0400
From: Richard Outerbridge <outer at interlog.com>
Newgroups: alt.security.pgp
Subject: Toronto Signing Party


-----BEGIN PGP SIGNED MESSAGE-----

1996/08/14 04:01:55 EDT
Marc Plumb and I are trying to organize a "signing party"
for anyone within range of downtown Toronto.  The tentative
date is the afternoon of Saturday September 7th.  Location
will depend on the size of the crowd: so RSVP to Marc or
myself (<mp at the-wire.com> or <outer at interlog.com>) and one
of us will get back to you during the first week of September
with the precise details.  Be patient!

Richard Outerbridge

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhGJcNNcQg4O6q8hAQE0LwP/WvmqDyLqqY28H0peWO/HJyhCInRITx7N
aCCfDYdQxjym8/AAFBHy6Luye1DpRpok0RM9OFIMVMWOFzf7Ma7hYwD2KK56IJcy
E9XDbak+DkbS/AKthxS5UXPN4Vy1VRUExxMGvXrcCIK2RvoxhT8ZbUp3pQAo/fn4
IYIHo/oTJ0Q=
=qQOf
-----END PGP SIGNATURE-----
-- 
"Just an eccentric soul with a curiosity for the bizarre."
PGPpubkey 1024/0EEAAF21 1994/07/23 <outer at interlog.com>
Fingerprint = 6A89 D49F D3DA 12E4  040A 273B F383 0127






From void at null.net  Wed Aug 14 13:19:40 1996
From: void at null.net (The Prisoner (tm))
Date: Thu, 15 Aug 1996 04:19:40 +0800
Subject: Crypto Ban Talk @ G-7
Message-ID: <32120058.66B2@null.net>


Well, even tho Tim's language was hypothetical here's this item.  Was 
some of this on the cpunks and I missed it?  Very possible, & if so, 
sorry.

===============================================[quote:]=================


In article <X6k0RD1w165w at tanda.on.ca>, marc at tanda.on.ca (Marc Thibault) 
wrote:

>     I picked up a rumor that the G-7 has endorsed a resolution calling
>     for international cooperation to control private encryption. Does
>     anybody have solid information?
>

They've been discussing it. The US and some others want it. The Japanese
and one other country won't go along. So far, talk but no action. Stay
tuned.

David [Sternlight that is  ....]





From sandfort at crl.com  Wed Aug 14 13:40:46 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Thu, 15 Aug 1996 04:40:46 +0800
Subject: Schlafly on crypto
In-Reply-To: <9608141523.AA02130@sun1plus.liebert.com>
Message-ID: <Pine.SUN.3.91.960814093658.5845D-100000@crl14.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Wed, 14 Aug 1996, Jim Legg wrote:

> Beware when politicos speak!

Good advice, but...
 
> Phyllis Schlafly would think nothing of trying to ban speech on
> the internet when it is something that she doesn't agree with.

An interesting allegation.  I wonder if it is merely rhetoric or
if Jim has any evidence to backup this statement?

Does Jim know who Phyllis' son is?


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From rah at shipwright.com  Wed Aug 14 13:55:27 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Thu, 15 Aug 1996 04:55:27 +0800
Subject: National Socio-Economic Security Need for Encryption    Technology
In-Reply-To: <199608141547.IAA25312@dns1.noc.best.net>
Message-ID: <v03007813ae37b263d075@[206.119.69.46]>


At 11:49 AM -0400 8/14/96, James A. Donald wrote:
> Under democracy, people get the government they deserve and 
> get it good and hard.

Wasn't it DeToqueville who said something like,

"Democracy is just, because a constituency of idiots will elect one?"

;-)

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From mpd at netcom.com  Wed Aug 14 13:59:47 1996
From: mpd at netcom.com (Mike Duvos)
Date: Thu, 15 Aug 1996 04:59:47 +0800
Subject: Schlafly on crypto
In-Reply-To: <9608141523.AA02130@sun1plus.liebert.com>
Message-ID: <199608141648.JAA22874@netcom20.netcom.com>



> Beware when politicos speak!

> Phyllis Schlafly would think nothing of trying to ban speech on the
> internet when it is
> something that she doesn't agree with.

Horrors.  I'm agreeing with Phyllis Schlafly. 

I know I'm going to kick myself tomorrow for saying this, but I found
that to be a very nice rant against Big Brother in many of its 
manifestations.  

Of course, we still have Little Brother (the family),
and Cousin Elmer (the Church), but isn't it nice to see that 
the RRR is on our side on such an important issue. 

Way to go Phyllis! :)

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $






From gary at systemics.com  Wed Aug 14 14:16:52 1996
From: gary at systemics.com (Gary Howland)
Date: Thu, 15 Aug 1996 05:16:52 +0800
Subject: [NOISE] "X-Ray Gun" for imperceptible searches
In-Reply-To: <v02120d0cae366bab297f@[192.0.2.1]>
Message-ID: <32120231.388F659A@systemics.com>


Lucky Green wrote:
> 
> At 9:27 8/13/96, Peter Trei wrote:
> 
> >I vaguely remember another possibly relevant precedent, where a
> >judge ruled that a warrant was required before a thermal imager
> >could be used to look at a house suspected by the police of
> >being a (pot) grow house.
> 
> Wrong. No warrant was used and the bust was upheld in court.

Hmm.  A case involving Texas cops hovering above a greenhouse for a
month using a 600mm telescope to peek through a 5-inch gap was thrown
out of court on the grounds that the crop was not in "plain view".
(Wheeler v State, Texas Court of Criminal appeals, 29/9/83).  However,
this was some time ago, so I'm sure the US constitution has been
whittled down a tad more since then.

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From ravage at EINSTEIN.ssz.com  Wed Aug 14 14:17:02 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Thu, 15 Aug 1996 05:17:02 +0800
Subject: Austin, TX: RoboFest 7
Message-ID: <199608141742.MAA07179@einstein>



Hi all,

I would like to pass the follwing along. If you have any questions then
please let me know.

If you are in Austin around this time, then stop by for a spell.


                                                       Jim Choate


  --------------------------------------------------------------------------

Date: Tue, 13 Aug 96 21:38:53    
From: "Sonia Santana" <sonia at hyperweb.com>
Subject: RE:  RoboFest 7 speaking gig
To: Jim Choate <ravage at bga.com>

The dates for RoboFest 7 are Sept. 14th & 15th and it will
be held at Dobie Mall this year.  If you are interested please 
let me know or contact Glenn Currie at <currie at eden.com> who is 
actually making the schedule for our guest speakers.

There aren't any monetary perks but we plan to reward our guests
with T-shirts, videos and movie passes to our film festival.

Please let us know by August 15th if you are interested and
can make it.  Also please let us know a title or topic of your
talk. And finally how do you want to be billed in the program.


Hope you can make it.


Sonia Santana
Admin. Coordin.
The Robot Group
http://www.robotgroup.org 









From amehta at giasdl01.vsnl.net.in  Wed Aug 14 14:33:08 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Thu, 15 Aug 1996 05:33:08 +0800
Subject: National Socio-Economic Security Need for Encryption    Technology
Message-ID: <1.5.4.32.19960814164931.0033e60c@giasdl01.vsnl.net.in>


At 08:49 14/08/96 -0700, James A. Donald wrote:
>At 07:00 PM 8/14/96 +0600, Arun Mehta wrote:
>> Whoa! In economies that are highly de-coupled, incomes and prices
>> can easily find quite different equilibria.
>
>So?  What does this have to do with the price of fish?

I was trying to explain how incomes and prices happened to be
lower in India, which is the reason why companies like Informix
like to hire Indian engineers.

>The fact is a company like Informix has a campus in India, and
>it has campuses in the US that are largely staffed by Indian teams,
>and it will pay big bucks to get its people out of India, even
>though it has to pay them more than ten times as much in the US.

I imagine (not knowing why Informix does what it does) that the
reason might have something to do with:

1) Bringing the programmer closer to the customer, to understand
the problem better, or to commission the software, debug it under
working conditions, whatever
2) If a team in the US is working on the project as well,
sometimes it helps to have the entire team physically proximate.
3) With team members far away, you may have concerns about
security of confidential information.

I could think of another reason or two.

>
>An Indian programmer doing the same job for the same company is
>more than ten times as valuable to that company if he is not 
>subject to the power of the Indian government, as proven by that
>companies actions.

Could you please be more precise? In what way does the "power of
the Indian government" intrude? You use the term "proven" rather
loosely... there could be other explanations for the company
wanting to move its employees around.

>
>Plainly Informix does not like the power of the Indian government,
>which is no surprise as a few years ago just about every company on
>earth utterly detested the power of the Indian government and would
>not touch the place with a ten foot pole.

Huh? Yes, we do have a bureaucratic state, which is infuriating,
and not just to the companies, but we've always had lots of
companies happy to be here. This is a big market, and a nice
place to live (and not just the natives say so).

>Under democracy, people get the government they deserve and 
>get it good and hard.

True -- democracy is a learning process, and the lessons
sometimes come hard. I don't know of any other way to learn.

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From dlv at bwalk.dm.com  Wed Aug 14 14:40:35 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Thu, 15 Aug 1996 05:40:35 +0800
Subject: Anguilla - commercial and mailbombing policies
In-Reply-To: <Pine.LNX.3.91.960814073103.12075A-100000@offshore>
Message-ID: <JsPNsD1w165w@bwalk.dm.com>


Vincent Cate <vince at offshore.com.ai> writes:

> 
> Dr.Dimitri Vulis KOTM <dlv at bwalk.dm.com>
> > 
> > A while back, when Vince first started advertizing his site, I asked him
> >a few hypothetical questions, and he said roughly this: If client X posts
> >something to Usenet from Vince's site, and if Y dislikes X's article so
> >much that he mailbombs X, then Vince would pull X's plug. (I have the
> >exact quote saved.) I lost interest right then. I'm not surprised that
> >Vince acted dishonorably by pulling a client's plug with no warning for a
> >very flimsy reason. 
> 
> That question was about commercial ads, and I said "As long as I am not
> mailbombed I don't care about how you post.".  I did *not* say I would
> pull the plug (full exchange below).  From your other questions it looked
> like there was no chance of you being a customer so I did not fully
> explain. 

This is known as "creative editing". No, my question was not about "commercial
spam", but about controversial Usenet posts in general. Since you seem to have
my original e-mail, you have my permission to quote it in full.

> If mailbombed then it goes toward your traffic.  You get 100 MB/month of
> traffic with a domain name, and if you go over that amount of traffic the
> cost is $1/MB.  If you have prepaid by check, and I don't know who you
> are, and your account goes below $0, I would cut you off till more money
> came in. 

I happen to be the owner of severallisteerv mailing lists, one of which is
fairly active. A few days ago someone forged subscription requests to all
three lists from a dozen notable personalities, including John Markoff,
Joshua Quittner, Emmanuel Goldstein (Eric Corley), et al. My understanding
is they were subscribed to several hundred mailing lists and some of them
had their mailboxes filled up.

It takes very little effort to send someone 200MB of e-mail these days. I
think I got several times that last time I got mailbombed by Nikki Sandru.
Do you customers realize they they might suddenly owe you hundreds of
dollars for the receipt of junk e-mail sent by some prankster?

This is another proof that Vince is a dishonorable man. An hnorable sysadmin
would protect his users from mailbomb attacks and make sure they are junked
or bounced. He wouldn't charge the victim money for being attacked.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From perry at piermont.com  Wed Aug 14 14:42:21 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 15 Aug 1996 05:42:21 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <c=US%a=_%p=msft%l=RED-81-MSG-960813204534Z-26547@tide19.microsoft.com>
Message-ID: <199608141714.NAA01978@jekyll.piermont.com>



> >From: 	Bart  Croughs
> >You haven't answered this question yet. I don't claim that the U.S. is worse
> >off when US capital moves abroad. I only ask: how can you proof that the US
> >isn't worse off when US capital moves abroad? 

Simple. Keeping capital from flowing wherever it likes leads to a non-pareto
optimal state. Care to dispute that?

Perry





From amehta at giasdl01.vsnl.net.in  Wed Aug 14 14:52:54 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Thu, 15 Aug 1996 05:52:54 +0800
Subject: India, Productivity, and Tropical Climes
Message-ID: <1.5.4.32.19960814170747.002b9dcc@giasdl01.vsnl.net.in>


At 18:59 13/08/96 -0700, Timothy C. May wrote:

>that virtually none of the countries which the most vocal critics are from
>have anything approaching the U.S. policy about immigration!

You are right -- India's immigration policy is lousy too.
However, this is an anachronism in increasingly globalizing economies.

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From Ryan.Russell at sybase.com  Wed Aug 14 14:53:21 1996
From: Ryan.Russell at sybase.com (Ryan Russell/SYBASE)
Date: Thu, 15 Aug 1996 05:53:21 +0800
Subject: Another thing the Net is being blamed for...
Message-ID: <9608141812.AA15373@notesgw2.sybase.com>


At least we didn't sue every ISP
ala CoS.  Also, I don't think he was "blaming"
the Internet neccessarily... It's been published 
in books before.

    Ryan

---------- Previous Message ----------
To: cypherpunks
cc: 
From: mirele @ xmission.com ("Deana Holmes") @ smtp
Date: 08/09/96 06:52:44 PM
Subject: Another thing the Net is being blamed for...

Yet another thing that we're being blamed for.  

FYI, the temple ceremony has been reproduced many times since it was 
first exposed in the 1840s.  The most recent revision (1990) was kept 
secret for only a short time before notorious former members got 
ahold of a tape and transcript of the ceremony.  (I have a good idea 
of how they got it.)  As far as I can tell, it didn't actually make 
it on to the Net until about 1994.

This particular Mormon churchman (Russell Ballard) gave a speech a 
year or so ago warning Mormons in vague terms about the evils of the 
Internet.  I suppose this is part of it.

=====

>From this morning's Rolley&Wells column in the Salt Lake Tribune (without
permission):

   "During a press tour this week of the LDS [Mormon] Church's new Mount
Timpanogos Temple in American Fork, a member of the news media asked
why a writtem copy of the temple ceremony was not given to members
with temple recommends so they could study it in the privacy of their
homes.
   Elder M. Russell Ballard of the Quorum of the Twelve Apostles
informed the reporter that there was no need. A church member had
'broken the covenant' -- taped the ceremony, transcribed it, and put
it on the Internet for all to read."

<end>

Deana M. Holmes
April 1996 poster child for clueless $cientology litigiousness
alt.religion.scientology archivist since 2/95
mirele at xmission.com









From tcmay at got.net  Wed Aug 14 14:59:38 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 15 Aug 1996 05:59:38 +0800
Subject: Non-U.S. programmers working for Sun and Informix
Message-ID: <ae375e9800021004711c@[205.199.118.202]>


At 3:49 PM 8/14/96, James A. Donald wrote:

>The fact is a company like Informix has a campus in India, and
>it has campuses in the US that are largely staffed by Indian teams,
>and it will pay big bucks to get its people out of India, even
>though it has to pay them more than ten times as much in the US.
>
>An Indian programmer doing the same job for the same company is
>more than ten times as valuable to that company if he is not
>subject to the power of the Indian government, as proven by that
>companies actions.

My hunch is that a much stronger reason for Informix to want to get its
programmers out of India and closer to its other U.S. programmers has to do
with what Coase called "the nature of the firm."

Friends of mine at Sun have reported to me on the severe problems they are
having with their very inexpensive to hire Russian programmers. The hope
had been that there were legions of well-trained, eager programmers and
mathematicians who could be hired for, say, a few bags of cat food. Sun,
like other companies, set up satellite operations in Russia and farmed-out
various projects.

What they're finding is that the programmers are reasonably well-trained
(and may be much better trained than most U.S. programmers, at least in
some areas...not too many CS majors in the U.S. know  what a Lebesgue
integral is, for example). However, their work is unacceptable, for various
reasons. Sun has taken to bringing over the programmers for a stay in the
U.S in order to acculturate them, innoculate them, whatever you wish to
call it, in the ways of Sun and of other American high tech companies. So
far, it isn't clear if the experiment can be salvaged.

Now certainly part of this is just the "remote control" problem, that of a
bunch of people off on their own at the end of a very long feedback loop.
Phone calls help, code reviews help, video conferencing helps, but perhaps
not enough.

And since the difference between a "mediocre" programmer and a "great"
programmer can far, far exceed any slight savings in salary, the incentives
are clear: hire locals who can work locally, or bring offshore programmers
to the local facility.

I suspect Sun's experiences with Russians are pretty similar to Informix's
experiences with Indians, with Tata Institute replacing Moscow State.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Wed Aug 14 15:05:44 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 15 Aug 1996 06:05:44 +0800
Subject: Anguilla - A DataHaven?
Message-ID: <ae374e570c02100454e7@[205.199.118.202]>



Vince Cate has written several things in the past couple of days about the
situation in Anguilla; actually, I think we've learned more about the
operation of his service in the last few days than we have in the past year
or so. Some  instructive points, and some worries.

This message contains:

* discussion of the situation Vince describes

* what I surmise to be some of the behind the scenes realpolitik

* the role of physical vs. cyberspace data havens


Rather than respond point by point to one of Vince's messages, I'll first
make a few general points, free-form:

1. As I have said, I admire what Vince has done. Evolutionary learning
can't happen without experiments and tests, so his experiment is important.

2. If Vince ends up moving in a direction different from that of operating
a traditional (!) data haven, I will not be very surprised. Were I in his
position, I might well do the same thing. (Lots of reasons, issues....)\

3. Vince seems to be a in a somewhat precarious position, awaiting renewal
of a one-year work permit. In any country, this is a shaky basis for
continuing a project. I certainly don't know what his relationship is to
the local authorities, but I sure know I'd feel constrained if I were up
for renewal like this. (Consider how the U.S. refuses to renew visas for
"undesirables," including writers whose writings the establishment
dislikes, AIDS activists, anarchists (!!!), etc.)

4. The small size of Anguilla--I surmise and feel--works against operating
the kind of "data haven" many of us feel could exist. Given that data
havens will have all sorts of unusual, undesirable, and subversive
materials, this "small community" will probably react unfavorably to any
publicity generated. (And it's in the nature of some of these customers to
"advertise" themselves flamboyantly--unlike Swiss banking--so as to
generate customers...this pretty much guarantees that there will be stories
like "Anguilla--New Source for Neo-Nazi Material!")

5. In the U.S., there are 250 million people, extensive support networks
for protecting free speech (much as we like to focus on the suppression
cases), and a legal system that really does make it pretty hard for a
bureaucrat or even the President to pick up a phone and have a business he
doesn't like shut down. I surmise, given the size of Anguilla and the
non-constitutional basis of its government, etc., that it _might_ be a lot
easier for a bureaucrat or the Governor-General, or whomever, to seriously
disrupt any business by a few phone calls. I don't know this for a fact,
but I suspect it to be true.

(The closest I've been to Anguilla is the Bahamas, and it is reported to be
seriously corrupt. I can't imagine a data haven surviving there if the
Ruling Families decided they didn't like it.)

6. So, what does this mean? It means, I believe, that small Carribbean
islands are likely to be poor choices for data havens. The more "civilized"
they are, ironically, the poorer a choice they are. (Think: pirate islands,
where "anything goes," so long as the right payoffs are made.)

7. Multidimensionality. With banking havens, there is basically only a
single degree of freedom to consider, at least insofar as deciding which
policies to consider. That is, over a period of many decades a banking
industry arises in some country (Switzerland, Austria, Lichtenstein, etc.),
with bankers, vaults, protocols for deposit and withdrawal, etc. And with
lots of fees to lubricate the whole system, provided payoffs to various
officials and royals, etc. Contrast this with a small data haven (a new
industry) in a small country, with operating margins that are razor-thin
(given the pricing structure Vince announced, I doubt Taxbomber and other
customers were paying enough to ensure a flow of payoffs to the Ruling
Families of Anguilla and the various officials that need to look the other
way).

8. That is, how will a data haven handle situations where diverse "threats"
and "abominations" are traced to the haven? Bomb information, pornography,
child porn, trade secrets, pyramid schemes, and so on? (Vince can of course
say to each of these: "Not what I want," but he may find that such ad hoc
declarations chase away most of his business...)

9. In summary, I applaud Vince's experiment. But I wouldn't call it a data
haven, based on what I've seen. Maybe a tax haven, but even this I have yet
to see much evidence for (Vince is not free to disclose who his customers
are, of course, so we are somewhat isolated.). I will say that if the only
goal is to avoid sales tax and/or income taxes, operating out of Anguilla
may not be ideal. After all, suppose there's a dispute (a la Taxbomber): is
one supposed to fly to Anguilla, hire local attorneys, and sue in the local
courts? The tens of thousands of dollars this would cost would likely swamp
any tax savings.....depends on a lot of factors, but I think you all see
the point.

Well, I've written enough. Vince asked me a few specific questions, so I'll
briefly answer:

>Tim, we would all be very happy if you were to locate a country that could
>be the site of the ideal datahaven, and finance a couple cypherpunks to
>setup there.  It would be a big help to our cause.  Could you do this?

Yes and no. Yes, if a good business opportunity presented itself, with
reasonable payback, good ideological basis, and without too many
entanglements (e.g., having to fly to Country A to check on my investment
too often). No, in that there is no "liquid market" in such investment
opportunities. That is, I can't just say "Send me your plans and how much
money you want." I might consider partly funding a venture by people
well-known to me, but, so far, no such possibilities have presented
themselves.

>In the mean time, people may have to exist in cyberspace (like
>www.taxbomber.com) without having a totally secure physical location.
>This is not the end of the world, or really even that painful.  If done
>right you could be down for only an hour - just long enough for
>nameservers to change.  Taxbomber is now setup to do it very fast next
>time, if the need ever comes.  Tim, I think you have even advocated this
>approach, not stressing the physical location, just the cyberspace
>location.  No?

Yes, I agree. I actually wrote my "Crypto Anarchist Manifesto" in mid-1988,
just a month or so before reading Sterling's "Islands in the Net," which
was focussed on physical data havens (he may've been the one to coin the
term, actually). My thinking was already heavily influenced by Vinge's
"True Names," and Chaum's work on untraceable digital cash (1985) was
well-known to me (for reasons I've written about elsewhere), so I tended to
view data havens as not being tied to physical communities where the local
potentates could revoke work permits, visas, travel permits, business
licenses, etc.

The Anguilla Experiment is certainly not changing this opinion.

(And Stephenson's "Snow Crash." in 1992, further popularized this vision of
cyberspace havens....I can't say he devised any new forms that some of us
hadn't already been thinking about, but he sure did make it a more vivid
vision through his evocative fiction.)

What the form of these "cyberspace data havens" might take is unclear.
Several pieces of technology are missing, just as they were missing four
years ago when one of the early list members contacted me to tell me how
easy it would be to set up a data haven with computers. (It wasn't easy
then, and it ain't easy now. The pieces that are missing are the
reifications of protocols we talk about a lot....mere encryption and
authentication are only the starting points, and look at how hard it's been
just to get _them_ deployed.)


--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From blancw at microsoft.com  Wed Aug 14 15:35:44 1996
From: blancw at microsoft.com (Blanc Weber)
Date: Thu, 15 Aug 1996 06:35:44 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <c=US%a=_%p=msft%l=RED-81-MSG-960814184543Z-30630@RED-05-IMC.itg.microsoft.com>


>From: 	Bart  Croughs
>
>You are wrong. I'm not in error; I don't think the US is worse off when US
> capital moves abroad. I just want to know how you can proof it, so I would
>be
> able to rebut protectionist arguments. I don't know how to prove it. And, 
>unfortunately, neither do you. Rhetoric is no proof.
...............................................

I said in my post:

>		"I think people who put up a lot of objections [...] 
		do not want any proof of their error."

Are you the one putting up the objections?  Are you the one who does not
want to see the proof which you are asking for?  I would think that
after having read Mises, Hayek, et al, the economic cause&effect
principles which they outlined would make the resulting situation pretty
clear.

   ..
Blanc

>	   
>
>





From paul at ljl.COM  Wed Aug 14 15:35:44 1996
From: paul at ljl.COM (Paul Robichaux)
Date: Thu, 15 Aug 1996 06:35:44 +0800
Subject: Verisign CA practices documents
Message-ID: <v03007802ae37d94706fd@[206.151.234.126]>


Verisign's put their Certification Practice Statement up at
<http://www.verisign.com/repository/CPSNEW>. This document appears to set
forth the policies Verisign's implementing when it acts as a CA.

I haven't fully reviewed it yet, but my hat's off to Verisign for coming
clean and clearly stating their policies.

-Paul

--
Paul Robichaux		LJL Enterprises, Inc.
paul at ljl.com		Be a cryptography user. Ask me how.







From koontz at netapp.com  Wed Aug 14 15:50:01 1996
From: koontz at netapp.com (Dave Koontz)
Date: Thu, 15 Aug 1996 06:50:01 +0800
Subject: photographed license plates
Message-ID: <9608141930.AA23408@supernova.netapp.com>


>I note those plastic cover for plates "to keep them clean"
>seem to be more & more popular.

These are not allowed in California  (although the chance of getting
popped must be quite slim, by the number you see).

I remember seeing some water based spray paints in dun colors (such as
a nice mud tan) -  Gee, officer, its just mud, <wipe>.

(Why water colors should be in spray cans is beyond me, unless intended
for taggers).





From adamsc at io-online.com  Wed Aug 14 16:31:12 1996
From: adamsc at io-online.com (Chris Adams)
Date: Thu, 15 Aug 1996 07:31:12 +0800
Subject: Schlafly on crypto
Message-ID: <199608142017.NAA08295@cygnus.com>


On 14 Aug 96 09:11:30 -0800, bdolan at use.usit.net wrote:

>     Amendment guarantees our right to speak in public but not in
>     private. It would be just as ridiculous to say that we have
>     freedom to speak in words that the government can understand, but
>     not in words the government can't decipher.

This definitely does beg the question of what the FBI would ask us to do
if, for instance, the drug dealers started hiring Navajo speakers to play
"Code-talkers" over a GAKed phone...


| Chris Adams <adamsc at io-online.com> - Webpages for sale! Se habla JavaScript!
| http://www.io-online.com/adamsc/adamsc.htp
| Autoresponder: send email w/subject of "send resume" or "send PGPKEY"

 








From ghopper at frbphil.org  Wed Aug 14 16:39:39 1996
From: ghopper at frbphil.org (Greg Hopper)
Date: Thu, 15 Aug 1996 07:39:39 +0800
Subject: Capital and Taxes
Message-ID: <199608142030.QAA25012@mail.voicenet.com>


When you consider that capital gains tax rate schedules are not indexed for
inflation, the situation's even worse than Tim's analysis implies.  Since
you pay tax on the nominal rather than the real capital gain, the effective
capital gains tax rate is really higher than the quoted rate.  
----------------------------------------------------------------------
Greg Hopper			|Disclaimer:  The opinions expressed are	 
Research Department		|my own and not necessarily those of 
Federal Reserve Bank		|the Federal Reserve Bank of Philadelphia
of Philadelphia			|or the Federal Reserve System.
10 Independence Mall		|
Philadelphia, PA 19106		|
(215) 574-3905 (voice)		|
(215) 574-4364 (fax)		|
email: ghopper at frbphil.org	|






From vldiaz at adnc.com  Wed Aug 14 16:45:30 1996
From: vldiaz at adnc.com (Vincent L. Diaz)
Date: Thu, 15 Aug 1996 07:45:30 +0800
Subject: (no subject)
Message-ID: <32122E22.E93@adnc.com>

subcribe cypherpunks at toad.com vldiaz at adnc.com

end

-- 
Regards,

VINCENT L. DIAZ
U-SAVE COMMUNICATIONS
Business Line: 619-277-2411
Fax Line:         619-277-0298
http://www.cognigen.com/agencies/

Title:  www-buyinfo mail archive: (cpx) Cypherpunk recruiting opportunity









(cpx) Cypherpunk recruiting opportunity
Robert Hettinga (rah at shipwright.com)
Thu, 2 Nov 1995 18:47:43 -0500

 Messages sorted by: [ date ][ thread ][ subject ][ author ]

 Next message: Robert Hettinga: "Re: (cpx) Re: ecash remailer"
 Previous message: Robert Hettinga: "(cpx) Re: ecash remailer"


--- begin forwarded text

Date: Thu, 2 Nov 1995 17:44:03 -0500 (EST)
From: cjl <cjl at welchlink.welch.jhu.edu>
To: Cypherpunks mailing list <cypherpunks at toad.com>
Subject: Cypherpunk recruiting opportunity
Mime-Version: 1.0
Sender: owner-cypherpunks at toad.com
Precedence: bulk


C-punx,

Considering the amount of "preaching to the choir" that goes on here I
thought that the following news item might supply a more suitable outlet
for some of the more evangelical-minded Cypherpunks.  After all, it is
perfectly clear that the science of cryptography exemplifies some of the
more exciting applications of otherwise-dry mathematics, and there is
always a need for "voices of reason" in the councils of those who would
make the 'Net safe for children.

___________________

Tech Help for Schools

While high-tech education visionaries are issuing apocalyptic warnings
about the fate of the alledgedly backward US school system, a privately
sponsored group has launched a Peace Corps-style initiative to ease
schools into the 21st century.

The Massachusetts-based Tech Corps, which recruits volunteers to help
schools harness computers and telecommunications technology, announced
last month that it is going national.  The corps, whose chief sponsor is
the Cellular Telecommunications Industry Association, will hold a
conference in Washington DC on 30 October where people can learn how to
start state chapters.  Founded by Gary J. Beach, chief executive officer
of Computerworld Inc., the corps last year recruited 300 volunteers
theough the magazine Computerworld who have been working in 12 school
districts throughout Masachusetts.

Karen Smith, Tech Corps' national director, says the response to the call
for volunteers from people in industry, government agencies, and private
consulting firms, has been "incredible."  They help school districts in
any way they are asked - such as by installing wiring, training teachers,
persuading local industry to donate hardware, and helping schools
construct World Wide Web homepages.

Interested parties can reach Tech Corp' own web page at:

http://www.ustc.org



C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl at welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )

--- end forwarded text


-----------------
Robert Hettinga (rah at shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<



 Next message: Robert Hettinga: "Re: (cpx) Re: ecash remailer"
 Previous message: Robert Hettinga: "(cpx) Re: ecash remailer"




From alano at teleport.com  Wed Aug 14 16:49:58 1996
From: alano at teleport.com (Alan Olsen)
Date: Thu, 15 Aug 1996 07:49:58 +0800
Subject: non-secure network utilities - pointers?
Message-ID: <2.2.32.19960814185533.00b17c9c@mail.teleport.com>


At 11:27 AM 8/14/96 -0400, Perry wrote:
>
>Sam Quigley writes:
>> What cypherpunk-approved (tm) -- that is, cryptographically strong, 
>> freely available, and well-implemented (reliable) -- network utilities are 
>> available?  I'm willing to agree to US-only license agreement iff I have 
>> to...
>
>
>Try SSH and friends -- they are a pretty good thing.
>
>http://www.ssh.fi/, I believe.

That is for the commercial version.  The free version (for Unix) can be
found at http://www.cs.hut.fi/ssh/ .  There is also a Windows version in
beta, as well as one for OS/2.  (There is a Mac version in development, but
no pointers on when or where it will be available.)

---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From dfloyd at io.com  Wed Aug 14 17:46:46 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Thu, 15 Aug 1996 08:46:46 +0800
Subject: key escrow idea from David Satelin of MIT Lincoln Labs
In-Reply-To: <199608141555.IAA00344@mail.pacifier.com>
Message-ID: <199608142138.QAA04243@xanadu.io.com>


> 
> You may say, of course, "that's not how they currently interpet it," but my 
> response is simple:  Any talk of tolerating any sort of key-escrow (GAK) 
> system must presume that the people running it are no more honest than they 
> are today.  If the cops (and the government in general) so generously 
> misinterprets the government's "rights" with regard to wiretapping, there is 
> simply no reason to believe that any restrictions they claim to be willing 
> to respect now will actually be followed once such a plan is approved.  
> Don't try to get out of this:  You can't ignore past abuses.  And if they 
> were willing to do illegal taps before 1968, this tells you how inclined 
> they are to obey the law.

Slightly off topic:

I haven't seen this horror of GAK discussed here, but this is (IMHO) as
important as possible abuse by LEA's.

Let's factor the LEA's out for a bit.

The US government gets their mandatory key access, and keeps their keys in
three databases in various locations.

Most foreign powers would pay someone a handsome sum to hand over these
keys.  I would bet that France or Iran would offer a billion dollars to
someone who would turn over the part of the database they preside over.

I bet that France/Iran/etc. would be able to pool together 3 billion
dollars and a nice getaway for the stooges who can grab a tape with the
escrowed keys on it.  Heck, Ames turned traitor for less.  (I am assuming
the keys as small, 1K bytes each... an 8mm Exabyte mammoth tape would be
able to carry 30 million keys.)  Even an "el cheapo" Travan TR3 tape would
be able to snarf 1.6 million keys... and that's a lot of people
compromised!

Soon, you have the US's whole security structure totally compromised.
Any business transactions, any communications are now subject to tapping
by foreign agents, and all US crypto would be absolutely powerless.  And
you thought ITAR put companies at a disadvantage. US companies would
be stomped on by competition which seems to have the same product just
slightly earlier or slightly more refined, or they would move out of the
US, so they can use strong crypto.

Even if one assumes that the LEA's are incorruptable, there are always
people who are willing to watch their country go down in flames for money.






From an681132 at anon.penet.fi  Wed Aug 14 17:50:00 1996
From: an681132 at anon.penet.fi (an681132 at anon.penet.fi)
Date: Thu, 15 Aug 1996 08:50:00 +0800
Subject: Why should we trust the system?
Message-ID: <9608142123.AA21144@anon.penet.fi>



> Preiously, jim bell <jimbell at pacifier.com>
> <snip>  However, hours after it was publicly revealed that the Atlanta 
> 911 center screwed up, wasting 10 minutes looking up the address of 
> "Centennial park,"  <snip>

After watching the news during the coverage of the 911 call, I couldn't
help but  notice the free computer advertisement.  I don't suppose that
                             GATEWAY 2000
will be doing too much  bragging about supplying systems to the Atlanta
911 call center.  Gosh, I wonder what systems my local 911 call  center
uses?     Would    they    be     able    to    find     my    address?

--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From an681132 at anon.penet.fi  Wed Aug 14 17:58:24 1996
From: an681132 at anon.penet.fi (an681132 at anon.penet.fi)
Date: Thu, 15 Aug 1996 08:58:24 +0800
Subject: No subject
Message-ID: <9608142122.AA20589@anon.penet.fi>



> Preiously, jim bell <jimbell at pacifier.com>
> <snip>  However, hours after it was publicly revealed that the Atlanta 
> 911 center screwed up, wasting 10 minutes looking up the address of 
> "Centennial park,"  <snip>

After watching the news during the coverage of the 911 call, I couldn't
help but  notice the free computer advertisement.  I don't suppose that
                             GATEWAY 2000
will be doing too much  bragging about supplying systems to the Atlanta
911 call center.  Gosh, I wonder what systems my local 911 call  center
uses?     Would    they    be     able    to    find     my    address?

--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From adam at homeport.org  Wed Aug 14 18:14:20 1996
From: adam at homeport.org (Adam Shostack)
Date: Thu, 15 Aug 1996 09:14:20 +0800
Subject: SSL / Java(tm) Toolkit Available NOW (fwd)
Message-ID: <199608142328.SAA14124@homeport.org>


FYI.  
----- Forwarded message from Joel Fan -----

>From list at glacier.mcom.com  Wed Aug 14 17:52:49 1996
Resent-Date: Wed, 14 Aug 1996 14:35:05 -0700 (PDT)
Date: Wed, 14 Aug 1996 17:37:23 -0400 (EDT)
From: Joel Fan <jfan at phaos.com>
X-Sender: jfan at columbia.digiweb.com
To: ssl-talk at netscape.com
Subject: SSL / Java(tm) Toolkit Available NOW
Message-ID: <Pine.SOL.3.91.960814173211.8297A-100000 at columbia.digiweb.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Resent-Message-ID: <"YXOYJ2.0.c67.nPa4o"@glacier>
Resent-From: ssl-talk at netscape.com
X-Mailing-List: <ssl-talk at netscape.com> archive/latest/1623
X-Loop: ssl-talk at netscape.com
Precedence: list
Resent-Sender: ssl-talk-request at netscape.com


Hello ,
  The SSLava(tm) 1.0 Toolkit implements the SSL 3.0
protocol in the Java programming language and is available
NOW, without charge, for non-commercial use, including testing.
Commercial licenses for SSLava are available as well.
  Please contact http://www.phaos.com/ for more information
or send mail to jfan at phaos.com. 

Thanks,
Joel Fan
----------------------
Phaos Technology Corp.
----------------------                                                        
[Java is a trademark of Sun Microsystems Inc.]

----- End of forwarded message from Joel Fan -----

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From eb at comsec.com  Wed Aug 14 18:41:09 1996
From: eb at comsec.com (Eric Blossom)
Date: Thu, 15 Aug 1996 09:41:09 +0800
Subject: Crypto 96 carpooling from Bay Area?
Message-ID: <199608142107.OAA13878@comsec.com>


Hi,

Anybody from the SF Bay Area interested in carpooling down to Crypto?

Eric
707-577-0409





From stewarts at ix.netcom.com  Wed Aug 14 18:52:04 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 15 Aug 1996 09:52:04 +0800
Subject: (Off Topic) Re: FCC_ups
Message-ID: <199608142306.QAA07654@toad.com>


At 10:45 AM 8/13/96 -0700, shamrock at netcom.com (Lucky Green) wrote:
>>The *real* challenge: how do you support sender- and recipient- anonymous
>>phone calls with strong security?  Have fun.
>
>Sender anonymous phone calls are easy. You route them through PipeNet,
>assuming every PipeNet node has a telephony gateway. Recipient anonymous
>phone calls a harder to implement.

Assuming PipeNet is a descendant of the Packet Laundry concept,
recipient-anonymous phone calls are also easy - build a meet-me box,
AKA conference bridge.  Recipient John Doe #3 reserves a conference bridge,
sends anon-email to John Doe #6 and John Doe #43, saying "meet me at
Bridge7.conference.netphone.com at midnight Zulu time, password 'foobar'"
and they all call in.  

Payment: If the conference bridge is run by a vanilla commercial
Internet-telephony service, it may want some sort of non-private payment, 
but would probably accept phone cards.  Otherwise you're stuck with credit
cards.

If it's run by an enlightened service provider or some sort of punknet,
it'll take anonymous digicash.  Maybe the host pays, maybe everybody.
Or you could digitally record the sounds of dropping quarters in a payphone :-)

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From ariel at compcurr.com  Wed Aug 14 19:00:57 1996
From: ariel at compcurr.com (ariel at compcurr.com)
Date: Thu, 15 Aug 1996 10:00:57 +0800
Subject: Inside Currents Vol.1,No.5
Message-ID: <199608131847.LAA01140@mail.compcurr.com>


*******************************************************
Inside Currents
Vol 1, No. 5
August 13, 1996

Inside Currents Newsletter
An electronic update from Computer Currents Interactive
http://www.currents.net

*******************************************************
CONTENTS:

1. Tech Support, on and off line:  This week's cover story in Computer
Currents Magazine
http://www.currents.net/covr

2.  Gigglebytes turns 10!
http://www.currents.net/gigg

3. Check out our online Shopping Mall
http://www.currents.net/mall

4. Computer Catalogs Online
http://www.currents.net/catalogs

5. Coming soon, from Computer Currents Interactive

6.  Computer Currents Interactive membership information
http://www.currents.net/members

*****************************************************
1. Tech Support, on and off line:  
Do you need help navigating the sea of available tech support resources?
Read our exclusive Computer Currents cover story for information about 
third
party software and hardware support companies who sell phone support, plus
fee and free online help you can find on the internet.  Also, new in our
Columns section: "Corporate PC" looks at Post-It Software Notes; "Gizmos"
explores the chaotic world of videoconferencing; Net Surfer tries Offline
Web Browsing. 

       http://www.currents.net/covr


2. Gigglebytes turns 10!
This month Computer Currents magazine celebrates the 10th anniversary of
Gigglebytes. 
Join author Lincoln Spector as he revisits his favorite articles over the 
past
decade.  Gigglebytes gives readers a humorous view on computer industry 
events,
trends and people.  

       http://www.currents.net/gigg

3. Check out our online Shopping Mall
Our new shopping mall area is still under construction, but we're already
bringing together an exciting range of regionally based goods and 
services.
Of special note: Our Net Quote service allows you to solicit price bids on
computer equipment--you can let the stores come to you.

        http://www.currents.net/mall


4. Computer Catalogs Online
If you're thinking of buying a new computer, check out the new section 
we've
got up and running!  Now our users can research computer stores in
their area (or mail order), and browse available hardware listings.  You 
can
find local contact numbers with just the click of a mouse!

        http://www.currents.net/catalogs

5. Coming soon, from Computer Currents Interactive
Discount coupons you can print out and use with local retailers;
more ways to order online through CCI; our enhanced "Computer Advisor" 
section;
stimulating chat rooms and forums; contests and surveys; more FREE stuff.


6. Computer Currents Interactive membership
CCI Membership is FREE and benefits abound! Create and edit your own 
Gallery
page,
post your resume in our Talent Bank, receive special product discounts 
from
CCI vendors,
participate in contests and surveys, and much more! If you're not already 
a
member, join CCI today.

       http://www.currents.net/members

*****************************************************
How to subscribe to Inside Currents:

To Subscribe:
1. Join CCI at https://www.currents.net/members
2. Check yes to "subscribe to Inside Currents" box.

To Unsubscribe:

 1. If you are NOT interested in receiving Inside Currents, cut and paste
this sentence and e-mail us at
caliban at compcurr.com. We'll remove your address from our list. Please be
sure to include your user name.

2. If you need further assistance, please send e-mail to 
ariel at compcurr.com


*******************************************************
Computer Currents Interactive   http://www.currents.net
The full-service online resource for computer users!
*******************************************************







From declan at well.com  Wed Aug 14 19:07:50 1996
From: declan at well.com (Declan McCullagh)
Date: Thu, 15 Aug 1996 10:07:50 +0800
Subject: HRW letter to Singapore government; German telecom URL
Message-ID: <v01510128ae3818c3c23b@[204.62.128.229]>


Attached is the letter Human Rights Watch/Asia sent to Singapore yesterday.
Kudos to HRW for taking the lead in calling attention to the actions of the
censorhappy Singaporeans. More background is at:
  http://www.eff.org/~declan/global/

Also, you can find an English version of the German telecommunications act
at:
  http://www.government.de/inland/ministerien/post/tkge00.html

-Declan

---

August 13, 1996

BY FAX: +65-375-7765

Mr. George Yeo
Minister for Information and the Arts
460 Alexandra Road, 37th Story
PSA Building
Singapore 119963

Dear Mr. Yeo,

     I am writing on behalf of Human Rights Watch/Asia to protest the recent
decision by the Singapore government to establish strict controls on Internet
use. The implementation of the Class License Scheme, which, according to a
July 11 government news release, "will focus on content which may undermine
public morals, political stability and religious harmony,"ensures a leading
role for Singapore among international promoters of online censorship. This is
a particularly unfortunate role for Singapore, which has been a leader in the
development and promotion of Internet use in Asia. It places Singapore in the
same category as countries like China, where Internet users must endure
onerous restrictions.

     One of the most unique and valuable characteristics of the Internet is
its ability to establish easy, inexpensive and practically instantaneous
communication between the farthest points of the earth. By prohibiting
connections between its citizens and various Web sites outside its borders,
Singapore is in essence removing itself from the global Internet. If, as will
surely happen, its example is followed in other countries, the Internet, which
held such promise as the world's first truly global medium, will be nothing
more than a set of country-specific networks where local prejudices and fears
are reinforced by technology.

     Our specific objections concern Singapore's decision to regulate the
Internet as if it were a broadcast medium. Unlike broadcast media, the
Internet is the first truly mass medium. Through e-mail, it allows individuals
with nothing more than a computer and a modem to express their views to an
international audience. Even the World Wide Web differs significantly from a
broadcast medium in that individuals are not confronted with a particular site
upon connecting to the Web--they may choose whichever sites they choose to
visit. As with other forms of Internet communication, anyone may put up his or
her own site on the Web. The Singapore government's own use of Web pages
demonstrates how the Internet can be used to propound a particular point of
view. Its citizens, so long as they are not using their site to incite to
violence, should have the same opportunity to express views as their
government. As stated in Article 19 of the Universal Declaration of Human
Rights:

     Everyone has the right to freedom of opinion and expression: this
     right includes freedom to hold opinions without interference and
     to seek, receive and impart information and ideas through any
     media and regardless of frontiers.

     We are particularly concerned that restrictions have been placed on
Singaporeans who wish to discuss religious and political ideas online. It is
only through unrestricted discussions of such serious topics by all members of
society, no matter how unpopular their views, that these subjects become less
explosive. Forbidding discussion--in effect, treating its citizens like
children--will, on the other hand, ensure that dangerous topics remain just
that.

     We are also concerned that the extraordinarily broad categories of
forbidden content, as outlined by the SBA, will encourage arbitrary
restrictions on communication. According to the Internet Content Guidelines,
the following topics are banned.

     Public Security and National Defense

          a.   Contents which jeopardize public security or national
               defense.
          b.   Contents which undermine the public confidence in the
               administration of justice.
          c.   Contents which present information or events in such a
               way that alarms or misleads all or any of the public.
          d.   Contents which tend to bring the Government into
               hatred or contempt, or which excite disaffection
               against the Government.

     Racial and Religious Harmony

          a.   Contents which denigrate or satirize any racial or
               religious group.
          b.   Contents which bring any race or religion into hatred
               or resentment.
          c.   Contents which promote religious deviations or occult
               practices such as Satanism.

          Public Morals

          a.        Contents which are pornographic or otherwise obscene.
          b.        Contents which propagate permissiveness or
                    promiscuity.
          c.        Contents which depict or propagate gross exploitation
                    of violence, nudity, sex or horror.
          d.   Contents which depict or propagate sexual perversions
               such as homosexuality, lesbianism, and pedophilia.

By banning such subjects a chill will be sent through the online community in
Singapore, and will render the Internet essentially useless in allowing any
kind of serious discussion.

     In addition to forbidding particular content, the government has also
announced that some sites will be banned. Internet service providers were
given the deadline of September 14, 1996,  to begin using proxy
servers--devices that can prohibit connections to specified sites--to
connect all their
subscribers.

     Although the government has promised to use a light hand in regulating
the Internet, its activities even at this early stage indicate otherwise. A
July 12 posting in the Usenet newsgroup "soc.culture.singapore" was reportedly
removed at the request of the SBA, who asked local Internet service providers
for its removal because it alleged that lawyers at a local law firm were
incompetent. The request came, according to the Straits Times, after the law
firm complained to the government. Despite the removal from the newsgroup, the
message is still widely available to Singaporeans through other Internet
sources, indicating that content control will be difficult unless Internet
access is restricted even further.

     We hope that the Singapore government will retract these repressive new
regulations, and support the development of an unfettered Internet. Instead of
using its power to restrict Internet use, the government could play a truly
useful role by devising ways to expand its use to even the most disaffected
members of its population.

                                   Sincerely,
                                   Sidney Jones
                                   Executive Director

cc:  Mr. Goh Liang Kwang, Chief Executive Officer, Singapore Broadcasting
       Authority
     Ambassador Bilahari Kausikan, Permanent Mission of Singapore to the
       United Nations








From fstuart at vetmed.auburn.edu  Wed Aug 14 19:17:23 1996
From: fstuart at vetmed.auburn.edu (Frank Stuart)
Date: Thu, 15 Aug 1996 10:17:23 +0800
Subject: Crypto Policy Variant
Message-ID: <199608142317.SAA02277@snoopy.vetmed.auburn.edu>


[...]
>Here is Staelin's idea:
>(1) You can use any crypto you want, but you must keep a record
>of the crypto keys you used.
>(2) The government can ask for the crypto keys later, if they have
>a court order, just as they can ask for any of your other papers
>or documents. You must give the key(s) to them, just as you
>must turn over your private papers in such a situation.
>(There would have to be an appropriate penalty for losing the
>key...)
[...]
>Is this workable??
[...]

Here's my key, your honor.  I used a one-time pad to do the encryption.  As
you can plainly see, the encrypted file that the prosecution made such a big
deal about contains nothing but some of my favorite verses from the King James
Bible.  You shouldn't infer anything from the fact that another key would
make the file contain the evil stuff that was alleged (even though it is a bit
strange that the last verse ends in the middle of a word).


                          | (Douglas) Hofstadter's Law:
                          | It always takes longer than you expect, even 
Frank Stuart              | when you take into account Hofstadter's Law.





From ecgwulf at postoffice.worldnet.att.net  Wed Aug 14 19:27:57 1996
From: ecgwulf at postoffice.worldnet.att.net (Llywarch Hen)
Date: Thu, 15 Aug 1996 10:27:57 +0800
Subject: Capital and Taxes
Message-ID: <2.2.16.19960814232605.1a77b8fc@postoffice.worldnet.att.net>



Quotes taken from recent Tim May posts here.

First we'll assume that economic benefits result in social benefits, 
otherwise what's the point?:
>And the cloud of ideas connected with somehow forcing capital investment to
>remain in the U.S....well, the best way to do this is to alter the tax laws
>so that America (for example) becomes a magnet for investment. (If one is
>looking to help America, that is.)

Now the example of how capital gains taxes hinder investment. First we'll 
portray an income tax as a property tax:
>something else that's terribly important: taxes must be paid on other
>assets sold to raise the $100K. For example, if I own shares in Intel,
>bought many years ago, I have to sell $160,000 worth of Intel stock, send a
>$60,000 check to Uncle Sam and Uncle Pete . . .

But this was an income tax. The capital gains are taxed at a rate less than 
earned wages and are free of the regressive social security and FICA taxes. 
Tim really doesn't want to pay his fair share, and here's the reason:
>. . . . . . . . . . . . . . . . . . . . .  and then send the remaining
>$100,000 to my friends. If the new investment *doubles*, my $100,000 gain
>is taxed at 38% and I'm left with a gain of about $62,000.
>It doesn't take a number theorist to see that I may as well have not even
>bothered. So long as I just sit on the Intel stock, no taxes are owed.
>Sounds like a no brainer to me.

Yep, we've adopted the fuzziest-headed of liberal ideas in promoting 
government as an agent of change to improve things for Tim and his pals by 
asking wage earners to subsidize his economic activities by distributing the 
costs to the public so he can enjoy the profits. But this is just the result 
of the massive jobs program whose beneficiaries prefer to call the Cold War, 
MAD, and so on. The most Keynesian solution of the century combined with a 
not so subtle transfer of wealth from the poor to the rich and renamed 
'supply-side' so its clients don't have to admit they have been on welfare 
for the last twelve or fifteen years. Combined with a massive twelve-year 
capital bull market in which it would have been difficult to lose money, we 
have a class of people who have confused personal wealth with personal merit 
and the notion that they did it on their own.

Is this simple dishonesty masquerading as intellectual dishonesty or just 
standard innocent and dim-witted Republican-Libertarian opportunism 
buttressed by quotations from free-market theologians?
>. . .
>huge "backlog" of unrealized capital gains (aka gains on paper, but not yet
>taxable) is what is being spoken of when people like Jack Kemp and Steve
>Forbes speak of "unleashing" the capital gains now tied up due to the high
>tax rates.

>Personally, I favor open borders--but no public schooling, no tax-funded
>handouts, no welfare, no child support, no public hospitals, etc.
This supposes that Tim paid the workers hired to clear brush from his land 
enough so that they could afford private schooling and excellent health 
care.

Two more quotes and from different sources.

The aristocratic complaint is quoted in Amabel William-Ellis and
F.J. Fisher, M.A., _The Story of English Life_:
"The world goeth from bad to worse when shepherd and cowherd
demand more for their labor than the master-bailiff was wont to take
in days gone by. Laborers of old were not wont to eat of wheaten
bread; their meat was of beans and coarser corn, and their drink of
water alone. Cheese and milk were a feast to them; their dress was
of hodden grey; then was the world ordered aright for folk of this
sort. Ha! age of ours, whither turnest thou? For the poor and small
folk, who should cleave to their labor, demand to be better fed than
their masters."

A widely published remark made by Mr. George Soros:
"Economic history is a never-ending series of episodes based on 
falsehoods and lies, not truths. It represents the path to big 
money. The object is to recognize that trend whose premise is 
false, ride that trend, and step off before it is discredited."

-- Llywarch Hen






From alano at teleport.com  Wed Aug 14 19:57:04 1996
From: alano at teleport.com (Alan Olsen)
Date: Thu, 15 Aug 1996 10:57:04 +0800
Subject: Schlafly on crypto
Message-ID: <2.2.32.19960814185535.00e17344@mail.teleport.com>


At 09:41 AM 8/14/96 -0700, Sandy Sandfort wrote:
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                          SANDY SANDFORT
> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
>
>C'punks,
>
>On Wed, 14 Aug 1996, Jim Legg wrote:
>
>> Beware when politicos speak!
>
>Good advice, but...
> 
>> Phyllis Schlafly would think nothing of trying to ban speech on
>> the internet when it is something that she doesn't agree with.
>
>An interesting allegation.  I wonder if it is merely rhetoric or
>if Jim has any evidence to backup this statement?

Well, I can think of a few reasons to come to that conclusion.  

- Schlafly is the head of one of the more right-wing organizations in the
country.  

- She is very closly associated with the Buchanon campaign and the Christian
coalition.  

- Her organization, the Eagle Forum, distributes a couple of anti-porn rant
tracts (http://www.eagleforum.org/users/eagle/public_html/misc/order.html)
called _Pornography's Victims $4.95 (paperback) by Schlafly, ed._ and
_Pornography Addict (Bundy Interview)_.  (Quoting Bundy is interesting in
this context, because he never collected porn, he collected cheerleading
magazines.  His "death bed confession" was a ploy to gain publicity and
sympathy out of a gulible ant-porn zealot.)

>Does Jim know who Phyllis' son is?

I know that he is gay.  His mother seems to have had some problems coming to
terms with the implications of alot of her rhetoric involving such things...
(She seems to confuse her religion with reality on this point.)

I would say there are alot of reasons to assume that Schlafly would try and
impose her morality on the rest of the country if given half the chance.
Look at the people she chooses to associate with.

---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From tcmay at got.net  Wed Aug 14 20:01:20 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 15 Aug 1996 11:01:20 +0800
Subject: Capital and Taxes
Message-ID: <ae37bc5b0102100478b3@[205.199.118.202]>


At 8:27 PM 8/14/96, Greg Hopper wrote:
>When you consider that capital gains tax rate schedules are not indexed for
>inflation, the situation's even worse than Tim's analysis implies.  Since
>you pay tax on the nominal rather than the real capital gain, the effective
>capital gains tax rate is really higher than the quoted rate.
>----------------------------------------------------------------------
>Greg Hopper                     |Disclaimer:  The opinions expressed are
>
>Research Department             |my own and not necessarily those of
>Federal Reserve Bank            |the Federal Reserve Bank of Philadelphia
>of Philadelphia                 |or the Federal Reserve System.

I certainly agree with Greg here, and find it too bad that his views do not
actually express the views of the Federal Reserve. (Actually, they may, as
I remember reading Alan Greenspan's stuff in Rand's books in the late 60s,
e.g., "Capitalism: The Unknown Ideal.")

Not only is there inflation to consider, there is the double taxation I
should've emphasized more than I did.

Wages are typically corrected for inflation (for competitiveness reasons),
but capital gains are not. That stock I bought for $20 in 1975 dollars and
am now selling for $40 in 1996 dollars, and paying 40% in taxes on the
"gain," is clearly not really a doubling.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jimbell at pacifier.com  Wed Aug 14 20:04:10 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 15 Aug 1996 11:04:10 +0800
Subject: Stopped Clock. Was: Schlafly on Crypto
Message-ID: <199608150016.RAA00804@mail.pacifier.com>


At 11:46 AM 8/14/96 -0400, Marc J. Wohler wrote:
>At 07:59 AM 8/14/96 -0400, you wrote:
>>Subject: Clinton Is Trying to be Big Brother -- Phyllis Schlafly Column 8/8/96
>
>It makes me ill to agree with Schlafly on any issue, but 'Even a stopped
>clock.......
>Unrepentant Liberial

It does seem really odd, doesn't it?  But look at it this way:  The only 
reason the knuckle-dragging conservatives are able to take the moral 
high-ground on this and other net-freedom issues is because the OTHER 
"unrependant liberals" have inexplicably abandoned the correct side of the 
argument.  The fact that the conservatives are right may seem odd, but the 
behavior of the liberals is truly astonishing.


Jim Bell
jimbell at pacifier.com





From tcmay at got.net  Wed Aug 14 20:04:58 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 15 Aug 1996 11:04:58 +0800
Subject: photographed license plates
Message-ID: <ae37be1d02021004e289@[205.199.118.202]>


At 7:30 PM 8/14/96, II I II I I I II I II II I I I I II I II wrote:
>>I note those plastic cover for plates "to keep them clean"
>>seem to be more & more popular.
>
>These are not allowed in California  (although the chance of getting
>popped must be quite slim, by the number you see).
>
>I remember seeing some water based spray paints in dun colors (such as
>a nice mud tan) -  Gee, officer, its just mud, <wipe>.

If I lived closer to the nearest city I know of with "photo tickets,"
namely, Campbell, California (about 30 miles away, over the Hill into
Silicon Valley). I would probably make sure my license plate had some real
mud on it...just enough to link some letters or numbers together to make
them unreadable with a low res. photo.

Maybe we'll have barcoded license plates sooner than we think. Then all of
those speed cameras can also track our movements.


--I II II II I I II I II II I II II I I II I I I II II


HOW TO MAKE A PIPE BOMB:
"Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack the powder. Don't even tap the bottom of the pipe to make it
settle.  You want the powder loose.  For maximum explosive effect, you need
dry, fine powder sitting loose in a very rigid container." (more
information at http://sdcc13.ucsd.edu/~m1lopez/pipe.html, or by using
search engines)







From bart.croughs at tip.nl  Wed Aug 14 20:14:00 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Thu, 15 Aug 1996 11:14:00 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB8A50.F3A1BAE0@groningen08.pop.tip.nl>


Sandy Sandfort wrote:

>I've just had an insight with regard to Bart's ongoing capital 
debate.  In response to Perry's "green pylon" post, Bart wrote:

> I am saying that the fact that American workers are better paid
> than workers in Third World countries, can be explained for a
> large part by the fact that there is much more capital invested
> in the US than in Third World countries.

Bart's error lies in his confusion of the terms "captial" and
"capital investment."  While capital may be used to make capital
investments, there are other things it can be spent for as well
(wages, taxes, supplies, etc.).  

If Bart were to use the term "infrastructure" then it would be
clear that the ebb and flow of mere capital would have relatively
little to do with infrastructure influenced wages.<  

What does 'capital' mean? The MacMillan dictionary of modern 
economics (3d edition, p. 51) says:

1) A word used to refer to a factor of production produced by the 
economic system. Capital goods are produced goods which are used as 
factor INPUTS for further PRODUCTION. As such capital can be 
distinguished from LAND and LABOUR which are not conventionally 
thought of as being themselves produced by the economic system. As a 
consequence of its heterogenous nature, the measurement of capital has 
become the source of much controversy

2) The word is also used as a term for financial ASSETS.


So, I fear that it's Sandy who is confused about the meaning of the word 
'capital', not me.

But even if it is me who is confused about the meaning of the word 
'capital' (which isn't the case), this confusion wouldn't affect my argument 
at all. If American capital is invested in foreign countries instead of in the 
US, then the total amount of capital invested in the US will be lower than 
it would have been if the capital had been invested in the US. So the 
wages in the US would be lower than they would have been if the capital 
had been invested in the US. The argument is still the same, and my 
question is still not answered.


Bart Croughs








From snow at smoke.suba.com  Wed Aug 14 20:17:07 1996
From: snow at smoke.suba.com (snow)
Date: Thu, 15 Aug 1996 11:17:07 +0800
Subject: National Socio-Economic Security Need for Encryption    Technology
In-Reply-To: <199608141547.IAA25312@dns1.noc.best.net>
Message-ID: <Pine.LNX.3.93.960814185202.721B-100000@smoke.suba.com>


On Wed, 14 Aug 1996, James A. Donald wrote:
> Under democracy, people get the government they deserve and 
> get it good and hard.

     May I add this (attributed of course) to my .sig file?

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From tcmay at got.net  Wed Aug 14 20:42:12 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 15 Aug 1996 11:42:12 +0800
Subject: Capital and Taxes
Message-ID: <ae37c5e803021004b734@[205.199.118.202]>


At 11:26 PM 8/14/96, Llywarch Hen wrote:

>Yep, we've adopted the fuzziest-headed of liberal ideas in promoting
>government as an agent of change to improve things for Tim and his pals by
>asking wage earners to subsidize his economic activities by distributing the
>costs to the public so he can enjoy the profits. But this is just the result

But there are no "costs" to be distributed. The government already taxed
the corporation once, at 40-50%, and even taxed the gain due solely to
devaluation to the currency (inflation), so all I am asking is that I not
be taxed again. Of course, they will likely do so anyway. So I'm saying I
probably won't sell assets I might otherwise have sold (not surprisingly,
some folks even want unsold assets taxed).

For the record, I paid a *lot* of taxes this year, much more (by a factor
of several) than I putatively received in benefits.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Wed Aug 14 20:54:24 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 15 Aug 1996 11:54:24 +0800
Subject: Crypto Policy Variant
Message-ID: <ae37c84d040210044735@[205.199.118.202]>


At 11:17 PM 8/14/96, Frank Stuart wrote:

>Here's my key, your honor.  I used a one-time pad to do the encryption.  As
>you can plainly see, the encrypted file that the prosecution made such a big
>deal about contains nothing but some of my favorite verses from the King James
>Bible.  You shouldn't infer anything from the fact that another key would
>make the file contain the evil stuff that was alleged (even though it is a bit
>strange that the last verse ends in the middle of a word).

Frank presents a cogent example of how the Staelin plan is a nonstarter.
That is, it's a nonstarter *if* we remove any formal evidence of which
crypto method is attached to a program.

Cycles are cheap (compared to prison terms or a bullet in the head).
Therefore, it's cheaper to let folks either make their own guesses at the
crypto involved, or try several, than it is to unambigiously narrow down
the searches to one particular algorithm, which the State can then insist
on a decryption key for.

Let the Staelin Plan be warning for us to prepare for an era in which the
particular crypto method should not be revealed.

(Cryptographically, any of the various algorithms are "polynomially
equivalent," but, practically, the "King James Defense" used by Frank,
brilliantly, will probably work. It's hard to argue with Scripture.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From sandfort at crl.com  Wed Aug 14 20:55:21 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Thu, 15 Aug 1996 11:55:21 +0800
Subject: Schlafly on crypto
In-Reply-To: <2.2.32.19960814185535.00e17344@mail.teleport.com>
Message-ID: <Pine.SUN.3.91.960814173100.22510C-100000@crl11.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Wed, 14 Aug 1996, Alan Olsen wrote:

> Well, I can think of a few reasons to come to that conclusion.  
> 
> - Schlafly is the head of one of the more right-wing
> organizations in the country.  
 
Some right-wingers don't like free speech, most do.  This 
characterization is not enlightening on the question at hand.

> - She is very closly associated with the Buchanon campaign and
> the Christian coalition.  

Does Buchanan favor censorship of the Net?  If so, what leads you
to believe Schlafly shares that particular view?  This guilt by
(assumed) association is not fair nor persuasive.

> - Her organization, the Eagle Forum, distributes a couple of
> anti-porn rant tracts (http://www.eagleforum.org/users/eagle/
> public_html/misc/order.html) called _Pornography's Victims
> $4.95 (paperback) by Schlafly, ed._ 

Being against porn does not mean one is pro-censorship.  (I don't
like smoking, but I don't think it should be illegal.)  We need
something more concrete to support such an accusation.

> I know that he [Phyllis' son] is gay.  His mother seems to have
> had some problems coming to terms with the implications of alot
> of her rhetoric involving such things...

Really?  I though she very clearly has stated that she hates the
sin, not the sinner.  What evidence does Alan have that she has
had "some problems coming to terms..."?

> (She seems to confuse her religion with reality on this point.)

As does Alan.
 
> I would say there are alot of reasons to assume that Schlafly
> would try and impose her morality on the rest of the country if
> given half the chance.

Well Alan can say anything he wants, but he has given no 
*substantive* reasons to support his prejudices.  By her article
against Net censorship, Schlafly has given us at least one piece
of evidence to the contrary.

> Look at the people she chooses to associate with.

Jesus hung out with tax collectors and prostitutes.  Look at the
people he chose to associate with.  Guilt by association again?

Look folks, in this battle, "the enemy of my enemy is my friend."
We KNOW what Clinton and his gang think of our privacy and 
freedom of speech on the Net.  Let's not cut off our noses to 
spite our faces.  If Schlarly wants to lend a hand, let's not
bite it, okay?


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From tcmay at got.net  Wed Aug 14 21:11:04 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 15 Aug 1996 12:11:04 +0800
Subject: BlackNet Bids $350 M for a DAT tape
Message-ID: <ae37cc5305021004391d@[205.199.118.202]>


At 9:38 PM 8/14/96, Douglas R. Floyd wrote:

>Most foreign powers would pay someone a handsome sum to hand over these
>keys.  I would bet that France or Iran would offer a billion dollars to
>someone who would turn over the part of the database they preside over.
>
>I bet that France/Iran/etc. would be able to pool together 3 billion
>dollars and a nice getaway for the stooges who can grab a tape with the
>escrowed keys on it.  Heck, Ames turned traitor for less.  (I am assuming
>the keys as small, 1K bytes each... an 8mm Exabyte mammoth tape would be
>able to carry 30 million keys.)  Even an "el cheapo" Travan TR3 tape would
>be able to snarf 1.6 million keys... and that's a lot of people
>compromised!

Sure, the going bid is $350 million on BlackNet. I expect the price to go
higher, as more keys are involved.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Wed Aug 14 21:17:50 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 15 Aug 1996 12:17:50 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <ae37ce1606021004a2f1@[205.199.118.202]>


At 2:23 AM 8/15/96, Bart  Croughs wrote:

>Bart's error lies in his confusion of the terms "captial" and
>"capital investment."  While capital may be used to make capital
>investments, there are other things it can be spent for as well
>(wages, taxes, supplies, etc.).
>
>If Bart were to use the term "infrastructure" then it would be
>clear that the ebb and flow of mere capital would have relatively
>little to do with infrastructure influenced wages.<

I agree.

(On the other hand, Bart might want to find ways to make the material he is
quoting more distinct from his own comments. I find it very hard to tell
which comments are Bart's and which are those he is quoting.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From sandfort at crl.com  Wed Aug 14 21:20:22 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Thu, 15 Aug 1996 12:20:22 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB8A50.F3A1BAE0@groningen08.pop.tip.nl>
Message-ID: <Pine.SUN.3.91.960814175425.22510F-100000@crl11.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 15 Aug 1996, Bart Croughs wrote:

> 2) The word is also used as a term for financial ASSETS.

Dollar bills are a financial asset, but they are not a capital
asset.  

> So, I fear that it's Sandy who is confused about the meaning of
> the word 'capital', not me.

Bart may fear all he wants, but he is still confusing the two
meanings of the word.

> But even if it is me who is confused about the meaning of the
> word 'capital' (which isn't the case), this confusion wouldn't
> affect my argument at all. If American capital is invested in
> foreign countries instead of in the US, then the total amount
> of capital invested in the US will be lower than it would have
> been if the capital had been invested in the US.

Here is where Bart's confusion lies.  If he is talking about
investment dollars, they none of his Austrian quotes bear any
relationship to his conclusion.  If he is talking about shipping
steel mills overseas, there might be some justification, but I
don't think that's what he is talking about.  

Finally, he as not shown why US investors would move their
capital (of whatever nature) from non-competitive US companies
to foreign ones.  As I said in a previous post, the most likely
to happen is that US investors will move their capital (of
whatever nature) from non-competitive US companies to other US
companies that do enjoy a competitive advantage.

On a personal note:  Bart the people on this list are highly
intelligent.  Many if not most are students of Austrian 
economics.  By the tone of your posts my best guess is that you
are young (20's?) and have little practical experience in "the
real world."  This is not a crime, but it's no great honor 
either.  The people you have been tilting with are not arguing
just to be arguing.  They have a firm grasp of the subject matter
and fine analytical minds.  Your arguments to authority are okay,
but you show a serious intellectual inflexiblity.  I sincerely 
suggest you reconsider your demeanor on this list to date, and 
work to improve it.  Don't waste your reputation capital being a
jerk.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From alanh at infi.net  Wed Aug 14 21:35:29 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 15 Aug 1996 12:35:29 +0800
Subject: [NOISE] Re: photographed license plates
In-Reply-To: <v03007802ae36fdc0b789@[17.219.103.200]>
Message-ID: <Pine.SV4.3.91.960814215051.9546B-100000@larry.infi.net>


Amazing how people forget that Sweden is, in fact, a monarchy. The king 
doesn't exercise his absolute power of life and death over his subject - 
he has appointed that to his government.

There is no liberty in Sweden. Merely googood humour on the part of the 
Sovereign.

In the USA, we have a system that ensures that the burden of proof is on 
the accuser.





From unicorn at schloss.li  Wed Aug 14 21:49:37 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Thu, 15 Aug 1996 12:49:37 +0800
Subject: Fw: Re: Free Pronto Secure Offer
In-Reply-To: <19960813152643711.AAA272@[194.90.26.157]>
Message-ID: <Pine.SUN.3.94.960814221834.28297A-100000@polaris>


On Tue, 13 Aug 1996, geoff wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> To: cypherpunks at toad.com
> Date: Tue Aug 13 18:39:12 1996
> 
> on Aug 13 Sean Sutherland wrote:
> 
> > Whatever happened to that free offer for ProntoSecure for members of
> > the Cpunk list?  Remembered hearing something about it awhile back, 
> > but I don't know exactly what it is.  Thanks.
> 
> The offer is still on. A free copy of Pronto Secure in exchange for 
> feedback. Open to anyone on the c'punk list.

"Do all the work I should be doing or have done in the first place
discover the critical flaws in my new-keen-o-ka-jive-o crypto system and I
will give you a free copy of a critically flawed crypto system (a $99.00
value) ABSOLUTELY FREE.  Wait, don't order yet.  Included you also get to
actually whitewash my fence and then mow my lawn.  All at NO COST to you."

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From unicorn at schloss.li  Wed Aug 14 21:54:31 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Thu, 15 Aug 1996 12:54:31 +0800
Subject: [NOISE] "X-Ray Gun" for imperceptible searches
In-Reply-To: <v02120d0cae366bab297f@[192.0.2.1]>
Message-ID: <Pine.SUN.3.94.960814222314.28297B-100000@polaris>


On Tue, 13 Aug 1996, Lucky Green wrote:

> At 9:27 8/13/96, Peter Trei wrote:
> 
> >I vaguely remember another possibly relevant precedent, where a
> >judge ruled that a warrant was required before a thermal imager
> >could be used to look at a house suspected by the police of
> >being a (pot) grow house.
> 
> Wrong. No warrant was used and the bust was upheld in court.

Correct.  No warrant is required to observe that which is freely collected
after eminating from the residence of another and observed off his
property.

Same concept applies to the "sniff" test and ariel views into greenhouses.

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From unicorn at schloss.li  Wed Aug 14 22:02:59 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Thu, 15 Aug 1996 13:02:59 +0800
Subject: [off-topic] Locating cell phones with power off?
In-Reply-To: <v02120d07ae3717374bfb@[192.0.2.1]>
Message-ID: <Pine.SUN.3.94.960814223329.28297E-100000@polaris>


On Tue, 13 Aug 1996, Lucky Green wrote:

> I seem to remember that somebody once mentioned that cell phones transmit
> signal even with the power switch off. Supposedly, you have to take out the
> batteries to cut the signal. The more I am thinking about it, the less
> sense it makes. Can somebody here please confirm (or deny) this rumor?
> 
> TIA,

Playing about with my phone and frequency counter, I get no signal at all
with power off but battery in.

> 
> 
> 
> -- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
>    Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
>    Vote Harry Browne for President.
> 
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From unicorn at schloss.li  Wed Aug 14 22:07:58 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Thu, 15 Aug 1996 13:07:58 +0800
Subject: [NOISE] "X-Ray Gun" for imperceptible searches
In-Reply-To: <199608132155.OAA09738@mail.pacifier.com>
Message-ID: <Pine.SUN.3.94.960814222939.28297D-100000@polaris>


On Tue, 13 Aug 1996, jim bell wrote:

> At 09:27 AM 8/13/96 -6, Peter Trei wrote:
> >
> >Tim writes:
> >
> >> I don't see how "remote scanning" of the population at large, without
> >> probable cause, is much different from the cops listening in from a
> >> distance with parabolic antennas. Both cases involve detection of signals
> >> emitted from the target. And yet such long-distance interception is not
> >> allowed without a warrant.
> >
> >I vaguely remember another possibly relevant precedent, where a
> >judge ruled that a warrant was required before a thermal imager
> >could be used to look at a house suspected by the police of
> >being a (pot) grow house.
> >Peter Trei
> >trei at process.com
> 
> There was just such a decision in Washington state about a year ago, as I 
> recall.  However, as I recall there has been a contradictory decision 
> elsewhere, so the law isn't clear.

The decision you refer to was effectively overruled.

> 
> It seems to me that the main problem with such "evidence" is not the search 
> itself, but the interpretation of the results:  Having a hot house isn't a 
> crime, and indeed it was not practically detectable before IR viewers.  And 
> an IR viewer only tells you the house is hot; it doesn't say why its hot.  
> Apparently, when the "justice system" gets a new toy, it subtly adjusts its 
> standards to use that toy, regardless of minor issues such as right and 
> wrong.  
> 
> 
> Jim Bell
> jimbell at pacifier.com
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From lzirko at c2.org  Wed Aug 14 22:13:35 1996
From: lzirko at c2.org (Lou Zirko)
Date: Thu, 15 Aug 1996 13:13:35 +0800
Subject: Fw: Re: Free Pronto Secure Offer
Message-ID: <199608150252.TAA29747@infinity.c2.org>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: unicorn at schloss.li, cypherpunks at toad.com, geoff at commtouch.co.il
Date: Wed Aug 14 21:52:47 1996
Personally I enjoyed helping to bring to market a full-featured PGP-aware 
mail package.  It was a product that I was interested in seeing and was 
able to participate in making suggestions as to features, etc.  It 
particular, Geoff was most help full in making sure that if performed under 
NT which was not initially supported, but is my platform (along with 
Linux).  It is a good product and will help to ease usability of PGP for 
people that are afraid of the steps required by many mailers to utilize 
PGP.  If I remember, your platform in Linux and you should not be so quick 
to criticize what you may have not seen.

for > On Tue, 13 Aug 1996, geoff wrote:
> 
> > -----BEGIN PGP SIGNED MESSAGE-----

> 
> "Do all the work I should be doing or have done in the first place
> discover the critical flaws in my new-keen-o-ka-jive-o crypto system and
>  I
> will give you a free copy of a critically flawed crypto system (a
>  $99.00
> value) ABSOLUTELY FREE.  Wait, don't order yet.  Included you also get
>  to
> actually whitewash my fence and then mow my lawn.  All at NO COST to
>  you."
> 
> --
> I hate lightning - finger for public key - Vote Monarchist
> unicorn at schloss.li
> 
> 
> 

Lou Zirko                                (502)383-2175
Zystems                                  lzirko at c2.org
"We're all bozos on this bus" - Nick Danger, Third Eye

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: latin1

iQEVAwUBMhKREMtPRTNbb5z9AQEyywgAwvmF9zh46X6KpgprzbTEWsl2v8MFCOU0
s5LVvO8gt3IN3GRWAGaMsmsAuDhP7KdyG7UGSuJlstPd0sJWO+7vw6XDn4kZhsZH
/3aN0FVwYJJOf51rEmHOYc0JagNRUlRIMtkiRr019JRmb+7s+6uO6B6r1ojT0SCe
NOS8lHOGUOqD2OaYX8vhg2nH18AwNn+WRPsURCkcp3xhF9T3PiDasvYVCsirizqL
ePk8NcOIrTR9eEp1rfTkOpx5jfG/2Q5epOrwx0a4UD/6AWebnrX0bPQC1mXtTU1P
BDVDtYtgJo0YIDtDjoLqsjnSeni4ZjyVLoTc80dQgrXJN9V7g+PiFQ==
=pU+b
-----END PGP SIGNATURE-----




From unicorn at schloss.li  Wed Aug 14 22:16:32 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Thu, 15 Aug 1996 13:16:32 +0800
Subject: photographed license plates
In-Reply-To: <199608132339.TAA01485@nrk.com>
Message-ID: <Pine.SUN.3.94.960814222805.28297C-100000@polaris>


On Tue, 13 Aug 1996, David Lesher wrote:

> I note those plastic cover for plates "to keep them clean"
> seem to be more & more popular.

As are plates with polarized lenses which obscure any view of a plate at
an angle of less than about 80 degrees.

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From ravage at EINSTEIN.ssz.com  Wed Aug 14 22:18:18 1996
From: ravage at EINSTEIN.ssz.com (Jim Choate)
Date: Thu, 15 Aug 1996 13:18:18 +0800
Subject: [NOISE] "X-Ray Gun" for imperceptible searches (fwd)
Message-ID: <199608150313.WAA08490@einstein>



Forwarded message:

> Date: Wed, 14 Aug 1996 22:24:39 -0400 (EDT)
> From: Black Unicorn <unicorn at schloss.li>
> Subject: Re: [NOISE] "X-Ray Gun" for imperceptible searches
> 
> Correct.  No warrant is required to observe that which is freely collected
> after eminating from the residence of another and observed off his
> property.
> 
> Same concept applies to the "sniff" test and ariel views into greenhouses.

Pitty somebody doesn't bring a suite against the FCC under this logic. It
would particularly impact radar detectors, cell phones, and other types of
scanners.

                                                 Jim Choate






From wb8foz at nrk.com  Wed Aug 14 22:24:05 1996
From: wb8foz at nrk.com (David Lesher)
Date: Thu, 15 Aug 1996 13:24:05 +0800
Subject: photographed license plates
In-Reply-To: <Pine.SUN.3.94.960814222805.28297C-100000@polaris>
Message-ID: <199608150242.WAA07974@nrk.com>


> 
> On Tue, 13 Aug 1996, David Lesher wrote:
> 
> > I note those plastic cover for plates "to keep them clean"
> > seem to be more & more popular.
> 
> As are plates with polarized lenses which obscure any view of a plate at
> an angle of less than about 80 degrees.

I wonder if the answer isn't those corner reflector prisms?
The machine usually has a flashtube. If you make a licence-plate
frame with them around the edge......


-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From tcmay at got.net  Wed Aug 14 22:39:19 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 15 Aug 1996 13:39:19 +0800
Subject: Burden of proof
Message-ID: <ae37e59e070210042a4f@[205.199.118.202]>


At 1:53 AM 8/15/96, Alan Horowitz wrote:

>In the USA, we have a system that ensures that the burden of proof is on
>the accuser.

Which explains why in the  U.S. the tax authorities take the money first
and then require the citizen to be the "accuser" in Tax Court, pleading to
get his seized assets back.

(To outsiders, the U.S. tax authorities have broad powers to seize
properties without any court process, to attach wages, to deputize
employers and banks as unpaid tax collectors, and to harass citizens.
Citizen-units may sue, of course, but the burden of proof is on them to
prove that they are owed a refund. A man who saves money and puts it in his
mattress can have it seized and taken from him. He must produce proof that
it is his money, never mind that he already paid taxes on it and never mind
that there is no way someone who saves currency can have a proper paper
trail. So much for "burdens of proof.")

--Tim May

HOW TO MAKE A PIPE BOMB:
"Buy a section of metal water pipe 1/2 by 6 inches long, threaded on both
ends.  Buy two metal caps to fit.  These are standard items in hardware
stores.  Drill a 1/16th hole in the center of the pipe. This is easy with a
good drill bit. Hanson is a good brand to use.  Screw a metal cap tightly
on one end. Fill the pipe to within 1/2 inch of the top with black powder.
Do not pack the powder. Don't even tap the bottom of the pipe to make it
settle.  You want the powder loose.  For maximum explosive effect, you need
dry, fine powder sitting loose in a very rigid container." (more
information at http://sdcc13.ucsd.edu/~m1lopez/pipe.html, or by using
search engines)







From shamrock at netcom.com  Wed Aug 14 22:42:04 1996
From: shamrock at netcom.com (Lucky Green)
Date: Thu, 15 Aug 1996 13:42:04 +0800
Subject: [off-topic] Locating cell phones with power off?
Message-ID: <v02120d0eae384741d4cf@[192.0.2.1]>


-----BEGIN PGP MESSAGE-----
Version: 2.6.3

hQEMAy1onm9OaF05AQf9HrOT3gvf+p/v9oNWcClCrgNPxHqR3Ro+Ai3OdYJOgmPK
neIs5I7bQ0g4vfdN/T1daZRXMhmwIBD0JUZeZqjNGYHczBT5poxQSgrruHx3dHa6
hvZDRkH4YV2nynRWpQ3tGcsMPiEU2yHIfG8ts8XGF4AoikCPSAy4rJaZl856V5KM
1K5lLZA+kL5meAGaN4o0HxTnNU3KxPctKd1UJUruZvDSBx03rYYGGLIlI6i0JCA8
3lCPcIGFhEehV8UWy9xdoinM5oF23hB80gIEtrV//dpXk9aKE6OfKs0d6lTO1Gq/
EDIxgKnwOvX+zGd6UjubvomfH1Z+GOVtQi7oFHlvaqYAAAGQj8eyiz0s8Sgq3c7a
eIxcUZ5TwMgFnfCFTuJrXZ5K4/pVdPAMvDZzGXI6J/1Fry89NQ3zup34RbR2HxTz
E64QgkF+mzrWu18SaVgggHAwxhpje56ahbolX4E72l/LN3y/FiDhiBL33jxcBwuD
DztcLr/4wbE3Van+luAvYBKJ7tueEiv0JGcl0jHFo3DOAyC+11qeouSir36SlBKs
Aj3oBhYwaC9op/RAZlzXyq3wqnnrqHKG7MGOrIRjJdId2i8QTGVtATKDQwn9eZ+U
AQftEaIEyzxo/IKeCiLjFFTeGFYDg9F7vwJbYNA14T5RBqmom6XsHvRVpfiHmhxn
YnD0ULKGl2VNX+E/v2uacpjIWglULaWARO4pjbPHl8YNryGbYfTt3LOYCZVtfwM2
li8ZJjuaJuoXultzBIkAsDes0JTIW929gsWPjnTsMn9yPb0fy1Ia1W3czF0v/Fwx
MpYbUalRKqi7Tg1WlkBDra4AEW60oUBpHbQaccSZ5xDrCu/HzlPAaeloQAwdLFF+
MDX2vg==
=jH3M
-----END PGP MESSAGE-----


-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From null at void.com  Thu Aug 15 00:17:03 1996
From: null at void.com (The Prisoner)
Date: Thu, 15 Aug 1996 15:17:03 +0800
Subject: photographed license plates
In-Reply-To: <ae37be1d02021004e289@[205.199.118.202]>
Message-ID: <3212B1B0.2327@void.com>


Timothy C. May wrote:
> 
> [WHACK]

> Maybe we'll have barcoded license plates sooner than we think. Then all of
> those speed cameras can also track our movements.
> 

No, too low-tech.

Small trasnsmitters with unique programmed ID codes broadcast as you drive.  Much easier to trace.  And LoJack's 
already got a good bit of the technology in place.

Or your GPS co-ords could be stored/buffered onboard, and uploaded to the Central Bureau every night for 
analysis.

This is the kind of forward thinking that Creates Jobs!





From vagab0nd at sd.cybernex.net  Thu Aug 15 00:36:53 1996
From: vagab0nd at sd.cybernex.net (Erle Greer)
Date: Thu, 15 Aug 1996 15:36:53 +0800
Subject: photographed license plates
Message-ID: <2.2.32.19960815043853.007242e8@mail.sd.cybernex.net>


At 07:51 PM 8/10/96 -0400, you wrote:
>In the UK they now use cameras to deter speeding; the cameras are 
>triggered by vehicles passing by which exceed the speed-limit, so in 
>theory it's only naughty people who get photographed. Interestingly 
>enough, there are far more places with camera warning signs than there 
>are actual cameras; the actual cameras are moved around at random. Even 
>though most of the time there isn't a camera there, almost everbody 
>seemed to slow down in the marked areas; probably because there's almost 
>100% chance of being caught if there is a camera there.

I speed a lot, but I wouldn't mind seeing an automated system
!!! AS LONG AS TAXES THAT PAY SPEED COPS' SALARIES GO DOWN !!!
This system would free up the police force's time so greatly
that they would have time to make our neigborhoods safe. hehe
Vagab0nd<br>
<a href="http://ww2.sd.cybernex.net/~vagab0nd/index.html">Visit web page for
public key.</a>






From null at void.com  Thu Aug 15 00:50:37 1996
From: null at void.com (The Prisoner)
Date: Thu, 15 Aug 1996 15:50:37 +0800
Subject: forget photographing license plates!
Message-ID: <3212B8F9.367A@void.com>


from comp.risks:


Date: Tue, 13 Aug 96 15:52:22 PDT
From: Greg Dolkas <greg at core.rose.hp.com>
Subject: RISKy cars coming!

"In the 22 Jul 1996 issue of Fortune was an interesting look into the future
of automobile electronics, "Soon Your Dashboard Will Do Everything (Except
Steer)".  "

>>> Does that include reporting your movements to the Central Bureau?

"The topic of steering has already been discussed in this forum,
but what caught my eye was a review of the "OnStar" product from GM.
Besides being a navigation aid, it also contains "some anti-bonehead
features".  "

>>> Thank God people keep trying to save me from myself.

"These include the ability for you to call GM's "control center"
for help if you lock your keys in the car, or forget where you parked it.
>From the control center, they can "electronically reach into the car" to
unlock the doors, or honk the horn and flash its lights."

>>> It is extremely comforting to me -- I don't know about you -- to think that GM will maintain a control center able to communicate with my auto electronics.  Shit, why not TRW?





From stewarts at ix.netcom.com  Thu Aug 15 00:53:39 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 15 Aug 1996 15:53:39 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
Message-ID: <199608150454.VAA12982@toad.com>


At 09:08 PM 8/13/96 -0400, Alan Horowitz wrote:
>> If foil or metal mesh would block it, then many recently built houses
>> would be already set.  Usually that 1/2 - 1 inch styrofoam used 
>> on almost all exterior walls has a reflective layer of foil to help
>> keep the heat/cold out.

>Take a course in Tempest practices.  Casual residential practice 
>implemented by construction workers do not a vault make.

The context of the discussion wasn't TEMPEST (as you say,
it's not enough for that), but new high-frequency hand-held radar imaging,
which ostensibly uses radio emissions from human skin or some technique
to create images.  Foil-backed insulation ought to do a good job
stopping that, as well as making infared snooping less useful.

Now, the police _claim_ that the product that lets you see the
shape of objects under people's clothes has the resolution to find
guns and knives and non-naughty-bits of human flesh, but not enough
to let those dirty-minded privacy-invaders leer at their victims.  Uh huh.
At least they probably don't come with printers or data links,
so they'll just have to leer at the screen and not save and distribute
copies....  Somebody ought to complain to Phyllis Schlafly about this!

[less serious material follows:]
[Not only will you need the tinfoil lining to your hat, you'll have
to get some metallic-lined underwear to avoid being entrapped into
aiding and abetting police pornographers.  Maybe Erik's gold-lame' suggestion
will catch on, at least here in San Francisco....]

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From stewarts at ix.netcom.com  Thu Aug 15 01:41:43 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 15 Aug 1996 16:41:43 +0800
Subject: Fun with M$
Message-ID: <199608150518.WAA13323@toad.com>


At 11:07 AM 8/12/96 -0400, Dan Siemon wrote:

>> > Exploder is an Active X control which demonstrates security problems with 
>> > Microsoft's Internet Explorer. Exploder performs a clean shutdown of 
>> > Win95 and will turn off the power on machines that have a power
>> > conservation BIOS (green machines).
>
>I don't see how anyone can call this a bug. 

If somebody can write a web page that, when you view it, turns off your PC,
the only way I can see calling it a positive feature is to say 
"it's easy to make people stop using really insecure products like MSIE!" or 
"Turning off Win95 is a Kind Thing to do!"

>Microsoft has chosen what Sun should have: leave the security to the user,
>don't take it away from everyone.  Java has been severely crippled by the 

User?  What user?   The poor unsuspecting fool who hits the web page?
The kind friendly person who writes web pages that turn off Win95?
Executing signed code from web pages is semi-ok, if the default is to
trust no one and make the user explicitly grant permission to code authors.
Executing anything that comes down the wire is foolish, and writing
software to do so is rabidly negligent.

The Java approach is to define a security model that _should_ let you
safely execute code if you implement it correctly, do some academic-style
analysis to validate the security model, document the level of
trust you can expect from the system, and then put out a mildly buggy
implementation of the system so grad students can rip it to shreds :-)
So far the security problems that have been discovered have been with
the implementation, not with the underlying security model.
And then add a similar-looking language called Javascript with no
underlying security model, make it impossible to turn off, and get 
taunted mercilessly until you add a "Turn it off" checkbox.

The Microsoft approach was to take a hacked-up word-processor gluon,
from the folks who brought you the Word Prank Virus Propagation Tool,
hack it up some more, add Internet hooks, and replace a few bugs with
different bugs while trying to catch up with the market leader on features.
Yes, some of the removed bugs were security bugs, but it's nothing near
secure, and there's no reason to expect it ever can be.

(Brought to you by the folks who added features to Winsock so that
their PowerPoint disk-hogging-and-slideshow system chokes to death
if you install standards-based networking software, even if you
don't use the network features....)



#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From alano at teleport.com  Thu Aug 15 01:42:32 1996
From: alano at teleport.com (Alan Olsen)
Date: Thu, 15 Aug 1996 16:42:32 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible  searches
Message-ID: <2.2.32.19960815053848.00f05a5c@mail.teleport.com>


At 09:51 PM 8/14/96 -0700, Bill Stewart wrote:

>[less serious material follows:]
>[Not only will you need the tinfoil lining to your hat, you'll have
>to get some metallic-lined underwear to avoid being entrapped into
>aiding and abetting police pornographers.  Maybe Erik's gold-lame' suggestion
>will catch on, at least here in San Francisco....]

Maybe chainmail will come back in style.  (Why does the SNL skit of Dan
Ackeroid trying to get through the metal detector covered in chains and
metal fetish gear come to mind...)

---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From cts at deltanet.com  Thu Aug 15 01:55:02 1996
From: cts at deltanet.com (Kevin Stephenson)
Date: Thu, 15 Aug 1996 16:55:02 +0800
Subject: Jurisdictionless Distributed Data Havens
Message-ID: <3212B0CB.1AB7@deltanet.com>


With all of the debate on offshore data havens, I've been thinking of a
way to implement a distributed data haven that would not be subject to
(hopefully) any local jurisdiction and therefore, would not need to be
located in the place of cypherpunks wet dreams ;). If this idea has been
mentioned by someone else, I am not aware of it. By distributing the
data over several servers (using RAID like striping), compromise of a
single or multiple servers (depending on implementation specifics) would
not cause a collapse of the data haven.

Here is a way such a data haven could be setup:

The data is split into multiple parts. Each site is responsible for
maintaining only its part. For a client to access a piece of data, he
will have to contact a certain number of sites to reconstruct the data.
The client could also use some sort of anonymizer service to do the data
collection and then do then combining on his local machine.

If one site gets shut down by Big Brother, denial of service attack,
etc., the other sites either find a new site to replicate the missing
part to, or they need to reconstruct the data and re-stripe it for the
remaining servers. (Read any networking book with a section on RAID to
see what all this means.)

Another idea is that the data can be encrypted, and the client pays the
key-holder for the key. The key holder would preferably be the content
provider and not one of the servers. i.e.: Client finds Bombs R Us and
wants to buy pipe bomb instructions. Bombs R Us gets anonymous payment
from client for the instructions. Bombs R Us says to client: "collect"
page 5 "parts" and use this key to decrypt. In this scheme, using
anonymous digital cash, Bombs R Us can remain anonymous with his data
publicly available but encrypted. He can pay each of the server
maintainers in anonymous digital cash as his expense. Each server cannot
(or should not) be held responsible for disseminating bomb making
instructions because each server does not *have* the instructions in a
complete form (encrypted or otherwise). It would be like someone calling
the cops and saying, I placed a box with XXXXX in it at the airport.
This in itself is not a threat. XXXXX could be anything, including OJ
Simpson's bloody clothes. And if another guy called in and said "pipe
bomb" and hung up, this is meaningless also.

The reason data striping is better than a simple mirroring network is
that no single site contains anything useful in itself for the
authorities to use against the server maintainer. (Similar to a remailer
network perhaps)

An extra feature could be if some major attack was initiated against the
data haven, there could be a dead-man button of some sort to make the
data vanish altogether by sending distress signals to the other servers
(or to at least one server, which could then cascade the signal).

The system could either use RAID Level 5 data striping, or some hybrid
scheme like this:

Site 1 has bits 1 and 5 of data
Site 2 has bits 2 and 6 of data
Site 3 has bits 3 and 7 of data
Site 4 has bits 4 and 8 of data
Site 5 has 2 parity bits (1 parity bit per nibble)
Site 6 has bits 1, 2, 3, and 4
Site 7 has bits 5, 6, 7, and 8
etc.

In this particular scheme, it would take the downing of at least 3 of
the 7 servers to prevent data collection. It would also take at least 2
sites worth of data to reconstruct the data into a usable form. As much
or as little redundancy as needed can be built into the system.

The only time the data is in it's whole is prior to being stripped
across the servers, during data recreation and re-striping, and when in
the hands of the client.

Benefits:

* No single site contains any incriminating evidence

* Allows for a true "virtual company" to exist, with just a mail-box to
receive it's anonymous digital cash payments


Problems:

* Requires a re-striping of data when the data source is changed

* Requires a data regeneration and re-striping when a site goes down and
a replacement site can not be found (could possibly use an idle standby
server to circumvent this problem)

Attacks:

* Government sabotages site 1, then watches site 2 for data regeneration
before re-striping (Can be thwarted by having data regeneration
happening on a randomly picked server)

Clarifications:

When I say digital cash, I am not referring to Chaum's DigiCash.
DigiCash will never work in my book because it requires an account,
amongst other reasons. YMMV.

Comments welcome.

Kevin Stephenson

-Silence is Security
	WWIIish Poster





From alano at teleport.com  Thu Aug 15 02:13:43 1996
From: alano at teleport.com (Alan Olsen)
Date: Thu, 15 Aug 1996 17:13:43 +0800
Subject: Schlafly on crypto
Message-ID: <2.2.32.19960815053035.00fc9d90@mail.teleport.com>


At 05:47 PM 8/14/96 -0700, Sandy Sandfort wrote:
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                          SANDY SANDFORT
> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
>
>C'punks,
>
>On Wed, 14 Aug 1996, Alan Olsen wrote:
>
>> Well, I can think of a few reasons to come to that conclusion.  
>> 
>> - Schlafly is the head of one of the more right-wing
>> organizations in the country.  
> 
>Some right-wingers don't like free speech, most do.  This 
>characterization is not enlightening on the question at hand.

Actually, i have found that it does not matter which side you choose, right
or left, they desire free speech for themselves and not for others.

>> - She is very closly associated with the Buchanon campaign and
>> the Christian coalition.  
>
>Does Buchanan favor censorship of the Net?  If so, what leads you
>to believe Schlafly shares that particular view?  This guilt by
>(assumed) association is not fair nor persuasive.

I am not certain about Buchanan, but i do know that the Christian coalition
is very much in favor of net censorship.  Actually, I can find no statements
in either direction on the Eagle Forum web site. 

Do you know of any statements by Schlafly and/or the Eagle forum either for
or against net censorship?  I know of none for, and the circumstantial
evidence available does not reinforce the conclusion that she is against it.

>> - Her organization, the Eagle Forum, distributes a couple of
>> anti-porn rant tracts (http://www.eagleforum.org/users/eagle/
>> public_html/misc/order.html) called _Pornography's Victims
>> $4.95 (paperback) by Schlafly, ed._ 
>
>Being against porn does not mean one is pro-censorship.  (I don't
>like smoking, but I don't think it should be illegal.)  We need
>something more concrete to support such an accusation.

I have yet to see anyone who publishes anti-porn screeds based off of the
Bundy case that does not support censorship of such materials.  Can you
point me to any?  Or any material that would lend credence to the argument
that she supports freedom for anyone except "Good God-Fearing Christians"?

>> I know that he [Phyllis' son] is gay.  His mother seems to have
>> had some problems coming to terms with the implications of alot
>> of her rhetoric involving such things...
>
>Really?  I though she very clearly has stated that she hates the
>sin, not the sinner.  What evidence does Alan have that she has
>had "some problems coming to terms..."?

Lon Mabon also claims to "hate the sin and love the sinner".  It does not
prevent him from dredging up as much hate as possible for those who are gay.
Actually my beliefs are based opon statements she made at the time.  You may
have more information on the subject than I do...  

>> (She seems to confuse her religion with reality on this point.)
>
>As does Alan.

Without evidence to back up your claims, I cannot make any judgement than
what I have made.  Her associations with people who believe in censorship
and her devotion to a branch of Christianity that supports censorship, as
well as her sales of publications used to justify censorship makes me
believe that she follows that course.  Without specific examples that show
that she does not believe in such measures, I have no reason to assume any
other conclusion.
 
>> I would say there are alot of reasons to assume that Schlafly
>> would try and impose her morality on the rest of the country if
>> given half the chance.
>
>Well Alan can say anything he wants, but he has given no 
>*substantive* reasons to support his prejudices.  By her article
>against Net censorship, Schlafly has given us at least one piece
>of evidence to the contrary.

Has she published against net censorship?  The quoted article was about
wiretapping.  My search of her web site did not reveal any articles on that
topic.  If you have specific pointers I would like to see them.

>> Look at the people she chooses to associate with.
>
>Jesus hung out with tax collectors and prostitutes.  Look at the
>people he chose to associate with.  Guilt by association again?

But Jesus did not try to get the prostitutes and tax collectors elected to
high office...  (But then again, there are no contemporary records for the
existence of such a being in the first place.)

>Look folks, in this battle, "the enemy of my enemy is my friend."

Actually I view this as a fallacy.  Just because the Christian Right opposes
Clinton for good reasons, does not make them friends for causes that I view
as just.

>We KNOW what Clinton and his gang think of our privacy and 
>freedom of speech on the Net.  Let's not cut off our noses to 
>spite our faces.  If Schlarly wants to lend a hand, let's not
>bite it, okay?

Lets also not accept them just because they oppose the current threat.  I
believe they have a number of threats of their own.

I do not disagree with the Eagle Forum on everything.  (I have just read
enough of her early works to make me consider her a danger to herself and
others...  Especially her screeds on Communism.)  She has some points I
consider valid on education and other areas.  But just because he makes
sense in some areas does not mean that I will trust either her or any of her
minions in any position of power.  Control freaks of either stripe worry me...

If they are willing to fight against the Clintonocracy, then i will be glad
to see it.  Just do not expect me to be willing to swallow their religious
beliefs as an alternative.

If you have pointers to material that shows that she is against net
censorship, then post pointers.  I would like to see them.  The posted
article does not address the net at all, other than as communication on a
one to one basis.  It does not address the issues of those who post
unencoded messages to the public at large.  Until I have text that shows
otherwise, i have little data to show that she supports freedom of speech
other than on a one to one basis.
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From shamrock at netcom.com  Thu Aug 15 02:14:19 1996
From: shamrock at netcom.com (Lucky Green)
Date: Thu, 15 Aug 1996 17:14:19 +0800
Subject: forget photographing license plates!
Message-ID: <v02120d12ae386fdb853a@[192.0.2.1]>


At 22:43 8/14/96, The Prisoner wrote:

>>>> It is extremely comforting to me -- I don't know about you -- to think
>>>>that GM will maintain a control center able to communicate with my auto
>>>>electronics.  Shit, why not TRW?

Hacker's delight.



-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From amehta at giasdl01.vsnl.net.in  Thu Aug 15 02:17:13 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Thu, 15 Aug 1996 17:17:13 +0800
Subject: Anguilla - A DataHaven?
Message-ID: <1.5.4.32.19960815051518.00349ecc@giasdl01.vsnl.net.in>


At 10:27 14/08/96 -0700, Timothy C. May wrote:
>* the role of physical vs. cyberspace data havens
...
>3. Vince seems to be a in a somewhat precarious position, awaiting renewal
>of a one-year work permit.

I'm sure this has come up before, but what would prevent a server
being located on a buoy or something at sea outside territorial
limits (or when satellites become cheaper, on a satellite itself)
offering such services? 

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From jamesd at echeque.com  Thu Aug 15 02:21:51 1996
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 15 Aug 1996 17:21:51 +0800
Subject: RANT re: National Socio-Economic Security Need for Encryption
Message-ID: <199608150629.XAA03193@dns2.noc.best.net>



Brad Dolan asks:
> > 1. Good jobs of the future are knowledge jobs which require little 
> > capital investment.

At 06:24 PM 8/13/96 -0700, Checkered Daemon wrote:
> a)  Knowledge jobs require tremendous capital investment, as in degrees,
> training, continual updating of skills, etc.

But they do not require much capital investment by the boss.  That is 
to say the key corporate assets are increasingly owned by the employees,

At some point one would expect this to lead to a change in business 
structure, but I see no signs of this happening.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From stewarts at ix.netcom.com  Thu Aug 15 02:28:29 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 15 Aug 1996 17:28:29 +0800
Subject: National Socio-Economic Security Need for Encryption    Technology
Message-ID: <199608150606.XAA13751@toad.com>


>At 08:33 13/08/96 -0700, James A. Donald wrote:
>> > Demand for Indian programmers is less than supply not because capital
>> > has somehow failed to flow to India, but because an engineer in India
>> > is not free to produce the value that engineers elsewhere are free
>> > to produce.

I've worked with companies that bring Indian contract programmers
to Silicon Valley and also contract for work back home in Bangalore.
Sure, part of the lower price paid for programmers in India vs. importing
the same people here is probably because the government is annoying.

Why is it worth paying nearly-American-scale wages to have them
do the work here rather than 1/5 as much back home?

Part of it is because it's harder to interact with people halfway around
the world, even using email and faxes, so the jobs that succeed well
in that environment are big jobs with well-defined inputs and outputs.
For work that needs real interaction between the customer and the worker,
it helps to have the worker nearby, so it's worth paying them to come here.
For work that needs interaction between workers and machines, especially
brand-new-not-yet-working machines on high-speed networks that aren't
easy or cheap to drag across the Pacific and then connect to India,
you need bodies on site.  Even for standard equipment you can buy
more of, it's still more productive to work here where you have lots of it
and can get spare parts at Fry's than to ship some of it to India and 
have people use it there.

Also, of course, the folks who are good enough to ship halfway around the 
world to do a job for you are usually the best they've got;
they'd get more than the average programmer back in Bangalore as well.



#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From stewarts at ix.netcom.com  Thu Aug 15 03:25:56 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 15 Aug 1996 18:25:56 +0800
Subject: Anguilla - A DataHaven?
Message-ID: <199608150736.AAA15028@toad.com>


At 11:15 AM 8/15/96 +0600, you wrote:
>At 10:27 14/08/96 -0700, Timothy C. May wrote:
>>* the role of physical vs. cyberspace data havens
>...
>>3. Vince seems to be a in a somewhat precarious position, awaiting renewal
>>of a one-year work permit.
>
>I'm sure this has come up before, but what would prevent a server
>being located on a buoy or something at sea outside territorial
>limits (or when satellites become cheaper, on a satellite itself)
>offering such services? 

Piracy.  Some pirates may have black Jolly Roger flags on their ships,
but most have flags that say "Coast Guard" or "Navy" or "Harbor Police",
and think they're protecting their National Security or something.
Satellite launching is generally somewhat government-controlled,
though you could get a remailer into space if you didn't tell the
government too much about it until it was launched.
The US apparently has restrictions on crypto capabilities of
satellites launched from the US, according to something I read on the
net once.  But I suppose you could launch a programmable satellite,
and then reprogram it by radio....

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From stewarts at ix.netcom.com  Thu Aug 15 03:26:52 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 15 Aug 1996 18:26:52 +0800
Subject: Anguilla - A DataHaven?
Message-ID: <199608150803.BAA15281@toad.com>


At 10:27 AM 8/14/96 -0700, Tim wrote:
>* the role of physical vs. cyberspace data havens
.....
> so I tended to view data havens as not being tied to physical communities
> where the local potentates could revoke work permits, visas, 
> travel permits, business licenses, etc.

Agreed.  At least for now, banking havens are a different kind
of market than data havens - people want to be able to demonstrate
that activities are being run from Non-Taxing states, though there's
a parallel need for private data communications to hide any 
connections back to a potentially more greedy state,
and perhaps to move money back home as well.

Data havens, on the other hand, may need public ports in tolerant
locations, but most of their business really needs to be
encrypted any way; the visible parts such as web pages
are only a small part of the game.  I suspect that, rather than
having fixed physical locations, they probably need to operate on a
Temporary Autonomous Zone basis, moving elsewhere when a jurisdiction
becomes unfriendly but mostly trying to avoid too much notice.

>What the form of these "cyberspace data havens" might take is unclear.
>Several pieces of technology are missing, just as they were missing four
>years ago when one of the early list members contacted me to tell me how
>easy it would be to set up a data haven with computers. (It wasn't easy
>then, and it ain't easy now. The pieces that are missing are the
>reifications of protocols we talk about a lot....mere encryption and
>authentication are only the starting points, and look at how hard it's been
>just to get _them_ deployed.)

Reification is one thing; developing business models and markets
is another, and making the activities visible so potential users can
_find_ data havens is a third.  There are some activities that
operate as temporary data havens today - child pornography, warez, 
police Red Squad and blackmail files on citizens kept illegally on home
machines outside the public's control, and other unsavory groups that limit
the people who know about them.  Public data havens are a bit different.
Finding a reason to Just Do It means you either need a real threat model
or you end up becoming Yet Another Spam Server like many of the
remailers have been.  

Some things we need to implement Data Havens - 
1 - digicash or equivalent - it's coming, but it's not widely used,
and if you can't pay anonymously it's tough to pay for data havening
anonymously.
2 - practical temporary registration of connections - is hacking
a DNS server enough?  Or do we need IRC meetmes?  Not sure.




#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From geoff at commtouch.co.il  Thu Aug 15 03:31:39 1996
From: geoff at commtouch.co.il (geoff)
Date: Thu, 15 Aug 1996 18:31:39 +0800
Subject: Fw: Re: Free Pronto Secure Offer
Message-ID: <19960815074728122.AAA103@geoff.commtouch.co.il>


-----BEGIN PGP SIGNED MESSAGE-----

To: unicorn at schloss.li, cypherpunks at toad.com
Date: Thu Aug 15 10:53:53 1996
On 14 Aug unicorn wrote:
 
> "Do all the work I should be doing or have done in the first place
> discover the critical flaws in my new-keen-o-ka-jive-o crypto system
> and I will give you a free copy of a critically flawed crypto system 
> (a $99.00 value) ABSOLUTELY FREE.  Wait, don't order yet.  Included 
> you also get to> actually whitewash my fence and then mow my lawn.  
> All at NO COST to you."

Unicorn, please try to take a minute to think before hitting that send 
key.

You infer that a product is critically flawed without even trying it ?
There are quite a few members of this list who are using Pronto Secure 
and will testify to the contrary. 
See http://www.commtouch.com/testers.htm for a list of people who take 
the trouble to try out a product before venturing an opinion.

Agreed that feedback from external testers is a good deal for 
developers. It is also not a bad deal for evaluators, they get a free 
copy of a product which in the case of Pronto Secure many find useful 
(as witnessed by x-mailer headers on c'punk traffic). Testers also get 
an opportunity to contribute neat feature ideas which helps propagate 
secure messaging to the masses. 

Unicorn, you are invited to whitewash my fence :)


- ---------------------------------------------------------------
Geoff Klein, Pronto Secure Product Manager;   www.commtouch.com 
My PGP public Key 1814AD45 can be obtained by sending a message
to geoff at commtouch.co.il with "Get PGP Key" as the subject.
- ----------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBMhLXlELv5OMYFK1FAQHoCQP/Tg13glNoTAq4OdHJ5tay+x67kpAg3eIn
JwMG/spaV/R5z9iec2wE3BQNWbta2lGF2hZUwkyRNUPX/01024024rg4wp3dIrUQ
gk5vl9hG7kbTIOzLKgyEKvQs8yBs+9A3KfE3HY47vm78qMVF0QE11PECMWubnfg6
be7yL9/U64M=
=923l
-----END PGP SIGNATURE-----






From null at void.com  Thu Aug 15 04:02:49 1996
From: null at void.com (The Prisoner)
Date: Thu, 15 Aug 1996 19:02:49 +0800
Subject: Last word: auto video surveillance report[long]
Message-ID: <3212CCB0.27EA@void.com>


I know this is pushing it as far as crypto-relevance.  I won't bring up 
the subject again. But this was too much to not pass along - there are 
some interesting insights into the mindset at work, and if I had to 
justify the cryptorelevance it would be by promoting the value of 
knowing the mind of Brother ... both Little and Big.


For those not familiar with Calif. bureaucratese: "HOV" is "High 
Occupancy Vehicle" and an "HOV Lane" is a carpool lane.
Edited doc. follows (from http://www.bts.gov/smart/cat/274.html):


                 Use of Videotape in HOV Lane Surveillance and 
Enforcement: Final Report

                                 USE OF VIDEOTAPE
                                        IN
                                     HOV LANE
                           SURVEILLANCE AND ENFORCEMENT
                                   FINAL REPORT
                                         
                  By John W. Billheimer Ken Kaylor Charles Shade
                                         
                                         
                                   Submitted to
                                         
                                State of California
                           Department of Transportation
                                         
                              under Contract 55 G710
                                         
                                         
                                       D232
                                    March 1990
                                         
                                         
               SYSTAN,INC.              in               ATD,INC.
            343 Second Street       Association   6431 Independence 
Avenue
               P.O. Box U              with      Woodland Hills, CA 
91367
           Los Altos, CA 94023



                           PREFACE AND ACKNOWLEDGEMENTS

        This report covers a six-month study designed to explore the use 
of
     vidoetape in HOV lane surveillance and enforcement.  The study is 
an
     extension of an earlier investigation of the effects of different
     enforcement strategies and engineering designs on violation rates 
on
     California's mainline HOV lanes.

        The report has been prepared in the Los Altos, California 
offices
     of SYSTAN, Inc. under Contract No. 55 G71 0 with the California
     Department of Transportation (CALTRANS).  The project was jointly
     sponsored by the California Highway Patrol (CHP).  Mr. Philip Jang,
     Chief of the HOV Systems Branch of CALTRANS Division of Traffic
     Operations served as project administrator, while Scott McGowen of
     CALTRANS acted as the project's technical monitor.
...
     SYSTAN wishes to thank all those who provided information and 
insights
     on the enforcement and operation of California's mainline HOV 
lanes,
     and acknowledges full responsibility for the analysis, 
interpretation,
     and presentation of the data they provided.

...
 
     1.1.1 Background

 ...
        It has been suggested that using video equipment to assist in 
HOV
     lane enforcement could reduce the requirements for patrol officers,
     increase citation rates, and minimize freeway disruption.  The 
current
     investigation has been designed to extend past studies of HOV lane
     enforcement by testing both the feasibility and accuracy of the use 
of
     video equipment in HOV lane surveillance.

     1.1.2 Objective

        The objective of the current study has been to demonstrate and 
test
     the use of video equipment in determining vehicle occupancy,
     documenting violator identity, and aiding enforcement of HOV lanes.
...
        Field tests showed that it is technologically possible to record
     several accurate views of vehicles traveling in mainline HOV lanes. 
     Specifications and costs of the equipment needed for videotape
     surveillance are summarized below.

        Cameras.  Best results are obtained with high speed color 
cameras
     capable of achieving exposure times of 1/1000 of a second.  A 14:1
     zoom lens is needed to focus on oncoming vehicles at distances of
     approximately 1200 feet.  Cameras placed at eye-level on the 
freeway
     itself should be small and unobtrusive.

        Auxiliary Equipment.  Two monitors with split screen capability 
are
     required in the control van.  One monitor provides an on-line 
review
     capability, while the other provides a permanent record of all 
camera
     views.  A special effects generator should be used to make the 
exact
     time and location a permanent part of the videotape record.

        Polarizing filters help to solve problems with glare from shiny
     cars and windshields, although they reduce the light-gathering
     capability of the cameras.  Infra-red cameras and light sources can 
be
     used to document license plates after dark by videotaping the rear
     license plates of departing cars.  However, it does not appear
     feasible to videotape oncoming vehicles under conditions of 
darkness
     or low visibility.  Results are not clear and the infra-red light
     source can distract oncoming drivers.
...
   1.3.3 Potential Applications

        Although it is technologically possible to record a series of
     accurate views of vehicles traveling in mainline HOV lanes, no
     combination of recorded views currently provides enough information 
to
     support prosecution for occupancy violators.  Even so, videotape
     surveillance of HOV lanes can provide useful information for a 
variety
     of other purposes.  These include:

        1. Support for on-line enforcement.  In cases where there are no
           refuge areas adjacent to mainline HOV lanes, videotape
           surveillance provides a means of alerting officers stationed
           downstream from the cameras to the presence of oncoming
           violators.

        2. Support for remote ticketing . Although videotape by itself 
does
           not appear to be accurate enough to provide a basis for
           citations, the combination of videotape and an observing 
officer
           could conceivably provide the accuracy needed for a system of
           mailed warnings and citations.  If a system of mailed 
warnings
           or citations can be installed, the officer would not have to 
pursue
           violators, and a videotape record of driver, occupancy, and
           license plate would be available for court hearings.  Such a
           system would be more cost-effective than the current system 
of
           freeway pursuit and roadside citing, and will reduce the
           congestion caused by rubbernecking.

        3. Performance Monitoring.  There are several applications in 
which
           videotape surveillance appears to provide a marked 
improvement
           over current practice.  These include:

           (a)   Freeway monitoring to document vehicle type and 
occupancy
                 over time;
		 
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  ...
        The cost of videotaping HOV lane activity is more than double 
the
        cost of monitoring operations manually.  However, videotape
        provides more accurate records, a consistent data base, and a
        permanent, verifiable record of traffic activity.  It also 
provides
        information on the vehicle mix, traffic speed, and the license
        plates of carpoolers and suspected violators.


     1.3.4 Public Reaction

        In a state in which radar cannot legally be used to enforce 
speed
     laws on state freeways, videotape surveillance of HOV lanes has
     significant legislative and public relations implications.  These
     implications are beyond the scope of the current study.  However, 
two
     pieces of information related to the current study may shed some 
light
     on the potential reactions of the public and the media to the
     possibility of videotape surveillance.

  ....
      Press Coverage.  The field tests undertaken during the current
     study attracted the attention of the Los Angeles media and resulted 
in
     a limited amount of press coverage.  Articles in the Los Angeles 
Times
     and Ontario Daily Report/Progress Bulletin were both balanced and
     informative.  To the extent that these stories can be viewed as an
     indication of press and public reaction to the use of videotape in 
HOV
     lane enforcement, there was no suggestion that CALTRANS and the CHP
     would be exposed to a massive public outcry if videotape proves to 
be
     technologically and legally feasible as an enforcement tool. 
     Furthermore, it can be assumed that the articles themselves made
     potential HOV lane violators in the Los Angeles area more cautious.
     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

...
        Video cameras operating in conjunction with officer observation 
may
     provide sufficient accuracy to support mail-out citations for HOV 
lane
     occupancy violations.  An officer stationed downstream from the 
video
     cameras is in a position to verify the occupancy of vehicles which
     appear suspect to observers monitoring camera output.  ...

     Moreover, the presence of an observing officer
     may remove some of the "Big Brother is watching" stigma from the 
use
     of videotape.





From jsw at netscape.com  Thu Aug 15 05:18:14 1996
From: jsw at netscape.com (Jeff Weinstein)
Date: Thu, 15 Aug 1996 20:18:14 +0800
Subject: Netscape US betas lagging...
In-Reply-To: <Pine.GUL.3.95.960812003508.23548E-100000@Networking.Stanford.EDU>
Message-ID: <3212EBFA.2B5D@netscape.com>


Rich Graves wrote:
> The international version is 3.0b7. The export-controlled version on wwwus
> is two revisions and almost a month behind at 3.0b5. Have y'all simply not
> had time/inclination to recompile the 128-bit version with the latest
> patches, or is there some sort of trouble brewing?

  There is no trouble brewing.  The final release of 3.0 will be
happening shortly.  The final US version without expiration will
be made available from our US download site.  Our process for
updating the US download site has not been passed over to our
release group, so it still has to be done by engineering.  We
have been concentrating on getting the release out, and didn't
think that it was crucial to get the last few betas out for US
download.  In the future this will be handled by our release
group as part of their automated process, and so you won't see
this lag in the future.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From a.brown at nexor.co.uk  Thu Aug 15 06:14:03 1996
From: a.brown at nexor.co.uk (Andy Brown)
Date: Thu, 15 Aug 1996 21:14:03 +0800
Subject: Fun with M$
Message-ID: <01BB8A9A.ACAA01C0@mirage.nexor.co.uk>


On 15 August 1996 06:16, Bill Stewart[SMTP:stewarts at ix.netcom.com] wrote:

> >Microsoft has chosen what Sun should have: leave the security to the user,
> >don't take it away from everyone.  Java has been severely crippled by the 
> 
> User?  What user?   The poor unsuspecting fool who hits the web page?
> The kind friendly person who writes web pages that turn off Win95?
> Executing signed code from web pages is semi-ok, if the default is to
> trust no one and make the user explicitly grant permission to code authors.
> Executing anything that comes down the wire is foolish, and writing
> software to do so is rabidly negligent.

The default (at least on beta-2 of ie) is to not trust anyone unless you
explicity say so.  If the user then decides to execute "k3wl kontro1" from
phreak.net then that's their problem.

Does anyone know what the legal implications of signed code are?  That is,
if Company A signs their Active X control and it's later found to corrupt
users data, does the signature (which is supposed to make the user trust
the control as safe), open up the company to litigation for damages?







From rp at rpini.com  Thu Aug 15 06:53:51 1996
From: rp at rpini.com (Remo Pini)
Date: Thu, 15 Aug 1996 21:53:51 +0800
Subject: Anguilla - A DataHaven?
Message-ID: <9608151046.AA26467@srzts100.alcatel.ch>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Thu Aug 15 12:42:40 1996
> I'm sure this has come up before, but what would prevent a server
> being located on a buoy or something at sea outside territorial
> limits (or when satellites become cheaper, on a satellite itself)
> offering such services? 

Space:
How often does your system crash? (Imagine sending a shuttle up there to 
troubleshoot the server)

Sea:
If your server swims in the ocean I could think of several drawbacks:
- - per satellite only: costs
- - must be very robust (salt water, shocks)
- - must be powered by battery (Hey Jeff, have you ordered the 2000 Alkaline
  batteries yet, I think it's about time to change them on the server)
- - everybody can go and get it (after all, no jurisdiction also means no
  protection - I believe that everybody can claim stuff floating in
  international waters, he just has to get it).

But I like the idea anyway.
But then again, why don't you just buy an island and get the country to 
grant you jurisdictional power over it?

(sounds a lot cheaper than a satellite)


- ------< fate favors the prepared mind >------
Remo Pini                        rp at rpini.com
PGP:  http://www.rpini.com/crypto/crypto.html
- ----< words are what reality is made of >----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMhL/IxFhy5sz+bTpAQE7zggAuCJo0i0X49nmLWtlQ2ZgKcapn80F0z8T
+LJ/5SIjcbfvAZOZHKJVRwjh2GmQjaro4AskgBY4UHg2BTumUlsOiLwXM6hvoCx+
mdd2znkiiWfFarD067Vvur7KTSD87XZWMXR9I/8f1ONzWRdASE/kLQ/azCEgne1P
GO/u0T0kKWWORSVgLc638U9raxJTPmn0Q6vEwvgVU4ARFGAEIPsFN3p8TfbIBAQ5
SqQbzNShqYzHrLgSDiarH2OyHA6o3hghwK1jUs2zHe2bAxvdjzMc3BaodWOi1tlT
DJSq79cTrYItzCK+nn0INtaIeOQy2XwPFEA+1FglIScyxtiPcV0AYQ==
=Xwjf
-----END PGP SIGNATURE-----






From soldier at phunc.com  Thu Aug 15 07:13:30 1996
From: soldier at phunc.com (Soldier)
Date: Thu, 15 Aug 1996 22:13:30 +0800
Subject: forget photographing license plates!
In-Reply-To: <v02120d12ae386fdb853a@[192.0.2.1]>
Message-ID: <Pine.LNX.3.91.960815030333.9859A-100000@phunc.com>




On Wed, 14 Aug 1996, Lucky Green wrote:

> At 22:43 8/14/96, The Prisoner wrote:
> 
> >>>> It is extremely comforting to me -- I don't know about you -- to think
> >>>>that GM will maintain a control center able to communicate with my auto
> >>>>electronics.  Shit, why not TRW?
> 
> Hacker's delight.
> 
no kidding.. it wouldn't be hard to have something to capture the signal 
to open the car doors and start the engine.  
anyhow i wouldn't trust anything to be controled by a radio freq. 
anyhow.. it never works.. for example the garage door openers (pardon my 
spelling) people are robbing houses by duplicating the garage door opener 
signal.

-soldier





From bart.croughs at tip.nl  Thu Aug 15 07:59:37 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Thu, 15 Aug 1996 22:59:37 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB8AB1.1F348240@groningen10.pop.tip.nl>


Sandy Santford wrote:

>Bart Croughs wrote:

>> If you don't know the answer, there's nothing to be ashamed of.

It is just this sort of unnecessary condescending snottiness that
create the clear impression that Bart is an asshole.  Perhaps he
is a fine chap and this is just his style, but I find it very
offensive an counter-productive in this discussion.


 S a n d y<

To prove that I'm behaving badly you quote me out of context. My 
statement 'If you don't know the answer, there's nothing to be 
ashamed of', was immediately followed by the statement 'I don't 
know the answer either'. In this context, my statement wasn't that 
snotty. After all, I made clear that in this respect I wasn't any 
better than you. So I think you are overreacting a bit. Second, I 
didn't complain about the tone of your previous posts when you 
talked about me 'fretting' about the dropping wages of American 
workers, or when you wrote 'yada, yada, yada' in response to one 
of my posts. I don't even complain when you call me an asshole 
(except that maybe next time you start calling names you could 
be a bit more imaginative...) It's not that important. I guess I just 
get subconsciously a little irritated, and that's the reason I'm 
maybe a little less polite when I answer your posts than you would 
like me to be. So if you want me to behave nicer when I answer 
your posts, the best way to achieve this would be to start 
behaving nicer yourself.

Bart Croughs












From sparks at bah.com  Thu Aug 15 08:22:22 1996
From: sparks at bah.com (Charley Sparks)
Date: Thu, 15 Aug 1996 23:22:22 +0800
Subject: Fw: Re: Free Pronto Secure Offer
Message-ID: <199608151142.HAA03273@booz.bah.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: geoff at commtouch.co.il, cypherpunks at toad.com
Date: Thu Aug 15 07:45:59 1996
Nicely Put !!  I. for one, love it... warts ( for now ) and all !

To: unicorn at schloss.li, cypherpunks at toad.com
Date: Thu Aug 15 10:53:53 1996
On 14 Aug unicorn wrote:

> "Do all the work I should be doing or have done in the first place
> discover the critical flaws in my new-keen-o-ka-jive-o crypto system
> and I will give you a free copy of a critically flawed crypto system
> (a $99.00 value) ABSOLUTELY FREE.  Wait, don't order yet.  Included
> you also get to> actually whitewash my fence and then mow my lawn.
> All at NO COST to you."

Unicorn, please try to take a minute to think before hitting that send
key.

You infer that a product is critically flawed without even trying it ?
There are quite a few members of this list who are using Pronto Secure
and will testify to the contrary.
See http://www.commtouch.com/testers.htm for a list of people who take
the trouble to try out a product before venturing an opinion.

Agreed that feedback from external testers is a good deal for
developers. It is also not a bad deal for evaluators, they get a free
copy of a product which in the case of Pronto Secure many find useful
(as witnessed by x-mailer headers on c'punk traffic). Testers also get
an opportunity to contribute neat feature ideas which helps propagate
secure messaging to the masses.

Unicorn, you are invited to whitewash my fence :)


- ---------------------------------------------------------------
Geoff Klein, Pronto Secure Product Manager;   www.commtouch.com
My PGP public Key 1814AD45 can be obtained by sending a message
to geoff at commtouch.co.il with "Get PGP Key" as the subject.
- ----------------------------------------------------------------


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCXAwUBMhMN+eJ+JZd/Y4yVAQFQ1wQKA4D7OyVKQDyM93653ffUgG3iRUtMkYc6
ozcSRGz1RHlH2HdUWPuM7M9YGvF8hhcccPwWUA1G1NuJypeEsCwKKHuaEiTIpRVk
ZRAb1nA2AP/dLZ2NQTBxDr7JQMZ4zfSfX376Ejk7Ep1oR2XAr/fFP/QYHzpHsvme
FYPEzNtejjDQSg==
=/O/z
-----END PGP SIGNATURE-----






From schmidt at pin.de  Thu Aug 15 08:43:10 1996
From: schmidt at pin.de (Stephan Schmidt)
Date: Thu, 15 Aug 1996 23:43:10 +0800
Subject: Jurisdictionless Distributed Data Havens
In-Reply-To: <3212B0CB.1AB7@deltanet.com>
Message-ID: <Pine.LNX.3.94.960815140139.27838A-100000@blau.pin.de>



Some annotations:

1. The easiest way to make such a distributeted data havens (DDH)
would be to use a distributed unix file system that
doesn't distribute files but chunks of bytes. (Striping)

Advantage: 
- All normal services would work: ftp,http,...
- Copying, deleting and modifing files.
- Easy to install and use.

Problems:
Because each side can supply all data (collecting on
the fly from other DDHs), the site holder
could be responsible for the data.
This could be prevented by collecting and
assembling data at the client side (e.g. using
JAVA).

2. When the DDHs are distributed around the world in
a lot of different states, it could be very
difficult for any government to get any evidence for
"illegal" data on one site.

-- stephan






From adam at homeport.org  Thu Aug 15 08:52:36 1996
From: adam at homeport.org (Adam Shostack)
Date: Thu, 15 Aug 1996 23:52:36 +0800
Subject: Fw: Re: Free Pronto Secure Offer
In-Reply-To: <Pine.SUN.3.94.960814221834.28297A-100000@polaris>
Message-ID: <199608151351.IAA16343@homeport.org>


Black Unicorn wrote:

| > The offer is still on. A free copy of Pronto Secure in exchange for 
| > feedback. Open to anyone on the c'punk list.
| 
| "Do all the work I should be doing or have done in the first place
| discover the critical flaws in my new-keen-o-ka-jive-o crypto system and I
| will give you a free copy of a critically flawed crypto system (a $99.00
| value) ABSOLUTELY FREE.  Wait, don't order yet.  Included you also get to
| actually whitewash my fence and then mow my lawn.  All at NO COST to you."

	Does the fence painting include plane tickets? :)

	I've been playing with Pronto, and it seems to be pretty darn
good.  I stopped using Eudora, since pronto offers the features I
want.  (Except procmail.  Hey Geoff, how about procmail support?)  I
haven't, and probably won't, delve deep into its crypto features
beyond using them; my real keys I keep on a machine with per process
memory management and at least a semblance of security.

Adam

PS: When I say procmail, I mean procmail.  I've used a lot of mail
processors, and am really impressed by procmail.  You can slap a happy
windows front end on it, but make it available to your power users.

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From declan at eff.org  Thu Aug 15 09:57:00 1996
From: declan at eff.org (Declan McCullagh)
Date: Fri, 16 Aug 1996 00:57:00 +0800
Subject: Crypto Ban Talk @ G-7
In-Reply-To: <32120058.66B2@null.net>
Message-ID: <Pine.SUN.3.91.960815062740.24562C-100000@eff.org>


I have the text of the resolution passed by G-7 and Russia that moves
towards greater controls on crypto at: 
  http://www.eff.org/~declan/global/

-Declan


On Wed, 14 Aug 1996, The Prisoner (tm) wrote:

> Well, even tho Tim's language was hypothetical here's this item.  Was 
> some of this on the cpunks and I missed it?  Very possible, & if so, 
> sorry.
> 
> ===============================================[quote:]=================
> 
> 
> In article <X6k0RD1w165w at tanda.on.ca>, marc at tanda.on.ca (Marc Thibault) 
> wrote:
> 
> >     I picked up a rumor that the G-7 has endorsed a resolution calling
> >     for international cooperation to control private encryption. Does
> >     anybody have solid information?
> >
> 
> They've been discussing it. The US and some others want it. The Japanese
> and one other country won't go along. So far, talk but no action. Stay
> tuned.
> 
> David [Sternlight that is  ....]
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From talon57 at well.com  Thu Aug 15 10:42:38 1996
From: talon57 at well.com (Brian D Williams)
Date: Fri, 16 Aug 1996 01:42:38 +0800
Subject: GOP security
Message-ID: <199608151407.HAA10014@well.com>




> Authorities in Chicago, where the Democrats will meet the last
>week of August, are taking similar precautions. Metal detectors,
>bomb-sniffing dogs and surveillance cameras will be in force,
>along with thousands of police. Coast Guard cutters will patrol
>Lake Michigan. Chicago police are sealing an eight-block area
>around the United Center sports arena, the main convention site,
>to all unauthorized cars, trucks and pedestrians.  As the 20th
>century nears an end, wary, pervasive security is as much a part
>of the convention scene as Old Glory and silly hats. San Diego has
>been preparing convention security for more than a year. Then a
>bomber on the other side of the country suddenly made everyone
>wonder if the next big public event could be free of mayhem and
>terror.


Taxicabs will have unrestricted access of course and are therefore
the vector of choice.

I heard an interesting ahem, "rumor" related to security through
obscurity- only 2/5 of a major armored car companys trucks are
actually armored/bullet resistant glass, the other three are just
look-alikes...... saving money.....tsk,tsk.

Brian

"Zazen? Well it beats sitting around on your ass all day doing
nothing."





From declan at eff.org  Thu Aug 15 10:46:06 1996
From: declan at eff.org (Declan McCullagh)
Date: Fri, 16 Aug 1996 01:46:06 +0800
Subject: Schlafly on crypto
In-Reply-To: <Pine.SUN.3.91.960814093658.5845D-100000@crl14.crl.com>
Message-ID: <Pine.SUN.3.91.960815065257.25638A-100000@eff.org>


Take a look at the Boston Coalition for Freedom of Expression's list of 
enemies of free expression. Excerpt follows.

-Declan

---

Linkname: Phyllis Schlafly, Eagle Forum
Filename: http://www.eff.org/pub/Groups/BCFE/bcfenatl.html#Schlafly

   Phyllis Schlafly
   President          
   Eagle Forum    
   Box 618                     
   Alton, IL 62002
                            
   618/462-5415  
  
   "Leading the pro-family movement to victories since 1972." Basic
   membership includes a subscription to The Phyllis Schlafly Report and
   costs $15.00. Mrs. Schlafly, whose husband Fred used to head the World
   Anti-Communist League, is the person considered most responsible for
   the defeat of the ERA. Her book A Choice Not an Echo, published in
   1964 to support the presidential aspirations of Barry Goldwater, is
   one of the seminal texts of contemporary American conservative
   politics.




On Wed, 14 Aug 1996, Sandy Sandfort wrote:

> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                           SANDY SANDFORT
>  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
> 
> C'punks,
> 
> On Wed, 14 Aug 1996, Jim Legg wrote:
> 
> > Beware when politicos speak!
> 
> Good advice, but...
>  
> > Phyllis Schlafly would think nothing of trying to ban speech on
> > the internet when it is something that she doesn't agree with.
> 
> An interesting allegation.  I wonder if it is merely rhetoric or
> if Jim has any evidence to backup this statement?
> 
> Does Jim know who Phyllis' son is?
> 
> 
>  S a n d y
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> 
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From mwohler at ix.netcom.com  Thu Aug 15 11:00:02 1996
From: mwohler at ix.netcom.com (Marc J. Wohler)
Date: Fri, 16 Aug 1996 02:00:02 +0800
Subject: Schlafly on crypto
Message-ID: <199608151406.HAA07098@dfw-ix1.ix.netcom.com>


At 05:47 PM 8/14/96 -0700, SANDY SANDFORT wrote:
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

> in this battle, "the enemy of my enemy is my friend."

I appreciate Sandy's enlightened and consistent position.
And I will stand with anyone who supports free speech and privacy.
Forgive my week character however, if I am forced to hold my nose while I
stand with her on this issue.

She is the type of free speach advocate who supports the freedom of those
who agree with *her*.
She is no friend of *mine*






From m5 at vail.tivoli.com  Thu Aug 15 11:00:14 1996
From: m5 at vail.tivoli.com (Mike McNally)
Date: Fri, 16 Aug 1996 02:00:14 +0800
Subject: Crypto Ban Talk @ G-7
In-Reply-To: <Pine.SUN.3.91.960815062740.24562C-100000@eff.org>
Message-ID: <321333D4.2003@vail.tivoli.com>


Declan McCullagh wrote:
> 
> I have the text of the resolution passed by G-7 and Russia that
> moves towards greater controls on crypto at:

I just have to wonder whether these people expect their measures to
really reduce terrorism, or if they simply expect to be able to
identify and imprison/kill all the terrorists so that terrorism can 
be eliminated like smallpox.

If the former, I'd say they're stupid, and if the latter, well, I'd
say they're stupid.

______c_________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX * For the time being,
       m5 at tivoli.com * m101 at io.com       *    
      <URL:http://www.io.com/~m101>      * three heads and eight arms.





From bart.croughs at tip.nl  Thu Aug 15 11:02:29 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Fri, 16 Aug 1996 02:02:29 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB8AC5.1B326AE0@groningen10.pop.tip.nl>


Perry Metzger wrote:

>No one claimed that you can't increase productivity and income on
average under some circumstances by increased capital investment. What
was being made fun of was the simplistic misunderstanding of what the
underlying mechanisms are. Prices, including the price of labor, are
set purely by the marketplace.Under some circumstances, incomes will
be determined by investment levels made by employers. Under others,
they will not.  The important feature is the market principle, not the
capital investment. The point of my "green pylons" posting was to note
that it is the market direction of the investment and not the
investment that is important.<

If you mean to say that in a society where the government directs the 
'investments' (confiscates the wealth of its citizens and spends it for its 
own purposes), wages could be lower than in a society where there is less 
capital accumulated but where private parties direct the investments, then 
you are right. But Austrian economists like Murray Rothbard, Hans 
Hermann Hoppe, etc. don't consider government expenditures to be 
*investments* of capital; they consider all government expenditures to be 
*consumption*. As an Austrian, you should know this. To quote Murray 
Rothbard about resource-using expenditures by the government ('Power 
and market', p. 173, 2nd ed.): "all of this expenditure must be considered 
*consumption*. Investment occurs where producers' goods are bought by 
entrepreneurs, not at all for their own use or satisfaction, but merely to 
reshape and resell them to others - ultimately to the consumers. But 
government redirects the resources of society to its ends, chosen by it 
and backed by the use of force. Hence, these purchases must be 
considered consumption expenditures, whatever their intention or physical 
result. They are a particular wasteful form of 'consumption', however, since 
they are generally *not* regarded as consumption expenditures by 
government officials" Etc.
By the way, Jean-Baptiste Say, the French economist, already had the 
same view a long time ago.

 >Impediments to trade create wastes of
capital just as surely as burning cash in the marketplace does. If you
were really an Austrian, and not a confused person, you would know
that all the Austrians and Chicago School people are for completely
free trade, something you don't seem to get in your expositions on
capital flows.

Perry<

You're setting up a straw man again. As I said several times before, I *am* 
for completely free trade. Even if the investment of American capital in 
foreign countries would lead to a lower standard of living for workers in the 
US, I still would support completely free trade, simply because I support 
the non-aggression principle. But, as I also said before, I don't believe that 
investment of American capital abroad would lead to a lower standard of 
living for American workers (it would lead to relatively lower wages, but I 
think the advantages of investing abroad would compensate for this). I just 
don't know how to *prove* this belief. I like to have proof for my beliefs, 
if only to be able to rebut socialist arguments. That's why I asked my 
question: how can you prove that the investment of American capital 
abroad would not hurt workers in the US? 

Bart Croughs











From michael.tighe at Central.Sun.COM  Thu Aug 15 11:27:30 1996
From: michael.tighe at Central.Sun.COM (Michael Tighe SUN IMP)
Date: Fri, 16 Aug 1996 02:27:30 +0800
Subject: Crypto Ban Talk @ G-7
In-Reply-To: <321333D4.2003@vail.tivoli.com>
Message-ID: <199608151454.JAA15809@jeep.Central.Sun.COM>



>> I have the text of the resolution passed by G-7 and Russia that
>> moves towards greater controls on crypto at:

>I just have to wonder whether these people expect their measures to
>really reduce terrorism, or if they simply expect to be able to
>identify and imprison/kill all the terrorists so that terrorism can 
>be eliminated like smallpox.

I think their theory (like those of the gun and drug banners) is, if it
saves just one life, it is worth it. And if it doesn't, so what?





From ses at tipper.oit.unc.edu  Thu Aug 15 13:32:21 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Fri, 16 Aug 1996 04:32:21 +0800
Subject: photographed license plates
In-Reply-To: <3212B1B0.2327@void.com>
Message-ID: <Pine.SUN.3.91.960815113622.26145B-100000@tipper.oit.unc.edu>


There is a new system about to be deployed in the UK that combines GPS 
with cell-phone technology; if the vehicle is stolen it can call the 
anti-theft service and report the location; I belive the vehicle can also 
be remotely immobilised.For the truely paranoid out there, the system is 
known as "SkyNet" :)

Simon
p.s.
  If we're talking about "The Prisoner" and cars, does anybody know 
anywhere I could get a lotus or caterham 7 in the states?



---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From dfloyd at io.com  Thu Aug 15 13:32:35 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Fri, 16 Aug 1996 04:32:35 +0800
Subject: forget photographing license plates!
In-Reply-To: <Pine.LNX.3.91.960815030333.9859A-100000@phunc.com>
Message-ID: <199608151523.KAA03014@xanadu.io.com>


> > 
> > Hacker's delight.
> > 
> no kidding.. it wouldn't be hard to have something to capture the signal 
> to open the car doors and start the engine.  
> anyhow i wouldn't trust anything to be controled by a radio freq. 
> anyhow.. it never works.. for example the garage door openers (pardon my 
> spelling) people are robbing houses by duplicating the garage door opener 
> signal.
> 
> -soldier
> 

I know one lady get robbed several times by people scanning and
duplicating codes on the garage opener.  There are no garage openers
manufacturers who have a "real" crypto challenge/response system.  Most
just give the code number and the opener verifies that that 8-24 bit code
is correct -- real easy to scan or duplicate.

The key switches/emergency latches are very easy to bypass as well.  The
latch can be pried off and these code things can be pried off and
bypassed with a simple hot wiring.  They don't know anything about tamper
switches.






From snow at smoke.suba.com  Thu Aug 15 13:49:55 1996
From: snow at smoke.suba.com (snow)
Date: Fri, 16 Aug 1996 04:49:55 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible   searches
In-Reply-To: <2.2.32.19960815053848.00f05a5c@mail.teleport.com>
Message-ID: <Pine.LNX.3.93.960815104753.1145B-100000@smoke.suba.com>


On Wed, 14 Aug 1996, Alan Olsen wrote:
> At 09:51 PM 8/14/96 -0700, Bill Stewart wrote:
> >[less serious material follows:]
> >[Not only will you need the tinfoil lining to your hat, you'll have
> >to get some metallic-lined underwear to avoid being entrapped into
> >aiding and abetting police pornographers.  Maybe Erik's gold-lame' suggestion
> >will catch on, at least here in San Francisco....]
> Maybe chainmail will come back in style.  (Why does the SNL skit of Dan
> Ackeroid trying to get through the metal detector covered in chains and
> metal fetish gear come to mind...)

     I was  at a convention in Boston last weekend (no, not Macworld) and
there was a Chain Mail Vendor there. Had some interesting stuff, including a
chain mail cat-o-nine tails, and some other stuff...

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From unicorn at schloss.li  Thu Aug 15 14:22:06 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Fri, 16 Aug 1996 05:22:06 +0800
Subject: Fw: Re: Free Pronto Secure Offer
In-Reply-To: <199608150252.TAA29747@infinity.c2.org>
Message-ID: <Pine.SUN.3.94.960815130536.713B-100000@polaris>


On Wed, 14 Aug 1996, Lou Zirko wrote:

> To: unicorn at schloss.li, cypherpunks at toad.com, geoff at commtouch.co.il
> Date: Wed Aug 14 21:52:47 1996

> PGP.  If I remember, your platform in Linux

Incorrect.

> and you should not be so quick 
> to criticize what you may have not seen.

I saw his promotional tactic, and that's what I criticized.

> Lou Zirko                                (502)383-2175
> Zystems                                  lzirko at c2.org
> "We're all bozos on this bus" - Nick Danger, Third Eye

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From unicorn at schloss.li  Thu Aug 15 14:27:09 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Fri, 16 Aug 1996 05:27:09 +0800
Subject: [NOISE] "X-Ray Gun" for imperceptible searches (fwd)
In-Reply-To: <199608150313.WAA08490@einstein>
Message-ID: <Pine.SUN.3.94.960815131921.1400A-100000@polaris>


On Wed, 14 Aug 1996, Jim Choate wrote:

> 
> Forwarded message:
> 
> > Date: Wed, 14 Aug 1996 22:24:39 -0400 (EDT)
> > From: Black Unicorn <unicorn at schloss.li>
> > Subject: Re: [NOISE] "X-Ray Gun" for imperceptible searches
> > 
> > Correct.  No warrant is required to observe that which is freely collected
> > after eminating from the residence of another and observed off his
> > property.
> > 
> > Same concept applies to the "sniff" test and ariel views into greenhouses.
> 
> Pitty somebody doesn't bring a suite against the FCC under this logic. It
> would particularly impact radar detectors, cell phones, and other types of
> scanners.

Uh, what is the chain of logic that supports this suit exactly?

> 
>                                                  Jim Choate
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From rpowell at algorithmics.com  Thu Aug 15 14:42:26 1996
From: rpowell at algorithmics.com (Robin Powell)
Date: Fri, 16 Aug 1996 05:42:26 +0800
Subject: Burden of proof
In-Reply-To: <ae37e59e070210042a4f@[205.199.118.202]>
Message-ID: <96Aug15.132311edt.20486@janus.algorithmics.com>


>>>>> In article <ae37e59e070210042a4f@[205.199.118.202]>, tcmay at got.net (Timothy C. May) writes:

    > At 1:53 AM 8/15/96, Alan Horowitz wrote:
    >> In the USA, we have a system that ensures that the burden of proof is on
    >> the accuser.

    > Which explains why in the  U.S. the tax authorities take the money first
    > and then require the citizen to be the "accuser" in Tax Court, pleading to
    > get his seized assets back.

    > (To outsiders, the U.S. tax authorities have broad powers to seize
    > properties without any court process, to attach wages, to deputize
    > employers and banks as unpaid tax collectors, and to harass citizens.
    > Citizen-units may sue, of course, but the burden of proof is on them to
    > prove that they are owed a refund. A man who saves money and puts it in his
    > mattress can have it seized and taken from him. He must produce proof that
    > it is his money, never mind that he already paid taxes on it and never mind
    > that there is no way someone who saves currency can have a proper paper
    > trail. So much for "burdens of proof.")

This relates to something I have been wondering about:  If one could
get one's company to pay one in electronic cash, what is to stop one
from piling the coins in a Datahaven somewhere (assuming one existed
that would be usable for these purposes) and say to the IRS: Money?
What money?  Can you find any of my money?  I, uhh... lost it!  Yeah,
that's it!!

-Robin
In-Reply-To: tcmay at got.net's message of Wed, 14 Aug 1996 23:19:08 -0400
Subject: Re: Burden of proof
Reply-To: rpowell at algorithmics.com
X-Spook: Panama Nazi Treasury explosion terrorist SDI Semtex strategic smuggle 
References: <ae37e59e070210042a4f@[205.199.118.202]>

>>>>> In article <ae37e59e070210042a4f@[205.199.118.202]>, tcmay at got.net (Timothy C. May) writes:

    > At 1:53 AM 8/15/96, Alan Horowitz wrote:
    >> In the USA, we have a system that ensures that the burden of proof is on
    >> the accuser.

    > Which explains why in the  U.S. the tax authorities take the money first
    > and then require the citizen to be the "accuser" in Tax Court, pleading to
    > get his seized assets back.

    > (To outsiders, the U.S. tax authorities have broad powers to seize
    > properties without any court process, to attach wages, to deputize
    > employers and banks as unpaid tax collectors, and to harass citizens.
    > Citizen-units may sue, of course, but the burden of proof is on them to
    > prove that they are owed a refund. A man who saves money and puts it in his
    > mattress can have it seized and taken from him. He must produce proof that
    > it is his money, never mind that he already paid taxes on it and never mind
    > that there is no way someone who saves currency can have a proper paper
    > trail. So much for "burdens of proof.")

This relates to something I have been wondering about:  If one could
get one's company to pay one in electronic cash, what is to stop one
from piling the coins in a Datahaven somewhere (assuming one existed
that would be usable for these purposes) and say to the IRS: Money?
What money?  Can you find any of my money?  I, uhh... lost it!  Yeah,
that's it!!

-Robin





From tcmay at got.net  Thu Aug 15 14:43:07 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 16 Aug 1996 05:43:07 +0800
Subject: Schlafly helped defeat ERA, supported Goldwater--where do I sign up?
Message-ID: <ae38a35e01021004be6d@[205.199.118.202]>


At 1:53 PM 8/15/96, Declan McCullagh wrote:
>Take a look at the Boston Coalition for Freedom of Expression's list of
>enemies of free expression. Excerpt follows.


>Linkname: Phyllis Schlafly, Eagle Forum
>Filename: http://www.eff.org/pub/Groups/BCFE/bcfenatl.html#Schlafly
>
>   Phyllis Schlafly
....
>   "Leading the pro-family movement to victories since 1972." Basic
>   membership includes a subscription to The Phyllis Schlafly Report and
>   costs $15.00. Mrs. Schlafly, whose husband Fred used to head the World
>   Anti-Communist League, is the person considered most responsible for
>   the defeat of the ERA. Her book A Choice Not an Echo, published in
        ^^^^^^^^^^^^^^^^^
>   1964 to support the presidential aspirations of Barry Goldwater, is
                                                    ^^^^^^^^^^^^^^^
>   one of the seminal texts of contemporary American conservative
>   politics.

So, she helped defeat the ERA and supported Goldwater. Sounds pretty good
to me. From this excerpt, I'd call her a friend of liberty.

(Yes, I'm serious. Some of you find it hard to tell when I'm being
completely serious and when I'm being facetious, so I thought I'd clarify
this.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From unicorn at schloss.li  Thu Aug 15 15:00:32 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Fri, 16 Aug 1996 06:00:32 +0800
Subject: Fw: Re: Free Pronto Secure Offer
In-Reply-To: <19960815074728122.AAA103@geoff.commtouch.co.il>
Message-ID: <Pine.SUN.3.94.960815132043.1400B-100000@polaris>


On Thu, 15 Aug 1996, geoff wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> To: unicorn at schloss.li, cypherpunks at toad.com
> Date: Thu Aug 15 10:53:53 1996
> On 14 Aug unicorn wrote:
>  
> > "Do all the work I should be doing or have done in the first place
> > discover the critical flaws in my new-keen-o-ka-jive-o crypto system
> > and I will give you a free copy of a critically flawed crypto system 
> > (a $99.00 value) ABSOLUTELY FREE.  Wait, don't order yet.  Included 
> > you also get to> actually whitewash my fence and then mow my lawn.  
> > All at NO COST to you."
> 
> Unicorn, please try to take a minute to think before hitting that send 
> key.
> 
> You infer that a product is critically flawed without even trying it ?

No, I was merely pointing out that if the review revealed that it had
problems (one assumed that the intent of peer review is to reveal such
problems in the first place, but perhaps you just like giving software
away?) then the offered reward was valueless.

> There are quite a few members of this list who are using Pronto Secure 
> and will testify to the contrary. 

A lot of people use DES on this list too I'll wager.

> See http://www.commtouch.com/testers.htm for a list of people who take 
> the trouble to try out a product before venturing an opinion.

I "tried out" your promotional scheme when I read your message, and it was
that scheme which my opinion targeted.

> Agreed that feedback from external testers is a good deal for 
> developers. It is also not a bad deal for evaluators,

This is a subjective question.

> they get a free 
> copy of a product which in the case of Pronto Secure many find useful 
> (as witnessed by x-mailer headers on c'punk traffic).

Cypherpunks is always getting the cash poor developer who thinks he very
clever because he has to pay testers no money if he offers his new product
free to the person who discovers a flaw, or writes a review.

>From your home page, I would guess that you request that reviewers allow
you to make their comments public.  That's called an endorsement, and, by
the way, people are usually paid for them.  Sometimes in the millions.

Think Michael Jordan is getting a deal when you use his name to promote
your product and then give him a $99.00 piece of software (which is
effectively worth the amount of time it takes to write a few kiss ass
paragraphs on the software, not $99.00)?

> Testers also get 
> an opportunity to contribute neat feature ideas which helps propagate 
> secure messaging to the masses. 

Alturisim is a pipe dream.

> Unicorn, you are invited to whitewash my fence :)

Do I have to review pronto secure first?

> 
> - ---------------------------------------------------------------
> Geoff Klein, Pronto Secure Product Manager;   www.commtouch.com 
> My PGP public Key 1814AD45 can be obtained by sending a message
> to geoff at commtouch.co.il with "Get PGP Key" as the subject.
> - ----------------------------------------------------------------

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From erehwon at c2.org  Thu Aug 15 15:16:08 1996
From: erehwon at c2.org (William Knowles)
Date: Fri, 16 Aug 1996 06:16:08 +0800
Subject: Anguilla - A DataHaven?
In-Reply-To: <m0uqxnq-000rU7C@maki.wwa.com>
Message-ID: <Pine.SUN.3.94.960815104107.8090A-100000@infinity.c2.net>


On Thu, 15 Aug 1996, Arun Mehta wrote:

> I'm sure this has come up before, but what would prevent a server
> being located on a buoy or something at sea outside territorial
> limits (or when satellites become cheaper, on a satellite itself)
> offering such services?  

Something that I thought would make an excellent data haven would
be older offshore oil platforms, Their size would allow extended
living periods, electrcity and communications are in place, They
are generally built outside of the territorial waters of most
countries to avoid any damage to the shorelines if oil spilled
(possibility for becoming its own country?) and with the hoops
that Shell Oil went through to please Greenpeace with its last
oil platform.  You have to wonder how cheap these could sell 
for just to get them off the oil companies hands? 

Comments or suggestions?

William Knowles
erehwon at c2.org


--
William Knowles    <erehwon at c2.org>
PGP mail welcome & prefered / KeyID 1024/2C34BCF9
PGP Fingerprint 55 0C 78 3C C9 C4 44 DE   5A 3C B4 60 9C 00 FB BD
Finger for public key
--
Vote for Harry Browne in November -- http://www.HarryBrowne96.org







From nobody at replay.com  Thu Aug 15 15:23:05 1996
From: nobody at replay.com (Anonymous)
Date: Fri, 16 Aug 1996 06:23:05 +0800
Subject: remailers/kiddie porn
Message-ID: <199608151739.TAA13029@basement.replay.com>


Internet Child Porn An Issue At Stockholm Congress

STOCKHOLM - Distribution of child pornography on the Internet seems destined to top the issues at the world's first conference against sexual exploitation of
children opening later this month in Stockholm. 

Activists are trying to devise ways of keeping pedophiles from peddling such material on the global computer network, which is already used as a billboard to
advertise prostitution and sex tourism and to exchange adult pornography. 

But not everyone agrees that regulating the Internet or its 20 million users worldwide is the right move. 

Some advocates say the Internet represents free speech. 

Others argue that the distribution of child pornography on the Internet is not that widespread. 

Still, many see it as a problem. 

"The Internet is like heaven for the pedophile," said Toby Tyler, a United States police officer who lectures at the FBI Academy on child abuse. 

"As far as our ability to restrict the distribution of child pornography and stop the sexual exploitation of children on the Internet...it's not something that can be done."

Campaigners are concerned that unless urgent action is taken to stamp out the Internet's distribution of child porn, whether it features real children or just computer
generated images, it could spark greater demand for child pornography. 

"Neglecting to prohibit computer generated images could well re-establish the commercial trade -- filling bookstores with computer images, de-sensitizing society
and fueling demand for such material," said campaigner Margaret Healy from Bangkok-based End Child Prostitution in Asian Tourism (ECPAT). 

Tyler said the Internet has ended the days when pedophiles had to make costly cross-border runs to buy child pornography in countries where laws were laxer and
penalties lighter. 

Now they can obtain and distribute films and photos from their own homes on the Internet with little risk of capture. 

Tyler said the existence of anonymous re-mailers -- computer systems which accept material transmitted over computer lines and send it out again after coding its
original address -- concealed the source of pornography on the Internet. 

"Before on-line sex material was available, you'd to find someone to sell it to you, trade with you, or produce it yourself. The net provides a very high level of
safety." 

Short of denying people access to the network, he added, there was little to be done. Even convicted pedophiles with access to computers in prisons can get the
material. 

However computer experts agree the existence of just one re-mailing system in a country with more lax laws is enough for the global distribution of child
pornography on the Internet. 

Tyler said the most widely used re-mailing system currently operates from Finland, through which about 99 percent of all child pornography with untraceable
address codes passes. 

But Johan Helsingius, who runs a re-mailing system from Helsinki, said he did not think child pornography was a problem on the Internet or that any of the 10,000
messages which pass through his server daily contained child pornography. 

"To a large extent the net is self-regulating. As soon as you do something that offends enough people, measures will be taken by those who are involved with the
net," he said. 

ECPAT's Healy said in a report prepared for the five-day Stockholm conference that opens on August 27 that the regulation of child pornography on computers
presents special challenges and called on governments to fund better training. 

"The establishment of an international research organization with...specialists in the areas of investigation, law enforcement, behavioral science, prosecution, law and
computer technology could be an invaluable resource for the global community," Healy said. 

Copyright, Reuters Ltd. All rights reserved 






From ravage at einstein.ssz.com  Thu Aug 15 15:34:37 1996
From: ravage at einstein.ssz.com (Jim Choate)
Date: Fri, 16 Aug 1996 06:34:37 +0800
Subject: [NOISE] "X-Ray Gun" for imperceptible searches (fwd)
In-Reply-To: <Pine.SUN.3.94.960815131921.1400A-100000@polaris>
Message-ID: <199608151851.NAA09462@einstein>



Hi all,

> On Wed, 14 Aug 1996, Jim Choate wrote:
> 
> > 
> > Forwarded message:
> > 
> > > Date: Wed, 14 Aug 1996 22:24:39 -0400 (EDT)
> > > From: Black Unicorn <unicorn at schloss.li>
> > > Subject: Re: [NOISE] "X-Ray Gun" for imperceptible searches
> > > 
> > > Correct.  No warrant is required to observe that which is freely collected
> > > after eminating from the residence of another and observed off his
> > > property.
> > > 
> > > Same concept applies to the "sniff" test and ariel views into greenhouses.
> > 
> > Pitty somebody doesn't bring a suite against the FCC under this logic. It
> > would particularly impact radar detectors, cell phones, and other types of
> > scanners.
> 
> Uh, what is the chain of logic that supports this suit exactly?

Simple actualy. The police don't need a warrant to collect such information
because it is in the public domain (ie not private and therefor requiring
a search warrant and probable cause). Therefore anybody (not just cops)
can pick it up.

It is becoming more and more popular for governments to limit the ability
of scanners and other such detectors to pick up information supposedly 
to protect privacy. The above states that if it is eminating from the
residence (and by extension person) and is picked up off their property,
perhaps on or in public space then it is fair game. Clearly we have
two current standards for evidence collection which are directly at odds.

States such as N. Carolina (per extension via the 14th) should be 
prohibited from regulating or otherwise controlling possesion and use
of radar detectors (in this case) which are currently illegal for
private persons to operate. If the police don't need a warrant to
collect information then citizens are equaly able to recieve that
information as well. Since the above ruling states that as long as the
emissions are eminating from the site and the reception takes place
other than at the site (in this case, being inside the police car)
, perhaps along a public highway, then no privacy is involved. This
means that citizens have a right, by extension, to know when they are
being beamed by radar.

This same chain of logic can be extended to cell phones and such as
well.

This connection is even clearer when one realizes that the only difference
between IR and your cell phone eminations is frequency. The intermediate
vector boson in both cases is a photon.

It is similar to arresting somebody for wearing a blue shirt but letting
the person wearing the red shirt go free. The rationale being that since
the frequency of the blue shirt is higher it is fundamentaly different
then the red shirt.

This ruling is prima facia evidence that the judicial system as a whole
has no clear grasp of technology, not just Internet technology.


                                                     Jim Choate






From dfloyd at io.com  Thu Aug 15 15:42:45 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Fri, 16 Aug 1996 06:42:45 +0800
Subject: Jurisdictionless Distributed Data Havens
In-Reply-To: <3212B0CB.1AB7@deltanet.com>
Message-ID: <199608151452.JAA02130@xanadu.io.com>


[...]
> 
> If one site gets shut down by Big Brother, denial of service attack,
> etc., the other sites either find a new site to replicate the missing
> part to, or they need to reconstruct the data and re-stripe it for the
> remaining servers. (Read any networking book with a section on RAID to
> see what all this means.)

[...]

> 
> The reason data striping is better than a simple mirroring network is
> that no single site contains anything useful in itself for the
> authorities to use against the server maintainer. (Similar to a remailer
> network perhaps)



> 
> An extra feature could be if some major attack was initiated against the
> data haven, there could be a dead-man button of some sort to make the
> data vanish altogether by sending distress signals to the other servers
> (or to at least one server, which could then cascade the signal).

BB would follow the signal and pop another person with conspiracy.

I have been researching this for a while yet, and have a pretty alpha
reference implementation as well as a mailing list exactly on this topic.

The problem with a RAID 5 data haven is that something needs to be the
controller, to put together and store/retrieve the data.  This controller
is in one point, and can be found out.

What BB could do is smash the controller of the RAID array, then press
charges against several of the "hard drive" owners for conspiracy.

I am working on a list for this topic (dh-l at lists.io.com, subscribe on
majordomo at lists.io.com), but I have had problems with getting a the reply
block correct, most likely due to me being very new to majordomo type
lists.

Another problem with this way of a data haven is the way network traffic
gets transfered around.  To have it more anonymous, DC net technology can
be used, but this very hard to implement.

As of now, I am looking for someone who can help me implement a redundant
controller system, so when the DH is contacted, even if the first one if
smashed, the "RAID" stays operable.

Currently, the data haven program just wakes up on input from a .forward
file into its stdin and acts on it.






From ses at tipper.oit.unc.edu  Thu Aug 15 15:51:42 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Fri, 16 Aug 1996 06:51:42 +0800
Subject: forget photographing license plates!
In-Reply-To: <199608151523.KAA03014@xanadu.io.com>
Message-ID: <Pine.SUN.3.91.960815144122.26417A-100000@tipper.oit.unc.edu>


Another UK vehicle security reply (disclaimer: my dad's company installs 
alarms, imobilisers, lojack/skynet, etc.)

The first generation of remote-keyed car-alarms used a static key. It 
didn't take long before people had modified scanners to record the key 
and play it back as soon as the driver had left. 

The current generation uses what is described as "rolling code random 
encryption". From what I could work out from talking to people, this 
scheme works something like a one time password scheme, but with no 
feedback from server (car) to client (keyfob). It seems that the keyfob 
has persistent state in the form of a  counter, which is incremented 
every time the key is pressed. This counter is combined with the 
encryption key and the resulting cyphertext is then transmitted.

 The car keeps a record of the last successful sequence number, and will 
not allow earlier sequences to be replayed. The car will accept sequence 
numbers within a certain range of the last successful one, in case a 
particular try is not recieved, or the key is jostled in ones pocket.

I don't know how strong the algorithms are, or how long the keys are; 
there are supposed to be minimum requirements on key length, but I don't 
know if the approval body evaluates the crypto.

Simon

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From tcmay at got.net  Thu Aug 15 15:54:37 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 16 Aug 1996 06:54:37 +0800
Subject: Press Release: Apple's CyberDog Web Bowser
Message-ID: <ae38c2670702100409e3@[205.199.118.202]>



*** PRESS RELEASE ***

APPLE COMPUTER UNLEASHES CYBERDOG WEB BOWSER

August 15, CUPERTINO. It may be the dog days of summer to some, but to
Apple, it's the season CyberDog (tm), its new Web bowser, goes into heat.
"CyberDog (tm) is the new dog in town," says Gil Ameliorate, the new leader
of the pack at Apple. "CyberDog (tm) should convince our skeptics that
Apple is not going to the dogs, except on our own terms. We have always
been committed to dogs, as demonstrated by our many Apple and Claris
products named after dogs, including Retriever, Pointer, Finder, and
Setter."

The CyberDog (tm) Bowser (tm) differs from conventional Web browsers by
offering several important features built in the Apple mode. Using the
OpenDog (tm) object-oriented parts system, Apple is delivering CyberDog
with WOOF, the Web OpenDog Object Filer. According to one developer who's
used OpenDog and WOOF, "I especially like the way it gets rid of DO loops
and replaces them with object-oriented DogDoo loops. It's really bitchin!"

The CyberDog (tm) Bowser (tm) offers several additional features, including
a security shell called DogPound (tm), a new speech synthesis system called
OpenDogBark (tm) and an improvement over Netscape's "cookies," which Apple
calls MilkBones (tm).

"We lift our legs and piss on Netscape and Microsoft," said Mr. Ameliorate.
"We are marking our territory with this release of CyberDog. For those who
are dog tired of Netscape and are suffering the lassietude of conventional
Web browsers, our new bowser will be the paws that refreshes."

Spokesdogs at Apple also confirm that Apple plans to directly compete with
Microsoft with an operating system product based on AMD's "K9" chip. The
product, known as "WinDog '97," will appear before Copeland, now delayed to
1999. "We think WinDog '97 will chase that other dog out of town."

Microsoft could not be reached for comment, but a Netscape spokesman said
"Netscape is the cat's meow. That Dog won't hunt. They're barking up the
wrong B-tree."

Those interested in taking CyberDog out for a walk, or just sniffing its
butt, can find further information at:
http://www.banana.com/~farce/OpenDogDoo/

CyberDog, OpenDog, Bowser, WOOF, DogPound, OpenDogBark, MilkBones, and
WinDog '97 are copyrighted terms of Apple Computer, a member of the NASDOG
stock exchange.

(Credit to my friend Paul Engel for coming up with the "bowser" pun which
inspired me to write this. He also was the first to comment while back that
AMD's "K6" clone chip ought to be called the "K9." The rest are mine. I
still use Macintoshes, so take this in the spirit of good fun. I do think,
though, that "CyberDog" is a really stupid name for a product.)







From jeremey at forequest.com  Thu Aug 15 15:56:25 1996
From: jeremey at forequest.com (Jeremey Barrett)
Date: Fri, 16 Aug 1996 06:56:25 +0800
Subject: PGP/Unix scripts, mail proggies?
In-Reply-To: <Pine.SUN.3.95.960808222342.27876A-100000@sunspot.tiac.net>
Message-ID: <Pine.BSI.3.93.960815110720.16514A-100000@descartes.forequest.com>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 8 Aug 1996, Chris Lee wrote:

> Hello all,
> 
> 	I joined this list a while ago and am curious whether a there is a
> simple way to encrypt/decrypt e-mail with PGP in a Linux(Unix)
> enviroment...?  Sorry if this has been answered a thousand times, but it
> would really make PGP a more viable option with my small ISP.
> 
> Thank you very much for any answers, please reply to me personally.
> 

Here's what I use, a simple sh script with pine for signing/encrypting.

#!/bin/sh

# Written by:  Jeremey Barrett <jeremey at forequest.com>
#
# Simple as hell sh script for automating PGP. I use pine, and have not
# tried this with any other mailer, but it should work. The version of this I
# use asks all kinds of questions about using remailers and nym servers
# before editing the mail, so it can toss in templates and such. Anyway,
# hack this at will.
#

# Pine configgy stuff I use with this:
# 
#	A)	enable-alternate-editor-cmd
#	B)	enable-alternate-editor-implicitly
#	C) 	signature-at-bottom
#	D)	editor=<full path to this script>

# I would use emacs cept that firing it up for every mail I send would suck
PGPEDITOR='pico -z -t'

# Some echos don't like -n, modify if necessary
ECHOTYPE='echo -n'

# Edit the mail... the mailer shold give us the tmp file as $1
$PGPEDITOR $1

clear

# Annoy with questions
$ECHOTYPE "PGP sign this message? [n] "
read PGP

if [ "$PGP" = "y" -o "$PGP" = "Y" ]
then 

  $ECHOTYPE "PGP encrypt this message? [n] "
  read PGPE

  if [ "$PGPE" = "y" -o "$PGPE" = "Y" ] 
  then
    pgp -east +clearsig=ON $1
    mv $1.asc $1
  else
    pgp -sat +clearsig=ON $1
    mv $1.asc $1
  fi

else

$ECHOTYPE "PGP encrypt this message? [n] "
read PGPE

if [ "$PGPE" = "y" -o "$PGPE" = "Y" ] 
then
  pgp -eat $1
  mv $1.asc $1
fi

fi


- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Jeremey Barrett
Senior Software Engineer                        jeremey at forequest.com
The ForeQuest Company                           http://www.forequest.com/

PGP Public Key: http://www.forequest.com/people/jeremey/pgpkey.html
                
		"less is more."  -- Mies van de Rohe.
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhNo0i/fy+vkqMxNAQHwRgP/etGXm06WG7yTVLYYKbwmasezVJX9RScS
kyY4kWornpBQvTRK7VKNAzVH5Pe7lXFtQAL1kpVtuNxwXsZf2tKVzXC8ZwhCF8eZ
poAH6m8pE6d9n2Ft22PTOza6URU+Lx+18D3AoNyEvEQE8xMaMIOno121eiq5/Smk
5BOPFkSuzKM=
=EUq6
-----END PGP SIGNATURE-----






From dfloyd at io.com  Thu Aug 15 15:59:49 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Fri, 16 Aug 1996 06:59:49 +0800
Subject: Jurisdictionless Distributed Data Havens
In-Reply-To: <Pine.LNX.3.94.960815140139.27838A-100000@blau.pin.de>
Message-ID: <199608151830.NAA10012@xanadu.io.com>


> 
> 
> Some annotations:
> 
> 1. The easiest way to make such a distributeted data havens (DDH)
> would be to use a distributed unix file system that
> doesn't distribute files but chunks of bytes. (Striping)
> 

Like AFS?

> Advantage: 
> - All normal services would work: ftp,http,...
> - Copying, deleting and modifing files.
> - Easy to install and use.
> 
> Problems:
> Because each side can supply all data (collecting on
> the fly from other DDHs), the site holder
> could be responsible for the data.
> This could be prevented by collecting and
> assembling data at the client side (e.g. using
> JAVA).

How many people trust clients?  If we wanted clients, we would use WebStor
from Mcaffee.  I don't trust any clients specific to one task, and would
rather use generic E-mail/ftp/www.

> 
> 2. When the DDHs are distributed around the world in
> a lot of different states, it could be very
> difficult for any government to get any evidence for
> "illegal" data on one site.

In some countries, when the government jails someone, it doesn't matter
what evidence they have.  Not everyone has a justice system that at least
makes an attempt to give a fair trial.







From lzirko at c2.org  Thu Aug 15 16:00:22 1996
From: lzirko at c2.org (Lou Zirko)
Date: Fri, 16 Aug 1996 07:00:22 +0800
Subject: Fw: Re: Free Pronto Secure Offer
Message-ID: <199608151852.LAA17998@infinity.c2.org>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: unicorn at schloss.li, cypherpunks at toad.com, geoff at commtouch.co.il
Date: Thu Aug 15 13:52:27 1996
> On Wed, 14 Aug 1996, Lou Zirko wrote:

> > PGP.  If I remember, your platform in Linux
> 
> Incorrect.

Sorry about that, I stand corrected.

> 
> > and you should not be so quick 
> > to criticize what you may have not seen.
> 
> I saw his promotional tactic, and that's what I criticized.

This `promotional tactic` was in response to a prior list message asking 
about the offer.  Because of this, I think criticizm was unwarrented.  But 
enough about this.

> 
> > Lou Zirko                                (502)383-2175
> > Zystems                                  lzirko at c2.org
> > "We're all bozos on this bus" - Nick Danger, Third Eye
> 
> --
> I hate lightning - finger for public key - Vote Monarchist
> unicorn at schloss.li
> 
> 
> 

Lou Zirko                                (502)383-2175
Zystems                                  lzirko at c2.org
"We're all bozos on this bus" - Nick Danger, Third Eye

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: latin1

iQEVAwUBMhNx/stPRTNbb5z9AQEKdgf/QS/LXvn4IQek4VMbeGaoGd1W+nnJd8Sa
UbxoPp2vog6nwI8mwLQTZtVrhCHSaalW2ykufksrFccDPzCH/nNYkljay4ugVgoe
G31SATr5DS9WSbSmgLa6Ssb+hyYJVQhBhWRVEkd06vBAqxoc6hmlVZKF2YzzBDBA
jZ5hKxWAdRb4dJ72NuzLk09UC5IOKFCd3/a1rcE6ocUTu7w0djIceE+d0+65wLzj
O93F2BndoxLT60RQ/vUTqyoXjnvpdABfyE6r7oAvfOfNjwz6+/V1oyVcFKBUTzDA
17K701IFUYjKzTD7I5JfNVwi69sfwRq0KuQgh/iZNERTJwFt/hQkPQ==
=Ht0y
-----END PGP SIGNATURE-----




From bart.croughs at tip.nl  Thu Aug 15 16:06:23 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Fri, 16 Aug 1996 07:06:23 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB8AF2.6C7BEC00@groningen10.pop.tip.nl>


Perry Metzger wrote:


>From: 	Bart  Croughs
You haven't answered this question yet. I don't claim that the U.S. is worse off when US capital moves abroad. I only ask: how can you proof that the US isn't worse off when US capital moves abroad?< 

Simple. Keeping capital from flowing wherever it likes leads to a non-pareto
optimal state. Care to dispute that?

Perry

-	-	-	-	-	-	-	-	-	

For those who don't know what the Pareto optimum is: it's an allocation of resources such that no one can be made better off without someone else being made worse off. 
So what you say is that you can't keep capital from flowing wherever it likes without someone being made worse off. Of course I do not dispute this; obviously, the US investors will be worse off when you forbid them to invest where they want to invest. But this is not a proof that the rest of the US citizens will not be worse off when American investors decide to invest abroad. And that is the proof I'm asking for.

Bart Croughs










From gjdemetr at infi.net  Thu Aug 15 16:06:38 1996
From: gjdemetr at infi.net (Gregory Demetrick)
Date: Fri, 16 Aug 1996 07:06:38 +0800
Subject: PGP/Unix scripts, mail proggies?
In-Reply-To: <Pine.BSI.3.93.960815110720.16514A-100000@descartes.forequest.com>
Message-ID: <Pine.SV4.3.91.960815153301.10737N-100000@larry.infi.net>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 15 Aug 1996, Jeremey Barrett wrote:
 
> On Thu, 8 Aug 1996, Chris Lee wrote:
> 
> > Hello all,
> >
> > 	I joined this list a while ago and am curious whether a there is a
> > simple way to encrypt/decrypt e-mail with PGP in a Linux(Unix)
> > enviroment...?  Sorry if this has been answered a thousand times, but it
> > would really make PGP a more viable option with my small ISP.
> >
> > Thank you very much for any answers, please reply to me personally.
> >
> 
> Here's what I use, a simple sh script with pine for signing/encrypting.
> 
> #!/bin/sh
> 
> # Written by:  Jeremey Barrett <jeremey at forequest.com>
> #
> # Simple as hell sh script for automating PGP. I use pine, and have not
> # tried this with any other mailer, but it should work. The version of this I
> # use asks all kinds of questions about using remailers and nym servers
> # before editing the mail, so it can toss in templates and such. Anyway,
> # hack this at will.
> #

<deletia>

There is also a utilitie I use called mkpgp. It also envokes the 
alternate editor for encryption and decryption of signed mail. It also 
has an extensive readme and help files. To get it you can do the 
following: 

If you send blank e-mail to slutsky at lipschitz.sfasu.edu with
        Subject: mkpgp

They will mail you everything you need to get started. It took me about 
20 Minutes to get it up and running. 

  Greg Demetrick 

  Pub Key: http://www.infi.net/~gjdemetr/greg.txt




-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp2.0, a Pine/PGP interface.

iQB1AwUBMhN8LkHPUq9jfdGZAQH+bQL+MeJSM/WsDKpoeAp1yT/kQth3CoPqJirJ
ei3FigQ024ThLZSjcaNjK212ynmpojEcGAepEzJ4jQc8Lgd2WII9ZGi3tpbCh7tB
OaxUDqV2sTHvkvGUvA/ByVwOe80uwpdd
=4h3N
-----END PGP SIGNATURE-----





From rah at shipwright.com  Thu Aug 15 16:14:51 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Fri, 16 Aug 1996 07:14:51 +0800
Subject: Press Release: Apple's CyberDog Web Bowser
In-Reply-To: <ae38c2670702100409e3@[205.199.118.202]>
Message-ID: <v03007802ae393083ccea@[206.119.69.46]>


At 3:02 PM -0400 8/15/96, Timothy C. May wrote:
> *** PRESS RELEASE ***
> 
> APPLE COMPUTER UNLEASHES CYBERDOG WEB BOWSER
<snif^hp>
> Those interested in taking CyberDog out for a walk, or just sniffing its
> butt ...
<snif^hp>

Cyberdog doesn't suck. 

It licks.

Why?

Because it can.


<eewwwww!>

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From jimbell at pacifier.com  Thu Aug 15 16:22:00 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 16 Aug 1996 07:22:00 +0800
Subject: Schlafly helped defeat ERA, supported Goldwater--where do I sign up?
Message-ID: <199608152000.NAA03130@mail.pacifier.com>


At 09:48 AM 8/15/96 -0700, Timothy C. May wrote:
>At 1:53 PM 8/15/96, Declan McCullagh wrote:
>>Take a look at the Boston Coalition for Freedom of Expression's list of
>>enemies of free expression. Excerpt follows.
>>Linkname: Phyllis Schlafly, Eagle Forum
>>Filename: http://www.eff.org/pub/Groups/BCFE/bcfenatl.html#Schlafly
>>
>>   Phyllis Schlafly
>....
>>   "Leading the pro-family movement to victories since 1972." Basic
>>   membership includes a subscription to The Phyllis Schlafly Report and
>>   costs $15.00. Mrs. Schlafly, whose husband Fred used to head the World
>>   Anti-Communist League, is the person considered most responsible for
>>   the defeat of the ERA. Her book A Choice Not an Echo, published in
>        ^^^^^^^^^^^^^^^^^
>>   1964 to support the presidential aspirations of Barry Goldwater, is
>                                                    ^^^^^^^^^^^^^^^
>>   one of the seminal texts of contemporary American conservative
>>   politics.
>
>So, she helped defeat the ERA and supported Goldwater. Sounds pretty good
>to me. From this excerpt, I'd call her a friend of liberty.

I think it's interesting that one of the most effective methods the 
Democrats used to defeat Goldwater was the fear that he would get us into 
war (Girl and daisy ad, for example) and when Johnson was elected he 
promptly got us into the Vietnam war. 

Jim Bell
jimbell at pacifier.com





From stephen at iu.net  Thu Aug 15 16:23:42 1996
From: stephen at iu.net (Stephen Cobb)
Date: Fri, 16 Aug 1996 07:23:42 +0800
Subject: Stopped Clock. Was: Schlafly on Crypto
Message-ID: <1.5.4.32.19960815201644.00b5fe20@iu.net>


Speaking as someone who seldom agrees with Phyllis Schlafly...and not
meaning to be overly ignorant or paranoid or disrespectful, but is there any
link between her column and Roger Schlafly, as in:

Schlafly v. Public Key Partners & RSA Data Security, Case C-94-20512 SW PVT

or is it mere coincidence.

Reminds me of the Doonesbury cartoon of conspiracy theorists, circa O.J.
case: "Wait a minute, Hertz has an office in Dallas."
"Coincidence?"
"I don't think so."

Stephen






From bart.croughs at tip.nl  Thu Aug 15 16:25:51 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Fri, 16 Aug 1996 07:25:51 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB8AF2.52CFF620@groningen10.pop.tip.nl>


Blanc Weber wrote:

>Are you the one putting up the objections?  Are you the one who does not
want to see the proof which you are asking for?  I would think that
after having read Mises, Hayek, et al, the economic cause&effect
principles which they outlined would make the resulting situation pretty
clear.

   ..
Blanc<

 If the situation is so clear, why can't you give the proof I'm asking for?

Bart Croughs






From win-request at metrics.com  Thu Aug 15 16:41:15 1996
From: win-request at metrics.com (Rich Graves)
Date: Fri, 16 Aug 1996 07:41:15 +0800
Subject: Win NT - Internet Security Alert (fwd)
Message-ID: <Pine.GUL.3.95.960815124525.10248B-100000@Networking.Stanford.EDU>


I'm not approving this for comp.os.ms-windows.announce, but I figure it's
on-topic here (what isn't?). I was intrigued by their "proprietary
procedures to recover Windows NT installation with a lost administrator's
password." 

(The procedure I'd suggest: boot from a DOS or Linux floppy with an NTFS
driver. Back up all the application and data files you want saved. Reformat
the drive, install NT, and restore the saved files.) 

By the way, did you hear the one about the Microsoft tech support
recommendation to put the perl.exe interpreter into a world-executable
directory? www.bugnet.com

-rich

---------- Forwarded message ----------
Date: 15 Aug 1996 19:50:47 GMT
From: MWC at news.ee.net, "Inc. NT Security team" <NTSecurity at box.omna.com>
To: comp-os-ms-windows-announce at uunet.uu.net
Newsgroups: comp.os.ms-windows.announce, comp.os.ms-windows.misc,
    comp.os.ms-windows.networking.misc,
    comp.os.ms-windows.networking.tcp-ip
Subject: Win NT - Internet Security Alert



      *** Win NT / Internet Security Alert ***

      Our survey has shown that more than 50% of NT based Web Sites
do not pay proper attention to Internet security aspects. These sites are
extremely vulnerable, others are vulnerable to some extent.

      We were surprised to find that this relaxed approach to Windows NT /
Internet security does not depend on a size of a company, etc.

      MWC (http:\\www.omna.com\Yes\MWC\) provides unique recovery and
security services for Windows NT based networks connected to the Internet.

      We can help you to make your network truly secure.


      Our services include:


      *** Simulated Intrusion Attack Service ***

      The purpose of the SIMULATED INTRUSION ATTACK Service is to find
potential security holes in a Client's Windows NT 3.5x, 4.0 Operating
Systems Computer and / or Intranet / Internet Windows NT-based network.
For more information please visit:

        http://www.omna.com/yes/mwc/security.htm


      *** NT Security Software ***

      ScanNT . v.1.1 is Windows NT password cracker. More information is
available at:

        http://www.omna.com/yes/AndyBaron/pk.htm


      *** Password Recovery Service ***

      Guaranteed Administrator's password recovery service for Windows
NT 3.5x, 4.0.  MWC, Inc. uses proprietary procedures to recover Windows NT
installation with a lost administrator's password.
      More information about this service is available at:

      http://www.omna.com/yes/mwc/prs-index.htm


      *** NT Network Examination ***

      MWC offers Network Examination Services for
Windows NT based Internet connected Networks to help you answer the
following questions:
      7 Is your Internet Server Vulnerable?
      7 Is your Production Server Vulnerable?
      7 Is your Network Vulnerable?


      *** Partial List of Satisfied Customers***
      is published at:

      http://www.omna.com/yes/mwc/cust-security.htm


      For more information please contact Andy Pozo, Director of Sales
AndyPozo at box.omna.com , Tel 614-263-0662 Fax 614-263-0663


      MWC NT Security Team.






From bryce at digicash.com  Thu Aug 15 16:41:25 1996
From: bryce at digicash.com (bryce at digicash.com)
Date: Fri, 16 Aug 1996 07:41:25 +0800
Subject: PGP/Unix scripts, mail proggies?
In-Reply-To: <Pine.BSI.3.93.960815110720.16514A-100000@descartes.forequest.com>
Message-ID: <199608152007.WAA12491@digicash.com>



-----BEGIN PGP SIGNED MESSAGE-----

I have an sh script to automate PGP usage, available for 50
cents in Ecash from "http://www.c2.net/~bryce/BAP.html" or for
free by e-mailing me and asking politely.  BAP is simple enough
that my mother can use it, and functional enough that I use it.


Regards,

Bryce



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2

iQB1AwUBMhODZUjbHy8sKZitAQGr1AL+LjpppE77K8qNhcpblSI178BfC/hRBQ8u
MM63n006/i0oSqsvybB5VrKp8U25bjYERH1xNVaGynZQVT7UME+qlFK6qdfo+Wbg
5OkPOqOPz4wN28MQ6M87NdHoJM97nDjj
=Bn+w
-----END PGP SIGNATURE-----





From mattt at microsoft.com  Thu Aug 15 16:45:10 1996
From: mattt at microsoft.com (Matt Thomlinson)
Date: Fri, 16 Aug 1996 07:45:10 +0800
Subject: Stopped Clock. Was: Schlafly on Crypto
Message-ID: <c=US%a=_%p=msft%l=RED-77-MSG-960815202758Z-37065@RED-05-IMC.itg.microsoft.com>


relation: mother-son

>----------
>From: 	Stephen Cobb[SMTP:stephen at iu.net]
>Sent: 	Thursday, 15 August, 1996 1:16 PM
>To: 	jim bell
>Cc: 	cypherpunks at toad.com
>Subject: 	Re: Stopped Clock. Was: Schlafly on Crypto
>
>Speaking as someone who seldom agrees with Phyllis Schlafly...and not
>meaning to be overly ignorant or paranoid or disrespectful, but is there any
>link between her column and Roger Schlafly, as in:
>
>Schlafly v. Public Key Partners & RSA Data Security, Case C-94-20512 SW PVT
>
>or is it mere coincidence.
>
>Reminds me of the Doonesbury cartoon of conspiracy theorists, circa O.J.
>case: "Wait a minute, Hertz has an office in Dallas."
>"Coincidence?"
>"I don't think so."
>
>Stephen
>
>





From schneier at counterpane.com  Thu Aug 15 17:24:43 1996
From: schneier at counterpane.com (Bruce Schneier)
Date: Fri, 16 Aug 1996 08:24:43 +0800
Subject: Can someone validate this code?
In-Reply-To: <199608151059.DAA01125@fat.doobie.com>
Message-ID: <v03007804ae39382ab06f@[204.246.66.72]>


This looks like something that was anonymously posted to the Internet
about a year ago.  It is widely believed to be a hoax; if nothing else,
the key schedule is horrible.  David Wagner broke the algorithm based
on the key schedule alone.

This is what I wrote about S-1 last time around....

Bruce

----------------------------seperator---------------------------------

I was in Europe while S-1 was posted, so I missed most of the
discussion.  Better late than never....

Over the last year, I have spent considerable effort collecting
SKIPJACK information.  I have gone through the published
literature, the rumors, and a large stack of documents received
by EPIC through Freedom of Information Act (FOIA) lawsuits.

At Crypto last week I gave a Rump Session talk entitled "Reverse
Engineering SKIPJACK from Open Sources."  I prepared the slides
before I left for Europe.  Here is what I said:

     What the government told us:
          Single-key block cipher.
          Can be used in ECB, CBC, CFB, or OFB.
          64-bit block size.
          80-bit key size.

     What the review committee told us:
          32 rounds.
          No weak keys (like DES has).
          No key complementation property (like DES has).

     What the hardware specifications tell us:
          The latency of the Mykotronx chip has 64 clock cycles.
               This means two clock cycles per round.

     Assorted rumors (excuse me if I don't reveal sources):
          SKIPJACK does not have rounds in the same sense that
               DES does: i.e., half of the text block is not
               encrypted in each round.
          SKIPJACK has half the total S-box data as DES.
          SKIPJACK has a 48-bit internal structure analogous to a
               32-bit internal structure in DES.
          The masks for the Clipper/Capstone chip are
               unclassified and the chips can be produced in an
               unclassified foundry.  Part of the programming in
               the secure vault includes installing part of the
               SKIPJACK algorithm.  The part of the algorithm
               installed in the secure vault are the "S-tables",
               suggesting that perhaps unprogrammed Clipper chips
               can be programmed to implement other 80-bit key,
               32 round ciphers.

Trying to puzzle out the meaning of the third rumor, Matt Blaze
and I invented something called an Unbalanced Feistel Network.
These are Feistel networks where the source and target blocks are
of different size.  For example, in each round 48 bits might be
used as an input into the F function, and produce 16 output bits
to be XORed with the remainder of the bits.  We called this a
48:16 UFN, and we proposed a design at last year's Algorithms
Workshop in Leuven.  Our design was broken, but I am still
examining the structure.  A 48:16 UFN satisfies the first and
third rumor above, and I think it as good a guess as any
regarding SKIPJACK.

A few months ago, I found some additional information in the form
of documents released under FOIA.  One document was a Mykotronx
design review for "Project Capstone" dated 10 December 1991.  The
design review was unclassified.  Among the details about the
modular multipliers and the SHA code was the following page about
SKIPJACK:

     ECB Processing Rate

          2 clocks per G-Box operation
          x 1 G-box per shift
          x 32 shifts per ECB encryption
          ______________________________
          64 clocks per ECB

     64 clocks per ECB / 64 bits out per ECB = 1 clock per bit
     Yields 40 Mbit encryption using a 40 MHz clock.

The only other thing I found was a SECRET memo.  The organization
name (either from or to) is blacked out.  The date is 25 August
1992.  The subject is "SKIPJACK Revision."  Paragraph 2 is
blacked out, but paragraph 1 reads:

     1.  (U) The enclosed Informal Technical Report revises the
     F-table in SKIPJACK 3.  No other aspect of the algorithm is
     changed.

That's it.  Rounds are called "shifts," which seems to indicate
that they are not "rounds" in the DES sense.  A shift consists of
a "G-box" operation, which includes not only what we call the F-
F-function but the XOR as well.  And there is something called an
F-table, which could be a table of constants or perhaps a table
of functions.  In any case, it is something that can be revised
without changing the rest of the algorithm.

Now let's look at S-1.  The most probable explanation is that it
is a hoax.  But it is a very good hoax:

     The hoaxer knew enough about algorithm design to make a
          cipher that was not obviously lousy, while at the same
          time not unduly complicated.  The hoaxer knew enough to
          make a design that included three novel ideas not seen
          anywhere else: S-boxes that are created according to no
          known criteria, a G-table that chooses a rotation of
          S-boxes to use in a given round, and a bizarre key
          schedule.
     The hoaxer knew enough about how algorithms are used in the
          military to make a spookish interface.  I am
          particularly interested in the "zeroize" function, the
          separation of the key creation and key loading
          functions, and the key masking.  Blaze said that the
          interface was similar to the Fortezza interface, but
          not the same.
     The hoaxer knew about Blaze's and my MacGuffin paper and
          that we thought SKIPJACK was a 48:16 UFN.  We made no
          secret about this, and our paper is on Blaze's web
          page.  The hoaxer knew to use the term F-table.  I
          haven't shown many people what I found in EPIC's
          documents, so the hoaxer either had to look through
          them himself or get them by some other means (maybe an
          independent FOIA request).

It's not a perfect hoax, though.  The classification markings
look odd: NSA algorithms are SECRET, not TOP SECRET, and the
codeword restriction sentence is strange.  The key schedule is
hopelessly flawed (David Wagner posted an attack to sci.crypt).
The coding style is amateurish, like it was translated from one
language to another.  (Maybe this is clever on the hoaxer's
part.)  And there's even a typo in the code.

And maybe the hardware latency is wrong.  Clearly the design
facilitates parallelization.  You can precompute all possible F-
table outputs in previous shifts, and then use the G-table result
to select between them; I am not sure you can get a shift down to
two clock cycles.  I don't have the hardware background, and
would appreciate comments from others.

And why are there not bitwise permutations?  If SKIPJACK is
designed for hardware, it makes sense to put them in.  They're
free, after all.

Anyway, it's a real good hoax.  Blaze estimated that he could
have done it, but it would have taken him a month of effort.  I
agree with his assessment: one man-month.  It's a lot of time to
spend on a hoax, especially one where the hoaxer doesn't get any
credit.

So, maybe it's SKIPJACK.  It has a 64-bit block size and an 80-
bit key size.  It's a 48:16 UFN with 32 rounds (or shifts, or
whatever).  And it has an F-table.  This is really interesting,
because the structure really is an S-box.  Everyone knows it's an
S-box, and it makes no sense for a hoaxer to call it something
else.  But in S-1 it's called an F-table.  (I think this is very
significant, but others find it less convincing.)

And the F-table has been revised at least once.  In the code it
says that the F-table entries "differ in the S-2 version."  The
code is dated 1 February 1989 and 31 July 1991, and I have a memo
dated 25 August 1992 that says the F-table has been revised in
"SKIPJACK 3."  Pretty convincing, I think.  (Of course this means
that we can't confirm anything by testing the hardware, since the
F-table entries are different.)

Maybe there are no bit permutations because they make analysis
harder, and perhaps they don't add all that much.  Maybe the
algorithm was designed for both hardware and software, or maybe
it was designed for specialized cryptographic hardware with
several parallel microprocessors and some cryptographic
primitives.

If it is real, we have a lot to learn about S-box design.  The S-
boxes are not even balanced.  Maybe they are created just so to
avoid some bizarre attack we can only dream about, but I kind of
doubt it.

But the key schedule is just plain wrong.

So, here's a theory.  Let's assume the code is real.  (Not that
it's SKIPJACK, but that it's a real algorithm from some military
or some corporation.)  Clearly the code is not designed to test
the cryptographic algorithm, but to simulate some kind of
hardware interface: it's called a "software chip simulator."  If
I were the NSA and I designed an algorithm whose security rested
on some tables of constants, I might replace them with phony
constants before giving them to another organization to test.  I
might call the phony version S-1 and the real version S-2.

Maybe the code was originally written in FORTRAN, and then
translated into C.  (NSA doesn't use ADA.)

NSA algorithms are classified SECRET, put perhaps algorithms in
development are classified TOP SECRET.  (We know cryptanalytic
techniques can be TOP SECRET, so perhaps commented code falls
under that category as well.)

And maybe the code originally didn't have an 80-bit key schedule.
Maybe it had a longer key schedule.  The poster then modified
this key schedule to make it look more like SKIPJACK.  (This
might also explain the bug in the code, which might not be a bug
if it still had the original key schedule.)

Which leaves us precisely nowhere.  The most likely explanation
is that it is a hoax, but I am hard-pressed to imagine a hoaxer
with the requisite combination of skills, resources, and
attitude.  I also don't believe that it is SKIPJACK.  It might be
a preliminary design for SKIPJACK, but if both the key schedule
and F-table entries are wrong, we really haven't learned
anything.  If we suddenly discovered that unbalanced S-boxes are
far superior to balanced ones, then all best are off.

Bruce

**************************************************************************
* Bruce Schneier              APPLIED CRYPTOGRAPHY, 2nd EDITION is
* Counterpane Systems         available.  For info on a 15%
* schneier at counterpane.com    discount offer, send me e-mail.
*
* For Blowfish C code, see ftp.ox.ac.uk:/pub/crypto/misc/blowfish.c.gz
**************************************************************************







From svmcguir at syr.edu  Thu Aug 15 17:25:21 1996
From: svmcguir at syr.edu (Scott McGuire)
Date: Fri, 16 Aug 1996 08:25:21 +0800
Subject: National Socio-Economic Security Need for Encryption Technology Re: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB89EA.FB826540@groningen08.pop.tip.nl>
Message-ID: <ML-2.2.840145964.9124.scott@homebox.>


-----BEGIN PGP SIGNED MESSAGE-----


>From:      Bart  Croughs
>
>You haven't answered this question yet. I don't claim that the U.S. is
>worse off when US capital moves abroad. I only ask: how can you proof
>that the US isn't worse off when US capital moves abroad? 

I recall you were interested in how the Austrians would answer this.  I
think that they would object to the question because of their aversion to
aggregates.  Some individuals are better off and some worse off.  The
Austrians would deny that you can sum the results for individuals and get
a result for the economy as a whole.  This is because of Austrian
subjectivity.

Assume that I move a programming job to India, and make the required
capital investments.

I am presumably better off (otherwise I wouldn't have moved the capital).

The worker I fire here in the US is worse off.

(Other effects you have mentioned go here).

Now, considering only me and the laid off worker, is this change overall
good or bad?  To answer this, you would have to compare the value of my
gain to the value of the workers loss.  But you can't.  Value is
subjective.  And, it only gets harder when you try to take into account
the other people affected.

P.S.
Bart, your quotes of other people are hard to follow.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv

iQCVAwUBMhObE97xoXfnt4lpAQEU2AQAtllFg2gajiVhZqQoEJ5+yP9JvalU6ZiZ
MD0L8CB+P04r0ICHrP2uhj40IUj2MTrb62JcHqKjrW5QU/51u+F4OfAryB4uHivH
qz3WiAbscQgZTOf/zRyU7hBCSxQkYE/CZeDPjXPs8++6a0TvmJTlNp9KpJ1wIwgz
eGgkhKQoaPY=
=6ytQ
-----END PGP SIGNATURE-----

--------------------
Scott McGuire <svmcguir at syr.edu>
PGP key available at http://web.syr.edu/~svmcguir






From blancw at microsoft.com  Thu Aug 15 17:29:08 1996
From: blancw at microsoft.com (Blanc Weber)
Date: Fri, 16 Aug 1996 08:29:08 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <c=US%a=_%p=msft%l=RED-81-MSG-960815211346Z-703@tide21.microsoft.com>


>From: 	Bart  Croughs
>
> If the situation is so clear, why can't you give the proof I'm asking for?
................................................

Well, first of all, I never intended to provide one.   I don't know why
you are asking for proof.   I don't know why anyone should be moved to
give one to you.  

   ..
Blanc

>
>
>





From iang at cs.berkeley.edu  Thu Aug 15 17:29:31 1996
From: iang at cs.berkeley.edu (Ian Goldberg)
Date: Fri, 16 Aug 1996 08:29:31 +0800
Subject: Jurisdictionless Distributed Data Havens
In-Reply-To: <3212B0CB.1AB7@deltanet.com>
Message-ID: <4v05k2$jq9@abraham.cs.berkeley.edu>


-----BEGIN PGP SIGNED MESSAGE-----

In article <3212B0CB.1AB7 at deltanet.com>,
Kevin Stephenson  <cts at deltanet.com> wrote:
>DigiCash will never work in my book because it requires an account,

Actually, it doesn't...  It's just that in order to use DigiCash's ecash
without an account, you need a slightly cooler client, which (AFAIK)
nobody's gotten around to writing (yet).

   - Ian "you'll have to wait until after Crypto..."

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhOZvEZRiTErSPb1AQFlZAP7B7jpZguOk0vA30pkgY6W17SHf/F8ik1/
SOWYiYdSzZ9go9BhoMQyyF68EzzUgwtsqlD3RAU31eMIqMrsAKaHDwp8bMHo7wUc
FgQZtMniJlPj1oukLegFpueDAEcKhM+HDaYehgeKvf24CSlw3o6vi1li7x4R1GKc
22aco7e6/s4=
=W86h
-----END PGP SIGNATURE-----





From dfloyd at io.com  Thu Aug 15 17:44:24 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Fri, 16 Aug 1996 08:44:24 +0800
Subject: forget photographing license plates!
In-Reply-To: <Pine.SUN.3.91.960815144122.26417A-100000@tipper.oit.unc.edu>
Message-ID: <199608152134.QAA17950@xanadu.io.com>


> 
> Another UK vehicle security reply (disclaimer: my dad's company installs 
> alarms, imobilisers, lojack/skynet, etc.)
> 
> The first generation of remote-keyed car-alarms used a static key. It 
> didn't take long before people had modified scanners to record the key 
> and play it back as soon as the driver had left. 
> 
> The current generation uses what is described as "rolling code random 
> encryption". From what I could work out from talking to people, this 
> scheme works something like a one time password scheme, but with no 
> feedback from server (car) to client (keyfob). It seems that the keyfob 
> has persistent state in the form of a  counter, which is incremented 
> every time the key is pressed. This counter is combined with the 
> encryption key and the resulting cyphertext is then transmitted.
> 
>  The car keeps a record of the last successful sequence number, and will 
> not allow earlier sequences to be replayed. The car will accept sequence 
> numbers within a certain range of the last successful one, in case a 
> particular try is not recieved, or the key is jostled in ones pocket.
> 
> I don't know how strong the algorithms are, or how long the keys are; 
> there are supposed to be minimum requirements on key length, but I don't 
> know if the approval body evaluates the crypto.
> 
> Simon

That is known for cars.  I double checked, and found some car alarms able
to do this.  However, I have not found any house garage door openers able
to pull this off.  Most still use the old blurt code method.

Ironically, there are gate openers which have this technology in them
(rolling code.)






From cdaemon at goblin.punk.net  Thu Aug 15 18:18:36 1996
From: cdaemon at goblin.punk.net (Checkered Daemon)
Date: Fri, 16 Aug 1996 09:18:36 +0800
Subject: RANT re: National Socio-Economic Security Need for
In-Reply-To: <199608150629.XAA03193@dns2.noc.best.net>
Message-ID: <199608152226.PAA23432@goblin.punk.net>


James A. Donald opines:
 
> At 06:24 PM 8/13/96 -0700, Checkered Daemon wrote:
> > a)  Knowledge jobs require tremendous capital investment, as in degrees,
> > training, continual updating of skills, etc.
> 
> But they do not require much capital investment by the boss.  That is 
> to say the key corporate assets are increasingly owned by the employees,
> 
> At some point one would expect this to lead to a change in business 
> structure, but I see no signs of this happening.

One large change, which has been discussed previously on the list, is that
management is becoming more and more a function of specifying WHAT is to
be done, rather than HOW it is to be done.  This leads to a business model
based more on the independent contractor (whether it's a single individual,
or a business that does 'outsourcing' work) than the traditional industrial
assembly line.

Add ubiquitous high-speed data communications networks, and suddenly
national governments become not only irrelevant, but actual impediments
to a free market economy.  Potholes, if you will, on the information
superhighway (attribution to T. May).  

The structural changes are many.  Worldwide regulatory and tax arbitrage.
Elimination of the entire job category of 'middle management'.  Capital
in the form of knowledge and reputation rather than fixed physical assets.
Intentionally temporary organizational structures.  Individual responsibility
for what used to be called 'benefits'.

I'm a networking consultant.  My father had three jobs in his entire
lifetime.  I had three jobs this morning.  If that's not structural change,
I don't know what is.

-- 
Checkered Daemon                              cdaemon at goblin.punk.net

Delirium:  There must be a word for it ... the thing that lets you know that
           TIME is happening.  IS there a word?
Sandman:   CHANGE.
Delirium:  Oh.  I was AFRAID of that.





From cdaemon at goblin.punk.net  Thu Aug 15 18:34:22 1996
From: cdaemon at goblin.punk.net (Checkered Daemon)
Date: Fri, 16 Aug 1996 09:34:22 +0800
Subject: Crypto Ban Talk @ G-7
In-Reply-To: <321333D4.2003@vail.tivoli.com>
Message-ID: <199608152240.PAA23570@goblin.punk.net>


Mike M Nally chimes in with:
 
> Declan McCullagh wrote:
> > 
> > I have the text of the resolution passed by G-7 and Russia that
> > moves towards greater controls on crypto at:
> 
> I just have to wonder whether these people expect their measures to
> really reduce terrorism, or if they simply expect to be able to
> identify and imprison/kill all the terrorists so that terrorism can 
> be eliminated like smallpox.
> 
> If the former, I'd say they're stupid, and if the latter, well, I'd
> say they're stupid.

None of this has anything to do with terrorism, or any of the other
'horsemen'.  It has to do with the survival of national governments as
we presently know them.  These people are not completely stupid.

Totally secure, world-wide data networks WILL spell the end of national
governments.  This cannot be allowed.  The horsemen aspect is just there
for popular consumption.

-- 
Checkered Daemon                              cdaemon at goblin.punk.net

Delirium:  There must be a word for it ... the thing that lets you know that
           TIME is happening.  IS there a word?
Sandman:   CHANGE.
Delirium:  Oh.  I was AFRAID of that.





From wb8foz at nrk.com  Thu Aug 15 18:38:32 1996
From: wb8foz at nrk.com (David Lesher)
Date: Fri, 16 Aug 1996 09:38:32 +0800
Subject: Anguilla - A DataHaven?
In-Reply-To: <Pine.SUN.3.94.960815104107.8090A-100000@infinity.c2.net>
Message-ID: <199608152235.SAA03915@nrk.com>


erehwon at c2.org:
> Something that I thought would make an excellent data haven would
> be older offshore oil platforms.

I recall the Royal Navy raiding WWII era Anti-Aircraft platforms
that were housing pirate BBC competitors....

This was in the 60's I think....



-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From Scottauge at aol.com  Thu Aug 15 19:16:14 1996
From: Scottauge at aol.com (Scottauge at aol.com)
Date: Fri, 16 Aug 1996 10:16:14 +0800
Subject: Burden of proof
Message-ID: <960815192512_457514748@emout07.mail.aol.com>


In a message dated 96-08-15 17:35:20 EDT, you write:

> This relates to something I have been wondering about:  If one could
>  get one's company to pay one in electronic cash, what is to stop one
>  from piling the coins in a Datahaven somewhere (assuming one existed
>  that would be usable for these purposes) and say to the IRS: Money?
>  What money?  Can you find any of my money?  I, uhh... lost it!  Yeah,
>  that's it!!

But then how do you spend it?  What if instructions are given to the banking
system to not deal with such and such bank (or datahaven)?  How are you going
to get it out and spend them deniros?





From jya at pipeline.com  Thu Aug 15 19:16:18 1996
From: jya at pipeline.com (John Young)
Date: Fri, 16 Aug 1996 10:16:18 +0800
Subject: RAD_ius
Message-ID: <199608152343.XAA18395@pipe1.t1.usa.pipeline.com>


   8-14-96. NW: 
 
   "Proposed IETF standard to ease a variety of remote 
   access concerns ." 
 
      The scheme, called Remote Authentication Dial-In User 
      Service (RADIUS), provides a centralized and secure 
      method for authenticating remote dial-in users, 
      authorizing appropriate enterprise resources and 
      gathering accounting details. RADIUS also provides a 
      way to integrate the security administration of 
      dial-in users with that of the resident enterprise 
      population. 
 
   ----- 
 
   http://jya.com/radius.txt  (5 kb) 
 
   RAD_ius 
 
 
 
 
 





From geoff at commtouch.co.il  Thu Aug 15 19:42:35 1996
From: geoff at commtouch.co.il (geoff)
Date: Fri, 16 Aug 1996 10:42:35 +0800
Subject: (NOISE) Re: Free Pronto Secure Offer
Message-ID: <19960815232910268.AAB222@[194.90.26.189]>


-----BEGIN PGP SIGNED MESSAGE-----

To: unicorn at schloss.li, cypherpunks at toad.com
Date: Fri Aug 16 02:41:34 1996
Unicorn,

> No, I was merely pointing out that if the review revealed that it
> had problems (one assumed that the intent of peer review is to reveal
> such problems in the first place, but perhaps you just like giving
> software away?) then the offered reward was valueless.

Peer review seems to have voted that their risk paid off.
 
> A lot of people use DES on this list too I'll wager.
and...

> I "tried out" your promotional scheme when I read your message, and
> it was that scheme which my opinion targeted.

You misinterpreted my reply to a list member's enquiry about whether 
our offer of Pronto Secure in exchange for feedback was still 
available. 
 
> This is a subjective question.
Yes.

> Cypherpunks is always getting the cash poor developer who thinks he
> very clever because he has to pay testers no money if he offers his 
> new product free to the person who discovers a flaw, or writes a 
> review.

Unicorn, you are again letting your fingers move faster than your 
brain. On what do you base your evaluation of our liquidity ? (not that 
it is relevant). Most Cypherpunks are technically savvy and crypto 
aware people, they provide a perfect community for evaluating and 
debugging a security enabling product. I would strongly recommend this 
route to any developer of serious security enhancing software. My 
sincere thanks to all c'punks who have and continue to provide 
incredibly valuable input into Pronto Secure.

> From your home page, I would guess that you request that reviewers
> allow you to make their comments public.  That's called an 
> endorsement, and, by the way, people are usually paid for them.  
> Sometimes in the millions. Think Michael Jordan is getting a deal 
> when you use his name to promote your product and then give him a 
> $99.00 piece of software (which is effectively worth the amount of 
> time it takes to write a few kiss ass paragraphs on the software, not 
> $99.00)?

Unicorn, you are again making groundless assumptions. I suggest that 
you do some fence painting before you enlighten us with your opinions 
about our "kiss ass paragraphs" of code.
Unless Michael Jordon is reading Schneier on the sly, his endorsement 
of Pronto secure is not worth 99c.

> Alturisim is a pipe dream.
Depends what you are putting in your pipe :)
I venture that most c'punks would agree that moving strong e-mail 
security into mainstream is a good thing. This is not going to happen 
without people making money from it.

>> Unicorn, you are invited to whitewash my fence :)
> Do I have to review pronto secure first?
Yes.

Geoff.

- ---------------------------------------------------------------
Geoff Klein, Pronto Secure Product Manager;   www.commtouch.com 
My PGP public Key 1814AD45 can be obtained by sending a message
to geoff at commtouch.co.il with "Get PGP Key" as the subject.
- ----------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBMhO1s0Lv5OMYFK1FAQG5WAP/XoLteaVpdhnLpj/pk/1aPiWX7Nx/h1cc
5Sf0mgOWv3Q9MASWHV2lKrgqF9jc15ZaymfJZDq1duGttrPj6SJqX/nwOTcYi006
Hh3qh+LnXWnBd7QA/mZL5Fn4SLAOBno/uspqwMbM+6DCw39MpCY2NG0jQ2Qi8vMH
n1IG+PYYTAs=
=5HnW
-----END PGP SIGNATURE-----






From vince at offshore.com.ai  Thu Aug 15 19:45:09 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Fri, 16 Aug 1996 10:45:09 +0800
Subject: Floating DataHaven
In-Reply-To: <Pine.LNX.3.91.960815185647.16282D@offshore>
Message-ID: <Pine.LNX.3.91.960815194218.16207H-100000@offshore>



William Knowles <erehwon at c2.org>
> 
> Something that I thought would make an excellent data haven would
> be older offshore oil platforms,
> [...]
> You have to wonder how cheap these could sell 
> for just to get them off the oil companies hands? 

A floating DataHaven is probably the way to get the ultimate in 
freedom.  

There is someone on Anguilla that bought a used floating oil platform for
$1 million.  It is big enough for 200 people to live on.  It is not here,
so I have not seen it. 

There is someone else here who says that there are some really old ones
that you can get just for hauling them away. Some countries will not let
owners just sink them. 

You can get Internet via radio links for reasonable prices.  And via
satellite for almost affordable prices.  When Bill Gates 900 satellites
get up there it should be very affordable. 

  --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/





From tcmay at got.net  Thu Aug 15 20:07:11 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 16 Aug 1996 11:07:11 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <ae3911110a0210048570@[205.199.118.202]>


At 9:39 PM 8/15/96, Bart  Croughs wrote:

>
> If the situation is so clear, why can't you give the proof I'm asking for?
>

Several people have given explanations of why your question is both too
simplistic and too tied to subjective definitions of "good for the
economy." You ignore these points and keep repeating your protectionist
mantra.

You seem to have a one-track mind, suggesting you are probaby a rabid
Objectivist. OK, so I will give you an Objectivist proof:

A is A. Not-A is not Not-Not-A. A is real, Not-A is not real. Reality is
good, non-reality is not good. Man exists in reality. Therefore Man is
good. Existence is not optional. Non-existence is nothingness. Nothingness
is darkness. The opposite of darkness is light. Fire produces light,
therefore fire is good. Fire is the embodiment of good. Smoking is the
embodiment of fire. Therefore, smoking is good. Non-smoking is bad....

What was the question again?

--Tim May

(P.S. Since Bart seems to have only one thing on his mind, and since our
list members seem unable to persuade him about anything, I suspect this
list is not the list for Bart. May he find the list he seeks.)

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From alanh at infi.net  Thu Aug 15 20:12:33 1996
From: alanh at infi.net (Alan Horowitz)
Date: Fri, 16 Aug 1996 11:12:33 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
In-Reply-To: <199608150454.AAA18471@mh004.infi.net>
Message-ID: <Pine.SV4.3.91.960815205619.3926A-100000@larry.infi.net>


I repeat.  Generations of sweating engineers have discovered and confirmed 
that there is not an easy, "Silver Bullet" cure of the canonical problem 
of shielding electromagnetic energy from reaching someone who knows how 
to interpret it.

Bill, you are welcome to look at a layer of tin foil and give a sigh of 
relief that you've shielded your gun or your crypto diskette or your 
private body parts feom someone who knows what they're doing.  Go ahead, 
chant a mantra too, if it makes you feel better.





From molnard1 at nevada.edu  Thu Aug 15 20:22:30 1996
From: molnard1 at nevada.edu (DAVID A MOLNAR)
Date: Fri, 16 Aug 1996 11:22:30 +0800
Subject: Burden of proof
In-Reply-To: <96Aug15.132311edt.20486@janus.algorithmics.com>
Message-ID: <Pine.OSF.3.91.960815172937.17110A-100000@pioneer.nevada.edu>



> This relates to something I have been wondering about:  If one could
> get one's company to pay one in electronic cash, what is to stop one
> from piling the coins in a Datahaven somewhere (assuming one existed
> that would be usable for these purposes) and say to the IRS: Money?
> What money?  Can you find any of my money?  I, uhh... lost it!  Yeah,
> that's it!!
	What is to stop the IRS from pointing out that you received the 
money from your employer? Maybe you could convince them you were unable 
to pay, but that would require squirreling away(and refraining from 
using) all your assets. 







From asgaard at sos.sll.se  Thu Aug 15 21:11:21 1996
From: asgaard at sos.sll.se (Asgaard)
Date: Fri, 16 Aug 1996 12:11:21 +0800
Subject: Commercial Bundling
Message-ID: <Pine.HPP.3.91.960815185133.9093B-100000@cor.sos.sll.se>


A few days ago Eallensmith forwarded an article, which has lots of
references to economic scientific sources, by Andrew Odlyzko, AT&T:
'The bumpy road of electronic commerce'.

I didn't know that there is a whole theory of why and when and
how bundling of products work in commerce (but I should have guessed).

Soon after this article, published August 9, arguing why bundling
and subscriptions will take the lead over intelligent agent shopping
and personalized micro-retrievement on the net, came the following
announcement (quoting Edupage) from MS:

>Microsoft has struck deals that will allow it to bundle the Wall Street
>Journal's Interactive Addition and ESPN Sports Zone into its new version
>3.0 of Internet Explorer browser software ...

A networked computer with a bundled MS operating sytem, and a browser
already pointing to streamlined information. What more do we need?

This really fits in with Odluzko's predictions, and there is more to
come. According to Odluzko, bundling is not an evil but actually
does good for everyone, mostly (as does different prizes for different
customers). And most of us seem to prefer flat rates to pay-per-access.

He doesn't mention anything about the coming black market (of
crypto-anarchistic flavor), but then it isn't the subject of his
essay. 


Asgaard







From tcmay at got.net  Thu Aug 15 21:14:51 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 16 Aug 1996 12:14:51 +0800
Subject: Burden of proof
Message-ID: <ae391d630b0210046a57@[205.199.118.202]>


At 11:25 PM 8/15/96, Scottauge at aol.com wrote:
>In a message dated 96-08-15 17:35:20 EDT, you write:
>
>> This relates to something I have been wondering about:  If one could
>>  get one's company to pay one in electronic cash, what is to stop one
>>  from piling the coins in a Datahaven somewhere (assuming one existed
>>  that would be usable for these purposes) and say to the IRS: Money?
>>  What money?  Can you find any of my money?  I, uhh... lost it!  Yeah,
>>  that's it!!
>
>But then how do you spend it?  What if instructions are given to the banking
>system to not deal with such and such bank (or datahaven)?  How are you going
>to get it out and spend them deniros?

This is practically the least of the concerns.

Assuming one could, say, be paid reliably and without True Name attached,
in a country like Anguilla (to use a current example), it would be simple
enough to fly to Anguilla for a vacation, pick up the money, and return to
the U.S.

I've never had my bags searched on an incoming flight, and even if one is
fearful of this, there are multiple ways to get the cash back.

This is not an ideal, pure crypto anarchist solution, but it certainly
shows that getting the payments made to an offshore account is much more
than half the battle.

(I hear that some consultants to offshore companies are already doing
something like this--they consult for some large fee, e.g., $200K, and then
arrange to be paid out over a period of many years on a contingency basis.
This reduces taxes, at least on this payment, considerably. And they can,
while in Macao, or Singapore, etc., transfer money around the world to
various locales they may visit in the future....)

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From snow at smoke.suba.com  Thu Aug 15 21:19:33 1996
From: snow at smoke.suba.com (snow)
Date: Fri, 16 Aug 1996 12:19:33 +0800
Subject: Fw: Re: Free Pronto Secure Offer
In-Reply-To: <Pine.SUN.3.94.960815132043.1400B-100000@polaris>
Message-ID: <Pine.LNX.3.93.960815195125.154A-100000@smoke.suba.com>


On Thu, 15 Aug 1996, Black Unicorn wrote:
> you to make their comments public.  That's called an endorsement, and, by
> the way, people are usually paid for them.  Sometimes in the millions.
> Think Michael Jordan is getting a deal when you use his name to promote
> your product and then give him a $99.00 piece of software (which is
> effectively worth the amount of time it takes to write a few kiss ass
> paragraphs on the software, not $99.00)?
> 

     The time it takes M. Jordon to write a couple of paragraphs would 
be worth at least $99.  


Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From mike at fionn.lbl.gov  Thu Aug 15 21:46:51 1996
From: mike at fionn.lbl.gov (Michael Helm)
Date: Fri, 16 Aug 1996 12:46:51 +0800
Subject: Burden of proof
Message-ID: <199608160210.TAA04062@fionn.lbl.gov>


On Aug 15,  7:25pm, Scottauge at aol.com wrote:
> system to not deal with such and such bank (or datahaven)?  How are you going
> to get it out and spend them deniros?

Make 'em an offer they can't refuse ?^)








From tcmay at got.net  Thu Aug 15 22:02:18 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 16 Aug 1996 13:02:18 +0800
Subject: Anguilla - A DataHaven?
Message-ID: <ae390f98090210042cdd@[205.199.118.202]>


At 5:55 PM 8/15/96, William Knowles wrote:
>On Thu, 15 Aug 1996, Arun Mehta wrote:
>
>> I'm sure this has come up before, but what would prevent a server
>> being located on a buoy or something at sea outside territorial
>> limits (or when satellites become cheaper, on a satellite itself)
>> offering such services?
>
>Something that I thought would make an excellent data haven would
>be older offshore oil platforms, Their size would allow extended
>living periods, electrcity and communications are in place, They
>are generally built outside of the territorial waters of most
>countries to avoid any damage to the shorelines if oil spilled
>(possibility for becoming its own country?) and with the hoops
>that Shell Oil went through to please Greenpeace with its last
>oil platform.  You have to wonder how cheap these could sell
>for just to get them off the oil companies hands?
>
>Comments or suggestions?

As with offshore buoys, how long do you think such an entity would last?

You mentioned Greepeace...don't forget that the French intelligence
apparatus sunks a Greenpeace ship in a New Zealand harbor. Don't forget the
way the U.S. mined Managua's harbor. And so on.

Think of how any of these schemes are vulnerable to a cheap torpedo,
"anonymously mailed" from several miles away.

Oil rigs, buoys, pirate ships....these are all examples of hopelessly
insecure systems. I could say more, but what's the point?

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From sophi at best.com  Thu Aug 15 22:04:00 1996
From: sophi at best.com (Greg Kucharo)
Date: Fri, 16 Aug 1996 13:04:00 +0800
Subject: Anguilla - A DataHaven?
Message-ID: <199608160202.TAA21122@dns2.noc.best.net>


The only ideal I can think of would be the fictional "Port Watson".  What
is you had a system that spanned countries, using the internet as a linking
device.  It would be the same service.  But when you specified the kind of
data you wanted to post, the system would route it to the appropriate
server in a country where it wasn't illegal. 

----------
> From: Vincent Cate <vince at offshore.com.ai>
> To: cypherpunks at toad.com
> Subject: Anguilla - A DataHaven?  
> Date: Wednesday, August 14, 1996 5:40 AM
> 
> 
> Tim:
> > Rather, there is an "archetype," if you will, of what a "remailer" is,
what
> > a "data haven" is, what a "tax shelter" is, etc. While we cannot
reasonably
> > expect a remailer to exactly match the archetype, we can point out
obvious
> > deficiencies.
> 
> 1)  Anguilla has secrecy laws.  Professional relationships are
confidential.
>     There are strong secrecy laws.  I have not given out taxbomber's
>     name, nor will I as I could face legal action if I did.
> 
> 2)  Anguilla has no sales or income taxes.  A business does not need to
>     report anything about income, sales, etc, to the government (or
anyone
>     else).  If a guy wants to sell his data and keep 100% of the profits
>     instead of 50% or 60%, then Anguilla would be a haven for him.
> 
> 3)  We don't have the same laws as other countries, so there are things
>     that can be done here.  For example, we can export encryption 
>     software.  Also, we will have bingo.com in Anguilla.
> 
> There are deficiencies from a cypherpunk or Libertarian point of view.
And
> these are interesting.  And exactly what I want to do is changing. As I
> said, Anguilla is not the datahaven of cypherpunks wet dreams.  I am sure
> there are no datahavens that match the cypherpunk concept of an ideal
> datahaven, yet. 
> 
> But I think the term DataHaven applies as well to Anguilla as any other
> place I know of.  
> 
> Tim, we would all be very happy if you were to locate a country that
could
> be the site of the ideal datahaven, and finance a couple cypherpunks to
> setup there.  It would be a big help to our cause.  Could you do this? 
> 
> In the mean time, people may have to exist in cyberspace (like
> www.taxbomber.com) without having a totally secure physical location. 
> This is not the end of the world, or really even that painful.  If done
> right you could be down for only an hour - just long enough for
> nameservers to change.  Taxbomber is now setup to do it very fast next
> time, if the need ever comes.  Tim, I think you have even advocated this
> approach, not stressing the physical location, just the cyberspace
> location.  No? 
> 
>    --  Vince
> 
> -----------------------------------------------------------------------
> Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
> Offshore Information Services         http://www.offshore.com.ai/





From vince at offshore.com.ai  Thu Aug 15 22:05:46 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Fri, 16 Aug 1996 13:05:46 +0800
Subject: Floating DataHaven
In-Reply-To: <Pine.LNX.3.91.960815194218.16207H-100000@offshore>
Message-ID: <Pine.LNX.3.91.960815224139.16736A-100000@offshore>




In the September 1996 Yahoo! Internet Life, page 11, Spencer Reiss 
writes of Vince Cate:

> But his true dream is to take his whole set-up really offshore.  "It 
> would be interesting to have a nice big boat to travel around on," he 
> says. "You know, the prices for satellite transmitters are really coming 
> down.  There's no real reason to be anywhere, anymore."

   --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/






From tcmay at got.net  Thu Aug 15 22:06:17 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 16 Aug 1996 13:06:17 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
Message-ID: <ae392bc40c021004cb4a@[205.199.118.202]>


At 1:01 AM 8/16/96, Alan Horowitz wrote:
>I repeat.  Generations of sweating engineers have discovered and confirmed
>that there is not an easy, "Silver Bullet" cure of the canonical problem
>of shielding electromagnetic energy from reaching someone who knows how
>to interpret it.
>
>Bill, you are welcome to look at a layer of tin foil and give a sigh of
>relief that you've shielded your gun or your crypto diskette or your
>private body parts feom someone who knows what they're doing.  Go ahead,
>chant a mantra too, if it makes you feel better.+-


I've stayed out of this "tin foil" debate, but some basic physics is being
missed, or misused.

The invocation of TEMPEST and leakage of RF does not say much of anything
about _imaging_. If a gun, for example, were _radiating_ RF energy of some
particular sort, then it might indeed be true that tin foil/gold lame
shielding would not stop _all_ of the emitted radiation, and that sensitive
enough detectors might detect the characteristic signal 60 or 90 dB down.
Maybe.

But a gun is not a radiator, it is at most a _reflector_ of RF energy.
Thus, the TEMPEST invocation is misleading. The signal would perhaps be
down by 100-130 dB or more, as the "leakage" must first get around the
shielding, be reflected, and then get back around the shielding.

And what this does to "imaging" almost needs no explanation. What leaks
around the periphery or through holes in a shielded container will provide
essentially zero spatial information about the configuration of sources and
reflectors inside the shielded container.

(I spent much of 1972-73 working inside a Faraday cage on ultra-low-noise
superconducting Josephson junctions. Believe me, what signals leaked in, or
leaked out (by symmetry analysis) could not have been used to deduce the
configuration of sources and reflectors inside the room.)

I should say I'm skeptical that millimeter detectors will be widely
deployed anytime soon. For detecting concealed weapons, "metal detectors"
in specific locations are both cheaper and have fewer constitutional and
"false positive" problems.

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From modemac at netcom.com  Thu Aug 15 22:13:05 1996
From: modemac at netcom.com (Modemac)
Date: Fri, 16 Aug 1996 13:13:05 +0800
Subject: Scientology *really* tries to crack PGP...AGAIN?!?
Message-ID: <199608160238.TAA28916@toad.com>


Newsgroups: alt.religion.scientology,alt.security.pgp
From: grady at netcom.com (Grady Ward)
Subject: Criminal cult begins PGP crack attempt
Message-ID: <gradyDw7Cnt.I6A at netcom.com>

The Special Master has informed me that Madame Kobrin has
asked her to retain a PC expert to attempt to "crack" a
series of pgp-encrypted multi-megabyte files that were
seized along with more than a compressed gigabyte of other
material from my safety deposit box.

Ironically, they phoned to ask for assistance in supplying them with
a prototype "crack" program that they could use in
iterating and permuting possibilities. I did supply them
a good core pgpcrack source that can search several
tens of thousands of possible key phrases a seconds;
I also suggested that they should at least be using a P6-200
workstation or better to make the search more efficient.

The undercurrent is that this fresh hysterical attempt to "get"
something on me coupled with the daily settlement pleas reflects
the hopelessness of the litigation position of the criminal cult.

It looks like the criminal cult has cast the die to
ensure that the RTC vs Ward case is fought out to the bitter end.
Which I modestly predict will be a devastating, humiliating defeat
for them from a pauper pro per.

I have given them a final settlement offer that they can leave
or take. Actually they have a window of opportunity now to 
drop the suit since my counterclaims have been dismissed
(although Jusge Whyte invited me to re-file a new counterclaim
motion on more legally sufficiant basis).

I think Keith and I have found a successful counter-strategy to
the cult's system of litigation harassment.

Meanwhile, I could use some help from veteran a.r.s'ers.  
I need any copy you have of the Cease and Desist letter that you
may have received last year from Eliot Abelson quondam
criminal cult attorney and Eugene Martin Ingram spokespiece.


Physical mail:

Grady Ward
3449 Martha Ct.
Arcata, CA  95521-4884

JP's BMPs or fax-images to:

grady at northcoast.com

Thanks.

Grady Ward

Ps. I really do need all of your help and good wishes after all.
Thanks for all of you keeping the net a safe place to insult
kook kults.

--
                Reverend Modemac (modemac at netcom.com)
   First Online Church of "Bob"      "There is no black and white."
 PGP Key Fingerprint: 47 90 41 70 B4 5B 06 90 7B 38 4E 11 8A ED 80 DF
               URL: http://www.tiac.net/users/modemac/
      (FINGER modemac at netcom.com for a FREE SubGenius Pamphlet!)






From tcmay at got.net  Thu Aug 15 22:13:06 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 16 Aug 1996 13:13:06 +0800
Subject: Garage door openers
Message-ID: <ae390e4808021004ddf3@[205.199.118.202]>


At 9:34 PM 8/15/96, Douglas R. Floyd wrote:

>That is known for cars.  I double checked, and found some car alarms able
>to do this.  However, I have not found any house garage door openers able
>to pull this off.  Most still use the old blurt code method.
>

Sure, most garage door opener codes are easy to break....but how many
thieves who do this know to enter the _second_ correct sequence within 45
seconds, the one that stops the poison gas from filling the garage?

Steganographic entry codes have their uses.

--Tim May

(P.S. There were six (6) names copied on this post, besides CP. Can't we
edit the cc: lines? I try to, so why don't you all?)

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From sophi at best.com  Thu Aug 15 22:19:00 1996
From: sophi at best.com (Greg Kucharo)
Date: Fri, 16 Aug 1996 13:19:00 +0800
Subject: Anguilla...etc.
Message-ID: <199608160154.SAA20349@dns2.noc.best.net>


  I guess the point I was trying to make all along is this; Is a data haven
going to be a security through obscurity operation?  This is what the Swiss
have with secret bank accounts, etc.  Or will it be an operation where the
operator of the system lets whatever on, and hopes he won't get prosecuted.
In Island in the Net, the haven were physical.  The authorities got to them
eventually.  Vince's system is restricted by physical laws.  There will
always be a finite array of information he can present without putting the
whole operation on the line.
  Is he still a data haven then?  I believe so.  But through creative
diplomacy he could balance the powers that bind him.  How well he or anyone
else does this is the key to the range of information presented.

----------
> From: Timothy C. May <tcmay at got.net>
> To: cypherpunks at toad.com
> Subject: Re: Anguilla...etc.
> Date: Tuesday, August 13, 1996 9:07 PM
> 
> At 2:21 AM 8/14/96, Greg Kucharo wrote:
> >  While Tim may be right that nobility is lost when backing down to the
> >authorities, the fact is that this game has little to do with noble
> >purposes.  Check that, obvious noble purposes.  While most on this list
> >would agree that free flow of information is noble we have all seen that
> >this is otherwise with people in power.  As I stated in my last post,
the
> >Swiss have maintained thier "haven" for many years by playing both
sides.
> >In accomodating everyone they avoid harassment.
> >   This way the Swiss maintain a good system and live to fight another
day.
> 
> Let me be clear that I am not talking about "noble motives." In the sense
> of somone sacrificing himself for the good of the herd, blah blah.
> 
> Rather, there is an "archetype," if you will, of what a "remailer" is,
what
> a "data haven" is, what a "tax shelter" is, etc. While we cannot
reasonably
> expect a remailer to exactly match the archetype, we can point out
obvious
> deficiencies.
> 
> For "data havens," we have very few examples, compared to operational
> remailers. We have the fictional form in Bruce Sterling's "Islands in the
> Net," some of whose plot twists have some parallels to the current
Anguilla
> situation. Another is the form described in Ross Anderson's "Eternity
> Service."
> 
> What might we expect of a true data haven? I've tried to describe several
> of the attributes in my earlier posts, mainly by asking questions about
> specific examples (bomb-building instructions, "Kill the monarchy"
screeds,
> etc.).
> 
> Interestingly, with several of these examples, Vince has said that he is
> not interested in having this kind of material on his site. His
invitation
> for Multi-Level Marketers to avoid U.S. and other laws by locating on his
> service has now been withdrawn, from his latest comments. (To the person
> who sent me mail explaining that MLM schemes are not illegal in the U.S.,
> indeed, some are legal and some are not. I said as much. And for those
> which are legal in the U.S. or France or wherever, they would hardly have
> any need to use Vince's service, would they? I surmised from his
invitation
> that he was encouraging MLM/pyramid scheme operators to avoid their
> parochial fraud laws and use the services in Anguilla.)
> 
> I plan to do more looking at just who is left, who is using Offshore
> Information and what kinds of services they are offering. Not to harass
> Vince, of course, but to better look at the envelope of what is
considered
> OK and what is not.
> 
> If i find that all the "juicy" stuff is gone and all that is left is
> booking sailing cruises around the Carribbean, I'll hardly call it a
"data
> haven." Which is not to say it's not still a useful and profitable
business
> for Vince, just that it has no Cypherpunk relevance.
> 
> --Tim May
> 
> Boycott "Big Brother Inside" software!
> We got computers, we're tapping phone lines, we know that that ain't
allowed.
>
---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms,
zero
> W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information
markets,
> Licensed Ontologist         | black markets, collapse of governments.
> "National borders aren't even speed bumps on the information
superhighway."
> 
> 
> 





From enzo at ima.com  Thu Aug 15 22:37:20 1996
From: enzo at ima.com (Enzo Michelangeli)
Date: Fri, 16 Aug 1996 13:37:20 +0800
Subject: Floating DataHaven
In-Reply-To: <Pine.LNX.3.91.960815194218.16207H-100000@offshore>
Message-ID: <Pine.WNT.3.95.960816110216.-123391E-100000@stanley.ima.net>


What about pirate attacks, acts of war from hostile countries etc.?
Actually, also being a sovereign state won't help much if you are small,
and I'm not referring to obvious dope-smuggling fronts like Noriega's
Panama: in the fifties, the 700-year old Republic of San Marino cancelled
plans of opening a casino after Italy sealed its border (the only border
San Marino has).

Enzo

On Thu, 15 Aug 1996, Vincent Cate wrote:

> 
> William Knowles <erehwon at c2.org>
> > 
> > Something that I thought would make an excellent data haven would
> > be older offshore oil platforms,
> > [...]
> > You have to wonder how cheap these could sell 
> > for just to get them off the oil companies hands? 
> 
> A floating DataHaven is probably the way to get the ultimate in 
> freedom.  
> 
> There is someone on Anguilla that bought a used floating oil platform for
> $1 million.  It is big enough for 200 people to live on.  It is not here,
> so I have not seen it. 
> 
> There is someone else here who says that there are some really old ones
> that you can get just for hauling them away. Some countries will not let
> owners just sink them. 
> 
> You can get Internet via radio links for reasonable prices.  And via
> satellite for almost affordable prices.  When Bill Gates 900 satellites
> get up there it should be very affordable. 
> 
>   --  Vince
> 
> -----------------------------------------------------------------------
> Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
> Offshore Information Services         http://www.offshore.com.ai/
> 






From dfloyd at io.com  Thu Aug 15 22:49:53 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Fri, 16 Aug 1996 13:49:53 +0800
Subject: Anguilla - A DataHaven?
In-Reply-To: <Pine.SUN.3.94.960815104107.8090A-100000@infinity.c2.net>
Message-ID: <199608160257.VAA20466@bermuda.io.com>


> 
> On Thu, 15 Aug 1996, Arun Mehta wrote:
> 
> > I'm sure this has come up before, but what would prevent a server
> > being located on a buoy or something at sea outside territorial
> > limits (or when satellites become cheaper, on a satellite itself)
> > offering such services?  
> 
> Something that I thought would make an excellent data haven would
> be older offshore oil platforms, Their size would allow extended
> living periods, electrcity and communications are in place, They
> are generally built outside of the territorial waters of most
> countries to avoid any damage to the shorelines if oil spilled
> (possibility for becoming its own country?) and with the hoops
> that Shell Oil went through to please Greenpeace with its last
> oil platform.  You have to wonder how cheap these could sell 
> for just to get them off the oil companies hands? 
> 
> Comments or suggestions?
> 
> William Knowles
> erehwon at c2.org

(The machine crashed when I was writing this letter, so if cpunks got two,
I apologize.)

How would this rig be defended?

Pirates still exist.  Even if you can give them something to think about
with a 30/06 bullet at their waterline, there are always small countries
who have navies that can be hired.  They may be small and defenseless
compared to the US navy, but against a basically unarmed oil rig, do have
the ability to sink the rig at their whim.

Its ironic that I am playing Devil's Advocate with data havens, but have
the only working input/output code for one that I know of.  (I have been
having problems with it, so until I work some bugs out I haven't put it
for offer via FTP.)

I think for now try to make something that uses the same technology as a
data haven -- An offsite secure storage server.  Discussed in this list
about a year ago, this uses data haven code, and is equivalent to a
sufferance remailer, but at least these can exist.  The first step is
having them exist overtly first, and having "terms of service", then
working on DC-nets, "RAID" DH's, etc.

I have a tokenlike system -- "Storage Noodles", but haven't gotten it
working reliably yet.






From cts at deltanet.com  Thu Aug 15 23:21:27 1996
From: cts at deltanet.com (Kevin Stephenson)
Date: Fri, 16 Aug 1996 14:21:27 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
In-Reply-To: <Pine.SV4.3.91.960815205619.3926A-100000@larry.infi.net>
Message-ID: <3213F1FB.74FB@deltanet.com>


Alan Horowitz wrote:
> 
> I repeat.  Generations of sweating engineers have discovered and confirmed
> that there is not an easy, "Silver Bullet" cure of the canonical problem
> of shielding electromagnetic energy from reaching someone who knows how
> to interpret it.
> 
> Bill, you are welcome to look at a layer of tin foil and give a sigh of
> relief that you've shielded your gun or your crypto diskette or your
> private body parts feom someone who knows what they're doing.  Go ahead,
> chant a mantra too, if it makes you feel better.

Shielding EMF/ELF is very difficult. I had a customer who had a wobbly
monitor and the solutions just to shield the monitor from some ELF
interference was in the $1k range. Check out this site:
http://www.noradcorp.com/faq1.htm
A little primer on ELF radiation. And putting foil in the wall will do
nothing except possibly spreading the radiation to a wider area. (Like
using frosted glass. :)





From tcmay at got.net  Thu Aug 15 23:26:39 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 16 Aug 1996 14:26:39 +0800
Subject: BlackNet as a Distributed, Untraceable, Robust Data Haven
Message-ID: <ae3939990d0210040b0a@[205.199.118.202]>


At 2:05 AM 8/16/96, Greg Kucharo wrote:
>The only ideal I can think of would be the fictional "Port Watson".  What
>is you had a system that spanned countries, using the internet as a linking
>device.  It would be the same service.  But when you specified the kind of
>data you wanted to post, the system would route it to the appropriate
>server in a country where it wasn't illegal.
>

I have to speak up here and say that there is an actual working exemplar of
a distributed, untraceable data haven. While it lacks a robust _payment_
mechanism, that is also untraceable, so does the "Visit Port Watson"
example (which has never actually existed).

The simple structure I built in 1993 for "BlackNet" actually works. It has
been discussed in many places, and will be the subject of a couple of
sections in Peter Ludlow's new book, "High Noon on the Electronic Frontier"
(http://www-mitpress.mit.edu/mitp/recent-books/comp/ludph.html).

Features of relevance to any discussion of data havens:

* messages are posted to message pools, including any of the 18,000+ Usenet
groups copied automatically in sites around the world.

* the initial messages are in plaintext, of course, as how else could
readers determine which are of interest to them? "Anyone have details of
the medical condition of Chirac?" might be an example.

* a public key is posted along with the plaintext, thus allowing a reader
to respond _privately_ by encrypting his message to the public key and
posting it (through a chain of remailers and eventually to a mail-to-News
gateway, for example).

* this establishes two-way communication, in a "black pipe" that is visible
to all, but opaque to all but the parties.

* if some jurisdictions attempts to cut off a particular newsgroup, e.g.,
"alt.anonymous.messages," then the traffic can be shifted to other
newsgroups, e.g., "talk.politics.singapore."

* posting can be as untraceable as a chain of remailers linked to a
mail-to-News gateway can be.

* thus, two agents can establish a communications channel between
themselves without knowing the identity or location or jurisdiction of each
other.

(There are some subtle issues of man-in-the-middle attacks, as with these
sorts of protocols for establishing communication between parties who have
not met; webs of trust, again. For the several cases of communications
using BlackNet I was personally involved with, mostly in '93, this did not
ever become a problem any of us were aware of.)

* as I mentioned, BlackNet lacks a robust, untraceable payment system.
Alice and Bob may be able to connect up with each other, by exchanging
reciprocally encrypted messages in a public place, but transferring money
is problematic. (I don't know just how well the Mark Twain/Digicash stuff
really works at this time....someone motivated to actually transfer money
would be a better judge, along with the several cryptographers on this list
who've looked at it more recently and in more depth than I have.)

The important thing to note is that BlackNet, and similar systems, do not
depend on any particular jurisdiction or site to host the communications.
The anarchic, distributed Usenet is used. (And there is no reason why
mailing lists, a la Miron Cuperman's message pool list of a few years back,
or the Web itself could not be used. Using a Web site does potentially open
the owner of the URL site to charges of conspiracy, though the fact that
the messages are encrypted (after the early plaintext.)

There are certainly things yet to be done, but it's important that the
example of BlackNet be mentioned.

Solve the payment problem (for real, not the semi-GAKked version of
Digicash that Chaum now appears to be promoting) and there's no need for
"physical" data havens in Anguilla, Burma, St. Barts, Lichtenstein, or
wherever.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From stewarts at ix.netcom.com  Thu Aug 15 23:27:52 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Fri, 16 Aug 1996 14:27:52 +0800
Subject: Jurisdictionless Distributed Data Havens
Message-ID: <199608160415.VAA00103@toad.com>


At 09:52 AM 8/15/96 -0500, "Douglas R. Floyd" <dfloyd at io.com> wrote:
>As of now, I am looking for someone who can help me implement a redundant
>controller system, so when the DH is contacted, even if the first one if
>smashed, the "RAID" stays operable.

One approach is "Just Don't Do It" - let the user (or user interface program)
handle the RAID work.  You can get fancy and use Shamir Secret Sharing,
or non-fancy and use N+1 sparing RAID, or medium fancy and use
{<even-bits>,<odd-bits>,<evens xor odds>}, depending on how private
and how reliable you want to be.  Having just the even bits of 
decently-encrypted cyphertext makes cracking tough....

Some issues to think about -
- Access patterns - who do you want to be able to retrieve the data?
--- only the owner?  --- people who the owner shares a secret with?
--- Everybody?  --- Everybody who knows where the pieces are?
--- One retrieval?  Many retrievals?  
- How do you want the data delivered?  Anon remailer?  HTTP?  POP3?
- Threats - who don't you want to be able to read the data?
--- who don't you want to be able to delete the data?
--- who don't you want to find out who retrieved the data?
- Payment - who pays?  Writers?  Readers?  Cops with warrants?  
  Account holders or one-shot users?  Digicash only?  How much?

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From sophi at best.com  Thu Aug 15 23:53:12 1996
From: sophi at best.com (Greg Kucharo)
Date: Fri, 16 Aug 1996 14:53:12 +0800
Subject: Physical Havens
Message-ID: <199608160453.VAA07570@dns2.noc.best.net>


Let's take a look at the successful havens of history.

1.  Hashishim( Old man of the mountains)-The Aga Khan survived thousands of
years of harassment by the surrounding powers by placing a few well choosen
daggers.
2. The monastic system- These whole setup was an excellent model.  The
monks were burrowed away in those places for centuries.  The church built
them like fortresses to withstand the heathens, both mentally and
physically.  The original "data warehouse".
3. The pirate havens- Places like the carribbean(originally), then
Madagasgar(last).  Pirate havens did business for everyone.
4. The silk routes- The trading centers of the old silk road sprang up
overnight then vanished.  Original anonymous trade.
  All of these physical havens eventually fell to the persistance of the
major powers of the day. Or were co-opted by others who absorbed the
critical black market features of these systems.
???????????????????????????????????????
Greg Kucharo
sophi at best.com
"Eppur si moeve" -Galileo
???????????????????????????????????????





From stewarts at ix.netcom.com  Fri Aug 16 00:12:25 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Fri, 16 Aug 1996 15:12:25 +0800
Subject: remailers/kiddie porn
Message-ID: <199608160454.VAA00547@toad.com>


>"The Internet is like heaven for the pedophile," said Toby Tyler, 
>a United States police officer who lectures at the FBI Academy on child abuse. 
...
>However computer experts agree the existence of just one re-mailing system
in a country with more lax laws is enough for the global distribution of child
>pornography on the Internet. 
>Tyler said the most widely used re-mailing system currently operates from
Finland, through which about 99 percent of all child pornography with
untraceable
>address codes passes. 

Classic governmental statistics abuse.  Given that probably far over 99% 
of all untraceable remailer return addresses are on Penet,
it's no surprise that 99% of all material with untraceable
destination addresses goes through there...
The largest userid number I've seen on Penet was about 500,000,
and I doubt there are 5000 addresses on nymservers or
reply-block users.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From dfloyd at io.com  Fri Aug 16 00:12:55 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Fri, 16 Aug 1996 15:12:55 +0800
Subject: Burden of proof
In-Reply-To: <Pine.OSF.3.91.960815172937.17110A-100000@pioneer.nevada.edu>
Message-ID: <199608160445.XAA07083@pentagon.io.com>


> 
> 
> > This relates to something I have been wondering about:  If one could
> > get one's company to pay one in electronic cash, what is to stop one
> > from piling the coins in a Datahaven somewhere (assuming one existed
> > that would be usable for these purposes) and say to the IRS: Money?
> > What money?  Can you find any of my money?  I, uhh... lost it!  Yeah,
> > that's it!!
> 	What is to stop the IRS from pointing out that you received the 
> money from your employer? Maybe you could convince them you were unable 
> to pay, but that would require squirreling away(and refraining from 
> using) all your assets. 
> 
> 

FYI:  Cheating on an IRS tax return is considered the same as not filing
one -- there is NO statute of limitations.  This means if you place your
money in a money/data haven, and spend it 20 years later, you can still be
nabbed for tax evasion.





From stewarts at ix.netcom.com  Fri Aug 16 00:57:27 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Fri, 16 Aug 1996 15:57:27 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches [NOISE]
Message-ID: <199608160545.WAA01166@toad.com>


At 09:01 PM 8/15/96 -0400, you wrote:
>I repeat.  Generations of sweating engineers have discovered and confirmed 
>that there is not an easy, "Silver Bullet" cure of the canonical problem 
>of shielding electromagnetic energy from reaching someone who knows how 
>to interpret it.

I also repeat - the problem isn't TEMPEST, which I agree is a tough
problem.  The problem is preventing radar imaging from detecting the
shape of metal stuff you're carrying, and shielding with a sufficiently
thick layer of metal should do that.  I don't know, for the technology
they're using, if this means tinfoil-thickness or armor-plate thickness,
but random-thickness metal should help.  Of course, walking through
the airport wearing plate armor will probably disturb the security
guards more than mere chain-mail :-)

>Bill, you are welcome to look at a layer of tin foil and give a sigh of 
>relief that you've shielded your gun or your crypto diskette or your 
>private body parts feom someone who knows what they're doing.  Go ahead, 
>chant a mantra too, if it makes you feel better.

I've always enjoyed the one that goes
        You have the right to remain silent.
        Anything you say can and will be used against you in a court of law.
        You have the right to an attorney.
        If you cannot afford one, one will be provided for you.
        License and registration, please.
        Go to jail.  Go directly to jail.
        It's not a threat, it's just a choice you can make.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Defuse Authority!






From stewarts at ix.netcom.com  Fri Aug 16 01:06:12 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Fri, 16 Aug 1996 16:06:12 +0800
Subject: Burden of proof
Message-ID: <199608160545.WAA01171@toad.com>


At 05:31 PM 8/15/96 -0700, DAVID A MOLNAR <molnard1 at nevada.edu> wrote:
>	What is to stop the IRS from pointing out that you received the 
>money from your employer? 

What employer?  What money?  Some Anguillan consulting bodyshop
sent some guys who did the work, and MegaCo paid the bodyshop.
The shop paid the guys some typical low wages, and also
bought computer services from another Anguillan company,
which deposited its profits in its bank account in Jersey.
Employee Jean D'Eau used the company Visa card for the account 
and took some business trips to San Diego, stayed in 
a hotel in Seattle, rented cars, ate out, bought computer toys at
47th St. Computer, paid for his Netcom account,
and got a Visa Cash advance in Jamaica.  No problem, mon.







From gbroiles at netbox.com  Fri Aug 16 01:24:32 1996
From: gbroiles at netbox.com (Greg Broiles)
Date: Fri, 16 Aug 1996 16:24:32 +0800
Subject: implausible defenses & tax havens
Message-ID: <2.2.32.19960816060630.006dc138@mail.io.com>


At 01:15 PM 8/15/96 -0400, Robin Powell wrote:

>This relates to something I have been wondering about:  If one could
>get one's company to pay one in electronic cash, what is to stop one
>from piling the coins in a Datahaven somewhere (assuming one existed
>that would be usable for these purposes) and say to the IRS: Money?
>What money?  Can you find any of my money?  I, uhh... lost it!  Yeah,
>that's it!!

This scenario is more or less the same as being paid in paper cash and then
hiding the paper cash. That's not an especially sophisticated tax evasion
tactic. 

If you were on a jury, and you heard a defendant testify that they worked at
a job site (either as an employee or a contractor) for years without ever
being paid, and that they managed to maintain a lifestyle consistent with
full-time work without ever receiving taxable income (whether as wages or
dividends or interest or ..), and that the HR/personnel/AP people who
testified that the defendant had been paid were mistaken or lying .. would
you believe that testimony?

Winning in court takes a lot more than making up a conceivable but
incredibly implausible chain of events to explain away incriminating
circumstances. (* OJ and other cases of nullification notwithstanding. But
precious few people have the $ to pay for the kind of defense work needed to
get that sort of result.) The notion of "burden of proof" is important, and
defense lawyers can jawbone about it for hours - but the bottom line is that
the "I don't know anything about getting any money" defense is bullshit. If
the jurors can't imagine themselves or their kids or their friends doing
what you're claiming you did (working without being paid and with no
expectation of being paid), you lose. 
--
Greg Broiles                |"Post-rotational nystagmus was the subject of
gbroiles at netbox.com         |an in-court demonstration by the People
http://www.io.com/~gbroiles |wherein Sgt Page was spun around by Sgt
                            |Studdard." People v. Quinn 580 NYS2d 818,825.






From amehta at giasdl01.vsnl.net.in  Fri Aug 16 01:50:29 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Fri, 16 Aug 1996 16:50:29 +0800
Subject: The dangers of using radar
Message-ID: <1.5.4.32.19960816055206.002f2ef0@giasdl01.vsnl.net.in>


I picked this up on Marsha Woodbury's jokes list (not all are fiction!):

>>Two members of the British Lothian and Borders traffic police were out on
>>the Berwickshire moors with a radar gun recently, happily engaged in
>>apprehending speeding motorists, when their equipment suddenly
>>locked-up completely with an unexpected reading of well over 300 mph.
>>
>>The mystery was explained seconds later as a low flying Harrier hurtled
>>over their heads. The boys in blue, upset at the damage to their radar
>>gun, put in a complaint to the RAF, but were somewhat chastened
when the RAF >>pointed out that the damage might well have been more severe.
>>
>>It seems that the Harrier's target-seeker had locked onto the 'enemy'
>>radar and triggered an automatic retaliatory air-to-surface missile attack.
>>Luckily, the Harrier was operating unarmed.
>>
>>Otherwise... "Gee Officer, sorry about your patrol car........"

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From grafolog at netcom.com  Fri Aug 16 02:33:58 1996
From: grafolog at netcom.com (jonathon)
Date: Fri, 16 Aug 1996 17:33:58 +0800
Subject: Anguilla - A DataHaven?
In-Reply-To: <Pine.SUN.3.94.960815104107.8090A-100000@infinity.c2.net>
Message-ID: <Pine.SUN.3.95.960816071634.8723A-100000@netcom10>


On Thu, 15 Aug 1996, William Knowles wrote:

> Something that I thought would make an excellent data haven would
> be older offshore oil platforms, Their size would allow extended

	These used to be the recommended way to go. 

	If you have the cash, the cheapest way to go, is to just
	buy an island somewhere, and setup shop.   << Can I
	suggest buying Redonda?   >>

> (possibility for becoming its own country?) and with the hoops

	CF:   _How to create your own country_  distributed
	by Loompanics Press, for some of the problems that 
	are encountered in trying to do this. 

> oil platform.  You have to wonder how cheap these could sell 
> for just to get them off the oil companies hands? 

	Starting bids are roughly $10^6 each.

        xan

        jonathon
        grafolog at netcom.com



		VapourWare is like the Tao,
		Looked for it cannot be found,
		Reached for it cannot be touched,
		Waited for not even FedX can deliver;
		            <Paid for it will not be refunded>







From mccoy at communities.com  Fri Aug 16 02:44:30 1996
From: mccoy at communities.com (Jim McCoy)
Date: Fri, 16 Aug 1996 17:44:30 +0800
Subject: BlackNet as a Distributed, Untraceable, Robust Data Haven
Message-ID: <v02140b01ae39deb35eab@[204.179.131.136]>


Tim May writes:
>
> I have to speak up here and say that there is an actual working exemplar of
> a distributed, untraceable data haven. While it lacks a robust _payment_
> mechanism, that is also untraceable, so does the "Visit Port Watson"
> example (which has never actually existed)

BlackNet also lacks any sense of persistence.  A message posted lives at
the whim of newsgroup expiration policies and getting a copy of an expired
message is a non-trivial task.  It is also not an overt data haven, there
is really no address or pointer you can direct someone to and say "look
here."  Usenet as a data haven is like dropping messages in to bottles
and casting them in to the sea; getting it where you want and having the
intended recipient be able to find the data easily is still an unsolved
problem.  It is a bulletin board for establishing private two-party
communications on any topic, but it is not even close to being a mechanism
for "publishing" in the manner to which people have becomed accostomed to on
the net.

jim








From stewarts at ix.netcom.com  Fri Aug 16 04:06:53 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Fri, 16 Aug 1996 19:06:53 +0800
Subject: [NOISE] Re: Stopped Clock. Was: Schlafly on Crypto
Message-ID: <199608160821.BAA02713@toad.com>


>>>Subject: Clinton Is Trying to be Big Brother -- Phyllis Schlafly Column
8/8/96
>>It makes me ill to agree with Schlafly on any issue, but 
>>'Even a stopped clock.......
>>Unrepentant Liberial
>
>It does seem really odd, doesn't it?  But look at it this way:  The only 
>reason the knuckle-dragging conservatives are able to take the moral 
>high-ground on this and other net-freedom issues is because the OTHER 
>"unrependant liberals" have inexplicably abandoned the correct side of the 
>argument.  The fact that the conservatives are right may seem odd, but the 
>behavior of the liberals is truly astonishing.

Liberals?  What Liberals?  Clinton's certainly no liberal;
he's just a big-spending statist who likes to buy votes from
poor, middle-class, and yuppie voters rather than buying them
from defense contractors, not that he's above that.
The only thing about him that's more liberal than George Bush,
whose Clipper chips and miscellaneous wars Clinton inherited,
is that Clinton smiles when he's lying instead of sneering like Bush.

(If Clinton had said things like "Of course I tried to avoid the draft
and smoked dope, I'm no fool" and had dropped the draft and the Drug War
instead of supporting both after he was President, I might have
a better opinion of him....)

However, if Phyllis Schlafly understands that the tools she needs
to protect her speech are the same that people she disapproves of
can use to protect their speech, and is willing to make that trade,
she's starting to inhale, and good for her!

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From stewarts at ix.netcom.com  Fri Aug 16 04:11:41 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Fri, 16 Aug 1996 19:11:41 +0800
Subject: [NOISE] Geek Apartments and Etherpunks
Message-ID: <199608160833.BAA02793@toad.com>


At 04:55 AM 8/14/96 -0400, Rabid Wombat <wombat at mcfeely.bsfs.org> wrote:

>Most manufacturers offer SNMP-manageable hubs, but these don't offer 
>MAC-layer security. That usually costs a lot extra. The MAC-layer feature 
>is not widely used.

AT&T was about the first vendor with that feature.
Aside from solving a _lot_ of potential security problems,
it was very convenient for finding out what device really
_was_ connected to what hub port - the hub recorded the most recent
MAC address received on each port, and you could compare that to
ARP tables and untangle lots of problems.  Not as fancy as a Sniffer,
but let you do things that a Sniffer on ThinWire couldn't.

(Of course, since it wasn't NSA-rated, the fact that it actually did
solve security problems didn't give us extra slack on government jobs
that needed it. )

A multi-port bridge gives you similar security capability,
but generally costs more because it needs buffering and
much more intelligence; the AT&T SmartHub was a lot simpler and
(in its day) cheaper.  It was about twice the cost of a regular hub,
half the excess from cool features and half because it was from AT&T :-)
It was less reliable than the regular hub, because it needed a fan
to handle the extra heat from the processor board, and 
was also more awkward to mount.  And the SNMP implementation was
rather buggy, though it did have a convenient PC SNMP manager
that knew how to use SNMP-over-MAC and the special features of the hub.
Cool device.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From amehta at giasdl01.vsnl.net.in  Fri Aug 16 05:42:51 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Fri, 16 Aug 1996 20:42:51 +0800
Subject: Offshore data havens
Message-ID: <1.5.4.32.19960816093326.003053a0@giasdl01.vsnl.net.in>


At 17:30 15/08/96 -0700, Timothy C. May wrote:

>As with offshore buoys, how long do you think such an entity would last?
>
>You mentioned Greepeace...don't forget that the French intelligence
>apparatus sunks a Greenpeace ship in a New Zealand harbor. Don't forget the
>way the U.S. mined Managua's harbor. And so on.

>Think of how any of these schemes are vulnerable to a cheap torpedo,
>"anonymously mailed" from several miles away.

There is another aspect to this: the French sinking of the
Greenpeace ship in New Zealand was arguably the best thing that
ever happened to the organisation. They certainly got lots of
publicity, new members, money... 

On the Internet, news spreads fast, so the cost of such an attack
in terms of damage to reputation would be high. Of course, if the
torpedo were truly anonymous, we wouldn't know who to blame. All
criminals attempt to commit crimes "anonymously", yet many do get caught.

>Oil rigs, buoys, pirate ships....these are all examples of hopelessly
>insecure systems. I could say more, but what's the point?

OK, suppose someone were to bury the server deep in a valley or
shaft under the water, with only an antenna sticking out (and a
supply of spare antennae that could be automatically deployed if
one got knocked out)? And, with Moore's law in operation, one
might even be able to deploy large numbers of such servers that
mirrored each other at reasonable cost. 

Once connectivity is via LEO satellites, unless those beasts are
equipped for the purpose, I suspect locating the source of
transmission will not be all that easy.

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From gary at systemics.com  Fri Aug 16 05:47:45 1996
From: gary at systemics.com (Gary Howland)
Date: Fri, 16 Aug 1996 20:47:45 +0800
Subject: Billy boy's satellites [Was - Floating DataHaven]
In-Reply-To: <Pine.LNX.3.91.960815194218.16207H-100000@offshore>
Message-ID: <321446BF.20431CA7@systemics.com>


Vincent Cate wrote:
 
> You can get Internet via radio links for reasonable prices.  And via
> satellite for almost affordable prices.  When Bill Gates 900 satellites
> get up there it should be very affordable.

... if a tad unrealiable?

The thought of 900 satelites in low orbit, all running NT, makes me
shudder.  Brings a new meaning to the expression "OS crash".

What are cypherpunks thoughts on this?  Who really believes it'll work?

Doesn't the low orbit part mean that the satellites will have a low life
expectancy, meaning a new launch every couple of days? (where's Gerald
Bull when you need him - oh yes, now I remember ...)

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From ichudov at algebra.com  Fri Aug 16 05:52:13 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Fri, 16 Aug 1996 20:52:13 +0800
Subject: implausible defenses & tax havens
In-Reply-To: <2.2.32.19960816060630.006dc138@mail.io.com>
Message-ID: <199608160913.EAA18988@manifold.algebra.com>


Greg Broiles wrote:
> If you were on a jury, and you heard a defendant testify that they worked at
> a job site (either as an employee or a contractor) for years without ever
> being paid, and that they managed to maintain a lifestyle consistent with
> full-time work without ever receiving taxable income (whether as wages or
> dividends or interest or ..), and that the HR/personnel/AP people who
> testified that the defendant had been paid were mistaken or lying .. would
> you believe that testimony?

Suppose that a computer consultant Mr. X knows cryptography so well 
that his clients are willing to pay him $100/hr. Mr. X could conspire
with his client that he receives only $40/hr in taxable income, and the
rest he gets in form of digital cash.

If X lives sufficiently modestly, the IRS will be having hard times
getting him convicted. And really, what's the point in spending all this
money anyway? The more money one spends after a certain level, the more 
time one wastes.

	- Igor.





From erehwon at c2.org  Fri Aug 16 06:17:34 1996
From: erehwon at c2.org (William Knowles)
Date: Fri, 16 Aug 1996 21:17:34 +0800
Subject: Protecting floating datahavens?
In-Reply-To: <199608160257.VAA20466@bermuda.io.com>
Message-ID: <Pine.SUN.3.94.960816025902.22381A-100000@infinity.c2.net>


On Thu, 15 Aug 1996, Douglas R. Floyd wrote:
  
> > On Thu, 15 Aug 1996, William Knowles wrote:
> >
> > Something that I thought would make an excellent data haven 
> > would be older offshore oil platforms, Their size would 
> > allow extended living periods, electrcity and communications 
> > are in place, They are generally built outside of the 
> > territorial waters of most countries to avoid any damage 
> > to the shorelines if oil spilled (possibility for becoming 
> > its own country?)
>
> How would this rig be defended?
> 
> Pirates still exist.  Even if you can give them something to 
> think about with a 30/06 bullet at their waterline, there are 
> always small countries who have navies that can be hired.  
> They may be small and defenseless compared to the US navy, 
> but against a basically unarmed oil rig, do have the ability 
> to sink the rig at their whim.

Now I don't claim to be a naval defence expert, But from what 
I do read of the dogeared copies of Jane's Defence Weekly, 
Would be to install three or four Phalanx Close-In Weapons 
Systems, The Phalanx is a radar guided 20mm Gatling gun spraying 
out 4500 rpm at a range of 1600 yards.  Quite perfect for downing 
a privately owned MiG-21, Exocet missles from pissed off French 
gunboats for storing Chirac's medical records and maybe keeping 
those pesky mercenaries from skydiving onboard.

Since the fall of the Iron Curtain, there are literally all 
sorts of firepower for sale in the open markets, trolling in 
the alt.business newsgroups I have been able to find quite 
a few MiG's for sale, and there's a fellow in Finland that 
has a former Soviet 'Julliet Class' Diesel-Electric submarine 
and I understand he's taking offers.
 
Now this is a completely doable concept, and likely more realistic
than the Oceania project, Unfortunatly like all things, it comes
down to how much money you want to throw at it, I remember how 
many us on this list balked at Vince charging $500.00 for one
year on a Unix Shell account, I wonder what the market would 
bear for both a technologically and physically secure datahaven?

William Knowles
erehwon at c2.org


--
William Knowles    <erehwon at c2.org>
PGP mail welcome & prefered / KeyID 1024/2C34BCF9
PGP Fingerprint 55 0C 78 3C C9 C4 44 DE   5A 3C B4 60 9C 00 FB BD
Finger for public key
--
Vote for Harry Browne in November -- http://www.HarryBrowne96.org







From erehwon at c2.org  Fri Aug 16 06:31:30 1996
From: erehwon at c2.org (William Knowles)
Date: Fri, 16 Aug 1996 21:31:30 +0800
Subject: Anguilla - A DataHaven?
In-Reply-To: <Pine.SUN.3.95.960816071634.8723A-100000@netcom10>
Message-ID: <Pine.SUN.3.94.960816033853.22381B-100000@infinity.c2.net>


On Fri, 16 Aug 1996, jonathon wrote:

> On Thu, 15 Aug 1996, William Knowles wrote:
> 
> > Something that I thought would make an excellent data haven would
> > be older offshore oil platforms, Their size would allow extended
> 
> 	These used to be the recommended way to go. 
> 
> 	If you have the cash, the cheapest way to go, is to just
> 	buy an island somewhere, and setup shop.   << Can I
> 	suggest buying Redonda?   >>

Where is Redonda on the map, I'm too lazy to look it up, 
The group working on the Oceania Project tried to find an 
accommodating country that would allow them to run as a soverign
nation, Last I heard they were planning to purchase a former 
hospital ship and refurbish it.
 
> > (possibility for becoming its own country?) and with the hoops
> 
> 	CF:   _How to create your own country_  distributed
> 	by Loompanics Press, for some of the problems that 
> 	are encountered in trying to do this. 

About now I am feeling like Woody Allen in 'Bananas' I'll find
Tim May becoming 'El Presidente' alerting everybody on the island
that their underwear will be worn on the outside, A yearly gift
of his weight in discarded AOL disks, and that everyone must own 
a hot-tub just like his  :) 

Cheers!

William Knowles
erehwon at c2.org


--
William Knowles    <erehwon at c2.org>
PGP mail welcome & prefered / KeyID 1024/2C34BCF9
PGP Fingerprint 55 0C 78 3C C9 C4 44 DE   5A 3C B4 60 9C 00 FB BD
Finger for public key
--
Vote for Harry Browne in November -- http://www.HarryBrowne96.org







From jk at stallion.ee  Fri Aug 16 06:55:42 1996
From: jk at stallion.ee (=?ISO-8859-1?Q?J=FCri_Kaljundi?=)
Date: Fri, 16 Aug 1996 21:55:42 +0800
Subject: [SIGNAL] Microsoft's Internet Explorer
Message-ID: <Pine.GSO.3.93.960816141801.28899D-100000@nebula>


 Wed, 14 Aug 1996, Lucky Green asked:

> I don't see the 128 bit version. URL?

It is now available from www.microsoft.com/ie/download/
Choose the 128-bit IE 3.0 for Windows 95 & NT 4.0

In reply I got:
	Your Domain Name is not registered in the US or Canada

Someone please upload the 128-bit version to somewhere in Europe =)

J�ri Kaljundi
AS Stallion
jk at stallion.ee







From jcr at idiom.com  Fri Aug 16 08:21:14 1996
From: jcr at idiom.com (John C. Randolph)
Date: Fri, 16 Aug 1996 23:21:14 +0800
Subject: Lunch with Bill, anyone?
Message-ID: <199608161231.FAA05532@idiom.com>


Latest from Microsoft(R):

> > The Windows 95 Anniversary is just around the corner.
> > Stay tuned to WinNews for special announcements to learn how
> > you could win lunch with Bill Gates, chat with industry
> > luminaries, and download a really cool screen saver.

Does Microsquish *know* any industry luminaries?  I mean, Cutler
used to be one, but he's pretty burnt out, if Windoze NT is any
indication.

> Seems a fine opportunity.  Though Bill _and_ the screen saver might
> be just too much excitement for one day.

Meeting Bill Gates would be every bit as exciting as meeting Tony 
Orlando.  Or maybe Wayne Newton.

-jcr








From jya at pipeline.com  Fri Aug 16 08:25:16 1996
From: jya at pipeline.com (John Young)
Date: Fri, 16 Aug 1996 23:25:16 +0800
Subject: ECC_pow
Message-ID: <199608161227.MAA15645@pipe6.t1.usa.pipeline.com>


   8-15-96. BW: 
 
   "Certicom's High Efficiency Elliptic Curve Cryptosystem to 
   be applied to Motorola's Wireless products." 
 
      Dr. Scott Vanstone, Certicom's Chief Cryptographer, 
      added, "Certicom is currently completing an ECC software 
      toolkit." The Elliptic Curve Cryptosystem is the world's 
      most efficient public-key system, providing the highest 
      strength-per-bit of any known public-key system and 
      minimizing the requirement for large key lengths. 
 
   "UK Company Unveils E-Mail Encryption Software." 
 
      Pow! Distribution has taken the wraps off PrivaSuite, an 
      e-mail encryption package that works as a drop-in to 
      many existing e-mail applications software. It can 
      handle almost any file format, encrypting the file using 
      the DES algorithm, it can also be set up to handle fax 
      image files. The package was developed by Aliroo, an 
      Israeli software house that specializes in document 
      security products. Aliroo was founded in 1995 by 
      ex-Israeli Military Intelligence officer Itzhak 
      Pomerantz. 
 
   ----- 
 
   http://jya.com/eccpow.txt  (9 kb for 2) 
 
   ECC_pow 
 
 
 
 
 
 





From rah at shipwright.com  Fri Aug 16 09:00:28 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Sat, 17 Aug 1996 00:00:28 +0800
Subject: NPR Science Friday for 8/16
Message-ID: <v03007800ae39ed8a7843@[206.119.69.46]>



--- begin forwarded text


X-Sender: oldbear at pop.tiac.net
Mime-Version: 1.0
Date: Fri, 16 Aug 1996 08:54:37 -0300
To: dcsb at ai.mit.edu (Digital Commerce Society of Boston)
From: The Arctos Group <arctos at arctos.com>
Subject: NPR Science Friday for 8/16

This afternoon's program on "Science Friday" on National Public 
Radio, broadcast from Washington, DC at 1800hrs GMT (2PM EDT) is on 
the future of the internet.  I was unable to get a list of guests, 
but past programs would suggest that there likely will be some 
interesting individuals.  Host Ira Flatow is much more techno-savvy 
than the usual broadcast personality.

Here is the description from the npr.org web site:

  Show Date: 8/16/96

  Topic for Hour One: Internet Update

  Synopsis:  A War is waging over the future of the Internet.  Who 
  will control it, and what will it look and sound like as it reaches 
  maturity?  In this hour of Science Friday, find out who the players 
  are, and what you can expect to see, or not see, on your computer 
  screen in the years to come. 

Sorry for the short notice.  I just heard the teaser this morning.

--- end forwarded text



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From rednax at asiapac.net  Fri Aug 16 09:28:36 1996
From: rednax at asiapac.net (rednax)
Date: Sat, 17 Aug 1996 00:28:36 +0800
Subject: email bombing
Message-ID: <199608161308.VAA05387@gandalf.asiapac.net>



With reference to se7en's incident, is it because of implications like that
that Up Yours doesn't work?


r 3 |) |\| @ ><

"huh??"

----------------
r 3 |) |\| @ ><
----------------
"everyone's expendable, anything too"






From rednax at asiapac.net  Fri Aug 16 09:48:05 1996
From: rednax at asiapac.net (rednax)
Date: Sat, 17 Aug 1996 00:48:05 +0800
Subject: NT remailer
Message-ID: <199608161308.VAA05385@gandalf.asiapac.net>


Speaking of NT, I downloaded the full version of msie 3.0 the other day but
when I tried installing it, an error message came up saying that it requires
a Win95 or WinNT4.0 build of 1381 or higher. I am currently running NT 4.0b
that has a build of 1314, does anyone know of where is the upgrade or
service packs(if available)? I have tried looking around microsoft.com, but
they neither provided any detail nor did they provide an e-mail.

Thanks.

r 3 |) |\| @ ><

"it's aliiiiIIIVVEeee!!!"
----------------
r 3 |) |\| @ ><
----------------
"everyone's expendable, anything too"






From declan at eff.org  Fri Aug 16 10:25:24 1996
From: declan at eff.org (Declan McCullagh)
Date: Sat, 17 Aug 1996 01:25:24 +0800
Subject: Schlafly helped defeat ERA, supported Goldwater--where do I , sign up?
In-Reply-To: <ae38a35e01021004be6d@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.960816071427.409B-100000@eff.org>


Keep in mind the BCFE comes from a traditional liberal bent. However, 
even though Schlafly is no friend of free speech as it relates to 
sexually explicit material, I welcome her participation in the wiretap 
debate. Privacy cuts across partisan lines.

I would love to have her column in the hands of some of the Republican
senators who will vote on the House wiretap bill or craft their own next
month.

-Declan



On Thu, 15 Aug 1996, Timothy C. May wrote:

> At 1:53 PM 8/15/96, Declan McCullagh wrote:
> >Take a look at the Boston Coalition for Freedom of Expression's list of
> >enemies of free expression. Excerpt follows.
> 
> 
> >Linkname: Phyllis Schlafly, Eagle Forum
> >Filename: http://www.eff.org/pub/Groups/BCFE/bcfenatl.html#Schlafly
> >
> >   Phyllis Schlafly
> ....
> >   "Leading the pro-family movement to victories since 1972." Basic
> >   membership includes a subscription to The Phyllis Schlafly Report and
> >   costs $15.00. Mrs. Schlafly, whose husband Fred used to head the World
> >   Anti-Communist League, is the person considered most responsible for
> >   the defeat of the ERA. Her book A Choice Not an Echo, published in
>         ^^^^^^^^^^^^^^^^^
> >   1964 to support the presidential aspirations of Barry Goldwater, is
>                                                     ^^^^^^^^^^^^^^^
> >   one of the seminal texts of contemporary American conservative
> >   politics.
> 
> So, she helped defeat the ERA and supported Goldwater. Sounds pretty good
> to me. From this excerpt, I'd call her a friend of liberty.
> 
> (Yes, I'm serious. Some of you find it hard to tell when I'm being
> completely serious and when I'm being facetious, so I thought I'd clarify
> this.)
> 
> --Tim May
> 
> Boycott "Big Brother Inside" software!
> We got computers, we're tapping phone lines, we know that that ain't allowed.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
> Licensed Ontologist         | black markets, collapse of governments.
> "National borders aren't even speed bumps on the information superhighway."
> 
> 
> 
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From gkuzmo at ix.netcom.com  Fri Aug 16 10:26:49 1996
From: gkuzmo at ix.netcom.com (George Kuzmowycz)
Date: Sat, 17 Aug 1996 01:26:49 +0800
Subject: photographed license plates
Message-ID: <199608161428.HAA16044@dfw-ix7.ix.netcom.com>


On 14 Aug 96 at 22:12, The Prisoner wrote:

> Timothy C. May wrote:
> > 
> > [WHACK]
> 
> > Maybe we'll have barcoded license plates sooner than we think. Then all of
> > those speed cameras can also track our movements.
> > 
> 
> No, too low-tech.
> 
> Small trasnsmitters with unique programmed ID codes broadcast as you drive.  Much easier to trace.  And LoJack's 
> already got a good bit of the technology in place.
> 

  Actually, a system like this is in place for toll collection in and 
around New York City, and on the New York State Thruway (a toll road 
that runs from NYC to Buffalo). It's called EZ-Pass, and involves 
some sort of programmed radio device that's scanned by the toll booth 
as you pass through. It can even automatically debit your VISA 
account. I am not aware of what representations, if any, they've made 
about the privacy of the data.

  An interesting economic point is that for the NYC bridges and 
tunnels, at least, EZ-Pass is now the only way to get discounted 
fares. The toll is $3.50 per bridge crossing. It used to be that they 
sold tokens, and if you bought a roll of tokens you'd get a 
discounted rate. Now they no longer sell the tokens in bulk, but the 
same discount is applied if you use the EZ-Pass system. The anonymous 
transaction is now the more costly one.

        -gk-





From bugs at netcom.com  Fri Aug 16 10:40:51 1996
From: bugs at netcom.com (Mark Hittinger)
Date: Sat, 17 Aug 1996 01:40:51 +0800
Subject: Billy boy's satellites [Was - Floating DataHavens]
Message-ID: <199608161424.HAA03018@netcom17.netcom.com>


>
> > Vincent Cate wrote:
> > You can get Internet via radio links for reasonable prices.  And via
> > satellite for almost affordable prices.  When Bill Gates 900 satellites
> > get up there it should be very affordable.
>
> Gary Howland wrote:
> ... if a tad unrealiable?
> The thought of 900 satelites in low orbit, all running NT, makes me
> shudder.  Brings a new meaning to the expression "OS crash".
> 

Its been a little over a year but I had heard that the current design was
for a lower number of MEO satellites.  

I would think that cypherpunks would want to see this happen.  The political
problems are probably larger than the technical ones :-)

Regards,

Mark Hittinger
Netcom/Dallas
bugs at netcom.com





From unicorn at schloss.li  Fri Aug 16 11:44:00 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Sat, 17 Aug 1996 02:44:00 +0800
Subject: Anguilla - legal action or lack thereof
In-Reply-To: <Pine.LNX.3.91.960814075142.12075B-100000@offshore>
Message-ID: <Pine.SUN.3.94.960816110502.24799A-100000@polaris>


On Wed, 14 Aug 1996, Vincent Cate wrote:

> 
> Dr.Dimitri Vulis KOTM <dlv at bwalk.dm.com>
> > 
> > "Greg Kucharo" <sophi at best.com> writes:
> > >   While Tim may be right that nobility is lost when backing down to the
> > > authorities, the fact is that this game has little to do with noble
> > > purposes. ...

[...]

> However, my work permit is up for renewal.  They would not ever have to
> take legal action to shut me down, just decide not to renew my work
> permit, and I would have to leave the island. 

[...]

> My lawyer says it is illegal to sell fake passports in Anguilla. So
> defending this guy could easily have been a fight to my death as an
> Anguilla ISP.

First, Mr. Cate, I appreciate your service, and I think it's a step in the
right direction.  The way that I see it your service is focused on
providing a degree of regulatory arbitrage.  It also seems that the
service is designed, and defended with those purposes in mind.  As far as
I can tell you did and do not intend Offshore Information Services to be a
"Data Haven" in the strict sense of the word.  I recall you stating that
rather specifically, but I may have missed attributation somewhere.

Members of the list should try to take note of this.

Mr. Cate is running a Regulatory Arbitrage Internet Service Provider
(RAISP) not a Data Haven.  

To me the distinction is this:

An RAISP seeks to avoid the application of undue reglation by locating in
a jurisdiction where regulation is more limited.

A Data haven seeks to avoid the application of any regulation by
maintaining such secrecy and instant mobility so as to continue to operate
even if authorities bring all their power to bear.

Mr. Cate clearly is in a sensitive position that does not give him the
instant mobility to just jump ship.  He is at the mercy of the authorities
(even if they are laxer than those say in the United States) to the extent
he has no backup plan.  This, by the way, is not a criticism.  This is
entirely consistent with his purpose.

For the RAISP operator, the words "My lawyer tells me that's illegal here"
is the end of the argument.

For the Data Haven operator, the word "My lawyer tells me that's illegal
here" prompts the command "Prepare to make the jump into cyberspace."

I would suggest members of the list reconsider the value of the service
provided by, and the limitations imposed on Mr. Cate.

>    --  Vince
> 
> -----------------------------------------------------------------------
> Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
> Offshore Information Services         http://www.offshore.com.ai/
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From mwohler at ix.netcom.com  Fri Aug 16 13:30:59 1996
From: mwohler at ix.netcom.com (Marc J. Wohler)
Date: Sat, 17 Aug 1996 04:30:59 +0800
Subject: Lunch with Bill, anyone?
Message-ID: <199608161545.IAA13092@dfw-ix11.ix.netcom.com>


At 05:31 AM 8/16/96 -0700,John C. Randolph wrote:

>Meeting Bill Gates would be every bit as exciting as meeting Tony 
>Orlando.  Or maybe Wayne Newton.

I don't mind the sarcasm regarding Gates, but watch what you say about Wayne
Newton!






From gimonca at skypoint.com  Fri Aug 16 13:35:23 1996
From: gimonca at skypoint.com (Charles Gimon)
Date: Sat, 17 Aug 1996 04:35:23 +0800
Subject: Rubber Hose Algorithm
Message-ID: <m0urQVB-00015tC@mirage.skypoint.com>


There's a lot of armchair theorizing on this list about government
oppression and such. For comparison purposes, here is a real-life 
example:

=========================================

From: 	hrwatchnyc at igc.org
Sent: 	15 Agustus 1996 7:00
Subject: 	Indonesia--Arrest of Lecturer for Internet Communication

Human Rights Watch sent the following letter, protesting the arrest of a
university lecturer for communicating on the Internet, to the Indonesian
government today.

August 14, 1996

His Excellency M. Arifin Siregar
Ambassador to the United States
Embassy of Indonesia
2020 Mass. Avenue, NW
Washington, DC  20036

Your Excellency:

     I am writing on behalf of Human Rights Watch/Asia to protest the 
arrest of Drs. Prihadi Beny Waluyo, a lecturer at Duta Wacana Christian 
University. Drs. Waluyo was arrested at his home by soldiers of the 
district military command. He was reportedly accused of distributing e-mail 
messages and also of sending messages relating to the July 27 riots to a 
destination in Holland. His arrest came after an unidentified person gave 
an officer photocopies of e-mail messages that were traced to Drs. Waluyo. 
The person claimed the printouts came from a store in Kebumen, a district 
of Yogyakarta.

     Following his arrest, Drs. Waluyo was interrogated by the military 
about his connections with the Peoples Democratic Party (PRD), which the 
government has accused of masterminding the riots, but he denied any 
involvement with the PRD. He acknowledged that he had sent messages over 
the Internet. Following his questioning, he was reportedly ordered to go to 
his home and was told to report to the district military command on a 
regular basis. He is said to be under strict surveillance.

     Human Rights Watch opposes actions by the Indonesian government to 
restrict electronic communication. As stated in Article 19 of the Universal 
Declaration of Human Rights:

     Everyone has the right to freedom of opinion and expression: this
     right includes freedom to hold opinions without interference and to
     seek, receive and impart information and ideas through any media and
     regardless of frontiers.

We believe that such forums provide a truly unique opportunity for people 
from around the globe to share their views with an international audience. 
By allowing unrestricted communication, important issues can receive the 
benefit of serious discussion by the broadest cross-section of society. If 
the Internet is to achieve its potential to become a global information 
infrastructure, it is important, at the present moment, to agree to allow 
its unrestricted development.

     We urge that Drs. Waluyi and every other citizen be allowed to receive 
and transmit electronic mail without fear of harassment, intimidation, or 
arrest.

Sincerely,
Sidney Jones
Executive Director
Human Rights Watch/Asia

cc:  His Excellency Nugroho Wisnumurti, Ambassador to the United Nations

Gopher Address://gopher.humanrights.org:5000
Listserv address: To subscribe to the list, send an e-mail message to
majordomo at igc.apc.org with "subscribe hrw-news" in the body of the message
(leave the subject line blank).

Human Rights Watch
485 Fifth Avenue
New York, NY 10017-6104
TEL: 212/972-8400
FAX: 212/972-0905
E-mail: hrwnyc at hrw.org

1522 K Street, N.W.
Washington D.C. 20005
TEL: 202/371-6592
FAX: 202/371-0124
E-mail: hrwdc at hrw.org

=========================================

ObCrypto:

On the brighter side, some individuals on soc.culture.indonesia
have become remailer users. Others have been forging Usenet
headers with varying degrees of success.





From unicorn at schloss.li  Fri Aug 16 13:39:40 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Sat, 17 Aug 1996 04:39:40 +0800
Subject: Anguilla - A DataHaven?
In-Reply-To: <Pine.LNX.3.91.960814081442.12075C-100000@offshore>
Message-ID: <Pine.SUN.3.94.960816111931.24799B-100000@polaris>


On Wed, 14 Aug 1996, Vincent Cate wrote:

> 
> Tim:
> > Rather, there is an "archetype," if you will, of what a "remailer" is, what
> > a "data haven" is, what a "tax shelter" is, etc. While we cannot reasonably
> > expect a remailer to exactly match the archetype, we can point out obvious
> > deficiencies.
> 
> 1)  Anguilla has secrecy laws.  Professional relationships are confidential.
>     There are strong secrecy laws.  I have not given out taxbomber's
>     name, nor will I as I could face legal action if I did.
> 
> 2)  Anguilla has no sales or income taxes.  A business does not need to
>     report anything about income, sales, etc, to the government (or anyone
>     else).  If a guy wants to sell his data and keep 100% of the profits
>     instead of 50% or 60%, then Anguilla would be a haven for him.
> 
> 3)  We don't have the same laws as other countries, so there are things
>     that can be done here.  For example, we can export encryption 
>     software.  Also, we will have bingo.com in Anguilla.
> 
> There are deficiencies from a cypherpunk or Libertarian point of view. And
> these are interesting.  And exactly what I want to do is changing. As I
> said, Anguilla is not the datahaven of cypherpunks wet dreams.  I am sure
> there are no datahavens that match the cypherpunk concept of an ideal
> datahaven, yet. 
> 
> But I think the term DataHaven applies as well to Anguilla as any other
> place I know of.  
> 
> Tim, we would all be very happy if you were to locate a country that could
> be the site of the ideal datahaven, and finance a couple cypherpunks to
> setup there.  It would be a big help to our cause.  Could you do this? 

In the way that you suggest, I would argue it is not possible.  You cannot
ever have a "DataHaven" in a single jurisdiction.  As Mr. Cate notes,
there is no jurisdiction that will fit the bill, nor do I ever expect
that one will be created.

> In the mean time, people may have to exist in cyberspace (like
> www.taxbomber.com) without having a totally secure physical location. 

The trick is to get the ISP to exist in cyberspace, or ever will it be
subject to the whim of the local authority.

This is a key and very important distinction.

> This is not the end of the world, or really even that painful.  If done
> right you could be down for only an hour - just long enough for
> nameservers to change.  Taxbomber is now setup to do it very fast next
> time, if the need ever comes.  Tim, I think you have even advocated this
> approach, not stressing the physical location, just the cyberspace
> location.  No? 

I have advocated the approach, but as applied to service providers, not
users of service providers.

>    --  Vince
> 
> -----------------------------------------------------------------------
> Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
> Offshore Information Services         http://www.offshore.com.ai/
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From snow at smoke.suba.com  Fri Aug 16 14:00:49 1996
From: snow at smoke.suba.com (snow)
Date: Sat, 17 Aug 1996 05:00:49 +0800
Subject: Anguilla - A DataHaven?
In-Reply-To: <199608160257.VAA20466@bermuda.io.com>
Message-ID: <Pine.LNX.3.93.960816100102.194B-100000@smoke.suba.com>


On Thu, 15 Aug 1996, Douglas R. Floyd wrote:
> > On Thu, 15 Aug 1996, Arun Mehta wrote:
> > > I'm sure this has come up before, but what would prevent a server
> > > being located on a buoy or something at sea outside territorial
> > > limits (or when satellites become cheaper, on a satellite itself)
> > > offering such services?  
> > living periods, electrcity and communications are in place, They
> > are generally built outside of the territorial waters of most
> > countries to avoid any damage to the shorelines if oil spilled
> > (possibility for becoming its own country?) and with the hoops
> > that Shell Oil went through to please Greenpeace with its last
> > oil platform.  You have to wonder how cheap these could sell 
> > for just to get them off the oil companies hands? 
> (The machine crashed when I was writing this letter, so if cpunks got two,
> I apologize.)
> How would this rig be defended?

     .50 Machine guns on the decks, everyone on board capable of shooting 
straight carrying at least a pistol and gas masks. The gas masks are for the 
tear gas dispencers. 

    Hire Vinnie? 

    There are ways to make it inadvisable to attack the system. Blackmail 
material is always a good thing. 


> Pirates still exist.  Even if you can give them something to think about
> with a 30/06 bullet at their waterline, there are always small countries
> who have navies that can be hired.  They may be small and defenseless
> compared to the US navy, but against a basically unarmed oil rig, do have
> the ability to sink the rig at their whim.

     A couple of surplus wire guided missles might go a long way to disuading
them. 


Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From unicorn at schloss.li  Fri Aug 16 14:05:17 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Sat, 17 Aug 1996 05:05:17 +0800
Subject: [NOISE] "X-Ray Gun" for imperceptible searches (fwd)
In-Reply-To: <199608151851.NAA09462@einstein>
Message-ID: <Pine.SUN.3.94.960816112851.24799C-100000@polaris>


On Thu, 15 Aug 1996, Jim Choate wrote:

> 
> Hi all,
> 
> > On Wed, 14 Aug 1996, Jim Choate wrote:
> > 
> > > 
> > > Forwarded message:
> > > 
> > > > Date: Wed, 14 Aug 1996 22:24:39 -0400 (EDT)
> > > > From: Black Unicorn <unicorn at schloss.li>
> > > > Subject: Re: [NOISE] "X-Ray Gun" for imperceptible searches
> > > > 
> > > > Correct.  No warrant is required to observe that which is freely collected
> > > > after eminating from the residence of another and observed off his
> > > > property.
> > > > 
> > > > Same concept applies to the "sniff" test and ariel views into greenhouses.
> > > 
> > > Pitty somebody doesn't bring a suite against the FCC under this logic. It
> > > would particularly impact radar detectors, cell phones, and other types of
> > > scanners.
> > 
> > Uh, what is the chain of logic that supports this suit exactly?
> 
> Simple actualy. The police don't need a warrant to collect such information
> because it is in the public domain (ie not private and therefor requiring
> a search warrant and probable cause). Therefore anybody (not just cops)
> can pick it up.

This argument breaks down when one looks at the difference between state
action and private action.

Were one to follow this logic, it would come to pass that citizens could
get warants to search neighbor's residences.

> It is becoming more and more popular for governments to limit the ability
> of scanners and other such detectors to pick up information supposedly 
> to protect privacy. The above states that if it is eminating from the
> residence (and by extension person) and is picked up off their property,
> perhaps on or in public space then it is fair game.

Fair game for law enforcement use and can be presented in court, yes.
And, I might add, there is a different standard for voice communications
however carried.  The heat from a indoor pot garden is a different matter,
and incidently, the matter on which the question was presented.

> States such as N. Carolina (per extension via the 14th) should be 
> prohibited from regulating or otherwise controlling possesion and use
> of radar detectors (in this case) which are currently illegal for
> private persons to operate.

There is the additional matter of the obstruction of justice issues..

>I< tend to agree with you, but I see the arguments on the other side as
well.

> If the police don't need a warrant to
> collect information then citizens are equaly able to recieve that
> information as well.

How EXACTLY does this follow?

> Since the above ruling states that as long as the
> emissions are eminating from the site and the reception takes place
> other than at the site (in this case, being inside the police car)
> , perhaps along a public highway, then no privacy is involved. This
> means that citizens have a right, by extension, to know when they are
> being beamed by radar.

Again, you need to distinguish law enforcement purposes and private
purposes.
 
> This same chain of logic can be extended to cell phones and such as
> well.

And yet you need a warrant to intercept cell phone conversation.

> This connection is even clearer when one realizes that the only difference
> between IR and your cell phone eminations is frequency. The intermediate
> vector boson in both cases is a photon.

And the fact that cellphones carry voice communications.

> It is similar to arresting somebody for wearing a blue shirt but letting
> the person wearing the red shirt go free.

ANd having the blue shirt say "kill the president" maybe would even out
your example.

> The rationale being that since
> the frequency of the blue shirt is higher it is fundamentaly different
> then the red shirt.

No, the rational being that the blue shirt carries a communication more
complicated than a simple speed reading, or heat emmission.

> This ruling is prima facia evidence that the judicial system as a whole
> has no clear grasp of technology, not just Internet technology.

I think you are mistaken.

> 
>                                                      Jim Choate
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From grafolog at netcom.com  Fri Aug 16 14:07:28 1996
From: grafolog at netcom.com (jonathon)
Date: Sat, 17 Aug 1996 05:07:28 +0800
Subject: Anguilla - A DataHaven?
In-Reply-To: <Pine.SUN.3.94.960816033853.22381B-100000@infinity.c2.net>
Message-ID: <Pine.SUN.3.95.960816155911.26920A-100000@netcom16>


On Fri, 16 Aug 1996, William Knowles wrote:

> Where is Redonda on the map, I'm too lazy to look it up, 

	It is a dependancy of Anguilla.   

	The only permanent inhabitants are birds.  

	I don't remember if Redonda, or Anguilla's other
	dependency is the one that is under water at high tide.
	<< That little problem hasn't prevented Anguilla from
	issueing stamps, and currency for both of those dependencies.  >>

        xan

        jonathon
        grafolog at netcom.com



		VapourWare is like the Tao,
		Looked for it cannot be found,
		Reached for it cannot be touched,
		Waited for not even FedX can deliver;
		            <Paid for it will not be refunded>







From sandfort at crl.com  Fri Aug 16 14:16:54 1996
From: sandfort at crl.com (Sandy Sandfort)
Date: Sat, 17 Aug 1996 05:16:54 +0800
Subject: Billy boy's satellites [Was - Floating DataHaven]
In-Reply-To: <321446BF.20431CA7@systemics.com>
Message-ID: <Pine.SUN.3.91.960816084343.22824A-100000@crl4.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 16 Aug 1996, Gary Howland wrote:

> Doesn't the low orbit part mean that the satellites will have a
> low life expectancy, meaning a new launch every couple of days?

"Low orbit" is used in a relative sense as compared to satellites
in geosynchronous orbit.  The Teledesic satellites will orbit in
the 700km range--hundreds of kilometers above the wispy highest
reaches of earth's astmosphere.  At that height, there will be
virtually no difference in orbital decay from that of 
geosynchronous birds.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From unicorn at schloss.li  Fri Aug 16 14:19:33 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Sat, 17 Aug 1996 05:19:33 +0800
Subject: (NOISE) Re: Free Pronto Secure Offer
In-Reply-To: <19960815232910268.AAB222@[194.90.26.189]>
Message-ID: <Pine.SUN.3.94.960816113716.24799D-100000@polaris>


On Fri, 16 Aug 1996, geoff wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> To: unicorn at schloss.li, cypherpunks at toad.com
> Date: Fri Aug 16 02:41:34 1996
> Unicorn,
> 
> > No, I was merely pointing out that if the review revealed that it
> > had problems (one assumed that the intent of peer review is to reveal
> > such problems in the first place, but perhaps you just like giving
> > software away?) then the offered reward was valueless.
> 
> Peer review seems to have voted that their risk paid off.
>  
> > A lot of people use DES on this list too I'll wager.
> and...
> 
> > I "tried out" your promotional scheme when I read your message, and
> > it was that scheme which my opinion targeted.
> 
> You misinterpreted my reply to a list member's enquiry about whether 
> our offer of Pronto Secure in exchange for feedback was still 
> available. 
>  
> > This is a subjective question.
> Yes.
> 
> > Cypherpunks is always getting the cash poor developer who thinks he
> > very clever because he has to pay testers no money if he offers his 
> > new product free to the person who discovers a flaw, or writes a 
> > review.
> 
> Unicorn, you are again letting your fingers move faster than your 
> brain. On what do you base your evaluation of our liquidity ?

I didn't say anything about your liquidity did I?

 (not that 
> it is relevant). Most Cypherpunks are technically savvy and crypto 
> aware people, they provide a perfect community for evaluating and 
> debugging a security enabling product.

Which is why people are constantly trying to get their services for what
is in effect nothing.

> I would strongly recommend this 
> route to any developer of serious security enhancing software.

So would I, however, the assumption that "cypherpunk crypto review
services" are to be had for nothing is the height of arrogance.

> My 
> sincere thanks to all c'punks who have and continue to provide 
> incredibly valuable input into Pronto Secure.

If you were sincere, you'd thank them with cash.  Afterall, you seem
to suggest that you have a good deal of liquidity eh?
 
> > From your home page, I would guess that you request that reviewers
> > allow you to make their comments public.  That's called an 
> > endorsement, and, by the way, people are usually paid for them.  
> > Sometimes in the millions. Think Michael Jordan is getting a deal 
> > when you use his name to promote your product and then give him a 
> > $99.00 piece of software (which is effectively worth the amount of 
> > time it takes to write a few kiss ass paragraphs on the software, not 
> > $99.00)?
> 
> Unicorn, you are again making groundless assumptions. I suggest that 
> you do some fence painting before you enlighten us with your opinions 
> about our "kiss ass paragraphs" of code.

Uh, the kiss ass paragraphs were the reviewers comments, not your code.

Are you so used to attacks that you see every comment as one or what?

> Unless Michael Jordon is reading Schneier on the sly, his endorsement 
> of Pronto secure is not worth 99c.

THAT, is the key of your ignorance.  Endorsements are valueable if they
bring business, period.

Picture big ole MJ on TV with his suit and tie holding up your product and
proclaiming that his multi-level global investment strategy would be
impossible to do the way he does it without pronto-secure.

Not worth 99c?  Please.

> > Alturisim is a pipe dream.
> Depends what you are putting in your pipe :)
> I venture that most c'punks would agree that moving strong e-mail 
> security into mainstream is a good thing. This is not going to happen 
> without people making money from it.

Make all the money you want, but I grow weary of seeing "review my product
and get a consolation prize" deals.  I doubt I'm the only one.

> >> Unicorn, you are invited to whitewash my fence :)
> > Do I have to review pronto secure first?
> Yes.

I rest my case.

> Geoff.
> 
> - ---------------------------------------------------------------
> Geoff Klein, Pronto Secure Product Manager;   www.commtouch.com 
> My PGP public Key 1814AD45 can be obtained by sending a message
> to geoff at commtouch.co.il with "Get PGP Key" as the subject.
> - ----------------------------------------------------------------
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3i
> Charset: noconv
> 
> iQCVAwUBMhO1s0Lv5OMYFK1FAQG5WAP/XoLteaVpdhnLpj/pk/1aPiWX7Nx/h1cc
> 5Sf0mgOWv3Q9MASWHV2lKrgqF9jc15ZaymfJZDq1duGttrPj6SJqX/nwOTcYi006
> Hh3qh+LnXWnBd7QA/mZL5Fn4SLAOBno/uspqwMbM+6DCw39MpCY2NG0jQ2Qi8vMH
> n1IG+PYYTAs=
> =5HnW
> -----END PGP SIGNATURE-----
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From sameer at c2.net  Fri Aug 16 14:56:08 1996
From: sameer at c2.net (sameer)
Date: Sat, 17 Aug 1996 05:56:08 +0800
Subject: remailers/kiddie porn
In-Reply-To: <199608160454.VAA00547@toad.com>
Message-ID: <199608161625.JAA21883@lachesis.c2.net>


> and I doubt there are 5000 addresses on nymservers or
> reply-block users.

	There are probably more than this amount.


-- 
Sameer Parekh					Voice:   510-986-8770
Community ConneXion, Inc.			FAX:     510-986-8777
The Internet Privacy Provider
http://www.c2.net/				sameer at c2.net





From vince at offshore.com.ai  Fri Aug 16 15:33:05 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Sat, 17 Aug 1996 06:33:05 +0800
Subject: Protecting floating datahavens?
In-Reply-To: <Pine.LNX.3.91.960816121601.18100A-100000@offshore>
Message-ID: <Pine.LNX.3.91.960816121628.18041B-100000@offshore>



> From: William Knowles <erehwon at c2.org>
> Now I don't claim to be a naval defence expert, But from what 
> I do read of the dogeared copies of Jane's Defence Weekly, 
> Would be to install three or four Phalanx Close-In Weapons 

For those interested in todays piracty I recomment "Outlaws of 
the Ocean" by G.O.W. Mueller and Freda Adler.  The main types
of ocean outlaws:

     1) Smuggling (freon, dugs "square groupers" - bales of pot, ...)
     2) Immigration (illegal immigration can be very profitable)
     3) Insurance Fraud (tanker sinks, but unknow to the insurance
           company the oil had already been offloaded...)
     4) Violent crime  -  what I think of as piracy

Piracy is not a victimless crime.  Since there are victims, there is
someone to shoot at the pirates.  Makes it a tough business and not as
profitable as, some others. Most piracy occures in "known dangerous
areas".  Other piracy is drug dealers taking very fast boat so they have
an unregistered boat. 

There were some stories about freighters being attacked in one area, but
once they started all carrying guns, the attacks ended. 

After reading this my impression was that the odds of car-jacking or
mugging inside the USA were higher than the odds of a cruising boat
getting attacked by pirates. 

Pirates are going to pick what looks to them like easy targets. A Phalanx
or two on the side of a large boat would not look like an easy target. :-)
In fact, just one semi-automatic mounted on the side would probably
prevent all attacks by pirates. 

   --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/






From scraver at mnet.fr  Fri Aug 16 15:52:25 1996
From: scraver at mnet.fr (Arnauld Dravet)
Date: Sat, 17 Aug 1996 06:52:25 +0800
Subject: signoff cypherpunks
Message-ID: <3214BCA6.6ED8124F@mnet.fr>


signoff cypherpunks





From vipul at pobox.com  Fri Aug 16 16:03:08 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Sat, 17 Aug 1996 07:03:08 +0800
Subject: FCC_ups
In-Reply-To: <199608112108.VAA23815@pipe1.ny3.usa.pipeline.com>
Message-ID: <199608170231.CAA00337@fountainhead.net>


> 
>    8-10-96. WaPo: 
>  
>    "Phone Service Via the Internet May Slash Rates." 
>  
>       Labs of Advanced Technology has developed a way for 
>       people to make long-distance calls over the Internet 
>       using only their telephones, at about half the price of 
>       ordinary toll calls. Customers would merely call a 
>       central number, then dial their long-distance numbers. 
>       The call is carried on the Internet, then put back onto 
>       the local phone system at its destination. The company 
>       plans to charge 5 to 8 cents per minute for all domestic 
>       U.S. calls, which represents a 50 to 75 percent discount 
>       off most domestic long-distance rates. International 
>       rates would depend on arrangements made with foreign 
>       phone companies. "Twenty years from now, and probably 
>       sooner, I don't see the giants of the telecommunications 
>       industry existing anymore," said the company's 
>       president. The giants hoot, "FCC, PACs, whack him." 
>  

This kind of report is often confusing and more often misleading.
Most of the internet still runs on "the infrastructure provided by 
the giants of the telecommunications industry, who according to the report 
would cease to exist after some time". 

Bigbells and Babybells provide cheap [flat rate local calls] and 
expensive long-distance calls. They make most of their money on the
later. This money goes into development and maintainance of their
infrastructure. Once they loose these profits 1. They won't be able
to provide cheap local-calls and/or 2. They would go bankrupt and shut the
entire network which is used by many to connect to the internet.

This is complex problem and the only solution I see to it is a
different pricing policy. [Prolly a differential pricing system might fit
the scenario but I don't have much idea about that] 

First flat rates would have to go out.
If Alice uses her phone for 5 hrs in month and pay _x_ dollars and Bob uses
his for 100 hrs and pays _x_ dollars, then Alice is subsidising Bob, which
is not really ethical. Everyone should pay for the amount of bandwith 
one is using.  

Another criteria for pricing can be content. Which would also imply that
a guy sitting in Delhi, India (like me) pays more for reaching a Server based 
in US, as compared to a local server. 

--- Vipul

  






From alano at teleport.com  Fri Aug 16 16:09:18 1996
From: alano at teleport.com (Alan Olsen)
Date: Sat, 17 Aug 1996 07:09:18 +0800
Subject: [Noise] Re: Lunch with Bill, anyone?
Message-ID: <2.2.32.19960816180029.00b2708c@mail.teleport.com>


At 05:31 AM 8/16/96 -0700, John C. Randolph wrote:
>Latest from Microsoft(R):
>
>> > The Windows 95 Anniversary is just around the corner.
>> > Stay tuned to WinNews for special announcements to learn how
>> > you could win lunch with Bill Gates, chat with industry
>> > luminaries, and download a really cool screen saver.

Do we get to decide where to have lunch?  I know this great biker bar... ]:>
---
|"Computers are Voodoo -- You just have to know where to stick the pins."|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From unicorn at schloss.li  Fri Aug 16 16:11:48 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Sat, 17 Aug 1996 07:11:48 +0800
Subject: Jurisdictionless Distributed Data Havens
In-Reply-To: <199608151452.JAA02130@xanadu.io.com>
Message-ID: <Pine.SUN.3.94.960816162638.12459A-100000@polaris>



RE: Your distributed Data Mockup.

If this ever gets to the point where it might be implemented on a
commercial basis, please let me know.

It may mesh well with a project I am working on and may be profitable for
you.

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From an572010 at anon.penet.fi  Fri Aug 16 16:18:38 1996
From: an572010 at anon.penet.fi (The honourable Vyshinsky)
Date: Sat, 17 Aug 1996 07:18:38 +0800
Subject: The Transparency Of Cyber-Nitrate
In-Reply-To: <839785435snz@abaron.demon.co.uk>
Message-ID: <9608161725.AA07803@anon.penet.fi>


Rush Graves <llurch at stanford.edu> writes:

>> yawen at enter.net (Yale F. Edeiken) writes:
>> >>   Alexander Baron <A_Baron at abaron.demon.co.uk> writes:
>> >>  In article <4ui6qj$bk5 at news.enter.net> yawen at enter.net "Yale F. Edeiken" 
>> >writes:
>> >  
>> >>  > texts on Hitler.  You demonstrate another typical denier failing as
>> >>  > well. One of your 
>> >>  > friends (according to your story) goofed.  Insttead of blaming him, you
>> >>  > called someone who correctly pointed you to a valid source of
>> >>  > information a nasty name.
>> >>  >         Where is your apology, Lyin' Al?
>> >
>> >>  You really are one unpleasant person, aren't you Yale? You must meet an 
>> >>  awful lot of "anti-Semites".
>> >
>> >	Actually I meet very few outside of alt.revisionism.
>> 
>> "Me too." I hardly believed these dinosaurs still existed a year ago. I
>> think it's healthy to keep in mind just how unrepresentative the
>> Nazihuggers are. 
>> 
>> The ZGram list and the rec.music.white-power vote are pretty good

Liar.  You know very well the rec.music.white-power vote was falsified.

>> indicators that of the millions of people on the Internet, only a few
>> hundred are seriously into this garbage. 

Liar.  You know very well that Stormfront-L is not representative of net 
racismo.  It appears unusually intelligent vs. usenet racists is because 
of Don Black's moderation.  There aren't constant interruptions by Andrew 
Mathis, Mike Beebe, ara, scoop, sexy Jeanne Kapowski, etc., threatening 
to rape, mutilate, poison and murder racists, thanks to Mr. Black.  You 
also know very well that numbers of mailing list subscribers do not 
translate to active interest in a newsgroup.  How popular would 
comp.cypherpunks be if it was created and propagated?  FAR more popular 
than anyone would expect from a mere 1,000 or so current subscribers.  In 
fact, this is your's and tcmay, Sameer, shamrock, etc., duty to write a 
RFD and CFV for an UNMODERATED comp.cypherpunks newsgroup.  On second 
thought, you SHOULDN'T participate because you censor by moderation 
yourself as a power trip.  You know, in hindsight, I think I hurt the 
r.m.w-p effort more than helped, I only posted to usenet about it and 
avoided mail.  I shouldn't have respected cypherpunks enough to refuse to 
follow your practice of trolling against racists on the mailing list, I 
should have confined my campaign to cypherpunks.  Another example, does 
the 40 or so subscribers to coder-punks indicate there is very little 
interest in coding for crypto- at nonymity?!??????

>> I spent about an hour today reading Ingrid/Zundel's 93-page treatise on
>> "Background and Detailed Chronology of Ernst Zundel Persecution," which
>> Ingrid was so kind as to send me (OK, she didn't exactly know it was
>> me...). Near the end of the subsection called "The First Trial --
>> 'Spreading False News," I found a very encouraging couple of paragraphs,
>> which I'll quote here.

Liar.  Either post your entire copy to alt.revisionism or prove yourself 
a lying capitali$t bastard who's jealous about Zuendel because you are a 
J$wish preppie homo$exual righti$(t) ri(c)h pig.

>>       A year after Zuendel's trial a 200 page book entitled "Hate on
>>    Trial: The Zuendel Affair, the Media and Public Opinion in Canada" was
>>    published.... 
>> 
>>       "Hate on Trial" sought to measure through scientific polling data
>>    the effect of the massive coverage of the Zuendel trial on public
>>    opinion in Canada concerning Jews, the Holocaust and Germans. "The
>>    central motivation for our research project," wrote the authors, "was
>>    to find out what truly happened in the mind of the Canadian public. Did
>>    support for the Nazi perspective grow as a result of the trial and as a
>>    result of the media coverage of the trial? Did more Canadians become
>>    prejudiced against Jews as a result of the affair? How were attitudes
>>    towards Germans affected? What specifc roles did television and the
>>    press have in shaping Canadian attitudes? Were the media as harmful as
>>    many people, including journalists, feared?" (p. 31)
>> 
>>       The researchers found that news coverage of the trial:
>> 
>>     "...did more harm to the image of Germans than of Jews... Two thirds
>>     of Canadians did not change their opinions as a result of the
>>     extensive coverage of Mr. Zuendel's sensational seven week trial, but
>>     of those who did, the vast majority became less sympathetic to Germans
>>     and more sympathetic to Jews, the authors conclude... [W]hile
>>     television had a strong emotional impact, the effect was entirely
>>     opposite to what many people feared. 'People who were heavy, heavy
>>     television viewers said they became more sympathetic to Jews,'
>>     Professor Conrad Winn of Carleton University said." (Globe & Mail,
>>     March 22, 1986)
>> 
>> False "German v. Jew" conflict aside (in fact most Germans repudiate Mr. 
>> Zuendel's propaganda), I find it very encouraging that Zuendel largely
>> failed to troll up support. The public isn't as stupid as some people
>> think. 

Prove it, liar.  I can prove the opposite with just these examples: 
racist terrorism, Oklahoma City, Vipers, J$ws, Microsoft, Holocaust, 
capitali$m, flying saucers, penny stocks, etc.

>> The full citation of the referenced work is:
>> 
>> Weimann, Gabriel and Conrad Winn. Hate on Trial: the Zundel affair: the
>>   media and public opinion in Canada. New York: Mosaic Press, 1986.
>> 
>> I'll probably go pick it up at the Law Library to see how faithful
>> Ingrid/Zundel's review of the book is. I don't see why they'd lie about
>> this particular bit of information.

Why do you pretend to be Ingrid in your latest post?  Are you jealous of 
the pretty woman you'll never have because of your difficulties with 
those sort of things?

--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From unicorn at schloss.li  Fri Aug 16 16:31:23 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Sat, 17 Aug 1996 07:31:23 +0800
Subject: Floating DataHaven
In-Reply-To: <Pine.LNX.3.91.960815194218.16207H-100000@offshore>
Message-ID: <Pine.SUN.3.94.960816163002.12459D-100000@polaris>


On Thu, 15 Aug 1996, Vincent Cate wrote:

> 
> William Knowles <erehwon at c2.org>
> > 
> > Something that I thought would make an excellent data haven would
> > be older offshore oil platforms,
> > [...]
> > You have to wonder how cheap these could sell 
> > for just to get them off the oil companies hands? 
> 
> A floating DataHaven is probably the way to get the ultimate in 
> freedom.  

Disagree strongly.  Unless you were willing to arm the platfom (a
proposition which aproaches the feasibility of say SPECTER in James Bond
films) you are much more vulnerable.

> There is someone on Anguilla that bought a used floating oil platform for
> $1 million.  It is big enough for 200 people to live on.  It is not here,
> so I have not seen it. 
> 
> There is someone else here who says that there are some really old ones
> that you can get just for hauling them away. Some countries will not let
> owners just sink them. 
> 
> You can get Internet via radio links for reasonable prices.  And via
> satellite for almost affordable prices.  When Bill Gates 900 satellites
> get up there it should be very affordable. 
> 
>   --  Vince
> 
> -----------------------------------------------------------------------
> Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
> Offshore Information Services         http://www.offshore.com.ai/
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From m5 at vail.tivoli.com  Fri Aug 16 16:31:49 1996
From: m5 at vail.tivoli.com (Mike McNally)
Date: Sat, 17 Aug 1996 07:31:49 +0800
Subject: c|net reports UK partial usenet ban
Message-ID: <3214D420.349A@vail.tivoli.com>


UK Metropolitan Police Service bans smutty newsgroups.  See it all
at <http://www.cnet.com>.

______c_________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX * For the time being,
       m5 at tivoli.com * m101 at io.com       *    
      <URL:http://www.io.com/~m101>      * three heads and eight arms.





From unicorn at schloss.li  Fri Aug 16 16:38:33 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Sat, 17 Aug 1996 07:38:33 +0800
Subject: Fw: Re: Free Pronto Secure Offer
In-Reply-To: <Pine.LNX.3.93.960815195125.154A-100000@smoke.suba.com>
Message-ID: <Pine.SUN.3.94.960816162838.12459C-100000@polaris>


On Thu, 15 Aug 1996, snow wrote:

> On Thu, 15 Aug 1996, Black Unicorn wrote:
> > you to make their comments public.  That's called an endorsement, and, by
> > the way, people are usually paid for them.  Sometimes in the millions.
> > Think Michael Jordan is getting a deal when you use his name to promote
> > your product and then give him a $99.00 piece of software (which is
> > effectively worth the amount of time it takes to write a few kiss ass
> > paragraphs on the software, not $99.00)?
> > 
> 
>      The time it takes M. Jordon to write a couple of paragraphs would 
> be worth at least $99.  

If MJ wanted a copy he need only tell someone else to write the
paragraphs and take the copy from that someone else.

The point is that the "prize" is worth only that which it takes to obtain
it.  In this case, a bum could write a review (his time is worth nearly
nothing in op. cost) and turn it over to whomever.

> 
> 
> Petro, Christopher C.
> petro at suba.com <prefered for any non-list stuff>
> snow at smoke.suba.com
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From lzirko at c2.org  Fri Aug 16 16:40:45 1996
From: lzirko at c2.org (Lou Zirko)
Date: Sat, 17 Aug 1996 07:40:45 +0800
Subject: Installing IE 3.0 Final under NT 4.0b2 [Was Re:NT remailer]
Message-ID: <199608161805.LAA06902@infinity.c2.org>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: rednax at asiapac.net, sryan at reading.com, cypherpunks at toad.com
Date: Fri Aug 16 13:05:38 1996
You can try the following.  I will be attempting it myself tonight.  I also 
understand that the 128-bit version is available again.

Good luck!

Lou Zirko

- ----Forwarded----
 From: "Scott Johnson" <sjohnson at iscdist.com>
Subject: Re: Beware V3 of Internet Explorer
Newsgroups: comp.os.ms-windows.nt.pre-release,comp.os.ms-windows.nt.misc
References: <1996Aug13.085057.6086 at news.ntrs.com>
Organization: ISC Distributors, Inc.
Message-ID: <01bb88d4$f88dd6b0$c8c1a0cc at sjohnson>
X-Newsreader: Microsoft Internet News 4.70.1155
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
NNTP-Posting-Host: sjohnsonnt
Date: 13 Aug 96 17:09:07 GMT
Lines: 34
Path: 
news.c2.org!news.zeitgeist.net!cygnus.com!news.sgi.com!enews.sgi.com!su-new
s-f
eed4.bbnplanet.com!news.theglobal.net!
Xref: news.c2.org comp.os.ms-windows.nt.pre-release:10225 
comp.os.ms-windows.nt.misc:137713

There is a way to get the production release to run on the beta II of NT. 
It requires a little work but it does run fine.  It seems the only problem
is in the install.  If you follow these steps you can use the install from
the beta if IE 3.0 Beta II on the production cab file and it will install.

1. Run the self extracting cab file for the beta II of IE.  This should
produce a temporary dir in the temp dir on drive c.  You will have to find
it as it is named something different each time.

2. When you run this the first question will be do you want to cont. Answer
yes. When it asks for you to agree to the lic. look for the temp dir. Make
a copy of it somewhere and disagree.

3. Run the Prod code. Agree to the lic. and wait for the prompt for
optional Internet components.  Find the temp dir for this install and make
a copy of it.

4. Run msie.exe from yorur new dir in step 4. This will make a new temp
dir. Find it and make a copy.

5. In the dir made in step 4 you will find a CAB file and a IE.inf file. 
These need to be copied to the dir made in step 2.  REN the ie.inf to
ohrome.inf and run the infinst.exe file. This should install the production
code on your beta II of NT

Good Luck. 



Steve Bonine <spb at ntrs.com> wrote in article
<1996Aug13.085057.6086 at news.ntrs.com>...
> The just-released version of Internet Explorer for NT informs you that it
> requires build 1381 or higher to run.  It imparts this bit of trivia
AFTER it
> has blown away the IE that you had installed.  Beta 2 is build 1314; 1381
must
> be the one that they have shipped to VARs.
> 
> Brilliant move.  Release a product to the general public which runs on an
OS
> that you have NOT released to the general public.
> 



Lou Zirko                                (502)383-2175
Zystems                                  lzirko at c2.org
"We're all bozos on this bus" - Nick Danger, Third Eye

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: latin1

iQEVAwUBMhS4fctPRTNbb5z9AQF55wf8DIt7XF/DxxEJrppB4wmbqp2dz4zv8An2
2pJVieQ7CpYESozJCZFuHZjIxg29okjqQhPCIM4Q/4OHkcuRmZ8jFI+FCnO+0NZr
2jp2CI3AAWJ6cZBifwMrNCTBxySo5ZVLGxUQwZKyfcDHDWvZpoMTWEJXoI+tVSc/
FC0yRdQbwqaIrO4K+4k98nycS4CdMSTPhAU6bmC4KWFwX5h54JVV7D033FkAUklV
Esknfo2zE7byq10UZqMqYCs6/5u8PlIPtqkhxo/slQFT8wr461RVO/OuJBJyiavi
B1q3wrgIkTF9dXS1zHpJO4JwqI0TLtgLpEGas8T9HRdBkI6ojKaXxA==
=tvhI
-----END PGP SIGNATURE-----




From alanh at infi.net  Fri Aug 16 16:40:59 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 17 Aug 1996 07:40:59 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
In-Reply-To: <ae392bc40c021004cb4a@[205.199.118.202]>
Message-ID: <Pine.SV4.3.91.960816165513.25274H-100000@larry.infi.net>


TIm, a layer of tin foil is not the same as a professionally installed 
and maintained Faraday cage.

I can envision circulating currents on the tinfoil. Ie, ground loop type 
of situation.

All imaging is depenmdant upon the target having some radiating 
characteristic. If the gun shields a gun-shaped peice of the body from 
radiating in millimeter waves, you can build a gun detector.

If you're sure that a firearm always looks like a gun, that is....





From dlv at bwalk.dm.com  Fri Aug 16 16:41:04 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Sat, 17 Aug 1996 07:41:04 +0800
Subject: [NOISE] Re: Stopped Clock. Was: Schlafly on Crypto
In-Reply-To: <199608160821.BAA02713@toad.com>
Message-ID: <sDNRsD1w165w@bwalk.dm.com>


Bill Stewart <stewarts at ix.netcom.com> writes:
> (If Clinton had said things like "Of course I tried to avoid the draft
> and smoked dope, I'm no fool" and had dropped the draft and the Drug War
> instead of supporting both after he was President, I might have

There been no draft for about 20 years.  What have _you been smoking?

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From jamesd at echeque.com  Fri Aug 16 16:41:09 1996
From: jamesd at echeque.com (James A. Donald)
Date: Sat, 17 Aug 1996 07:41:09 +0800
Subject: National Socio-Economic Security Need for Encryption     Technology
Message-ID: <199608162021.NAA18831@dns1.noc.best.net>


At 10:49 PM 8/14/96 +0600, Arun Mehta wrote:
> I was trying to explain how incomes and prices happened to be
> lower in India, 

That was not an explanation, that was mystic word salad.  

It would be an explanation if wealth mysteriously rained
from the sky, rather than was produced by men.

James A Donald wrote:
> > The fact is a company like Informix has a campus in India, and
> > it has campuses in the US that are largely staffed by Indian teams,
> > and it will pay big bucks to get its people out of India, even
> > though it has to pay them more than ten times as much in the US.

Arun Mehta wrote:
> I imagine (not knowing why Informix does what it does) that the
> reason might have something to do with:
>
> 1) Bringing the programmer closer to the customer, to understand
> the problem better, or to commission the software, debug it under
> working conditions, whatever

In fact what gets sent to the Indian campus is largely legacy
work, which is in large part precisely the work that requires 
the closest contact with the customer, contact with actual 
working conditions, and the like.

This seems to be a general practice, not just an Informix practice, for
in an article on "India's silicon valley" I read that the work done in
India was largely done on existing legacy apps, often in obsolete
languages and operating systems.

This is of course the work that places the least amount of the
companies intellectual assets in India, and thus the work that
gives the Indian government the least power over Informix and its
activities.  Informix could abandon the Indian campus and all
the intellectual assets on which it was working, and all the
physical assets located there, at any moment and not suffer any 
serious loss or inconvenience.

It is overwhelmingly clear that the question is simply who has the 
power?  Those who wish to hire peoples services in order to produce
wealth, or those who can command peoples services because they have
guns?

That is what makes most people in some places poor and most people 
in some places affluent.

> Could you please be more precise? In what way does the "power of
> the Indian government" intrude? You use the term "proven" rather
> loosely... there could be other explanations for the company
> wanting to move its employees around.

Presumably the same kind of reasons as caused foreign companies
to flee India the first time around.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From bart.croughs at tip.nl  Fri Aug 16 16:47:36 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Sat, 17 Aug 1996 07:47:36 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB8BAF.679B76C0@groningen08.pop.tip.nl>


I have thought a bit more about the question I asked a couple of days ago: how can you proof that investment of American capital abroad wouldn't lower the standard of living in the US? So far, I didn't receive a convincing answer to this question. Maybe I'm wrong, but I think I may have a proof. It's a so-called 'reductio ad absurdum'. It goes like this:

"If it would be bad for the standard of living of American citizens when American capital is invested in foreign countries, then it would also be bad for the standard of living of citizens of any American state when capital in this state would be invested in another state. After all, when the negative effect of investing American capital abroad on the standard of living of American citizens outweighs the positive effect, there seems to be no good reason why this would be any different on the level of states within the US. Why would it be bad for American citizens when American capital leaves the country, and at the same time be good for citizens in Arkansas when capital leaves Arkansas?
But if this reasoning is correct, then it would also be bad for the standard of living of citizens of any American city when the capital in this city would be invested in another city. Etcetera. 
This conclusion is clearly absurd, so the original statement that it would be bad for the standard of living of American citizens when American capital is invested in a foreign country, must also be wrong. 


Bart Croughs





From alanh at infi.net  Fri Aug 16 16:48:28 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 17 Aug 1996 07:48:28 +0800
Subject: implausible defenses & tax havens
In-Reply-To: <2.2.32.19960816060630.006dc138@mail.io.com>
Message-ID: <Pine.SV4.3.91.960816170634.25274I-100000@larry.infi.net>


<< Greg Broiles text elided >>

This is called the "smell test" by old tax hands.....





From bart.croughs at tip.nl  Fri Aug 16 16:51:18 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Sat, 17 Aug 1996 07:51:18 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB8BAF.6ED65AE0@groningen08.pop.tip.nl>


Sandy Sandfort wrote:

>On Tue, 13 Aug 1996, Bart Croughs wrote:

>> You claim that I must show that foreign capital investment
>> will not flow back to US workers. But in my original post, I
>>said:
> 
>> "Of course there are advantages also for the US (shareholders
>> will get higher returns, trade will increase), but how can you
>> proof that these advantages will offset the disadvantage of the
>> lowered amount of capital in the US? "
> 
>> You haven't answered this question yet. I don't claim that the
>> U.S. is worse off when US capital moves abroad. I only ask: how
>> can you proof that the US isn't worse off when US capital moves
>> abroad?

>The movement of capital from the US was an *assumption* in Bart's
>argument.  He has done nothing to show that it would in fact
>happen.  When he proves that, they it would be reasonable to
>expect me to offer proof that foreign capital will flow to the US.

So you are saying that no American capital is invested overseas? That would be a remarkable claim. But maybe you mean that I assume that there is a *net* movement of capital from the US to other countries. That is, you think that I assume that more US capital is invested in foreign countries, than there is capital invested from foreign countries in the US. But I don't assume this. I just assume that *some* American capital is invested overseas. That's enough for my question to be relevant. And even if there is absolutely no American capital invested abroad, there is still the question for other countries: if investors in country A decide to invest their capital abroad, how can you proof that this wouldn't have a negative impact on the standard of living of the workers in country A? 

>While I'm sure per capita capital investment is a *factor* in 
>determining how high wages are, it certainly is not the only
>factor.  It appears that Bart has fixated on this one to the
>exclusion of other (probably more important) factors.

For my argument to work, it really doesn't matter *how* important the amount of capital invested is in determining wages. My argument works the moment that you agree that, other things being equal, the higher the amount of capital invested in a country, the higher the wages will be in that country.

Bart Croughs








From alanh at infi.net  Fri Aug 16 16:52:00 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 17 Aug 1996 07:52:00 +0800
Subject: Burden of proof
In-Reply-To: <960815192512_457514748@emout07.mail.aol.com>
Message-ID: <Pine.SV4.3.91.960816164532.25274G-100000@larry.infi.net>


> > This relates to something I have been wondering about:  If one could
> >  get one's company to pay one in electronic cash, what is to stop one
> >  from piling the coins in a Datahaven somewhere (assuming one existed



   The income "tax" is not a tax.... it is an excise. There is a crucial 
difference. Taxes are assessed against *things*, excises are assessed 
against events.

If you don't pay a property tax, the assessor forcloses agains the thing. 
If the thing changes hands during the tax year, the tax due is pro-rated 
against both parties interest in the item.

An excise is assessed against an event. For example, the constructive 
recipt of income. As in, when the employer disburses it to your 
constructive (*legal definition*) control.

That's why you cannot say to the IRS, "Sorry, I already spent it all. You 
can't assesse me, I don't have it".





From alanh at infi.net  Fri Aug 16 16:54:05 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 17 Aug 1996 07:54:05 +0800
Subject: Burden of proof
In-Reply-To: <96Aug15.132311edt.20486@janus.algorithmics.com>
Message-ID: <Pine.SV4.3.91.960816163232.25274F-100000@larry.infi.net>


>     >> In the USA, we have a system that ensures that the burden of proof is on
>     >> the accuser.
> 
>     > Which explains why in the  U.S. the tax authorities take the money first
>     > and then require the citizen to be the "accuser" in Tax Court, pleading to
>     > get his seized assets back.

   Tim, bad as the Congress is, it did _not_ give the arbitrary powers 
you describe to the IRS. It's clear that you have not studied the 
Tax Code paragraph-by-paragraph, nor are you keeping up with Tax Court and 
District Court rulings. I have (in selected sections) and I do.

The IRS does NOT have the power to "just seize"  things. There is an
Administrative sequence that they are required to follow, involving
notices to the taxpayer, opportunities to gain abatements, etc.  The
courts are unanimous on holding the IRS to these strict requirements. 

The IRS is without a doubt, the most abuse-o-genic TLA we are cursed 
with. It is not unstoppable. I have won against them a few times, acting 
_pro se_.

The IRS is very dependant upon its *image* of being not-worth-fighting. 
They cultivate this, very carefully. It is purely an image.





From dlv at bwalk.dm.com  Fri Aug 16 16:57:41 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Sat, 17 Aug 1996 07:57:41 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
In-Reply-To: <Pine.SV4.3.91.960815205619.3926A-100000@larry.infi.net>
Message-ID: <i2NRsD2w165w@bwalk.dm.com>


Alan Horowitz <alanh at infi.net> writes:
> Bill, you are welcome to look at a layer of tin foil and give a sigh of 
> relief that you've shielded your gun or your crypto diskette or your 
> private body parts feom someone who knows what they're doing.  Go ahead, 
> chant a mantra too, if it makes you feel better.


If you wrap the aluminium foil around your cranium and the lead foil
around your balls, make sure that the 2 metals don't touch when you
stick your head up your ass.  The resulting spark may cause the
intestinal gas to explode.

Oh dear!! Did I just post a bomb recipe???

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From vince at offshore.com.ai  Fri Aug 16 17:01:44 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Sat, 17 Aug 1996 08:01:44 +0800
Subject: ISPs in cyberspace - how?
In-Reply-To: <Pine.SUN.3.94.960816111931.24799B-100000@polaris>
Message-ID: <Pine.LNX.3.91.960816170922.18711A-100000@offshore>



Black Unicorn:
> The trick is to get the ISP to exist in cyberspace, or ever will it be
> subject to the whim of the local authority.
> 
> This is a key and very important distinction.

I agree.   I think this would be a good focus for cypherpunks to think
about for awhile.  So let me try to start something.

A first step is just having a domain name (foo.com) that you can move to
different virtual hosts.  This is still vulnerable at either the Internic
or at your nameservers.  Could also be a subdomain of some provider (say
foo.c2.org), but then c2.org gets the pressure. So far I don't know of
reporters going after the Internic for allowing a name (like foo.com).  So
this could be safe for awhile.  But it is not totally secure. 

A better method would be to make our own cypherpunk top level domain (I
think Sameer talked about this some time back).  With this people would
either have to setup their nameserver to use one of the cypherpunk
nameservers or get the IP address from some other method (a web page,
ftpable file, newsgroup, searching AltaVista, or a web page with a cgi
script to do the lookup on a machine).  But with this there would be no
easy way to cut off a name, and the ISP could always relocate if their
physical location were cut off (i.e. the IP address had to change). 

Then it is just an issue of coordinating this top level domain.  Say a
public key for each new subdomain and updates are done by sending a pgp
signed message to each of the servers.  With this type of design you could
have hundreds or thousands of servers that each were updated
independently.  To shut it down would take shutting down a lot of
nameservers. 

What do people think?  

   --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/





From bart.croughs at tip.nl  Fri Aug 16 17:03:09 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Sat, 17 Aug 1996 08:03:09 +0800
Subject: Imprisoned Capital
Message-ID: <01BB8BC5.8380DFE0@groningen08.pop.tip.nl>



Duncan Frissell wrote:

>There is no straightforward link between amount of capital invested and
>productivity or wages.  If there were, some steel plants in the Soviet Union
>would have had the best paid and most productive workers on earth.

It's not a coincidence that you mention the Soviet Union. As I said in a previous post, Austrian economists like Murray Rothbard, Hans Hermann Hoppe, etc. don't consider government expenditures to be *investments* of capital; they consider all government expenditures to be *consumption*. 

>Additionally, countries which prevent capital outflows don't receive capital
>inflows and thus become poorer.

>DCF

This is a good point when you talk about governments that will prevent *all* capital from flowing out. But a government could prevent the outflow of capital of it's own citizens, and still allow capital of foreigners to leave the country. As long as foreign capital isn't imprisoned, foreign capital could be attracted.

Bart Croughs








From bart.croughs at tip.nl  Fri Aug 16 17:04:46 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Sat, 17 Aug 1996 08:04:46 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB8BC5.691DCF00@groningen08.pop.tip.nl>


Sandy Sandfort wrote:

>On a personal note:  Bart the people on this list are highly
intelligent <snip>  Don't waste your reputation capital being a
jerk.


 S a n d y<

I agree that there are intelligent people on this list, but those who constantly have to take refuge in name-calling are obviously not among them. So I have an even better idea to protect my reputation capital: I won't answer your posts any longer. People could start thinking I have nothing better to do with my time.


Bart Croughs













From sparks at bah.com  Fri Aug 16 17:23:59 1996
From: sparks at bah.com (Charley Sparks)
Date: Sat, 17 Aug 1996 08:23:59 +0800
Subject: Lunch with Bill, anyone?
Message-ID: <199608162121.RAA11475@booz.bah.com>


I would rather bee with Bella Abzug ( probably spelled wrong )

At 05:31 AM 8/16/96 -0700,John C. Randolph wrote:

>Meeting Bill Gates would be every bit as exciting as meeting Tony 
>Orlando.  Or maybe Wayne Newton.

I don't mind the sarcasm regarding Gates, but watch what you say about
 Wayne
Newton!








From szabo at netcom.com  Fri Aug 16 17:24:44 1996
From: szabo at netcom.com (szabo at netcom.com)
Date: Sat, 17 Aug 1996 08:24:44 +0800
Subject: Credit enforcement
In-Reply-To: <199608152033.QAA03582@prob>
Message-ID: <199608162123.OAA16545@netcom.netcom.com>



Steve Omohundro writes on alt-inst:
> I'm intrigued by the notion that in a digital economy
> contracts might be enforced by design rather than by the good faith of
> the participants. 

I have been intrigued by this possibility as well.  See my essay at
"http://www.best.com/~szabo/smart.contracts.html".   Steve has
put his finger on one of the basic outstanding problems
in this area, namely the enforcement of credit.  Currently
there are several partially effective processes:

* Reputation (especially credit reports): often effective, but
only to a point, as it is often hard for the debtor to accurately judge 
the future reputational effects of an action (eg failure to pay a bill,
taking out too large a loan, etc.) that has clear, local,
beneficial effects today.   This is more imbalance in knowledge
between current and distant consequences among individual 
consumers, but even among large organizations with high credit
ratings it is not an irrelevant factor.

* Secured transactions: liens, etc.

* Garnishment of future income

* Law enforcement, especially to enforce transfer of control over 
liened assets, garnishment, etc.

These processes have a fundamental property in common --
they violate the privity of credit transactions -- they bring
in third parties to track reputations or enforce repayment.
Credit transactions seem to entail a fundamental imbalance in 
incentives that can only be redressed by bringing in third parties.

Secured credit need not violate privity if the physical control
over the securing property can be shared.  So that, for
example, automobile credit can be secured as long as reposession is
possible.  The trick is to make repossession by the creditor
easy but theft by third parties difficult.  I have proposed 
"smart liens" along these lines, electronic security measures
strong against third parties but with a "back door" for
creditors.  This well-specified, shared control over "smart property"
more accurately reflects the agreement involving that property, so that 
there is less need for third parties.  To even more accurately 
reflect the contract, we need a mechanism to eliminate the creditor 
control once the auto loan has been payed off.

Alas, there is less incentive to provide these kinds
of contractual process improvements in a market where
government subsidizes the enforcement of contracts.

Similar mechanisms might be possible for other kinds of
security (houses, escrow accounts, etc.), but many valuable
kinds of credit are unsecured, and we run into privity problems when 
it comes to garnishment of future income.  Here, we are invoking third 
parties, namely the debtor's future contract counterparties.
Any mechanism seemingly needs to involve them, but both principals
have an incentive to enter a private, ungarnished 
contract in preference to one involving the creditor.
(ie, the amount of garnishment is a surplus to be divided
between principals who can route around it).

A way to a solution, if it were feasible, would be to give the creditor 
shared control over the entire scope of of the debtor's income
capabilities - or, a bit closer to practicality, over the entire scope of 
his digital income capabilities.  A secondary solution is some combination
of wide scope and limited compromise of privity.  After all, money itself 
is a compromise of privity, since the contract parties rely on third 
parties to clear and maintain the value of the currency.  Money's compromise 
of privity is well-defined, however, not an open-ended release of information
and physical control, even over one's own person, as often occurs with 
credit reports and law enforcement respectively.  Our challenge is to find
privity compromises with such well-defined limits to enforce
credit transactions.  

One possibility here is a "garnishable currency".  All banks 
have an interest in enforcing credit, so they can
make deals with each other to enforce credit via the garnishment
of debtor bank account deposits at any participating bank.  However, 
substantial amounts of garnishment (and if it provides a lower cost way of 
enforcing credit the amounts will be substantial) gives rise to an incentive 
for banks to fail to participate.  Here the need to commonly clear a currency 
between banks can be used as a barrier to entry for such defectors.
The currency is simply declared garnishable, and any banks who
wish to deal in the currency must participate in the garnishing
process.  This currency wins against competitor currencies
in a free-banking market because it provides a better means
to enforce credit, allowing greater credit expansion at lower
isk.

On the other hand, traditional coin and currency transfers, and 
some kinds of digital cash transfers, need not 
involve deposits to bank accounts linked (usually by True
Name, but a "debtor nym" could also work) to one's unsecured debts,
and given that there is a market for these kinds of transfers 
for other reasons, its existence allows banks to defeat auditing of 
garnishment by other banks participating in that currency.   Abuses 
of financial auditing for the purposes of extortion, inside information, etc.
will likely maintain a major market for the non-deposit 
payment methods.

Steve proposes "interval money" that would expire.   A similar idea
has been proposed by Tim May, a "time release" form of money that 
becomes good only after a certain date.  These can
probably be implemented by a digital mint expiring or activating
special issues of digital cash, or by a third party issuing
escrowed keys at specific times (since these keys are encrypted
against the escrow agent, and that agent doesn't know what they
will be used for, the escrow agent has no incentive to cheat).
A technical issue here is whether the digital signature space is large 
enough to encompass one unique signature per unique credit transaction
deadline into the indefinite future.  While these protocols are
intriguing, and potential building blocks for a solution,
the institutions using them proposed so far seem to still rely on
a solution to the deposit garnishment problem as discussed above, that 
is the problem of sufficiently disincentivizing the debtor from using 
non-garnishable alternatives while maintaining the privity of
payments to those who are not unsecured debtors (the ability for 
these people to use non-deposit payment methods).

Nick Szabo
szabo at netcom.com
http://www.best.com/~szabo/





From alanh at infi.net  Fri Aug 16 18:18:42 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sat, 17 Aug 1996 09:18:42 +0800
Subject: implausible defenses & tax havens
In-Reply-To: <199608160913.EAA18988@manifold.algebra.com>
Message-ID: <Pine.SV4.3.91.960816171200.25274J-100000@larry.infi.net>


> Suppose that a computer consultant Mr. X knows cryptography so well 
> that his clients are willing to pay him $100/hr. Mr. X could conspire
> with his client that he receives only $40/hr in taxable income, and the
> rest he gets in form of digital cash.
> 
> If X lives sufficiently modestly, the IRS will be having hard times

    The paying company has a tax return of it's own, which will be used 
to show how much was paid (actually or constructively) to Mr X.

The IRS doesn't usually get it's indictments from circumstantial 
evidence. It gets them from the pissed off underlings who see Joe Cool 
Mr X getting away with shit they can't.

How many secretaries, payroll clerks, human-relations staffers, etc, will 
be seeing the chain of paperwork that is generated by the "arrangement"?  
They know how normal payroll is handled. Some tiny percentage of these 
sheep are alert enough to put two and two together.... and it's all 
downhill from there.

Let us recall how the (apparent) (alleged) UNabomber was identified....





From wb8foz at nrk.com  Fri Aug 16 19:07:24 1996
From: wb8foz at nrk.com (David Lesher)
Date: Sat, 17 Aug 1996 10:07:24 +0800
Subject: LEO, was Floating....
Message-ID: <199608162206.SAA04256@nrk.com>



The biggest obstacle to LEO/ 'anywhere phones' is in fact the
local PTT's. Not only do they fear loss of control [how do you
'cut the wires' as you raid a rebel village?] but as important,
they fear loss of monopoly income on IDDD.




-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From rah at shipwright.com  Fri Aug 16 19:14:56 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Sat, 17 Aug 1996 10:14:56 +0800
Subject: Announcement: Mac-Crypto Conference Sept 5-6, 1996
Message-ID: <v03007802ae3aa98d0147@[206.119.69.46]>


        The Membership of the Mac-Crypto List invites you to

                               The
                           First-Ever-
                           Last-Minute-
                         Under-the-Radar-
                Ask-Forgiveness-but-Not-Permission

                           Macintosh
                Cryptography and Internet Commerce
                 Software Development Workshop


                      September 5 & 6, 1996
              Apple R&D Campus, Cupertino, CA, USA

            This is a free workshop, but we'd *really*
               like it if you register (see below).



SOME INVITED SPEAKERS


Martin Minow
Tim Dierks
Marshall Clow
Kay Guyer
Will Price
John Callas
Quinn
Sari Harrison
Vinnie Moscaritolo
Bob Hettinga
Lucky Green
Kee Nethery
...and the inevitable mystery speakers...

(If you find your name on this list, and we haven't gotten ahold of you, you're
 invited to speak ;-).)

(Also, if you're not on this list and you should be,
 you're invited to speak too!)


WORKSHOP TOPICS:

Introductions and overviews:

   Introduction to crypto technology, what is it who are the players.

   Introduction to electronic commerce and finacial cryptography

   How to use electronic commerce technology today

   Opportunities for the Mac

Tech stuff:

   How to write internet software on the Mac

   Random number / password generation on the Mac (the key to strong crypto)

   Password management and the Mac

   Intenet Config - the next generation,  working group

   Secure networking

Open Sessions:

   We scheduled lots of time for developer demos and open discussions.

     ...and plenty of time for developers to network with Apple.

We have also left time open for last-minute speakers.  If you would like to
present a paper or give a talk, please contact Vinnie Moscaritolo at
<mailto:vinnie at apple.com>.


For more details and registration:

<http://webstuff.apple.com/~opentpt/crypto.html>

The workshop is free. Please register now, though.


Local Hotels:

Cupertino Inn, 800-222-4828
        Pretty much Across the Street.

Cupertino Courtyard by Marriot, 800-321-2211
        5 Minute Drive

Inn at Saratoga
        408-867-5020
        About 3 Miles



See you in Cupertino on September 5th and 6th!

Vinnie Moscaritolo
Apple Developer Tech Support
http://www.vmeng.com/vinnie/
Fingerprint: 4FA3298150E404F2782501876EA2146A




-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From al177820 at campus.gda.itesm.mx  Fri Aug 16 19:38:07 1996
From: al177820 at campus.gda.itesm.mx (Carlos L. Mariscal)
Date: Sat, 17 Aug 1996 10:38:07 +0800
Subject: Unix passwd-cracker online?
Message-ID: <Pine.A32.3.91.960816161112.53362A-100000@campus.gda.itesm.mx>



	Dear C'punks: (this is not Sandy, jeje)

	Just got to know from a very close friend of mine, and Unix 
administrator at  very famous university in Mexico, that more than one 
person has obtained a specific password by entering the desired 
adresses'passord on a submnit form in a Web page.

	As far as my knowledges on Unix and experience obtained from a 
couple of hackers (the 'ethic' kind, if they can be called so), this 
would imply pretty much of a piece of technical work, and probably, the 
presence of human support to get such a system working.


	Actually, i dont have the adress, and it sems to me that we'll 
never have it if there really is such, but this came to my mind when i read 
the posts  on the plate-numbers-in-Oregon polemica. I would appreciate 
any kind of opinions on this specific topic, not the ones saying> Well, 
if there's  ftp acces to /etc/passwd, and this is not shadowed, bla, bla, 
bla. I mean real opinions...

    __       
    ||     
   ====         'If you can dream of it
   |  |__       then you can manage it'
   |  |-.\     
   |__|  \\         clopez at nayar.uan.mx
    ||   ||         
  ======__|     
 ________||__   
/____________\   Carlos L. Mariscal






From rich at c2.org  Fri Aug 16 19:39:19 1996
From: rich at c2.org (Rich Graves)
Date: Sat, 17 Aug 1996 10:39:19 +0800
Subject: The Transparency Of Cyber-Nitrate
In-Reply-To: <9608161725.AA07803@anon.penet.fi>
Message-ID: <Pine.GUL.3.95.960816162513.16837E-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

[From: Rich Graves <rich at c2.org>]
[To: The honourable Vyshinsky <an572010 at anon.penet.fi>]
[Cc: cypherpunks at toad.com]

On Fri, 16 Aug 1996, Skipper's Hammer <qut at netcom.com> wrote:

> Liar.  Either post your entire copy to alt.revisionism or prove yourself 
> a lying capitali$t bastard who's jealous about Zuendel because you are a 
> J$wish preppie homo$exual righti$(t) ri(c)h pig.

OK. I'm a lying capitali$t bastard who's jealous about Zuendel because I am
a J$wish preppie homo$exual righti$(t) ri(c)h pig. You can quote me on that.

Stop pretending to be Detweiler. You're nowhere near as interesting. Welcome
to my cypherpunks killfile.

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMhUFJJNcNyVVy0jxAQE5NAH/ZRks2CBTqWpPrJiHnBDa12QSE0qXDn8T
HqrFdgzUPg+9TfkI6e5FlQOPTQrYZKv6OQVdL4LpmfvE9+9P8VzDTQ==
=fDi1
-----END PGP SIGNATURE-----






From Scottauge at aol.com  Fri Aug 16 19:44:37 1996
From: Scottauge at aol.com (Scottauge at aol.com)
Date: Sat, 17 Aug 1996 10:44:37 +0800
Subject: $10K offer if you can break the code
Message-ID: <960816191509_387010260@emout12.mail.aol.com>


MMMmmmm.... Money!

>  Big Brother is reading your e-mail.  The POUCH will protect you.
>   Win $10,000 in our break the code contest.  No purchase necessary.
>   Free software.  See web page http://www.flagler.com/security.html
>   






From eb at comsec.com  Fri Aug 16 19:59:45 1996
From: eb at comsec.com (Eric Blossom)
Date: Sat, 17 Aug 1996 10:59:45 +0800
Subject: Triple DES Encryption Now Available For Telephone Privacy Protection
Message-ID: <199608162204.PAA19709@comsec.com>


Communication Security Corporation 

For More Information: Eric Blossom (707) 577-0409
Press Contact:  Terri Thatcher (408) 265-7703


 

Triple DES Encryption Now Available For Telephone Privacy Protection 


Santa Rosa, Calif., August 16, 1996, -- The Communication Security
Corporation today announced availability of the CS8191. The first
telephone security device built using uncompromised cryptography,
based on 168--bit key triple DES.
  
Triple DES encryption technology provides an uncompromised level of
security (72 quadrillion times stronger against a brute force attack)
than products based on the US Data Encryption Standard (single DES).
In addition, unlike the government's "Clipper" proposal, the CS8191
does not reveal or "escrow" the encryption keys with third parties.
 
The CS8191 has been designed to work with conventional analog
telephone systems (POTS).  The unit connects between your telephone
and the wall. In 'clear' mode, your telephone continues to work as it
normally does. Pressing the 'go secure' button encrypts
conversations. Communication Security has also incorporated a
leading-edge speech coder.  Voice clarity is undisturbed whether the
system is in 'secure' or 'clear' mode. 

With many of today's standard technologies, anyone can gain access to
our most private of conversations.  The Communication Security
Corporation dedicates their resources to addressing the increasing
need for private, secure voice communication devices. The introduction
of the CS8191 paves the way for research and development for
additional communication security devices for cell phones, modems, fax
machines and computers. For more information on the CS8191, please
contact the Communication Security Corporation, 1275 Fourth St. Suite
194, Santa Rosa, CA 95404, Tel: (707) 577-0409 Fax: (707) 577-0413,
info at comsec.com.



###





From mpd at netcom.com  Fri Aug 16 20:23:41 1996
From: mpd at netcom.com (Mike Duvos)
Date: Sat, 17 Aug 1996 11:23:41 +0800
Subject: $10K offer if you can break the code
In-Reply-To: <960816191509_387010260@emout12.mail.aol.com>
Message-ID: <199608170104.SAA14968@netcom13.netcom.com>


> MMMmmmm.... Money!

Don't cash the check yet.  It's security by obscurity using the
highest quality "unpublished algorithms" and up to a 48 byte
key phrase.  

He's only willing to send out the free version by return snail 
mail - no Net access.  Any crack you submit must also decrypt
other messages they will feed it, must be completely documented,
and any prize awards are at their sole descretion. 

He's also selling the high performance "9600 Baud" version for
$100.  

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $






From EALLENSMITH at ocelot.Rutgers.EDU  Fri Aug 16 20:27:11 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Sat, 17 Aug 1996 11:27:11 +0800
Subject: c|net reports UK partial usenet ban
Message-ID: <01I8CU97BQUK9JD8SE@mbcl.rutgers.edu>


	A more precise URL is
http://www.cnet.com/Content/News/Files/0,16,2181,00.html. There's a link to a
copy of the original letter. It looks like the UK police are coming down with
delusions of grandeur; they want to eliminate the newsgroups in question from
the Internet/Usenet period, not just block them from the UK. People may want to
look out for cancel messages for these groups coming from the UK, for instance,
and ignore the lot of them.
	-Allen

From:	IN%"m5 at vail.tivoli.com"  "Mike McNally" 16-AUG-1996 20:07:15.62
To:	IN%"cypherpunks at toad.com"
CC:	
Subj:	c|net reports UK partial usenet ban

UK Metropolitan Police Service bans smutty newsgroups.  See it all
at <http://www.cnet.com>.

______c_________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX * For the time being,
       m5 at tivoli.com * m101 at io.com       *    
      <URL:http://www.io.com/~m101>      * three heads and eight arms.





From jimbell at pacifier.com  Fri Aug 16 20:48:14 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 17 Aug 1996 11:48:14 +0800
Subject: FCC_ups
Message-ID: <199608170022.RAA29008@mail.pacifier.com>


At 02:31 AM 8/17/96 +0000, Vipul Ved Prakash wrote:
>>    8-10-96. WaPo: 
>>    "Phone Service Via the Internet May Slash Rates." 

[deleted]

>This kind of report is often confusing and more often misleading.
>Most of the internet still runs on "the infrastructure provided by 
>the giants of the telecommunications industry, who according to the report 
>would cease to exist after some time". 
>
>Bigbells and Babybells provide cheap [flat rate local calls] and 
>expensive long-distance calls. They make most of their money on the
>later. This money goes into development and maintainance of their
>infrastructure. Once they loose these profits 1. They won't be able
>to provide cheap local-calls and/or 2. They would go bankrupt and shut the
>entire network which is used by many to connect to the internet.
>
>This is complex problem and the only solution I see to it is a
>different pricing policy. [Prolly a differential pricing system might fit
>the scenario but I don't have much idea about that] 
>
>First flat rates would have to go out.
>If Alice uses her phone for 5 hrs in month and pay _x_ dollars and Bob uses
>his for 100 hrs and pays _x_ dollars, then Alice is subsidising Bob, which
>is not really ethical. Everyone should pay for the amount of bandwith 
>one is using.  

I'm afraid you're promoting what I consider a rather old (and, now, odd) way 
to look at it.  Unlike old mechanical telephone switches, the new hardware 
does not "wear out" and thus a person who uses it more doesn't cost the 
phoneco any more bucks.  If that's the case, I don't see the logic in 
charging a person more for greater use.  

The only remaining argument for charging for use is that if everybody were 
to start using the telephone 3 hours per day, it is possible the switches 
would have to be upgraded to allow more simultaneous connects.  However, 
this is unlikely to happen, and as I understand it electronic switches have 
plenty of capacity for current needs and substantially more.

There's a good reason that Internet-connect traffic won't substantially 
impact telephone network limits:  My impression from my local ISP is that 
peak times for him are between 9pm and 11 pm.  This is a time which 
relatively small numbers of voice calls are made, certainly compared with 
the peak times during the day for business calling.  Because telephone 
networks are designed to meet peak usage needs, there is plenty of unused 
capacity at other times.  This is connect capacity that would otherwise be 
"wasted."

In other words, telephone switch capacity is starting to be more efficiently 
used, looked at on a 24-hour basis.  This costs the phoneco not a penny 
more, so they have no reason to charge more for it.


Jim Bell
jimbell at pacifier.com





From stewarts at ix.netcom.com  Fri Aug 16 20:54:05 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 17 Aug 1996 11:54:05 +0800
Subject: Protecting floating datahavens?
Message-ID: <199608170000.RAA08637@toad.com>


At 03:36 AM 8/16/96 -0700, William Knowles <erehwon at c2.org> wrote:
>Now this is a completely doable concept, and likely more realistic
>than the Oceania project, 

Oceania was perfectly doable, if you're cynical about its objectives :-)
It did great T-Shirts, got people to pay for newsletters, and even
got enough donations to get an architect to build a cool model
while keeping its head promoters in the Floating-Country-Promotion business.

One of the things that inspired people to believe in them is that there's
a floating hotel that used to hang out in the South Pacific, though it
may be in the Caribbean by now, which cost something like $20M for
a 200-room hotel.  The Oceania folks designed a billion-dollar
exravaganza that would be far more affordable per resident,
but it's a much bigger, and unrealistic, risk.   

The basic risks with such things are:
1) Getting governments to agree to leave you alone.  If you're doing a
        high-visibility call-yourself-a-country approach,
        and your country doesn't include Real Above-Sea-Level Dirt,
        you're really gambling on whether the UN and big countries
        will recognize you.  If you're just calling yourself a
        big houseboat, and don't upset the US Drug-Confiscation Pirates
        too much, you don't need to care as much about this one.
2) Getting governments and other pirates to actually leave you alone.
        The Republic of Minerva, back in the 70s, had real dirt
        (or at least coral reefs, and met the UN 1-foot-above-high-tide
        standards) near Fiji, but the Kingdom of Tonga invaded them
        after about six months.  Calling yourself a country
        is one way to attract adverse attention, but also has
        some protection.  Allowing people to use politically
        incorrect substances is another, and if you're allowing
        politically incorrect data, you're inviting governments
        to plant child-terrorist narco-pornography to justify
        "police actions" against you.
3) Making it work financially, for the proprietors and tenants/co-owners.
        Free-market enthusiasts generally assume this is doable,
        if the upfront/interest costs of the place aren't really prohibitive.
4) Convincing investors that you're safe enough on 1) and 2)
        that they're willing to risk the money to build/buy a
        country and hope it stays independent long enough to make a profit.
        With Oceania, it would have made much more sense to raise $25M,
        which is doable, to buy the floating hotel and declare independence.
        (Either one really rich guy, or a hundred yuppies of the 
        type that buy quarter-million-dollar condos in Maui will do.)
        Raising a billion dollars against that risk isn't.
        Raising a million for an oil rig, if they're that cheap,
        is also doable, though the politics for something
        anchored are different from a ship.
        
There's also a Laissez-Faire City project, which proposes to lease a
10-mile-square chunk of land to rent from any cooperative third-world
government for 50 years or so with a deal of local autonomy.
It's much less threatening to the Old World Order than calling yourself
a country, and you've got a government which is making money by
leaving you alone that at least discourages the most likely invaders
(itself, and the US) without having to provide much national defense.
Who knows, maybe they'll actually do something, and rent a chunk of
Costa Rica or Somaliland or whatever.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From tcmay at got.net  Fri Aug 16 20:59:16 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 17 Aug 1996 11:59:16 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
Message-ID: <ae3a68680e0210043016@[205.199.118.202]>


At 8:58 PM 8/16/96, Alan Horowitz wrote:
>TIm, a layer of tin foil is not the same as a professionally installed
>and maintained Faraday cage.
>
>I can envision circulating currents on the tinfoil. Ie, ground loop type
>of situation.
>
>All imaging is depenmdant upon the target having some radiating
>characteristic. If the gun shields a gun-shaped peice of the body from
>radiating in millimeter waves, you can build a gun detector.

There's no other way to say this: you simply don't know what you're talking
about. Your protestations to the contrary, reconstruction of an image from
point sources of leakage is essentially impossible ("the phase problem").

Analyze the solutions for sources behind screens. (A simple model is to
analyze the radiation patterns one one side of conducting plate, with
various sources on the other side.)

For an intuitively visualizable model, consider a pattern of some sort
(like a gun) behind a screen, with light leaking around the edges. (The
less light leaks, the more the example is similar to the case of deliberate
shielding of RF sources, but even the simple example here makes the point.)

This is what crystallographers and DNA analysts call "the phase problem."
Spatial frequency (pattern) information is indeterminate.

If you still believe what you say, that a gun can be imaged even when
behind a conducting screen, based solely on leakage around the edges (or
similar small leaks), I challenge you to produce a paper which demonstrates
this, or, even better, an actual demonstration.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Fri Aug 16 21:48:47 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 17 Aug 1996 12:48:47 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <ae3a726c0f0210048a6d@[205.199.118.202]>


At 8:12 PM 8/16/96, Bart  Croughs wrote:
>I have thought a bit more about the question I asked a couple of days ago:
>how can you proof that investment of American capital abroad wouldn't
>lower the standard of living in the US? So far, I didn't receive a
>convincing answer to this question. Maybe I'm wrong, but I think I may
>have a proof. It's a so-called 'reductio ad absurdum'. It goes like this:
...["proof" elided]...

(By the way, Bart, the verb form is "prove," the noun form is "proof")

Others have shown how meaningless your repeated calls for a proof are, as
so many assumptions must be carefully spelled out.

To give an example of how hard the situation is to analyze, consider the
computer and chip industries. (If you argue that your "theorem" is for
nations in the aggregate, and not any particular companies or even
industries, then I will maintain that my example holds pretty much true for
automobiles, pharmaceuticals, chemicals, and so on._

The computer and chip industries move certain investments abroad, to
Malaysia, the Phillipines, Indonesia, Mexico, and so forth. But by moving
these investments abroad, they believe their net market size,
profitability, shareholder value, etc., will be enhanced. Else they
wouldn't do it.

Multiply this by all the industries....

Now, would "the economy" be "better off" if Intel, say, had not moved
assembly operations to Malaysia in the 1970s? Perhaps Intel would now be
bankrupt and gone, as so many of its rivals of the time are now gone and
barely remembered.

You see the problem? Who can say what "better off" is, given that we can't
run history down alternate paths as an experiment.

Your one-track mind is truly astounding. We've had kooks and oddballs on
the list before, but never one who has written a dozen or more posts asking
the same ill-phrased question over and over again.

Give it up. Move on to something else. Or at least take your problem to
another list.

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From hallam at ai.mit.edu  Fri Aug 16 22:40:14 1996
From: hallam at ai.mit.edu (Hallam-Baker)
Date: Sat, 17 Aug 1996 13:40:14 +0800
Subject: Lunch with Bill, anyone?
In-Reply-To: <4v23s1$574@life.ai.mit.edu>
Message-ID: <32153700.41C6@ai.mit.edu>


John C. Randolph wrote:

> Does Microsquish *know* any industry luminaries?  I mean, Cutler
> used to be one, but he's pretty burnt out, if Windoze NT is any
> indication.

Butler Lampson and Rashid are both pretty hot. Cutler got NT
to a workable state considerably faster than he got VMS to
one. 

There are many computer companies that are full of Bozos,
Microsoft isn't one of them. Most of the people griping about
Microsoft can't code any better. 

I'm interested that Navigator 3b6 crashes several times daily 
while Internet Explorer has yet to crash on me. I couldn't
care less about fancy features, at this stage I want a browser
that is reliable - like they used to be.

		Phill





From ravage at einstein.ssz.com  Fri Aug 16 22:48:28 1996
From: ravage at einstein.ssz.com (Jim Choate)
Date: Sat, 17 Aug 1996 13:48:28 +0800
Subject: [NOISE] "X-Ray Gun" for imperceptible searches (fwd)
Message-ID: <199608170314.WAA11946@einstein>



Forwarded message:

> Date: Fri, 16 Aug 1996 11:34:44 -0400 (EDT)
> From: Black Unicorn <unicorn at schloss.li>
> Subject: Re: [NOISE] "X-Ray Gun" for imperceptible searches (fwd)

> > Simple actualy. The police don't need a warrant to collect such information
> > because it is in the public domain (ie not private and therefor requiring
> > a search warrant and probable cause). Therefore anybody (not just cops)
> > can pick it up.
> 
> This argument breaks down when one looks at the difference between state
> action and private action.

Constitutionaly, if we are discussing search warrants there is no
difference. The 4th gives the courts no latitude on how to treat police and
'normal' citizens. They must be treated equaly.

> Were one to follow this logic, it would come to pass that citizens could
> get warants to search neighbor's residences.

Since when are police any different than citizens? Where are the police
mentioned in the Constitution? (hint: their not) If we are speaking of
Constitutional issues police have no powers that a ordinary citizen doesn't.
The Constitution has many directives to Courts about what they may do and how
they may do it. It at no point covers police other than the section dealing
with treasury enforcement. I would contend that citizens have exactly the same
rights and privileges as police. In fact if the general citizenry is
prohibited something (eg own a fully auto gun) then the police also are
prohibited from it. I would further hold that if it is illegal for me to
carry a gun on my hip then a police officer should also be prohibited. The
whole concept of 'citizens arrest' is based on this Constitutional premise.
It has been eroded over the years because it is a clear threat to those who
have a profit to make off our government and their mis-use of it.

Under some conditions they are allowed exactly this. Last year I had a
friend go through a divorce. As part of the agreement he was to retain
possession of some guns and other memorabilia. The wife refused to let the
husband come onto the property or contact their son. He was placed under a
bond to that effect. When he went to the judge my friend was allowed to
search the property for those items. He was advised that if he met any
resistance to contact the Sheriff's office who would then arrest the wife
for contempt of court. It is up to the court, not the police, to decide who
is an officer of the court and why. The judge was able to specificaly
list the items and had probable cause in that the material was not the wifes
but rather the husbands. To allow her to keep them would constitute state
sanctioned theft. The court could not use a police officer because they are
not empowered to enforce civil decree's. Refusal to abide by the civil
decree would constitute a criminal act and the court could then require the
police to intercede.

The 4th is a directive to courts on when they may issue search warrants. Who
executes them is covered (via the 9th and 10th) by state and local law (per
extension by the 14th).
 
			       ARTICLE IV. 
 
	The right of the people to be secure in their persons, houses, 
papers, and effects, against unreasonable searches and seizures, shall 
not be violated, and no Warrants shall issue, but upon probable cause, 
supported by Oath or affirmation, and particularly describing the place 
to be searched, and the persons or things to be seized. 
 
> > It is becoming more and more popular for governments to limit the ability
> > of scanners and other such detectors to pick up information supposedly 
> > to protect privacy. The above states that if it is eminating from the
> > residence (and by extension person) and is picked up off their property,
> > perhaps on or in public space then it is fair game.
> 
> Fair game for law enforcement use and can be presented in court, yes.

But police have no Constitutional right to search anything, courts do. In no
way can the Constitution be honestly extended to allow police the right to
search anyone until directed by a court.

> And, I might add, there is a different standard for voice communications
> however carried.  The heat from a indoor pot garden is a different matter,
> and incidently, the matter on which the question was presented.

I have to disagree. The issue is not what is being carried on the medium but
rather can I measure that medium without a warrant if I am a officer of the
court or empowered by law as the police. Implicit in this question is the
fact that my goal is to gather information to be presented to a court for
legal action against the party being monitored. This was a strawman that the
court fell for, the defence attorney didn't understand the technology either.

To argue that if I measure some quantity and no modulation is present I may
present that as evidence, but if modulation is present then I need a warrant
to even measure it is ludicrous and screams 'alterior motive'. I would say
that the argument of the state of the light (ie on/off) is modulation and
therefore may be extended to limit unwarranted measurement.

So, all I need to do is to modulate the IR lamps with a commen radio. Then
they can watch all they want with cameras and such. No warrant, no evidence.
Do you figure X-10 modulation would qualify? Wouldn't the on/off caused by
the AC power qualify as modulation of the light?

> > States such as N. Carolina (per extension via the 14th) should be 
> > prohibited from regulating or otherwise controlling possesion and use
> > of radar detectors (in this case) which are currently illegal for
> > private persons to operate.
> 
> There is the additional matter of the obstruction of justice issues..

Obstruction of what justice? The goal is to keep the speed down so people
are not killed. It is NOT to give the police a means to gather operating
funds. If the police were honest in this pursuit they would sit on the side
of the road radaring to their hearts content as long as their lights were on
indicating they were actively on duty while everyone else zoomed along
listening to their detectors buzz. Yes, we would have much less money from
tickets but we would have many more living people paying taxes as well. I
also suspect that if this were implimented it would take many fewer police
to regulate traffic further reducing the needs for money. The law was
specificaly and openly put in place because the radar detector decreased the
chances of the police from catching and ticketing you, somewhat different
than enforcing public safety.

The police in a democratic society should never be allowed to skulk around
monitoring the populace.

Cops hiding in the bushes and other such tactics are not law enforcement but
rather state sanctioned theft. Gives 'highwayman' a whole new slant.

The argument that by allowing such activity the police are prohibited from
catching criminals ignores the fact that the police are firstly enforced
with public safety. Their primary job is to PREVENT the incident within
their operating parameters and only secondarily to apprehend participants
after the fact.

Again, a strawman the courts and lots of others have swallowed.

> >I< tend to agree with you, but I see the arguments on the other side as
> well.

I also see the other side, I believe the Constitutional approach that I
advocate can meet and defeat any argument they may present PROVIDED the
court does not have a alterior motive of sustaining the status quo but
rather an open goal of enforcing the Constitution for life, liberty, and the
pursuit of happiness.

I believe that is a rare find indeed. Don't get me wrong. I estimate the
chance of my success to win support, let alone actualy getting any of it
implimented, as pretty close to nil. But if I don't discuss it on public
forums such as this then who else will?

> > If the police don't need a warrant to
> > collect information then citizens are equaly able to recieve that
> > information as well.
> 
> How EXACTLY does this follow?

Because courts, not police are empowered to search. Constitutionaly a police
officer may detain you (by local law) but he may NOT search you until presented
to a magistrate. This is what was meant by 'fair and speedy trial'. 

> > Since the above ruling states that as long as the
> > emissions are eminating from the site and the reception takes place
> > other than at the site (in this case, being inside the police car)
> > , perhaps along a public highway, then no privacy is involved. This
> > means that citizens have a right, by extension, to know when they are
> > being beamed by radar.
> 
> Again, you need to distinguish law enforcement purposes and private
> purposes.

Constitutionaly there is no distinction. Police are citizens also.

> > This same chain of logic can be extended to cell phones and such as
> > well.
> 
> And yet you need a warrant to intercept cell phone conversation.

Exactly, and by extension you should need a warrant to monitor ANY other
form of EM radiation when acting as a officer of the court collecting
information or evidence relating to possible or existing proceedings.

> > This connection is even clearer when one realizes that the only difference
> > between IR and your cell phone eminations is frequency. The intermediate
> > vector boson in both cases is a photon.
> 
> And the fact that cellphones carry voice communications.

Is irrelevant. You can't know that fact without first measuring the medium.
Sorta defeats the whole purpose. You have to measure it to determine if you
can measure it, stupid or premeditated misrepresentation.

> > It is similar to arresting somebody for wearing a blue shirt but letting
> > the person wearing the red shirt go free.
> 
> ANd having the blue shirt say "kill the president" maybe would even out
> your example.

How? It certainly raises the spectre of 'strawman'. Attempting to change the
subject to 'freedom of speech' is not a respectable tactic. What is on the
shirt is irrelevant.

> > The rationale being that since
> > the frequency of the blue shirt is higher it is fundamentaly different
> > then the red shirt.
> 
> No, the rational being that the blue shirt carries a communication more
> complicated than a simple speed reading, or heat emmission.

But how do you determine that without first measuring it? I don't think that
'probable cause' or 'oath or affirmation' were meant to include 'gut
feeling'.
 
                                                  Jim Choate






From vznuri at netcom.com  Fri Aug 16 23:08:53 1996
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Sat, 17 Aug 1996 14:08:53 +0800
Subject: "world communications being monitored"
Message-ID: <199608170344.UAA05092@netcom22.netcom.com>



------- Forwarded Message
From: "Mat Guthrie" <matguthrie at enterprise.net>
To: mmlist-l at newciv.org
Date: Wed, 14 Aug 1996 20:14:39 +0000
Subject: All Int' Communications Are Monitored


- - ->  SearchNet's   snetnews   Mailing List

Hi there all,

I heard an amazing news report on the radio today, that confirmed
what I've heard and suspected for a long time - all international
communications *are* continually being monitored!!

The report was on "The World at One" news report on BBC Radio 4 -
about as respected, reliable and informative a source as any
mainstream media is ever likely to be. The feature spoke about a
book that's come out in New Zealand called "Secret Power" by Nicky
Hager, that has been endorsed by the former (?) Prime Minister of New
Zealand himself. It supposedly goes into great detail about an
international agreement called "Echelon" of which the US, UK,
France, New Zealand, Australia and several other nations are all
participants. According to Nicky Hager - who was interviewed on the
program - a system of monitoring stations have been set up in various
countries in the world that continually monitor ALL fax, email,
telephone and satellite communications etc, "sniffing" for keywords
using super computers. When these key words are identified the
information is automatically logged and according to Hager, sent
directly to the US intelligence services.

Now whilst many of us have undoubtedly come across this sort of
information before and undoubtedly many of us have probably scoffed
at such ascertions as merely impossible and blatantly paranoid,
something very significant sets this report apart. Before the book
was published, Hager went with his manuscript to the New Zealand
Prime Minister who had been responsible for signing NZ up to the
agreement (I got the impression that he is no longer in power). 
Anyway, the PM was so shocked by the revelations that the book 
contained, that he has written the forward to the book. Supposedly he 
says that he had no idea of the true nature of the agreement and the 
powers which it bestowed on the intelligence services and is 
obviously trying to distance himself from the storm that's beginning 
to brew up about it. Maybe he's just covering his arse or maybe he 
was just another puppet head of government who wasn't properly 
informed about what was really taking place in his own country, but 
either way, the fact that he has got involved with the book adds 
considerable credibility to it's claims. Those of you who have often 
said that such wide-scale monitoring is "obviously impossible" might 
be wise to re-evaluate your positions!

Anyway, there was no further report on the BBC Radio 4 evening news 
and nothing about it on TV, so maybe that's all we're hear about it 
over here in the UK - and maybe even less for you lot in the good old 
US of A. The book isn't in print over here, so needless to say, I'll 
be contacting a book seller over in New Zealand to see if I can get 
myself a copy and I'll keep you informed. If anyone out there in NZ could 
give me a phone number of a sizeable book shop over there, I'd really 
appreciate it and if anyone else has any info on this, please pass it 
on.

I wonder if "Secret Power" is now on their keyword list?  If it is 
then - "Hi there big bro'. I hope you're all having a nice day!"<g>

Take care out there,
      See ya

           Mat

                 ================================================
                 WHAT'S THE FUTURE GOT IN STORE FOR MANKIND???
                                      For a different perspective on:
                 Global Trends, The Environment, Surveillance Technologies,
                                  Current Events and Prophecy, Visit:
                             http://homepages.enterprise.net/matguthrie/
                   THIS PAGE IS CURRENTLY UNDER CONSTRUCTION
                 ===============================================     

                  He who is conscious of danger creates peace for himself;
                  he who takes things lightly creates his own downfall.
                                                                    I Ching 







From webmaster at www.whore.com  Fri Aug 16 23:10:07 1996
From: webmaster at www.whore.com (webmaster at www.whore.com)
Date: Sat, 17 Aug 1996 14:10:07 +0800
Subject: Greetings from Whore.com
Message-ID: <1371882871-6745844@caroline.com>


Greetings!
This is an automated response from http://www.whore.com and�http://www.slut.com.
You indicated you wanted to receive email from one of our sluts.
If this is NOT true, please reply to this email and type 'cancel slut #8927'
in the body of the message.
I hope you DO want to receive email, because 
Asia just turned 21 and wants to meet you.





From vznuri at netcom.com  Fri Aug 16 23:10:18 1996
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Sat, 17 Aug 1996 14:10:18 +0800
Subject: forthcoming book on privacy
Message-ID: <199608170342.UAA04850@netcom22.netcom.com>



------- Forwarded Message

From: Phil Agre <pagre at weber.ucsd.edu>
To: rre at weber.ucsd.edu
Subject: New Privacy Book


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message was forwarded through the Red Rock Eater News Service (RRE).
Send any replies to the original author, listed in the From: field below.
You are welcome to send the message along to others but please do not use
the "redirect" command.  For information on RRE, including instructions
for (un)subscribing, send an empty message to  rre-help at weber.ucsd.edu
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Date:       Thu, 08 Aug 96 15:03:12 EST
From: Computer Privacy Digest Moderator  <comp-privacy at uwm.edu>

Computer Privacy Digest Thu, 08 Aug 96              Volume 9 : Issue: 009

- - ----------------------------------------------------------------------

Date: 08 Aug 1996 10:12:56 -0400 (EDT)
From: Robert Gellman <rgellman at cais.com>
Subject: New Privacy Book

There is a new book on privacy due out momentarily.  The publisher's
announcement follows.

Bob

The Michie Company Introduces Data Privacy Law: A Study of United
States Data Protection by  Paul M. Schwartz and Joel R. Reidenberg

Data Privacy Law: A Study of United States Data Protection is the first
book to analyze comprehensively U.S. fair information practices law as
it pertains to data protection issues in both the public and private
sectors.

Data Privacy Law was underwritten by the European Commission in
preparation for the issuance of its Directive 95/46/EC (October 24,
1995) on the protection of individuals with regard to the processing of
personal data and on the free movement of such data.   The book
compares coherently the fair information practices of the United States
with principles common to divergent legal systems.

Data Privacy Law has important practical applications and will help
companies that employ transborder telecommunications, conduct
interjurisdictional financial transactions, or advertise across borders
to define their own data protection strategies to ensure that
expectations of fair information practices are met.  The book will
assist lawyers, government regulators and scholars to understand data
flows in both the public and private sectors.

Author Paul M. Schwartz, Professor of Law at the University of Arkansas
School of Law (Fayetteville), has been a guest professor at the
University of Nantes, a Fulbright Senior Lecturer at the Goethe
University?s Research Center for Data Protection, and a Research Fellow
of the Alexander von Humboldt Foundation and of the Harry Guggenheim
Foundation.  He has provided advice and testimony to governmental
bodies in the United States and Europe.
 At present, he serves as Special Advisor to a study of health care
applications of the National Information Infrastructure carried out by
the National Academy of Science's National Research Council.

Author Joel R. Reidenberg is Associate Professor of Law at Fordham
University School of Law.  He serves as chair of the Section on
Computers and Law of the Association of American Law Schools and is a
Fellow of the Cyberspace Law Institute.  Formerly, he practiced in the
Washington, D.C. office of Debevoise & Plimpton, where he worked with
the international telecommunications group on European
telecommunications liberalization and competition law issues, data
protection regulation, and intellectual property issues.  Professor
Reidenberg served as an advisor to the U.S. Congress Office of
Technology Assessment and has testified on information privacy before
various government bodies.

Both authors have written and lectured extensively on privacy and
information technology law.

Priced at $90.00, this book will be a welcome resource for policy
makers, legal practitioners and scholars grappling with data protection
issues.

Michie is a part of LEXIS*-NEXIS* and publishes annotated state codes
for 31 states and the District of Columbia, more than 700 titles
covering national and state law topics, the Michie?s Law on Disc CD-ROM
research system for 36 states, and a growing number of ?practice?
CD-ROM titles.  A division of Reed Elsevier, Inc., and a member of the
Reed Elsevier plc group, one of the world?s leading publishing and
information businesses, Michie combines almost two centuries of
traditional legal publishing with leading-edge information technology.

- - --
Data Privacy Law by Paul M. Schwartz and Joel R.
Reidenberg $90.00 Order Number:  67180-10

For more information or to order, call Michie toll-free at 
800-562-1197. Visit Michie's web site at http://www.michie.com.


- - ------------------------------

End of Computer Privacy Digest V9 #009
******************************


- ------- End of Forwarded Message


------- End of Forwarded Message






From blane at aa.net  Fri Aug 16 23:50:54 1996
From: blane at aa.net (Brian C. Lane)
Date: Sat, 17 Aug 1996 14:50:54 +0800
Subject: $10K offer if you can break the code
In-Reply-To: <199608170104.SAA14968@netcom13.netcom.com>
Message-ID: <32154c32.5692262@mail.aa.net>


On Fri, 16 Aug 1996 18:04:33 -0700 (PDT), you wrote:

>> MMMmmmm.... Money!
>
>Don't cash the check yet.  It's security by obscurity using the
>highest quality "unpublished algorithms" and up to a 48 byte
>key phrase.  
>
>He's only willing to send out the free version by return snail 
>mail - no Net access.  Any crack you submit must also decrypt
>other messages they will feed it, must be completely documented,
>and any prize awards are at their sole descretion. 
>
>He's also selling the high performance "9600 Baud" version for
>$100.  

  Looks like a crock to me. He gives no email address to contact him with,
no business name, and it sounds like an extremely user un-friendly program.
People are definatly better off using PGP.

  I'd bet that his unpublished algorithm is an XOR with the key, and that
it could be broken pretty easily. I'd also be that there is no $10,000
reward.

  People like this guy give cryptography a bad name. They target people who
don't know much and are susceptible to his claims and who would be better
off using PGP or ViaCrypt.

  What can we do to dispute his claims? Has anyone gotten a copy of his
sample message yet?

   Brian

------- <blane at aa.net> -------------------- <http://www.aa.net/~blane> -------
       "Extremism in the defense of Liberty is no vice" - B. Goldwater
==============  11 99 3D DB 63 4D 0B 22  15 DC 5A 12 71 DE EE 36  ============





From shamrock at netcom.com  Fri Aug 16 23:57:20 1996
From: shamrock at netcom.com (Lucky Green)
Date: Sat, 17 Aug 1996 14:57:20 +0800
Subject: NT remailer
Message-ID: <v02120d03ae3af6d9cf45@[192.0.2.1]>


At 21:08 8/16/96, rednax wrote:
>Speaking of NT, I downloaded the full version of msie 3.0 the other day but
>when I tried installing it, an error message came up saying that it requires
>a Win95 or WinNT4.0 build of 1381 or higher. I am currently running NT 4.0b
>that has a build of 1314, does anyone know of where is the upgrade or
>service packs(if available)? I have tried looking around microsoft.com, but
>they neither provided any detail nor did they provide an e-mail.

USENET?

Just a thought,


-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.







From stewarts at ix.netcom.com  Sat Aug 17 00:15:10 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 17 Aug 1996 15:15:10 +0800
Subject: key escrow idea from David Staelin of MIT Lincoln Labs
Message-ID: <199608170506.WAA17213@toad.com>


Matt Blaze posted Ron Rivest's summary of Dave Staelin's 
suggestion for a different type of Government Access to Keys (GAK) policy,
and Rivest's proposed variant and analysis, and there's been
some discussion on the Cypherpunks list, including the usual
"GAK is evil, period", plus commentary on the variations.
Below I suggest a variant on Ron's variant that's less evil,
though less desireable to the government than Ron's.

R(S)>Here is Staelin's idea:
R(S)>	(1) You can use any crypto you want, but you must keep a record
R(S)>	    of the crypto keys you used.
R(S)>	(2) The government can ask for the crypto keys later, if they have
R(S)>	    a court order, just as they can ask for any of your other papers
R(S)>	    or documents.  You must give the key(s) to them, just as you
R(S)>       must turn over your private papers in such a situation.

For technical reasons, this is a non-starter.  Storing keys requires memory,
and many practical cryptosystems need to generate large numbers of keys, 
or run in environments such as cellphones and password-calculators that
don't _have_ any available memory.  Storing lots of keys implies a high
probability of losing lots of keys, and Matt's talked about the difficulty
of storing keys securely.  Non-technically, as was discussed,
US citizens aren't required to keep personal papers or documents,
though businesses are required to keep some tax and rule-compliance records,
and taxpayers who want to claim deductions need to keep relevant records.

Ron's trusted third party variant:
R>In a variant of Staelin's proposal (my twist) you could append to each
R>encrypted message an encrypted form of the message key.  The
R>encryption could be with the public-key of a trusted third party who
R>will not (and legally may not) reveal the message key without
R>notifying you first (or ensuring that you have been appropriately
R>served with the corresponding warrant).  For example, the ACLU might

Stewart's untrusted first party variants:
Why a trusted _third_ party?  I don't trust third parties with my calls.
Have the sender generate, and keep, a Master Key, and append the
session key encrypted with the Master Key.  As with Staelin's method,
the government can subpoena or warrant the master key.
(So you can call it a Self-Incrimination Key if you like.)

If you use a public key for the SIK, there's the time and space
required to do public-key encryption, but the session keys for 
each session can be decrypted separately by the sender, and verified
by the court, without needing to turn over the private key.

If you use a secret key for the SIK, it's fast and small,
though the SIK needs to be protected and one subpoena decrypts all 
conversations made with the key (as does a warrant seizing the phone.)
(It's basically Clipper with the user instead of NSA generating master keys,
and the user instead of the Friends Of The NSA storing them.)

An intermediate is to use a secret SIK for a small-to-medium
number of sessions, and public-key Master SIK used to generate
an encrypted SIK sent with each message as well as the 
SIK-encrypted session key.  It's still bulky, like the full public-key
version, but not as slow, since you can generate and encrypt
secret-SIK keys off-line.

As with Staelin's proposal, mine also doesn't give the government
real-time access, only after-the-fact access, but it doesn't
have most of the technical difficulties of secure, reliable used-key 
storage (hmmm - sounds kind of like a sharps-box for used needles :-)

R>CONCLUSION
R>The fundamental idea is to give the government a right to access
R>encrypted communication in return for a guarantee that access may not
R>be obtained until there is BOTH proper legal authorization AND proper
R>prior notice to (at least one of) the communicants.
R>Is this workable??

As Matt says:
M>While Ron's twist decreases some of the burden on the user it
M>eliminates the main benefit of the Staelin proposal - that one
M>cannot obtain cleartext without the knowledge of at least one party.

Agreed - while Ron's proposal asserts that the TTP is forbidden
to reveal the key to the government without also telling the owner,
current government wiretap laws often require just the opposite,
and even if the government initially changed their policy to
require TTPs to tell users, they could rapidly change back.
The only way to guarantee that prior notice (or post-access notice)
is for the protocol to require the user's participation, 
which inherently makes it non-real-time and gives the user the
ability to refuse (at whatever cost.)

Also, "to give the government a right to access" implies that they
don't have that right today (which I agree with but Louis Freeh doesn't),
and that we _should_ give them that right when we don't have to
(which Dorothy Denning would agree with but I don't) and that a 
Trusted Government Guarantee (TGG) is a good enough payment in return.

And if you retain the word "voluntary", as used by Ron, you need to 
convince a Bad Guy or an Innocent Guy to believe a TGG or TTP -
Bad Guys won't, and Innocent Guys, as Ed Meese said, "usually 
aren't suspects", so it's still no-win for the government.


#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From nobody at replay.com  Sat Aug 17 00:19:07 1996
From: nobody at replay.com (Anonymous)
Date: Sat, 17 Aug 1996 15:19:07 +0800
Subject: No Subject
Message-ID: <199608170503.HAA09053@basement.replay.com>


At 11:05 PM 8/16/96 -0400, you wrote:

>There are many computer companies that are full of Bozos,
>Microsoft isn't one of them. Most of the people griping about
>Microsoft can't code any better.

Gee Phill, as I'm preparing to leave MS after 6 years, I have to 
disagree with you.  Mediocrity and bureaucracy have eatten away 
at a lot of the core of the company.  It is entirely marketing driven 
now, and the coders have definitely gone down hill since I first
started in Apps.  The "bozo" factor has steadily increased.  Only 
those new hires without a sense of history think it's a real cool 
place to work.  And, a few egocentric folks totally tripped on 
power and greed.  (Apologies to any MSofties on the list I don't
know personally.)

Talk to HR about the turnover of people with 5.5 to 8 years
under their belts who are bailing with their stock options because
it ain't a fun place to work anymore.  Testers, developers, UE,
you name it.

I can gripe because I was there.  I never seem to recall seeing
your name on any internal e-mail.

Oh yeah, this is coming through a remailer, because I'm reading
the list at work.  And I doubt BillG would appreciate my opinions
being sent out over MS resources.






From blane at aa.net  Sat Aug 17 00:20:34 1996
From: blane at aa.net (Brian C. Lane)
Date: Sat, 17 Aug 1996 15:20:34 +0800
Subject: Orbiting Datahavens
Message-ID: <32155657.53661@mail.aa.net>



  With all the recent talk about converted oil-rig DataHavens floating
around the oceans, fending off pirates, and Low-Orbit satellite
communications, I had a thought.

  How about an orbiting DataHaven. No jurisdiction to bother with,
extremely difficult to get to (except by large governments...). You could
put together a couple of Linux boxes with a RAID system, some backups and a
large solar panel and have a very nice, secure DataHaven.

  Granted, you wouldn't have all the fun of floating around the south
pacific fending off pirates and navies who are after your data, but it
would work. Might even be cheaper than outfitting the oil-ring with the
rate that they are tossing satellites into space.

  If the HAM radio community can get a satellite into space, why not the
Cypherpunks/Linux communities?

   Brian

------- <blane at aa.net> -------------------- <http://www.aa.net/~blane> -------
       "Extremism in the defense of Liberty is no vice" - B. Goldwater
==============  11 99 3D DB 63 4D 0B 22  15 DC 5A 12 71 DE EE 36  ============





From jgrasty at gate.net  Sat Aug 17 00:40:11 1996
From: jgrasty at gate.net (Joey Grasty)
Date: Sat, 17 Aug 1996 15:40:11 +0800
Subject: South Florida Cypherpunks Meeting Reminder
Message-ID: <199608170542.BAA46994@osceola.gate.net>


Y'all:

The South Florida Cypherpunks will meet at Hops Grill & Bar
in Boynton Beach, FL on Saturday, August 17 at 2:00 PM.  As
always, our meeting place is at a microbrewery, and this one
has some very fine brews.

Jim Ray will show off his Snake Oil bottle, signed by Phil
Zimmermann, who wrote PGP.  I will also hand out copies of my
WinSock Remailer to anyone who wants to check it out.  Other than 
that, we have no agenda, other than discussing cypherpunkology 
and drinking some fine brews.

Directions:

Take I-95 to Boynton Beach Blvd and go west.  When you get
to Congress Ave., turn right (north) and go one stoplight 
until you get to Old Boynton Beach Blvd.  Turn left (west)
and go behind Longhorn Steakhouse and turn right into
the parking lot behind Longhorn Steakhouse.  Hops is just
north of Longhorn on Congress Ave.

  Hops Grill & Bar
  545 N. Congress Ave.
  Boynton Beach, FL.

In addition, the Cypherpunks Brewmaster, Jim Ray, is brewing 
up a special "cypherpunks summer dark" brew for the meeting.  (I
sampled some of the brew before bottling, and BBBUUURP! it was
good.)  We will enjoy his fine beer at my house following the 
meeting.  I'll pass out maps to my house in Deerfield Beach
for anyone who wants to go.

Please send me a note if you plan to attend so that I can alert
the restaurant on how many will attend.  Send me your
key and fingerprint for keysigning if it hasn't been signed by any
cypherpunks before.

Regards,

--
Joey Grasty
jgrasty at gate.net [home -- encryption, privacy, RKBA and other hopeless causes]
jgrasty at pts.mot.com [work -- designing pagers]
"Anyone who considers arithmetical methods of producing random digits is,
of course, in a state of sin." -- John Von Neumann
PGP = A7 CC 31 E4 7E A3 36 13  93 F4 C9 06 89 51 F5 A7





From brendon at home.net  Sat Aug 17 01:10:37 1996
From: brendon at home.net (Brendon Macaraeg)
Date: Sat, 17 Aug 1996 16:10:37 +0800
Subject: proxy servers in Singapore
Message-ID: <1.5.4.32.19960817031055.006c95e4@poptart.home.net>


Did anyone else catch the AP wire story
(it ran here in the SF Chronicle on Thursday)
about the Singapore government cracking
down on "undesirable" (e.g., sex smut, anti-govt.
postings etc.) content on web sites, usenet etc.
Their basically forcing, by law, Singapore  ISPs to use
proxy servers that contain the information
that the govt. deems fit. 

Scary if you ask me. But then they have a govt.
that acts like it's the management of Disneyland.

"Have a nice ride!"
-B
=====================================================
Brendon Macaraeg
http://www.itp.tsoa.nyu.edu/~brendonm 
Finger macaragb at acf2.nyu.edu for my PGP Public Key






From jimbell at pacifier.com  Sat Aug 17 01:20:21 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 17 Aug 1996 16:20:21 +0800
Subject: Triple DES Encryption Now Available For Telephone Privacy Protection
Message-ID: <199608170629.XAA16771@mail.pacifier.com>


At 03:04 PM 8/16/96 -0700, Eric Blossom wrote:
>Communication Security Corporation 
>
>For More Information: Eric Blossom (707) 577-0409
>Press Contact:  Terri Thatcher (408) 265-7703
>Triple DES Encryption Now Available For Telephone Privacy Protection 
>Santa Rosa, Calif., August 16, 1996, -- The Communication Security
>Corporation today announced availability of the CS8191. The first
>telephone security device built using uncompromised cryptography,
>based on 168--bit key triple DES.
>  
>Triple DES encryption technology provides an uncompromised level of
>security (72 quadrillion times stronger against a brute force attack)
>than products based on the US Data Encryption Standard (single DES).
>In addition, unlike the government's "Clipper" proposal, the CS8191
>does not reveal or "escrow" the encryption keys with third parties.

So does this use that previously-announced NTT encryption chip?

> 
>The CS8191 has been designed to work with conventional analog
>telephone systems (POTS).  The unit connects between your telephone
>and the wall. In 'clear' mode, your telephone continues to work as it
>normally does. Pressing the 'go secure' button encrypts
>conversations. Communication Security has also incorporated a
>leading-edge speech coder.  Voice clarity is undisturbed whether the
>system is in 'secure' or 'clear' mode. 

Is this some sort of standardized interface?  Or are we in for the crypto 
equivalent of the Tower of Babel?

Jim Bell
jimbell at pacifier.com





From remailer at cypherpunks.ca  Sat Aug 17 02:04:12 1996
From: remailer at cypherpunks.ca (John Anonymous MacDonald)
Date: Sat, 17 Aug 1996 17:04:12 +0800
Subject: $10K offer if you can break the code
Message-ID: <199608170652.XAA06550@abraham.cs.berkeley.edu>


Hello!

On 16 Aug 96 at 18:04, Mike wrote:

> Don't cash the check yet.  It's security by obscurity using the
> highest quality "unpublished algorithms" and up to a 48 byte
> key phrase.  

In Hong Kong, the Chinaman has the perfect way to describe
a situation like this. He will say, "Hey friend, a roach this 
big won't simply jump in the streets for you to catch."
 
> He's only willing to send out the free version by return snail 
> mail - no Net access...Snip..snip....  

The guys behind PGPn123 tried the same snail mail stuff 
recently. The response was so bad they gave up after a while.

Anyway, let's see what will happen in this case, but it's 
truly pathetic and ironic to think of snail mail in this 
cyberonic age.

Later...

Roach











From DMiskell at envirolink.org  Sat Aug 17 02:32:10 1996
From: DMiskell at envirolink.org (Daniel Miskell)
Date: Sat, 17 Aug 1996 17:32:10 +0800
Subject: Greetings from Whore.com
Message-ID: <199608170706.DAA04875@envirolink.org>


Someone please tell me that was a joke.  It's almost a temptation.

(falls down laughing and dies)

Greetings from <property not found>,
Daniel.






From wmono at Direct.CA  Sat Aug 17 04:23:57 1996
From: wmono at Direct.CA (William Ono)
Date: Sat, 17 Aug 1996 19:23:57 +0800
Subject: Unix passwd-cracker online?
In-Reply-To: <Pine.A32.3.91.960816161112.53362A-100000@campus.gda.itesm.mx>
Message-ID: <Pine.LNX.3.94.960817000216.1458B-100000@crash.direct.ca>


On Fri, 16 Aug 1996, Carlos L. Mariscal may have written:

> person has obtained a specific password by entering the desired 
> adresses'passord on a submnit form in a Web page.
[deletia]
> never have it if there really is such, but this came to my mind when i read 
> the posts  on the plate-numbers-in-Oregon polemica. I would appreciate 

Somehow I have a hard time believing this to be true.  I run crack, a
password searching program that uses a dictionary as its base, on my
/etc/passwd regularly to locate any users with easily guessed entries.
With ultra fast crypt (UFC), the fastest crypt() replacement I can find, I
can run through about 9700 passwords per second on this P6-150.

Now, this is a back-of-the-envelope calculation:  Assuming that the
password can be one to eight characters of the following:
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!@#$%^&*()
we find that we have a set of 72 characters.  That gives us
72^8 + 72^7 + 72^6 + 72^5 + 72^4 + 72^3 + 72^2 + 72^1 or
732376025552520 possible combinations.  At 9700 encryptions per second,
it would take my system 2401 years to brute force -one- password to 
completion.  That means that, most likely, if this 'locate password on
demand' system existed, it would not work in real time, or in any time
during any person's life.  Moore's Law might shorten this timeframe
considerably, but still not to any reasonable time frame.

Continuing with my back-of-the-envelope estimate, we have the length of a
crypt()'d password as being 13 characters.  The password in plaintext has
to follow, with a length of 8 characters.  At a size of 
732376025552520 * 21 characters, we would have a database of
15379896536602920 bytes, or 22565249 650mb CD-ROMs.  That's for the
passwords of one salt, without any formatting.  Even if we could achieve a
95% compression rate on this data (it is text, after all) we would end up
with 237528 CD-ROMs.

Most likely my set of characters will be found to be incorrect, but
anything that includes even a-z, A-Z, and 0-9 in one to eight character
combinations most likely will not be a favourable crack target.

Sorry, I don't think this is feasable, or possible.

(Please do correct my calculations if errors are detected, especially if
the corrected numbers make this possible.. it's getting late at night, and
my mind is fogging up, so these calculations/estimates/wild guesses may be
off more than usual. It does sound like an interesting project to
undertake, if it were possible, but not on my equipment!)


--    ** NOTE NEW KEY **  As of 08/28/95!  Old key 0x2902B621 COMPROMISED!
William Ono <wmono at direct.ca>                                PGP Key: F3F716BD
 fingerprint = A8 0D B9 0F 40 A7 D6 64  B3 00 04 74 FD A7 12 C9 = fingerprint
PGP-encrypted mail welcome!           "640k ought to be enough for everybody."






From aba at atlas.ex.ac.uk  Sat Aug 17 06:09:12 1996
From: aba at atlas.ex.ac.uk (aba at atlas.ex.ac.uk)
Date: Sat, 17 Aug 1996 21:09:12 +0800
Subject: any SF cpunks around next Sat?
Message-ID: <25922.9608170945@dart.dcs.exeter.ac.uk>



Living in the UK, I really don't have that much idea where the people
on the list I've gotten to know over the years live.

I will be over in the San Francisco / Redwood City area next Saturday
(24th), if anyone I know would like to meet, exchange keys, have a
chat about crypto/cypherpunks stuff, mail me.

Also if there is any regular cpunks meeting in this area which
coincides, let me know!

Adam
--
#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)






From amehta at giasdl01.vsnl.net.in  Sat Aug 17 08:31:42 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Sat, 17 Aug 1996 23:31:42 +0800
Subject: Software manpower exports and the power of governments
Message-ID: <1.5.4.32.19960817121723.002f9b34@giasdl01.vsnl.net.in>


At 13:23 16/08/96 -0700, James A. Donald wrote:
>At 10:49 PM 8/14/96 +0600, Arun Mehta wrote:
>> I was trying to explain how incomes and prices happened to be
>> lower in India, 
>
>That was not an explanation, that was mystic word salad.  
>
>It would be an explanation if wealth mysteriously rained
>from the sky, rather than was produced by men.

Huh? And why are we so grumpy today?

>In fact what gets sent to the Indian campus is largely legacy
>work, which is in large part precisely the work that requires 
>the closest contact with the customer, contact with actual 
>working conditions, and the like.

Not necessarily: as an example of legacy work, consider the
conversion of Cobol to 4GL. When you have a working program to
emulate, you can do that without too much customer contact. It's
in new software (where maybe the customer is herself not clear
what she actually needs) that close contact is essential. 

Take another example: you have some old software, and you need to
add a bell or whistle. Sure, you may need to run the modified
software on site for testing, but often that too can be done from
a remote terminal. And even if you do have to travel for the
purpose, it still works out cheaper, since manpower costs are low
in the 3rd world.

>This seems to be a general practice, not just an Informix practice, for
>in an article on "India's silicon valley" I read that the work done in
>India was largely done on existing legacy apps, often in obsolete
>languages and operating systems.

Um, maybe you misread: why would an American company pay to have
software written, that only runs on obsolete machines? Now,
converting that software to run on a modern machine, that's
altogether different -- you have to be able to read Cobol or
Autocoder or whatever, but what you actually write would be based
on modern tools. 

>This is of course the work that places the least amount of the
>companies intellectual assets in India, and thus the work that
>gives the Indian government the least power over Informix and its
>activities.  Informix could abandon the Indian campus and all
>the intellectual assets on which it was working, and all the
>physical assets located there, at any moment and not suffer any 
>serious loss or inconvenience.

A sensible business decision: long-distance security is hard to
achieve. But I doubt that it has anything to do with the power
that the Indian government has (or hasn't) over Informix?

>It is overwhelmingly clear that the question is simply who has the 
>power?  Those who wish to hire peoples services in order to produce
>wealth, or those who can command peoples services because they have
>guns?

Are you suggesting that Indian programmers come to work with like
a chain gang, with armed government guard? You really must talk
to some programmers from India, ask them if the government
commands them this way, but do have some oxygen handy, or they
might die laughing...

>That is what makes most people in some places poor and most people 
>in some places affluent.

Look, governments in the 3rd world are often stupid and corrupt
-- no doubt that contributes to poverty, but that isn't the only
reason. I'm sure one of the reasons is cultural: modern
industrial societies require a high degree of training,
discipline, whatever. Western societies needed centuries of
misery to learn these, we're trying to do it faster, and
hopefully be a bit more humane in the process.

>> Could you please be more precise? In what way does the "power of
>> the Indian government" intrude? 

>Presumably the same kind of reasons as caused foreign companies
>to flee India the first time around.

Other that Coke and IBM, which we already discussed, can you name
one other? In the last years, lots of companies have opened shop
here, including Coke and IBM.

And even these two didn't flee: a new law was passed, they didn't
want to comply, so they left or were asked to leave. In the case
of Coke, I can understand the government not wanting to spend
precious foreign exchange on sugared water in a country where
there is a serious shortage of drinking water. Tim made the
perfectly valid point that such decisions cost the country in
reputation, but the Indian government doesn't mind loss of
reputation in matters it firmly believes in, as in the current CTBT discussion.

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From bart.croughs at tip.nl  Sat Aug 17 08:47:37 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Sat, 17 Aug 1996 23:47:37 +0800
Subject: National Socio-Economic Security Need for Encryption Technology Re: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB8C51.A4B84540@groningen12.pop.tip.nl>


Scott McGuire wrote:

> Bart  Croughs wrote:
>
>>You haven't answered this question yet. I don't claim that the U.S. is
>>worse off when US capital moves abroad. I only ask: how can you proof
>>that the US isn't worse off when US capital moves abroad? 

>I recall you were interested in how the Austrians would answer this.  I
>think that they would object to the question because of their aversion to
>aggregates.  Some individuals are better off and some worse off.  The
>Austrians would deny that you can sum the results for individuals and get
>a result for the economy as a whole.  This is because of Austrian
>subjectivity.

>Assume that I move a programming job to India, and make the required
>capital investments.

>I am presumably better off (otherwise I wouldn't have moved the capital).

>The worker I fire here in the US is worse off.

>(Other effects you have mentioned go here).

>Now, considering only me and the laid off worker, is this change overall
>good or bad?  To answer this, you would have to compare the value of my
>gain to the value of the workers loss.  But you can't.  Value is
>subjective.  And, it only gets harder when you try to take into account
>the other people affected.

You are absolutely right here. I should have asked: 'how can you prove that *US workers* aren't worse off' instead of 'how can you prove that *the US* isn't worse off'. I abbreviated my question because I had repeated it already so often. My misstake.
	You seem to be saying that the US workers are worse off when American capital is invested abroad (something that most of the other posters have denied), but that American consumers and investors are better off, and that it's impossible to say what the overall effects on the standard of living of American citizens will be because you can't add and substract values of different people. This sounds reasonable (and indeed very Austrian), and you could be right, though I think there exists a proof that the overall effects on the standard of living of American citizens of investing abroad is positive. See one of my recent posts on the subject.

Bart Croughs





From David.K.Merriman at toad.com  Sat Aug 17 09:11:39 1996
From: David.K.Merriman at toad.com (David.K.Merriman at toad.com)
Date: Sun, 18 Aug 1996 00:11:39 +0800
Subject: IE3.0 128-bit
Message-ID: <199608171359.GAA00854@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Sat Aug 17 08:59:05 1996
Just got off of MS IE3 download page. To retrieve the 128-bit version, 
they've got a perl script asking for a remote address and a host address 
via a pair of cookies. Unfortunately, it chokes *every single time* it's 
invoked on my system, and shows me a 1-800 number (terminally busy) to 
call.

Has anyone either managed to download it, or gotten through to the 1-800 
number? I'd _really_ like a copy of the 128-bit version. I'm a U.S. 
citizen, live here in Amarillo, TX.

Anyone from MicroSloth reading this *might* want to let a Responsible 
Person know about the perl script hiccups....

Dave Merriman, Densa's mole in Mensa

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome, encouraged, and PREFERRED. Visit my web
site at         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
I use Pronto Secure (tm) PGP-fluent Email software for Windows
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhUZZcVrTvyYOzAZAQHqygQAiEe7RmKjZcZ44Ok7Gz6GI1CCebBcdWsc
1lk2AvHJNOsI1ifq+oXbz1IuSbYJFwBOAUgJmwdXh4OMq8TIyX7mJKpR+imlysFC
kk1kMtVsdPNbtaLap5LLOMMnw13NxjC4ysae1rKZ/j/8SLXEvmscoDwzO+wtyOyn
kYgcgh6n8NQ=
=5P41
-----END PGP SIGNATURE-----






From lzirko at c2.org  Sat Aug 17 09:45:04 1996
From: lzirko at c2.org (Lou Zirko)
Date: Sun, 18 Aug 1996 00:45:04 +0800
Subject: IE3.0 128-bit
Message-ID: <199608171414.HAA10883@infinity.c2.org>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: merriman at amaonline.com, cypherpunks at toad.com,
 webmaster at microsoft.com
Date: Sat Aug 17 09:15:34 1996
My results were have been the same using ie30b2, but Netscape would attampt 
to download or ask me what app to run the .pl file with.

Lou Zirko

> To: cypherpunks at toad.com
> Date: Sat Aug 17 08:59:05 1996
> Just got off of MS IE3 download page. To retrieve the 128-bit version,
> they've got a perl script asking for a remote address and a host
>  address
> via a pair of cookies. Unfortunately, it chokes *every single time*
>  it's
> invoked on my system, and shows me a 1-800 number (terminally busy) to
> call.
> 
> Has anyone either managed to download it, or gotten through to the
>  1-800
> number? I'd _really_ like a copy of the 128-bit version. I'm a U.S.
> citizen, live here in Amarillo, TX.
> 
> Anyone from MicroSloth reading this *might* want to let a Responsible
> Person know about the perl script hiccups....
> 
> Dave Merriman, Densa's mole in Mensa
> 
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> PGP Email welcome, encouraged, and PREFERRED. Visit my web
> site at         http://www.shellback.com/p/merriman
> for my PGP key and fingerprint
> "What is the sound of one hand clapping in a forest
> with no one there to hear it?"
> I use Pronto Secure (tm) PGP-fluent Email software for Windows

Lou Zirko                                (502)383-2175
Zystems                                  lzirko at c2.org
"We're all bozos on this bus" - Nick Danger, Third Eye

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: latin1

iQEVAwUBMhXUEctPRTNbb5z9AQHbeQf/ZOFzjDVZzgWKBhKvsVFzbyA3ayNNyJqG
NuSNQ+W1TAiETioARwuCvSaokah7RBmoMOtPetGtUJBDkaw0KsKiGnByP/95a+73
+J49pubnhx7sM0PqiUNcdnE25gyHKwzSC82M31yOmsGst1FfPoklryoCdCUc2AOT
A0HJpjRaIY/CdMx1WtnO8u1Pnl47GyazfkCOqpXnD6fcONvQOawadNJFUL8ehvKF
vrvTn8rwo7W/71ijoFqphBJYIxnZpM34eJRz2mX8KE6VXlXCBWzCeVzoJD4zk5Yo
DYqYmhmhKRubl9I9jbzG2VR6yCAPeYdYrtjWPNWgs56Yd5swlUCKpA==
=WlX/
-----END PGP SIGNATURE-----




From schryver at radiks.net  Sat Aug 17 09:56:05 1996
From: schryver at radiks.net (Scott Schryvers)
Date: Sun, 18 Aug 1996 00:56:05 +0800
Subject: proxy servers in Singapore
Message-ID: <199608171424.JAA26755@sr.radiks.net>


-----BEGIN PGP SIGNED MESSAGE-----

At 11:10 PM 8/16/96 -0400, you wrote:
>Did anyone else catch the AP wire story
>(it ran here in the SF Chronicle on Thursday)
>about the Singapore government cracking
>down on "undesirable" (e.g., sex smut, anti-govt.
>postings etc.) content on web sites, usenet etc.
>Their basically forcing, by law, Singapore  ISPs to use
>proxy servers that contain the information
>that the govt. deems fit. 
>
>Scary if you ask me. But then they have a govt.
>that acts like it's the management of Disneyland.
>
>"Have a nice ride!"
>-B
>=====================================================
>Brendon Macaraeg
>http://www.itp.tsoa.nyu.edu/~brendonm 
>Finger macaragb at acf2.nyu.edu for my PGP Public Key
>
>
"Disneyland with the death penalty" To quote William Gibson.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMhXI9P+hzPlzwZAdAQFgNAgA0qjtwaCv+O8+Ye0OtCmxAzW0LBsXfRtK
1nZmbUqh5NIDHSviQrDDGEX1/Oajai1cpiCZtt3MbhlWUXWgzcbxOX2ZZDUA/4xc
4/TCBeRZ5lRfSnUeV0NhmLnrX4hgVuwMS+x0Z5LnkK0hg39GByMoiqM7MFJHKBQ3
PXTqSnGnNv+dDG1ZcClZff2JIAiNLHcxx8MOk60E9kLAPVYv2XAkID3FmuuHRS2G
6zPDe6Jlgs2tmCP8u5fQEnfaGYqQiUvfg8bqJt2x5BeMGJfY7Nbj0SureFZ7lQs6
/soG82FQkdUykewoOk+lnTJ3S3UY6am3GNwCFzPuMhfpuMizBzEF8g==
=RFbe
-----END PGP SIGNATURE-----
PGP encrypted mail preferred.  
E-Mail me for my key.
Scott J. Schryvers <schryver at radiks.net>






From Ryan.Russell at sybase.com  Sat Aug 17 10:22:50 1996
From: Ryan.Russell at sybase.com (Ryan Russell/SYBASE)
Date: Sun, 18 Aug 1996 01:22:50 +0800
Subject: Unix passwd-cracker online?
Message-ID: <9608171503.AA17207@notesgw2.sybase.com>


I've given this some thought before, and there are some optimizations
required...

First of all, assuming you have one plaintext password 
for every crypt()'d combo and salt (I think there are actually
a bunch of possible plaintexts for each encryption, but I'll assume
that we'll save the one that looks most like an english somethingorother
as any of them should work.)

If you just sort them,  you only need to store the 8 char plaintext,
which helps with the storage, and halves it approximatly (a little more,
actually.)  Now...Still too much sotrage for one system, but
if we had a network of machines around the Internet, with multi-gig
tape changers (i've seen 40GB changer things a discount places for $1000)
I figure DNS could server as a way of reaching the system that has the range
you want..say  we have maxhines named xJG*a.crackcrypt.com, with a leading
letter on each hostname, followed by enough characters to represent how
much of a range that system holds.

I don't have a back of the envelop handy, and it's too early in the morning...so
I'll do the calc later.

But, for a small fee, anything can be arranged :)

      Ryan

The real problem becomes regeneration when someone's tape
goes corrupt....
---------- Previous Message ----------
To: al177820
cc: cypherpunks
From: wmono @ Direct.CA (William Ono) @ smtp
Date: 08/17/96 01:27:53 AM
Subject: Re: Unix passwd-cracker online?

On Fri, 16 Aug 1996, Carlos L. Mariscal may have written:

> person has obtained a specific password by entering the desired 
> adresses'passord on a submnit form in a Web page.
[deletia]
> never have it if there really is such, but this came to my mind when i read 
> the posts  on the plate-numbers-in-Oregon polemica. I would appreciate 

Somehow I have a hard time believing this to be true.  I run crack, a
password searching program that uses a dictionary as its base, on my
/etc/passwd regularly to locate any users with easily guessed entries.
With ultra fast crypt (UFC), the fastest crypt() replacement I can find, I
can run through about 9700 passwords per second on this P6-150.

Now, this is a back-of-the-envelope calculation:  Assuming that the
password can be one to eight characters of the following:
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!@#$%^&*()
we find that we have a set of 72 characters.  That gives us
72^8 + 72^7 + 72^6 + 72^5 + 72^4 + 72^3 + 72^2 + 72^1 or
732376025552520 possible combinations.  At 9700 encryptions per second,
it would take my system 2401 years to brute force -one- password to 
completion.  That means that, most likely, if this 'locate password on
demand' system existed, it would not work in real time, or in any time
during any person's life.  Moore's Law might shorten this timeframe
considerably, but still not to any reasonable time frame.

Continuing with my back-of-the-envelope estimate, we have the length of a
crypt()'d password as being 13 characters.  The password in plaintext has
to follow, with a length of 8 characters.  At a size of 
732376025552520 * 21 characters, we would have a database of
15379896536602920 bytes, or 22565249 650mb CD-ROMs.  That's for the
passwords of one salt, without any formatting.  Even if we could achieve a
95% compression rate on this data (it is text, after all) we would end up
with 237528 CD-ROMs.

Most likely my set of characters will be found to be incorrect, but
anything that includes even a-z, A-Z, and 0-9 in one to eight character
combinations most likely will not be a favourable crack target.

Sorry, I don't think this is feasable, or possible.

(Please do correct my calculations if errors are detected, especially if
the corrected numbers make this possible.. it's getting late at night, and
my mind is fogging up, so these calculations/estimates/wild guesses may be
off more than usual. It does sound like an interesting project to
undertake, if it were possible, but not on my equipment!)


--    ** NOTE NEW KEY **  As of 08/28/95!  Old key 0x2902B621 COMPROMISED!
William Ono <wmono at direct.ca>                                PGP Key: F3F716BD
 fingerprint = A8 0D B9 0F 40 A7 D6 64  B3 00 04 74 FD A7 12 C9 = fingerprint
PGP-encrypted mail welcome!           "640k ought to be enough for everybody."









From smorri59 at icubed.net  Sat Aug 17 10:32:26 1996
From: smorri59 at icubed.net (ScottMorris)
Date: Sun, 18 Aug 1996 01:32:26 +0800
Subject: Unix passwd-cracker online?
Message-ID: <9608171527.AA26704@raptor.icubed.net>


At 01:27 AM 8/17/96 -0700, you wrote:
>On Fri, 16 Aug 1996, Carlos L. Mariscal may have written:
>
>> person has obtained a specific password by entering the desired 
>> adresses'passord on a submnit form in a Web page.
>[deletia]
>> never have it if there really is such, but this came to my mind when i read 
>> the posts  on the plate-numbers-in-Oregon polemica. I would appreciate 
>
>Somehow I have a hard time believing this to be true.  I run crack, a
>password searching program that uses a dictionary as its base, on my
>/etc/passwd regularly to locate any users with easily guessed entries.
>With ultra fast crypt (UFC), the fastest crypt() replacement I can find, I
>can run through about 9700 passwords per second on this P6-150.
>[snip]

   You of course are assuming they are using a Unix box. I commonly offload
the etc/passwd file to my pc (p-100) and run Crackerjack against the file.
With a single username a 5 meg wordlist will run in about 30 seconds
(mileage will vary).
    The concept is certainly interesting and is another case for good
passwords. Of course you need to get the password file first which is
another story for another group.

>Sorry, I don't think this is feasable, or possible.

     While I believe this is possible feasable is another story.

>(Please do correct my calculations if errors are detected, especially if
>the corrected numbers make this possible.. it's getting late at night, and
>my mind is fogging up, so these calculations/estimates/wild guesses may be
>off more than usual. It does sound like an interesting project to
>undertake, if it were possible, but not on my equipment!)
>
>
>--    ** NOTE NEW KEY **  As of 08/28/95!  Old key 0x2902B621 COMPROMISED!
>William Ono <wmono at direct.ca>                                PGP Key: F3F716BD
> fingerprint = A8 0D B9 0F 40 A7 D6 64  B3 00 04 74 FD A7 12 C9 = fingerprint
>PGP-encrypted mail welcome!           "640k ought to be enough

-----
Scott L. Morris			Systems Security Consultant
smorri59 at icubed.net		Data Forensics
Finger smorri59 at ally.ios.com for my pgp public key.






From gt4436c at prism.gatech.edu  Sat Aug 17 10:33:35 1996
From: gt4436c at prism.gatech.edu (Jeremy Mineweaser)
Date: Sun, 18 Aug 1996 01:33:35 +0800
Subject: No Subject
Message-ID: <2.2.32.19960817152631.00ac0158@glc20.residence.gatech.edu>


At 09:08 PM 8/16/96 +0800, rednax wrote:
>Speaking of NT, I downloaded the full version of msie 3.0 the other day but
>when I tried installing it, an error message came up saying that it requires
>a Win95 or WinNT4.0 build of 1381 or higher. I am currently running NT 4.0b
>that has a build of 1314, does anyone know of where is the upgrade or
>service packs(if available)? I have tried looking around microsoft.com, but
>they neither provided any detail nor did they provide an e-mail.

Build 1381 is the final release of NT 4.0, not a beta version.  Build 1381 was
released to OEMs about a week and a half ago.  It should reach a retail outlet
near you before September.

There is no free upgrade from the beta version of NT 4.0 to the final version.
You may want to purchase a copy from Microsoft, or sit in IRC for a while and
wait for someone to hand it to you.


---
  Jeremy L. Mineweaser   | GCS/E d->-- s:- a--- C++(+++)$ ULC++(++++)>$ P+>++$
gt4436c at prism.gatech.edu | L+>++ E-(---)  W++ N+  !o-- K+>++  w+(++++) O-  M--
                         | V-(--) PS+(--) PE++ Y++>$ PGP++>+++$ t+() 5 X+ R+()
    *ai*vr*vx*crypto*    | tv(+)  b++>+++ DI+(++)  D+  G++ e>+++  h-() r-@ !y- 







From furballs at netcom.com  Sat Aug 17 11:03:46 1996
From: furballs at netcom.com (Paul S. Penrod)
Date: Sun, 18 Aug 1996 02:03:46 +0800
Subject: Lunch with Bill, anyone?
In-Reply-To: <32153700.41C6@ai.mit.edu>
Message-ID: <Pine.3.89.9608170814.A2211-0100000@netcom>




On Fri, 16 Aug 1996, the glorious Hallam-Baker prognosticated:

> John C. Randolph wrote:
> 
> > Does Microsquish *know* any industry luminaries?  I mean, Cutler
> > used to be one, but he's pretty burnt out, if Windoze NT is any
> > indication.
> 
> Butler Lampson and Rashid are both pretty hot. Cutler got NT
> to a workable state considerably faster than he got VMS to
> one. 
> 
> There are many computer companies that are full of Bozos,
> Microsoft isn't one of them. Most of the people griping about
> Microsoft can't code any better. 
> 

Depends. If it's media, then you are correct. If it's technical, then 
you're not. The biggest complaints about MS I hear come from people that 
actually know what they are talking about and are damn good at it.

> I'm interested that Navigator 3b6 crashes several times daily 
> while Internet Explorer has yet to crash on me. I couldn't
> care less about fancy features, at this stage I want a browser
> that is reliable - like they used to be.
> 
> 		Phill
> 

This is why it's called a "Beta" Phill...

As for reliable, there is no such thing... there is only MTBF.

...Paul






From whallen at capitalnet.com  Sat Aug 17 12:01:44 1996
From: whallen at capitalnet.com (Wayne H. Allen)
Date: Sun, 18 Aug 1996 03:01:44 +0800
Subject: "world communications being monitored"
Message-ID: <199608171646.MAA01774@ginger.capitalnet.com>


At 08:44 PM 8/16/96 -0700, Vladimir Z. Nuri wrote:
>
>------- Forwarded Message
>From: "Mat Guthrie" <matguthrie at enterprise.net>
>To: mmlist-l at newciv.org
>Date: Wed, 14 Aug 1996 20:14:39 +0000
>Subject: All Int' Communications Are Monitored
>
>
>- - ->  SearchNet's   snetnews   Mailing List
>
>Hi there all,
>
>I heard an amazing news report on the radio today, that confirmed
>what I've heard and suspected for a long time - all international
>communications *are* continually being monitored!!

    No, what this guy heard was a book report. I don't know how
well a writer Mr. Hager is but if he doesn't have proper documentation
then he confirms nothing. 

>
>The report was on "The World at One" news report on BBC Radio 4 -
>about as respected, reliable and informative a source as any
>mainstream media is ever likely to be. The feature spoke about a
>book that's come out in New Zealand called "Secret Power" by Nicky
>Hager, that has been endorsed by the former (?) Prime Minister of New
>Zealand himself. It supposedly goes into great detail about an
>international agreement called "Echelon" of which the US, UK,
>France, New Zealand, Australia and several other nations are all
>participants. According to Nicky Hager - who was interviewed on the
>program - a system of monitoring stations have been set up in various
>countries in the world that continually monitor ALL fax, email,
>telephone and satellite communications etc, "sniffing" for keywords
>using super computers. When these key words are identified the
>information is automatically logged and according to Hager, sent
>directly to the US intelligence services.
>
>Now whilst many of us have undoubtedly come across this sort of
>information before and undoubtedly many of us have probably scoffed
>at such ascertions as merely impossible and blatantly paranoid,
>something very significant sets this report apart. Before the book
>was published, Hager went with his manuscript to the New Zealand
>Prime Minister who had been responsible for signing NZ up to the
>agreement (I got the impression that he is no longer in power). 

    If anyone cares to look up the political history of the western
Pacific rim, it would seem very suspicious that N.Z and Australia would
have any intelligence commitment with France at all.



>Anyway, the PM was so shocked by the revelations that the book 
>contained, that he has written the forward to the book. Supposedly he 
>says that he had no idea of the true nature of the agreement and the 
>powers which it bestowed on the intelligence services and is 
>obviously trying to distance himself from the storm that's beginning 
>to brew up about it. Maybe he's just covering his arse or maybe he 
>was just another puppet head of government who wasn't properly 
>informed about what was really taking place in his own country, but 
>either way, the fact that he has got involved with the book adds 
>considerable credibility to it's claims.

    If the PM has no credibility (his saying he knew nothing) how does
his input add credibility to the book?



 Those of you who have often 
>said that such wide-scale monitoring is "obviously impossible" might 
>be wise to re-evaluate your positions!
>

    Those of us in-the-know won't be reevaluating anything. Save your
money and wait for the book to get into the local library. Better to
spend your money on David's book on Enigma.


Wayne H.Allen
whallen at capitalnet.com
Pgp key at www.capitalnet.com/~whallen






From rah at shipwright.com  Sat Aug 17 12:10:16 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Sun, 18 Aug 1996 03:10:16 +0800
Subject: Protecting floating datahavens?
In-Reply-To: <199608170000.RAA08637@toad.com>
Message-ID: <v0300780aae3b8f84c7b2@[206.119.69.46]>


At 8:04 PM -0400 8/16/96, Bill Stewart wrote:
> There's also a Laissez-Faire City project, which proposes to lease a
> 10-mile-square chunk of land to rent from any cooperative third-world
> government for 50 years or so with a deal of local autonomy.
> It's much less threatening to the Old World Order than calling yourself
> a country, and you've got a government which is making money by
> leaving you alone that at least discourages the most likely invaders
> (itself, and the US) without having to provide much national defense.
> Who knows, maybe they'll actually do something, and rent a chunk of
> Costa Rica or Somaliland or whatever.

Along these lines, there was some comment in the latest Forbes billionaire list issue about a guy who's trying to do something like this in the Phillipenes. I don't think he's going the "total local autonomy" route, but he's definitely doing the Jack Kemp "enterprize" zone, no-tax-on-anything trick. 

However, as Black Unicorn has noted here before, the Phillipenes are the only other country besides the USofA where citizens are taxed any income you get, no matter where on earth you actually earn it. (An outcome of the Marcos expulsion, I think). Getting from those kinds of confiscatory laws to no taxes at all will be some mean trick. Given that the Phillipenes, "People Power" or no, could be charitably be called a plutocracy at best, and a cleptocracy at worst, I wish this guy luck. Him being a plutocrat himself may help. 

Not that I have anything against plutocrats, mind you. Want to be one myself, someday. Well, "pluto", anyway. I guess it's the "cracy" part of "plutocracy" that gets my undies in a bunch...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From jamesd at echeque.com  Sat Aug 17 12:25:00 1996
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 18 Aug 1996 03:25:00 +0800
Subject: Imprisoned Capital
Message-ID: <199608171713.KAA21889@dns1.noc.best.net>


[In response the argument that attempts to imprison capital will cause 
capital flight]

At 10:50 PM 8/16/96 +-200, Bart  Croughs wrote:
> This is a good point when you talk about governments that will 
> prevent *all* capital from flowing out. But a government could 
> prevent the outflow of capital of it's own citizens, and still 
> allow capital of foreigners to leave the country. As long as 
> foreign capital isn't imprisoned, foreign capital could be 
> attracted.

Been tried.  Does not work.

1.  If foreign capital is allowed to freely enter and leave, internal
players find ways to sneak their capital out.  This forces the
government to start regulating and supervising foreign businessmen
in ways that at best terrify them (such controls look very much
like creeping confiscation), and at worst cause them huge harm
with no real benefits to anyone.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From bart.croughs at tip.nl  Sat Aug 17 12:49:21 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Sun, 18 Aug 1996 03:49:21 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB8C73.39F4E8E0@groningen12.pop.tip.nl>


	Timothy May wrote:

      >Others have shown how meaningless your repeated calls for a proof are, as
      >so many assumptions must be carefully spelled out.

>To give an example of how hard the situation is to analyze, consider the
>computer and chip industries. (If you argue that your "theorem" is for
>nations in the aggregate, and not any particular companies or even
>industries, then I will maintain that my example holds pretty much true for
>automobiles, pharmaceuticals, chemicals, and so on._

>The computer and chip industries move certain investments abroad, to
>Malaysia, the Phillipines, Indonesia, Mexico, and so forth. But by moving
>these investments abroad, they believe their net market size,
>profitability, shareholder value, etc., will be enhanced. Else they
>wouldn't do it.

>Multiply this by all the industries....

>Now, would "the economy" be "better off" if Intel, say, had not moved
>assembly operations to Malaysia in the 1970s? Perhaps Intel would now be
>bankrupt and gone, as so many of its rivals of the time are now gone and
>barely remembered.
>You see the problem? Who can say what "better off" is, given that we can't
>run history down alternate paths as an experiment.

>Your one-track mind is truly astounding. We've had kooks and oddballs on
>the list before, but never one who has written a dozen or more posts asking
>the same ill-phrased question over and over again.

So you say that my question can't be answered because the situation is too difficult to analyze, "given that we can't run history down alternate paths as an experiment." The situation is indeed hopelessly difficult if you think that economics is an empirical (experimental) science. But, as an Austrian, you should know that economics isn't an empirical science; it's a science that deals with the logic of human action. It starts from the axiom of human action, and all the other axioms of economics follow from this axiom by deductive reasoning. This is called the praxeological method. The answer to economic problems can only be given by reasoning, not by running experiments in the real world. Read Mises (Human action), Rothbard (Man, economy and state) etc. for further information. To prevent you from claiming this isn't true, I will quote Rothbard (in 'The foundations of modern Austrian economics', p. 19, ed. E. Dolan): "Praxeology rests on the fundamental axiom that individual human beings act(...) The praxeological method spins out by verbal deduction the logical implications of that primordial fact." etc.
So, it really doesn't matter at all that we can't run history down alternate paths as an experiment, because the kind of empirical 'data' that such experiments would generate are not very helpful in the first place. Fortunately, situations that are at first sight hopelessly difficult can sometimes be analyzed and simplified by performing a thought experiment. That's what I did when I offered my 'reductio ad absurdum' proof. I didn't use empirical data, I used logic and reasoning; that's the way it should be done in economics. So far, you didn't rebut the proof I offered. You only argue that my proof must be wrong because the situation is too difficult to analyze because of all the empirical data that are lacking. That argument is, as I explained above, not to the point. And the fact that you take refuge in name-calling makes me suspect that subconsciously you don't find it very to the point yourself either.
I understand it's not pleasant to be rebutted every time you answer my posts, but I fear it's something you will have to get used to. Of course, you could also consider making better arguments (after reading the books I suggested), or else stop posting on the subject.

Bart Croughs





From clopez at nayar.uan.mx  Sat Aug 17 12:58:18 1996
From: clopez at nayar.uan.mx (Carlos L. Mariscal)
Date: Sun, 18 Aug 1996 03:58:18 +0800
Subject: Unix passwd-cracker online?
In-Reply-To: <Pine.LNX.3.94.960817000216.1458B-100000@crash.direct.ca>
Message-ID: <Pine.SUN.3.91.960817120330.9586A-100000@aramara.uan.mx>



	Well, as for William's calculations, my ideas have been 
confirmed. What I still think may be possible is a fast search on 
/etc/passwd for blank entries or Obvious (login name, reverse login name, 
etc) password entries, right? Still, ik think it would be fairly illegal; 
not assuming EVERYthing on the net is 100% legal...


	thanx Will

    __       
    ||     
   ====         'If you can dream of it
   |  |__       then you can manage it'
   |  |-.\     
   |__|  \\         clopez at nayar.uan.mx
    ||   ||         
  ======__|     
 ________||__   
/____________\   Carlos L. Mariscal






From dbell at maths.tcd.ie  Sat Aug 17 13:00:08 1996
From: dbell at maths.tcd.ie (Derek Bell)
Date: Sun, 18 Aug 1996 04:00:08 +0800
Subject: Orbiting Datahavens
In-Reply-To: <32155657.53661@mail.aa.net>
Message-ID: <9608171851.aa04986@salmon.maths.tcd.ie>


In message <32155657.53661 at mail.aa.net>, "Brian C. Lane" writes:
>  How about an orbiting DataHaven. No jurisdiction to bother with,
>extremely difficult to get to (except by large governments...). You could
>put together a couple of Linux boxes with a RAID system, some backups and a
>large solar panel and have a very nice, secure DataHaven.

	Wouldn't you have to use military-grade chips for the hardware? (Or
whatever the type is - it had better survive launch, not to mention solar
flares.)

>  Granted, you wouldn't have all the fun of floating around the south
>pacific fending off pirates and navies who are after your data, but it
>would work. Might even be cheaper than outfitting the oil-ring with the
>rate that they are tossing satellites into space.

	Well, there would be less need to make it hurricane proof! :-)

>  If the HAM radio community can get a satellite into space, why not the
>Cypherpunks/Linux communities?

	Wow - I've been out of touch with space programmes in the last few
years - which satellite was this? (The HAM radio one?)

	Anyone have any reccomendations for good web sites on
satellites/rockets/space science in general?

	Here's a couple of ESA URLs to start the ball rolling:
ARIANE 5 Failure - Full Report
European Space Agency


	I'm not sure who would launch it - a Japanese launcher? (ESA is
strapped for cash, which was one reason for the phenomenaly stupid move of
putting space probes onto the maiden flight of the Ariane 5.)

	Derek





From m5 at vail.tivoli.com  Sat Aug 17 13:18:15 1996
From: m5 at vail.tivoli.com (Mike McNally)
Date: Sun, 18 Aug 1996 04:18:15 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
In-Reply-To: <01BB8C73.39F4E8E0@groningen12.pop.tip.nl>
Message-ID: <32160AF1.3B14@vail.tivoli.com>


A fan's notes:

Bart Croughs wrote in one enormously long line:
> ...

Mr. Croughs, would you *please* have someone help you locate the 
"Return" key on your keyboard, and then press it every once in a
while?

> ... better arguments (after reading the books I suggested)

Like what is it with you and these books?  Is "Austrian" a code word
for "Divine omniscient extraterrestrial super-being"?

Through all this sophist gibberish I've completely lost track of
what exactly it is you're trying to say.

______c_________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX * For the time being,
       m5 at tivoli.com * m101 at io.com       *    
      <URL:http://www.io.com/~m101>      * three heads and eight arms.





From vldiaz at adnc.com  Sat Aug 17 13:46:29 1996
From: vldiaz at adnc.com (Vincent L. Diaz)
Date: Sun, 18 Aug 1996 04:46:29 +0800
Subject: Software manpower exports and the power of governments
Message-ID: <2.2.16.19960817114626.24776196@mail.adnc.com>


At 06:17 PM 8/17/96 +0600, you wrote:
>In the case
>of Coke, I can understand the government not wanting to spend
>precious foreign exchange on sugared water in a country where
>there is a serious shortage of drinking water. Tim made the
>perfectly valid point that such decisions cost the country in
>reputation, but the Indian government doesn't mind loss of
>reputation in matters it firmly believes in, as in the current CTBT
discussion. 

There is a central point here that you are missing. Many of us here believe
in the absolute, sovereign freedom of the individual. 

Governments should only be minimally involved with the earning of
individuals. Control over the distribution of currency abroad, (i.e. foreign
exchange controls) is definitely not one of them.

As I understand the story of Coke in India, New Delhi was bent, among other
things, on stealing proprietary information, (i.e. the formula for Coke)
from the company. In short, they told Coke that they could stay only on
condition that the formula was turned over to New Delhi.

Yes, they cloaked their proposed theft in high sound nationalistic tripe,
however it was nothing but a blatant attempt to steal what was not theirs.

I do not claim a complete knowledge about the availability of fresh water on
the Indian Sub-Continent. But I would be willing to wager that lack of
progress in this area was severely hampered due to the typical, Statist
meddling of the Indian government in the lives of its own people.

It is immoral for any government to interfere in the personal choices of
free men and women. If any person wishes to partake of a high quality, and
probably locally expensive soft drink in preference to either local brands
or water, scare or not, such a choice should be left to them, not to an
Collectivist cabal of bureaucrats. 

What the Socialist Governments of India have never comprehended is that a
government intent on doing you good is capable of doing you out of
everything you own!

Simplistic? Yes......simplicity is one of freedom's chief virtues. 






Regards,

VINCENT L. DIAZ
U-SAVE COMMUNICATIONS
Business Line: 619-277-2411
Fax Line:         619-277-0298
http://www.cognigen.com/agencies/






From eb at comsec.com  Sat Aug 17 14:14:57 1996
From: eb at comsec.com (Eric Blossom)
Date: Sun, 18 Aug 1996 05:14:57 +0800
Subject: CS8191 data sheet and ordering info...
Message-ID: <199608171837.LAA20948@comsec.com>


Attached is the ascii version of the data sheet, followed by ordering
information.  Full protocol specifications will be available in about
2 weeks.

Eric

----------------------------------------------------------------

                Communication Security Corporation
            CS8191 Triple-DES Telephone Privacy Device

With the growing number of tools available to assist in wiretapping,
anyone using a telephone in the '90's is vulnerable to unwanted
eavesdropping. With many of today's standard technologies, anyone can
gain access to our most private of conversations. As a result, the
telecommunications industry has an increasing need for private, secure
voice communication devices. The Communication Security Corporation
has dedicated its resources to addressing this need by designing the
CS8191, our flagship product and the most secure telephone privacy
protection available.


Unsurpassed Security 
 
Truly open, encryption technology is at the heart of the CS8191
telephone security unit. With the press of a button, the CS8191 is
activated. Within seconds your conversation is kept secure from the
intrusion of any type of wiretapping.


Open-Standard Encryption  

How are you assured that your tele-security unit is really working to
protect your telecommunications? In truth, the "trust-us" proprietary
solutions used by competing products are an indication of weak privacy
protection. They "hide" from the user, the ability to verify proper
functioning of the unit.

Communication Security provides users with the best privacy protection
by incorporating leading-edge encryption technology that utilizes the
power of truly open standards. Our commitment to an open specification
allows sophisticated users the ability to "check under the hood" and
evaluate the security attributes of the system. 


Portable And Easy To Use 
 
The CS8191 has been designed to work with conventional analog
telephone systems (POTS). The unit connects between your telephone and
the wall, much like a telephone answering machine. Plug in the power,
and that's it. In "clear mode" your telephone continues to work as it
normally does. To begin an encrypted conversation, simply press the
'go secure' button and wait for the green light to come on. The system
is easy to use and compact, making it the perfect telephone security
solution for home, travel or office use.

 
Superior Performance 
 
* As a standard component, Communication Security has incorporated a
  leading-edge speech coder for clarity unsurpassed in secure telephone
  devices, to date.

* Voice clarity is virtually undisturbed whether the system is in secure
  or clear mode.   

* LED indicators on the unit let you know instantly that your call is being
  transmitted securely.   

 
Service And Support

The Communication Security Corporation provides a one year warranty for all
parts and labor. Upgrades are included in the price of the CS8191 and are
available under the terms of the warranty. 
  

For More Information

To get more information on securing your phone communications, send
email to info at comsec.com or call (707) 577-0409, fax (707) 577-0413.


Features			Benefits

* Open standard	encryption	Allows independent evaluation and
				verification of protocol and behavior

* Excellent speech quality	Superior clarity is assured with leading-edge
				speech coder as a standard component

* Auto Secure			Allows for secure, unattended
				operation for all-hours data protection

* Small size and weight		Makes the CS8191 the perfect solution for
				secure home, office or travel telephone
				communications

Specifications:

 Modem

 * ITU V.32bis (14,400 bits/sec)

 Interfaces

 * Two buttons (Go Secure, Go Clear)

 * Two LEDs (Secure, Clear)

 * External power supply

 * Two modular phone jacks
 
 Power

 * Input voltage: 110 volts AC, 50-60 Hz.
 
 Approvals

 * FCC, part 15 and 68

 Warranty

 * 12 months parts and labor

 Software Upgrades

 * One year of upgrades included in purchase price

 Voice Nodes

 * Clear voice

 * Secure voice 

 Secure Mode Speech Compression

 * International standard GSM 06.10 full rate speech transcoding 
   (13,000 bits/sec)


Notes:

 * Specifications subject to change without notice.

 * Government regulations apply for export license.

 * Completing the circle of secure communication requires the receiving
   end of your call to also have a CS8191 unit connected to their phone.


Cryptographic Details:

* Unique session key generated for each conversation using Diffie-Hellman
  exponential key exchange (2048 bit modulus) (U.S. Patent No. 4,200,770
  licensed by Cylink Corporation)

* Defense against "man in the middle" active attack using interleave
  protocol combined with voice verification of six digit key name derived
  from the public exponentials

* Hardware Random number generator based on Johnson noise

* Three Key Triple-DES (168 bit key), operating in modified counter mode.
 
* No back door, "Key-Escrow" or GAK

* Open standard. Full protocol specifications available.


Communication Security Corporation
1275 Fourth St. Suite 194  Santa Rosa, CA 95404
Tel: 707-577-0409  Fax: 707-577-0413
info at comsec.com 


----------------------------------------------------------------

     Yes,  I want real telephone privacy protection!


Send me ________ CS8191's at $995.00 each:      $____________

Shipping and Handling:				$_______10.00

California residents add sales tax:		$____________

Total:						$____________


I'm paying with Check or M/O ____  Visa / MC ____

Name on Card:______________________________

Card Number:_______________________________

Exp. Date:__________


Ship To:


_________________________________________


_________________________________________


_________________________________________


__________________________________________



Allow 6-8 weeks for delivery.


I am a US citizen or "Lawful Permanent Resident"   Yes____   No____


Make checks payable to: Communication Security Corp.

Mail or fax this order form to:

	Communication Security Corp.
	1275 Fourth St., Suite 194
	Santa Rosa, CA 95404
	v: 707-577-0409
	f: 707-577-0413







From dougr at skypoint-gw.globelle.com  Sat Aug 17 14:18:24 1996
From: dougr at skypoint-gw.globelle.com (Douglas B. Renner)
Date: Sun, 18 Aug 1996 05:18:24 +0800
Subject: "world communications being monitored"
In-Reply-To: <199608170344.UAA05092@netcom22.netcom.com>
Message-ID: <Pine.3.89.9608171644.A13951-0100000@skypoint-gw.globelle.com>




On Fri, 16 Aug 1996, Vladimir Z. Nuri wrote:
> I heard an amazing news report on the radio today, that confirmed
> what I've heard and suspected for a long time - all international
> communications *are* continually being monitored!!

Yes, this has been public record information for at least 15 years.

> program - a system of monitoring stations have been set up in various
> countries in the world that continually monitor ALL fax, email,
> telephone and satellite communications etc, "sniffing" for keywords
> using super computers. When these key words are identified the
> information is automatically logged and according to Hager, sent
> directly to the US intelligence services.

Which is located in Ft. Meade, etc etc.  Yes, we know.  That's why the 
big interest on this list for military grade encryption for ensuring the 
privacy of personal communications.  It's also why there's such a big 
push by governments for key escrow technology.  Governments want to keep 
this "edge", the existence of which hasn't yet penetrated popular awareness.

For more information on the subject, search some magazine indices or 
archives of this list for the keywords NSA or National Security Agency.
A surprising amount of information, including all of what you've mentioned, 
and more, is readily available in the public record.





From mch at squirrel.com  Sat Aug 17 14:18:33 1996
From: mch at squirrel.com (Mark C. Henderson)
Date: Sun, 18 Aug 1996 05:18:33 +0800
Subject: proxy servers in Singapore
In-Reply-To: <199608171424.JAA26755@sr.radiks.net>
Message-ID: <9608171227.TE25432@squirrel.com>


> >Did anyone else catch the AP wire story
> >(it ran here in the SF Chronicle on Thursday)
> >about the Singapore government cracking
> >down on "undesirable" (e.g., sex smut, anti-govt.
> >postings etc.) content on web sites, usenet etc.
> >Their basically forcing, by law, Singapore  ISPs to use
> >proxy servers that contain the information
> >that the govt. deems fit. 

A copy of the regulations is available from
http://www.gov.sg/sba/netreg/regrel.htm

One of the providers in Singapore (singnet) has the following 
page up about the proxy server that Singnet customers will be forced
to use
http://www.singnet.com.sg/cache/sbareg.html

Scary stuff. But pretty much everything I hear about Singapore is
pretty scary.

I'm wondering if they'll implement this by blocking direct 
connectivity from their customers machines for TCP with the 
destination ports commonly used by http, ftp, etc. thus allowing 
people to do things not supported by the proxy and to get around the 
blocking pretty easily, or if they'll just block all direct IP 
connectivity between their customers and the rest of the Internet, so 
people in Singapore will be reduced to viewing the Internet as 
nothing more than the WWW. 


-- 
Mark Henderson -- mch at squirrel.com, henderso at netcom.com, markh at wimsey.bc.ca
ViaCrypt PGP Key Fingerprint: 21 F6 AF 2B 6A 8A 0B E1  A1 2A 2A 06 4A D5 92 46
unstrip for Solaris, Wimsey crypto archive, TECO, computer security links,
change-sun-hostid, Sun NVRAM/hostid FAQ - http://www.squirrel.com/squirrel/





From vince at offshore.com.ai  Sat Aug 17 14:22:12 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Sun, 18 Aug 1996 05:22:12 +0800
Subject: US Taxes on X-Pats
In-Reply-To: <Pine.LNX.3.91.960817152032.21032A-100000@offshore>
Message-ID: <Pine.LNX.3.91.960817152107.21014B-100000@offshore>



Robert Hettinga <rah at shipwright.com>
> However, as Black Unicorn has noted here before, the Phillipenes are the
>only other country besides the USofA where citizens are taxed any income
>you get, no matter where on earth you actually earn it.

It is not exactly that bad if you are outside the USA. I got ahold of the
IRS codes on this before I left the USA (so about 2 years ago).  The rule
then was that the first $70,000 you earned was tax free if you were
outside the USA for 330 days or more of the year.  From another x-pat in
Anguilla I heard that the $70 K had been increased. 

If you live outside the USA and have a corporation outside the USA, you
might prefer that the corporation buy a company yacht rather than pay you
more than $70 K.  And at least on this tropical island, $70,000 tax free
would go a very long way. 

It is true that if you are getting dividends and interest on your fortune
that moving outside the USA won't help, unless you get rid of your 
US citizenship.  And the USA wants you to pay capital gains on your
fortune as if you sold everything for cash right before you got rid of
your US citizenship.  So it seems best to get rid of it before you
are really rich.  :-)

   --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/







From unicorn at schloss.li  Sat Aug 17 14:56:32 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Sun, 18 Aug 1996 05:56:32 +0800
Subject: [NOISE] "X-Ray Gun" for imperceptible searches (fwd)
In-Reply-To: <199608170314.WAA11946@einstein>
Message-ID: <Pine.SUN.3.94.960817151658.4248A-100000@polaris>


On Fri, 16 Aug 1996, Jim Choate wrote:


[Constitutional Arguments Deleted]

> > And, I might add, there is a different standard for voice communications
> > however carried.  The heat from a indoor pot garden is a different matter,
> > and incidently, the matter on which the question was presented.
> 
> I have to disagree. The issue is not what is being carried on the medium but
> rather can I measure that medium without a warrant if I am a officer of the
> court or empowered by law as the police. Implicit in this question is the
> fact that my goal is to gather information to be presented to a court for
> legal action against the party being monitored. This was a strawman that the
> court fell for, the defence attorney didn't understand the technology either.
>
> To argue that if I measure some quantity and no modulation is present I may
> present that as evidence, but if modulation is present then I need a warrant
> to even measure it is ludicrous and screams 'alterior motive'. I would say
> that the argument of the state of the light (ie on/off) is modulation and
> therefore may be extended to limit unwarranted measurement.

Then one reaches the absolutely unteniable position that the light
reflected off the criminal while he shoots the victim 5 times in the chest
in cold blood cannot be intercepted by a law enforcement officer (or if we
extend your citizen = law enforcement officer analogy, also a citizen)
without a warrant.
 
> So, all I need to do is to modulate the IR lamps with a commen radio. Then
> they can watch all they want with cameras and such. No warrant, no evidence.
> Do you figure X-10 modulation would qualify? Wouldn't the on/off caused by
> the AC power qualify as modulation of the light?

The crux of the argument is the "expectation of privacy" reasoning laid
down in e.g., Katz v. U.S., 389 U.S. 347 (1967) ("What a person knowingly
exposes to the public, even in his own home or office, is not a subject of
Fourth Amendment protection.... But what he seeks to preserve as private,
even in an area accessible to the public, may be constitutionally
protected."); California v. Greenwood, 486 U.S. 35 (1988); Smith v.
Maryland, 442 U.S. 735 (1979) ("A person has no legitimate expectation of
privacy in information he voluntarily turns over to third parties.") and
Florida v. Riley, 488 U.S. 445 (1989) (Involving the warrantless "search"
of a greenhouse from a helocopter 400 feet above).

All the "but it's modulated" arguments in the world mean nothing.

I understand your position, unfortunately the Supreme Court simply does
not agree with you.

> > > States such as N. Carolina (per extension via the 14th) should be 
> > > prohibited from regulating or otherwise controlling possesion and use
> > > of radar detectors (in this case) which are currently illegal for
> > > private persons to operate.
> > 
> > There is the additional matter of the obstruction of justice issues..
> 
> Obstruction of what justice? The goal is to keep the speed down so people
> are not killed. It is NOT to give the police a means to gather operating
> funds. If the police were honest in this pursuit they would sit on the side
> of the road radaring to their hearts content as long as their lights were on
> indicating they were actively on duty while everyone else zoomed along
> listening to their detectors buzz. Yes, we would have much less money from
> tickets but we would have many more living people paying taxes as well. I
> also suspect that if this were implimented it would take many fewer police
> to regulate traffic further reducing the needs for money. The law was
> specificaly and openly put in place because the radar detector decreased the
> chances of the police from catching and ticketing you, somewhat different
> than enforcing public safety.

Exactly, so the law prevented anyone who felt like it from breaking the
law with impunity because of a little box.  That's obstruction of justice.
"Well sure I slow down when I see a police officer, so I'm obeying the
law."

You also have to be carefuly about arguing for or against the legitimacy
of the law intermixed with arguments about the legitimacy of enforcement.

> The police in a democratic society should never be allowed to skulk around
> monitoring the populace.

Well, this position is highly subjective and so broad as to be a bit
suspect.  What about beat cops?  I could read the above to prohibit them.

Sit around and wait until called, is that your position?

I'm not saying it's reasonable or unreasonable, just a bit extreme.

> Cops hiding in the bushes and other such tactics are not law enforcement but
> rather state sanctioned theft. Gives 'highwayman' a whole new slant.

Again, this is subjective.  I don't much like speed enforcement either,
but one could as easly say "cops staking out a suspected site of a robbery
and hiding in vans or other such tactics are not law enforcement."

> The argument that by allowing such activity the police are prohibited from
> catching criminals ignores the fact that the police are firstly enforced
> with public safety. Their primary job is to PREVENT the incident within
> their operating parameters and only secondarily to apprehend participants
> after the fact.

Well, I think this ignores their anticipated deterrant effect, which goes
directly to public safety, but this is going way afield.

> Again, a strawman the courts and lots of others have swallowed.
> 
> > >I< tend to agree with you, but I see the arguments on the other side as
> > well.
> 
> I also see the other side, I believe the Constitutional approach that I
> advocate can meet and defeat any argument they may present PROVIDED the
> court does not have a alterior motive of sustaining the status quo but
> rather an open goal of enforcing the Constitution for life, liberty, and the
> pursuit of happiness.

Well, I tend to side with you, believe it or not, but your position is a
bit idealistic.  One must also approach the practical needs of law and
order.

> I believe that is a rare find indeed. Don't get me wrong. I estimate the
> chance of my success to win support, let alone actualy getting any of it
> implimented, as pretty close to nil. But if I don't discuss it on public
> forums such as this then who else will?

Point taken.

> > > If the police don't need a warrant to
> > > collect information then citizens are equaly able to recieve that
> > > information as well.
> > 
> > How EXACTLY does this follow?
> 
> Because courts, not police are empowered to search. Constitutionaly a police
> officer may detain you (by local law) but he may NOT search you until presented
> to a magistrate. This is what was meant by 'fair and speedy trial'. 

The above is incorrect.  There are MANY instances where police are
empowered to affect warrentless searches.

> > > Since the above ruling states that as long as the
> > > emissions are eminating from the site and the reception takes place
> > > other than at the site (in this case, being inside the police car)
> > > , perhaps along a public highway, then no privacy is involved. This
> > > means that citizens have a right, by extension, to know when they are
> > > being beamed by radar.
> > 
> > Again, you need to distinguish law enforcement purposes and private
> > purposes.
> 
> Constitutionaly there is no distinction. Police are citizens also.

State action and private action, a very serious and bright line
distinction exists.

> > > This same chain of logic can be extended to cell phones and such as
> > > well.
> > 
> > And yet you need a warrant to intercept cell phone conversation.
> 
> Exactly, and by extension you should need a warrant to monitor ANY other
> form of EM radiation when acting as a officer of the court collecting
> information or evidence relating to possible or existing proceedings.

Your argument amounts to the existance of bright line constitutionally
protected "areas."  This argument is an interesting one but it poses many
many practical problems and has been explicitly rejected by the Supreme
Court.

> > > This connection is even clearer when one realizes that the only difference
> > > between IR and your cell phone eminations is frequency. The intermediate
> > > vector boson in both cases is a photon.
> > 
> > And the fact that cellphones carry voice communications.
> 
> Is irrelevant. You can't know that fact without first measuring the medium.
> Sorta defeats the whole purpose. You have to measure it to determine if you
> can measure it, stupid or premeditated misrepresentation.

You must remember, the only sanction for violating the rule is exclusion.
Police can monitor it all they like, they just can present it as evidence.
So, if they were to monitor it and discover that it contained no
modulation, what's the harm?  If they discover modulation, they go for a
warrant.

> > > It is similar to arresting somebody for wearing a blue shirt but letting
> > > the person wearing the red shirt go free.
> > 
> > ANd having the blue shirt say "kill the president" maybe would even out
> > your example.
> 
> How? It certainly raises the spectre of 'strawman'. Attempting to change the
> subject to 'freedom of speech' is not a respectable tactic. What is on the
> shirt is irrelevant.

No, it was pointing out the difference between a communication and a blank
shirt.  What is on the shirt may be irrelevant, but the fact that it says
something is not.

>                                                   Jim Choate

In any event, I propose we move this to private mail.

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From tcmay at got.net  Sat Aug 17 15:15:11 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 18 Aug 1996 06:15:11 +0800
Subject: Ad Hoc Bay Area Cypherpunks Thing--Sat., 24 Aug, 3 pm, Menlo Park
Message-ID: <ae3b79331402100447b0@[205.199.118.202]>


At 9:45 AM 8/17/96, aba at atlas.ex.ac.uk wrote:
>Living in the UK, I really don't have that much idea where the people
>on the list I've gotten to know over the years live.
>
>I will be over in the San Francisco / Redwood City area next Saturday
>(24th), if anyone I know would like to meet, exchange keys, have a
>chat about crypto/cypherpunks stuff, mail me.
>
>Also if there is any regular cpunks meeting in this area which
>coincides, let me know!

(I passed this message by Adam Back, and he can make this schedule. So,
here it is. Unless serious objections are raised--e.g., a conflict with
another party--I suggest we do this.)

There is no Cypherpunks event scheduled for that Saturday, but we can have
an ad hoc gathering, informally arranged. I suggest meeting at 3 p.m. at
Cody's Bookstore, on El Camino Real in Menlo Park (hard to miss). Or at the
coffee shop next to it...either should be sufficient Schelling points to
nucleate a group.

>From there we can adjourn to someplace for food.

This should be close enough (a few miles) from Redwood City...a lot closer
for Adam that the 50 miles for me. But I always need good excuses to visit
the Valley.

--Tim

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From distribution-request at sevenlocks.com  Sat Aug 17 15:21:22 1996
From: distribution-request at sevenlocks.com (distribution-request at sevenlocks.com)
Date: Sun, 18 Aug 1996 06:21:22 +0800
Subject: distribution Digest - V01 #02
Message-ID: <19960816000246.a29add4e.in@wwwserver.cqi.com>


distribution Digest    Fri, 16 Aug 1996 00:01:50 Eastern Daylight Time   V01 #02

Today's topics:
     'new security information available'
     'new security information available'

----------------------------------------------------------------------

Date: Thu, 15 Aug 1996 21:19:11 Eastern Daylight Time
From: "Dstang" <dstang at sevenlocks.com>
Subject: new security information available


Dear Security Colleague:

I would like to invite you to subscribe to SecurityDigest, a new, free
bi-monthly electronic newsletter, devoted to security news, issues and
trends.  Every issue of SecurityDigest is delivered to your desktop (or
laptop) with the latest security news and information you need, in a
clear and concise e-mail format.

Subscribe now by sending an e-mail message to listserver at sevenlocks.com
containing the string "subscribe securitydigest."  Or view the charter
issue of SecurityDigest on Safe at Home, Seven Locks Software's Web site
(http://www.sevenlocks.com/SecurityDigest.htm), where you can also
secure your free subscription.

Sincerely,
David J. Stang
President and CEO
Seven Locks Software, Inc.

------------------------------

Date: Thu, 15 Aug 1996 21:19:26 Eastern Daylight Time
From: "Dstang" <dstang at sevenlocks.com>
Subject: new security information available


Dear Security Colleague:

I would like to invite you to subscribe to SecurityDigest, a new, free
bi-monthly electronic newsletter, devoted to security news, issues and
trends.  Every issue of SecurityDigest is delivered to your desktop (or
laptop) with the latest security news and information you need, in a
clear and concise e-mail format.

Subscribe now by sending an e-mail message to listserver at sevenlocks.com
containing the string "subscribe securitydigest."  Or view the charter
issue of SecurityDigest on Safe at Home, Seven Locks Software's Web site
(http://www.sevenlocks.com/SecurityDigest.htm), where you can also
secure your free subscription.

Sincerely,
David J. Stang
President and CEO
Seven Locks Software, Inc.

------------------------------


End of distribution Digest V01 #02
**********************************





From vince at offshore.com.ai  Sat Aug 17 15:21:45 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Sun, 18 Aug 1996 06:21:45 +0800
Subject: Anguilla
Message-ID: <Pine.LNX.3.91.960817154651.21014E-100000@offshore>



First I think Tim's summary of my situation is very accurate and fair at 
this point.

One nit of a detail:
>I surmise, given the size of Anguilla and the non-constitutional basis of
>its government, etc., that it _might_ be a lot easier for a bureaucrat or
>the Governor-General, or whomever, to seriously disrupt any business by a
>few phone calls. I don't know this for a fact, but I suspect it to be
>true. 

Anguilla does have a constitution.  It would be hard for any bureaucrat to
seriously disrupt an Anguillian's business.  There just are not any
regulations that they can arbitrarily invoke to harras people.  However,
x-pats are here as guests and they have to get a work permit, or visa, or
something from time to time.  So if x-pats do something that wears out
their welcome, they have to leave. 

Tim:
>Contrast this with a small data haven (a new
>industry) in a small country, with operating margins that are razor-thin
>(given the pricing structure Vince announced, I doubt Taxbomber and other
>customers were paying enough to ensure a flow of payoffs to the Ruling
>Families of Anguilla and the various officials that need to look the other
>way).

Nope, no bribes to government.  However, in doing business here a lot of
people have learned more about the Internet and computers.  And I and
another x-pat have started a weekly computer club.  So there are good
reasons that Anguilla should like having me here. 

For the record, the only bribe I have paid while I was here was
(indirectly) to someone at the phone company to try to get a phone
installed faster.  It did not help, still took a year to get the phone. 
Cable and Wireless, and their high prices, is the worst thing about
Anguilla. 

The current Anguilla government seems to be very clean.

The rumor is that Cable and Wireless bribed the previous government with
things like a free loan of a bulldozer worth $500/day for a couple weeks
to get their 30 year monopoly contract.  Given that CandW is making
millions each year, seems they got off cheap, if true.  Claim is that the
UK does not mind their companies bribing officials, and CandW does it alot
all around the world. 

  --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/









From ses at tipper.oit.unc.edu  Sat Aug 17 16:00:34 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Sun, 18 Aug 1996 07:00:34 +0800
Subject: Ad Hoc Bay Area Cypherpunks Thing--Sat., 24 Aug, 3 pm, Menlo Park
In-Reply-To: <ae3b79331402100447b0@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.960817171545.2500G-100000@tipper.oit.unc.edu>


On Sat, 17 Aug 1996, Timothy C. May wrote:

> There is no Cypherpunks event scheduled for that Saturday, but we can have
> an ad hoc gathering, informally arranged. I suggest meeting at 3 p.m. at
> Cody's Bookstore, on El Camino Real in Menlo Park (hard to miss). Or at the
> coffee shop next to it...either should be sufficient Schelling points to

Do you mean Kepler's? That's the one right near Menlo Park caltrain 
station; the coffee shop next to it is  Cafe Borone. Get the Mocha.

Simon

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From success at netcom.ca  Sat Aug 17 16:02:14 1996
From: success at netcom.ca (Greg Nygren)
Date: Sun, 18 Aug 1996 07:02:14 +0800
Subject: signoff cypherpunks
Message-ID: <2.2.32.19960817211326.0068ba48@netcom.ca>


>Return-Path: <cypherpunks-errors at toad.com>
>Received: from toad.com by tor-srs2.netcom.ca (8.7.5/SMI-4.1/Netcom)
>	id TAA12781; Fri, 16 Aug 1996 19:38:39 -0400 (EDT)
>Received: (from majordom at localhost) by toad.com (8.7.5/8.7.3) id KAA07516
for cypherpunks-outgoing; Fri, 16 Aug 1996 10:30:44 -0700 (PDT)
>Received: from soleil.mnet.fr (root at soleil.mnet.fr [194.51.151.1]) by
toad.com (8.7.5/8.7.3) with SMTP id KAA07511 for <cypherpunks at toad.com>;
Fri, 16 Aug 1996 10:30:35 -0700 (PDT)
>Received: from linux (ppp03.mnet.fr [194.51.151.26]) by soleil.mnet.fr
(8.6.11/8.6.9) with SMTP id TAA21252 for <cypherpunks at toad.com>; Fri, 16 Aug
1996 19:29:49 +0100
>Message-ID: <3214BCA6.6ED8124F at mnet.fr>
>Date: Fri, 16 Aug 1996 13:23:34 -0500
>From: Arnauld Dravet <scraver at mnet.fr>
>X-Mailer: Mozilla 3.0b6 (X11; I; Linux 2.0.0 i586)
>MIME-Version: 1.0
>To: cypherpunks at toad.com
>Subject: signoff cypherpunks
>Content-Type: text/plain; charset=us-ascii
>Content-Transfer-Encoding: 7bit
>Sender: owner-cypherpunks at toad.com
>Precedence: bulk
>
>signoff cypherpunks
>
>






From hallam at ai.mit.edu  Sat Aug 17 16:45:04 1996
From: hallam at ai.mit.edu (Hallam-Baker)
Date: Sun, 18 Aug 1996 07:45:04 +0800
Subject: Anguilla - A DataHaven?
In-Reply-To: <4v12d9$ncp@life.ai.mit.edu>
Message-ID: <32163DED.167E@ai.mit.edu>


The problem with the debatre on datahavens is that it is
failing to account fo the fact that without the infrastructure
of law business is not possible.

What taxbomber offers is false identification papers. He does
not simply offer fake passports but a whole raft of fake
credentials. If I am offering free services to accredited 
journalists and someone comes along with a taxbomber supplied
illegitimate press card and obtains free services that is fraud.

Just because a policy for supplying credentials is not fully
effective does not make it legitimate for an individual to 
make a business out of helping people to criminally exploit its
flaws.


Similarly libertarian wet dreams about oil rigs chock full of
commandos armed to the teeth with machine guns will remain dreams.
Fact is that under international law an oil rig is regarded 
as a ship and as such has to be acredited by some recognised
nation. Diplomatic recoginition is not a trivial matter.
Countries only provide recoginition if it is in their interests
and critically it is _governments_ that are recognised.

A declaration of independence by the inhabitants of an oil rig
would be treated in a similar fashion to the Montana freemen.
If the intention was to make international fraud easier then
definitely expect the same treatment.


	Phill





From sparks at bah.com  Sat Aug 17 16:51:38 1996
From: sparks at bah.com (Charley Sparks)
Date: Sun, 18 Aug 1996 07:51:38 +0800
Subject: Greetings from Whore.com
Message-ID: <199608172210.SAA18778@pop1.jmb.bah.com>


Well, it was getting a bit "stiff" in here.... but I guess 'ya never can 
tell.. I haven't checked it out.. has anybody ?





From alanh at infi.net  Sat Aug 17 17:28:25 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sun, 18 Aug 1996 08:28:25 +0800
Subject: Credit enforcement
In-Reply-To: <199608162123.OAA16545@netcom.netcom.com>
Message-ID: <Pine.SV4.3.91.960817184151.21584C-100000@larry.infi.net>


I thought that classical libertarians agree that the enforcement of 
contracts is a proper function of the government.





From hallam at ai.mit.edu  Sat Aug 17 17:35:05 1996
From: hallam at ai.mit.edu (Hallam-Baker)
Date: Sun, 18 Aug 1996 08:35:05 +0800
Subject: Schlafly on crypto
In-Reply-To: <4uu76c$ahk@life.ai.mit.edu>
Message-ID: <32164B5A.2781@ai.mit.edu>


If we are having a Schlafy bash then i think it fair to bring up
her "Con-Con" paranoia. She has published a series of articles 
predicting that there will be a "Constitutional Convention" -
that is not one of your ordinary constitutional ammendment sessions
but a wholesale rewritting of the US constitution by a cabal as 
happened when it was first written.

A typical rant:-

>They adopted a plan to plunge America into a Constitutional
>Convention. Article V of the U.S. Constitution requires that "on the
>Application of the Legislatures of two thirds of the several States,
>[Congress] shall call a Convention for proposing Amendments." This
>method has never been used; all 27 Amendments now in the Constitution
>were adopted in the traditional way (passage by a two-thirds majority in
>each House of Congress followed by ratification by three-fourths of the
>states). 
http://www.eagleforum.org/users/eagle/public_html/psr/1996/may96/psrmay96.html

In fact despite Schlafy having predicted such a conference many times
over the past years (I have seen more than 10) her claims are entirely
false, not to say fraudulent. She uses the usual tricks of citing
fraudulent references and making up quotes. In short she is a fraud
hoping to get people to join her foundation to stop a Con con that
nobody is proposing.

I don't think that Schlafy is a usefull aly any more than Bob Dole
basically its just opportunist politicians latching onto the rhetoric
of debates without engaging in the argument. Dole senses that the mood
of the country is pro crypto so he supports that, he senses that it
is anti porn so he will support that.

Basically Schlafy is playing the same game. She is saying things that
she knows will curry favour so she can get people to join her Wacko
club. 


		Phill





From alanh at infi.net  Sat Aug 17 17:58:57 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sun, 18 Aug 1996 08:58:57 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
In-Reply-To: <ae3a68680e0210043016@[205.199.118.202]>
Message-ID: <Pine.SV4.3.91.960817185314.21584F-100000@larry.infi.net>


YOu are correct that a gun cannot be imaged behind an actual screen.

I am correct that a peice of tinfoil doesn't comprise an actual screen.

Go price a shield room, and see how much is for materials, and how much 
is for labor.  Go talk to the crew that's putting it in; you'll see that 
they travel all the hell over the world putting these things in, because 
the vendor can't just hire some pick-up electricians and dry-wall types.

If the source radiates its EM waves, which reach and intercept the 
tinfoil, unless the tinfoil is correctly bonded, shielded, grounded, etc, 
the tinfile will re-radiate. That can be imaged.

I do this class of imaging, from signals that are weaker than these, for a
living. In fact, we sometimes have to apply attenuation at the front end
to stop overload of the amplifiers and signal processors.  No, I'm not 
going to talk about it. Not because I'm a hot-shit keeper of classified 
information, rather because I'm lazy, or maybe because I'm accustomed 
to getting paid for teaching? Most of the concepts are discussed in IEEE 
journals and other sources.  You could hand all the open sources, and a 
few billion dollars, to the Botswanians tomorrow; it would still take 
them a dozen years to get it working reliably. It's as much art as 
science. I guess the fancy word is "engineering".

You don't know how to do it; so what. I know how to troublehoot and 
repair it.





From eric at syzygy.com  Sat Aug 17 18:08:56 1996
From: eric at syzygy.com (Eric Messick)
Date: Sun, 18 Aug 1996 09:08:56 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
In-Reply-To: <199608150454.VAA12982@toad.com>
Message-ID: <199608172309.QAA10539@syzygy.com>


I just happen to have the following article sitting on the desk next
to me:

San Jose Mercury News, Saturday, May 6, 1995, page 7A

Radar gives strip search a new meaning

New York Times

Engineers at a federally financed laboratory are developing a security
device that uses radar to peer through clothing to inspect for hidden
objects.

Working prototypes of these holographic radar scanners already exist,
and engineers at the Pacific Northwest Laboratory in Richland, Wash.,
believe a perceived need by security officials to scan for concealed
weapons and explosives may eclipse issues of cost.

The laboratory [...] has built two versions of its radar skin scanner,
one a walk-in booth that can scan an entire body and the other a
handheld device resembling a camcorder that can be pointed at specific
parts of a body.

The ultra-wind-band radar technology used in these inventions depends
partly on powerful computers, which analyze radar echoes reflected by
a subject's skin to construct visual images of the person's body in a
matter of seconds.

[...]

Representatives of the laboratory acknowledge that the sense of
modesty of some airline passengers, jurors, federal office workers and
others subjected to radar scanning might be offended.

"But the images, although explicit, are not pornographic," [Thomas]
Hall said.  "In any case, we foresee setting up the scanners in pairs
at each entry point - one for males and one for females, with security
officials matched by sex."





From alanh at infi.net  Sat Aug 17 18:46:41 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sun, 18 Aug 1996 09:46:41 +0800
Subject: Stealth Buildings Was Re: "X-Ray Gun" for imperceptible searches
In-Reply-To: <199608172309.QAA10539@syzygy.com>
Message-ID: <Pine.SV4.3.91.960817194950.21584O-100000@larry.infi.net>


On Sat, 17 Aug 1996, Eric Messick wrote:

> Representatives of the laboratory acknowledge that the sense of
> modesty of some airline passengers, jurors, federal office workers and
> others subjected to radar scanning might be offended.



   The output is false-color scaled.


Look at IR sat-photos of the earth to get a sense of this.





From blane at aa.net  Sat Aug 17 18:53:34 1996
From: blane at aa.net (Brian Lane)
Date: Sun, 18 Aug 1996 09:53:34 +0800
Subject: Orbiting Datahavens
In-Reply-To: <9608171851.aa04986@salmon.maths.tcd.ie>
Message-ID: <Pine.LNX.3.95.960702170220.402A-100000@opus.islet.com>


On Sat, 17 Aug 1996, Derek Bell wrote:

> 	Wouldn't you have to use military-grade chips for the hardware? (Or
> whatever the type is - it had better survive launch, not to mention solar
> flares.)

  You'd have to make sure everything was soldered in pretty well, but it
could be done. As for solar flare, etc. protection it won't need anything
that any other satellite system would need.

> >  If the HAM radio community can get a satellite into space, why not the
> >Cypherpunks/Linux communities?
> 
> 	Wow - I've been out of touch with space programmes in the last few
> years - which satellite was this? (The HAM radio one?)

  Embarrasingly enough, I cannot remember its name. I don't have a HAM
license (although I've studied for it -- just never took the test), but my
boss does. I think the satellite was launched in the mid to late 80's, and
it used for experimental communications.

> 
> 	Anyone have any reccomendations for good web sites on
> satellites/rockets/space science in general?

  Good idea, I'll start a link on my webpage :>

> 	I'm not sure who would launch it - a Japanese launcher? (ESA is
> strapped for cash, which was one reason for the phenomenaly stupid move of
> putting space probes onto the maiden flight of the Ariane 5.)

  We'd want someone more reliable than ESA! I doubt that we could afford
to have a backup satellite in case of a disaster. Once the Delta Clipper
is functional the payload costs to orbit is supposed to drop tremendously.

   Brian







From snow at smoke.suba.com  Sat Aug 17 19:09:24 1996
From: snow at smoke.suba.com (snow)
Date: Sun, 18 Aug 1996 10:09:24 +0800
Subject: Software manpower exports and the power of governments
In-Reply-To: <1.5.4.32.19960817121723.002f9b34@giasdl01.vsnl.net.in>
Message-ID: <Pine.LNX.3.93.960817183611.2135B-100000@smoke.suba.com>


On Sat, 17 Aug 1996, Arun Mehta wrote:

> Look, governments in the 3rd world are often stupid and corrupt
                           ^^^
     Looks like a little line noise crept in. I don't think that 
was supposed to be there...


Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From snow at smoke.suba.com  Sat Aug 17 19:09:38 1996
From: snow at smoke.suba.com (snow)
Date: Sun, 18 Aug 1996 10:09:38 +0800
Subject: Orbiting Datahavens
In-Reply-To: <32155657.53661@mail.aa.net>
Message-ID: <Pine.LNX.3.93.960817183047.2135A-100000@smoke.suba.com>


On Sat, 17 Aug 1996, Brian C. Lane wrote:
>   With all the recent talk about converted oil-rig DataHavens floating
> around the oceans, fending off pirates, and Low-Orbit satellite
> communications, I had a thought.
>   How about an orbiting DataHaven. No jurisdiction to bother with,
> extremely difficult to get to (except by large governments...). You could
> put together a couple of Linux boxes with a RAID system, some backups and a
> large solar panel and have a very nice, secure DataHaven.
>   Granted, you wouldn't have all the fun of floating around the south
> pacific fending off pirates and navies who are after your data, but it
> would work. Might even be cheaper than outfitting the oil-ring with the
> rate that they are tossing satellites into space.
>   If the HAM radio community can get a satellite into space, why not the
> Cypherpunks/Linux communities?

     It is just as easy to take out a satelite in LOE as it is to sink an
oil rig, plus swapping defective Hard Drives is a real bitch.

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From molnard1 at nevada.edu  Sat Aug 17 19:20:11 1996
From: molnard1 at nevada.edu (DAVID A MOLNAR)
Date: Sun, 18 Aug 1996 10:20:11 +0800
Subject: US Taxes on X-Pats
In-Reply-To: <Pine.LNX.3.91.960817152107.21014B-100000@offshore>
Message-ID: <Pine.OSF.3.91.960817172848.6275A-100000@pioneer.nevada.edu>




On Sat, 17 Aug 1996, Vincent Cate wrote:

> 
> Robert Hettinga <rah at shipwright.com>
> > However, as Black Unicorn has noted here before, the Phillipenes are the
> >only other country besides the USofA where citizens are taxed any income
> >you get, no matter where on earth you actually earn it.
> 
> It is not exactly that bad if you are outside the USA. I got ahold of the
> IRS codes on this before I left the USA (so about 2 years ago).  The rule
> then was that the first $70,000 you earned was tax free if you were
> outside the USA for 330 days or more of the year.  From another x-pat in
> Anguilla I heard that the $70 K had been increased. 
	Is this so? Last I had heard, Congress was looking at eliminating 
the credit altogether. It's slightly misleading to call it "tax free", 
though; the way I understand it, it's not included in the IRS's 
estimation of your assets, but may play a factor in determining the final 
amount of $$$ you end up paying. Very rarely does it translate directly 
into a $70,000 break on your taxes, although it does help. At least 
that's the way it has been represented to me (albeit by an expatriate 
chapter of the American Businessmen's Association). There are no doubt 
rules and exceptions to what manner of income may be exempted, as well. 
	It would be wonderful if the amount were increased. It would be 
preferable if the requirement to pay taxes at all were eliminated, but 
that would be asking too much of today's deficit-hungry, anti-"corporate 
welfare" environment...
Not that it affects me anymore one way or the other, except insofar as it 
hinders the desireability of U.S. workers abroad. One wonders that 
whether the spread of such potential tax-avoidance schemes as 
ecash/data-havens may, er, restore U.S. competitiveness in a novel way. 
:-) 

-David Molnar
 





From rwright at adnetsol.com  Sat Aug 17 19:47:51 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Sun, 18 Aug 1996 10:47:51 +0800
Subject: Orbiting Datahavens
Message-ID: <199608180107.SAA21086@adnetsol.adnetsol.com>


On Or About  2 Jul 96, 17:06, Brian Lane wrote:

> to have a backup satellite in case of a disaster. Once the Delta
> Clipper is functional

They did have that big wreck a couple of weeks ago.  I am not sure of 
the salvage status.

Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From dsmith at prairienet.org  Sat Aug 17 20:07:36 1996
From: dsmith at prairienet.org (David E. Smith)
Date: Sun, 18 Aug 1996 11:07:36 +0800
Subject: NT remailer
Message-ID: <199608180134.UAA13028@bluestem.prairienet.org>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Sat Aug 17 20:37:49 1996
> At 21:08 8/16/96, rednax wrote:
> >Speaking of NT, I downloaded the full version of msie 3.0 the other day
>  but
> >when I tried installing it, an error message came up saying that it
>  requires
> >a Win95 or WinNT4.0 build of 1381 or higher. I am currently running NT
>  4.0b
> >that has a build of 1314, does anyone know of where is the upgrade or
> >service packs(if available)? I have tried looking around microsoft.com,
>  but
> >they neither provided any detail nor did they provide an e-mail.

1381 is the full release version of NT 4.0 - there probably
isn't an upgrade or service pack. You'll have to lay down
your cash just like the rest of us poor slobs.

dave


- ---- David E. Smith  POB 324  Cape Girardeau MO USA 63702
dsmith at prairienet.org   http://www.prairienet.org/~dsmith
send mail of 'send pgp-key' subject for my PGP public key
"Welcome to the human race." -- Snake, _Escape from L.A._
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Automagically signed with Pronto Secure for Windows.

iQEVAwUBMhZz8DVTwUKWHSsJAQEelQf+I7iHCNOwFnYn94uvxuczY0PTYP5nU9dp
nQXVbdlVNO+vZH4y+9CLEhoaNbD+BLxSaULk6nAIUmvwyL9dniKJ9wmcUsAoJrk0
ML/najbDHQJ8BsSbV9ivyLJZxwwnCGmLHwcvchJtppLdXzkKFO0EwvY0LGtim4CZ
uWjhKlI6rUo9trHeLtPCn/RuQheaT4x4I7TEA4OZkP46DnWRl/4288MPAcL4SxUO
ojt/Bw8eAxhNOeBhuj7s2UaFmfCejH6ml1jLI/b7+a9tUvDnq8hPMlRAyVDzkj4I
n9kHLvO0spjweXWNgj2NqDHfu2Ygtz+vMlpXJN4FUX++aYOlMOvytQ==
=kUCL
-----END PGP SIGNATURE-----






From DMiskell at envirolink.org  Sat Aug 17 20:07:37 1996
From: DMiskell at envirolink.org (Daniel Miskell)
Date: Sun, 18 Aug 1996 11:07:37 +0800
Subject: [NOISE] Re: Greetings from Whore.com
Message-ID: <199608180122.VAA00582@envirolink.org>


Nope.  No web access.  However, when school is back in session, and I get
my radio show back and head back to the computer labs...

<cackles evilly>

Greetings from <property not found>,
Daniel.






From maverick at interconnect.net  Sat Aug 17 20:09:35 1996
From: maverick at interconnect.net (Sean Sutherland)
Date: Sun, 18 Aug 1996 11:09:35 +0800
Subject: Protecting floating datahavens?
Message-ID: <19960818011847984.AAD128@maverick>


-----BEGIN PGP SIGNED MESSAGE-----

To: stewarts at ix.netcom.com, cypherpunks at toad.com
Date: Sat Aug 17 20:15:22 1996
> The basic risks with such things are:
> 1) Getting governments to agree to leave you alone.  If you're doing a
> 2) Getting governments and other pirates to actually leave you alone.
> 3) Making it work financially, for the proprietors and tenants/co-owners.
> 4) Convincing investors that you're safe enough on 1) and 2)

Auctually, the one real big problem is that the data is all in one place.  
Rememeber that the whole point of a data haven isn't secure backup -- it's 
secure storage.  And if the place gets blown sky-high (which can easily be 
done discreetly and possibly made to look like an accident), all the data 
is going to be lost, and you're basically screwed.  

The only workable solution to this that I can see has nothing to do with 
floating countries or anything of the sort.  Instead, the use of 
data-splitting programs could be used.  I'm not all up on the security or 
reliability of these programs, so if I'm making unwarranted assumptions, 
guess I did a lot of typing for nothing.  This has probably been proposed 
before, too, but what the hey...

For example, lets say you set up an office in 100 countries (it would be 
more effective to have more, but let's say 100).  Through the use of 
anonymous remailers and encryption, he could apply for a customer ID number 
and password.  To avoid any possibility of forgery, such IDs could be 
prehaps 100kb-1Mb (this is just for confirmation of identy when sending the 
data into the data havens -- shorter IDs would be used for identifcation). 
Then, he could split the program into 100 parts, with (say) 70 parts being 
needed to restore the entire file.  He would then encrypt and send each of 
these files to each remailer through the Internet.  

To get the data back, he would send in the ID and password, encrypted 
again, to the nessecary number of offices in order to retrieve the data.

Payment, if nessecary, could be made by anonymous bank transfer or 
something like ecash.  

Proprietary encryption systems (PGP-like, with IDEA/RSA hybrid in it, but 
can accept 5000+ bit keys and padding) might be used, as well.  

This scheme has several pluses.  One, it doesn't rely on any fancy legal 
manuevering with off-shore nationalities and crap.  Second, it isn't very 
vunerable.  They would need to get legal jurisdiction in 70 different 
countries to sieze the data, and then they have the encryption to deal 
with.  Third, if there's any server problems, it wouldn't affect the entire 
system.  Fourth, you don't have to attach missle launchers and hire a 
private security force to defend it.  There are several problems, though.  
First, it relies on the Internet, something which is inherantly insecure 
anyway.  Second, if someone's being wiretapped in their own country, then 
the whole effort is in vain.  Third, it would be incredibly costly, but 
probably no more so than any kind of off-shore platforms.  In fact, it 
would probably be cheaper.  

Any comments?
- ---
Sean Sutherland | GCS/C d- s+:+ a--- C+++ V--- P L E- W++ N++ K w o O-(++)
Key: E43E6489   | M-- V PS+ PE++ Y PGP++ t--- 5+++ X++ R b++ DI+ D+ G e- 
Vote Browne '96 | h! !r y

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Key: finger or email w/ 'send key' in subj.  http://www2.interconnect.net/maverick

iQEVAwUBMhZuq1ZoKRrkPmSJAQE9QQf7B+ikk1/dFKyydIzQkGcfX8+srK5GeRlr
5IhEFkXJY34dI4Dqg/yKQ6m/XwRMyqPHxcyV6lR6qU9ngaawBWjd1Q+HBtCOzEs6
Ch8AgTq5CWox8/7FZKz32xGJCVpPJ+etzeJSK2kqKfPnTW+yhz7rch+DIvEJKnM1
ktlxsi/3c1Hn89OLZrCHUeJQqBMoU7rVnmVv6sfGVUQuwJ09yWT457HCN7dZbH1z
Nrc+w7ewlxivH1r6KZ1DNk8BJrroQXD7mSHvXmEwyTiyr9DzaPhtlllarz/iPNFF
295F/4Cj9K2HiwJfKH7pDy60OKLBGP72xnc0cjxj8TlIp/KDY7VsPQ==
=BNfl
-----END PGP SIGNATURE-----






From rwright at adnetsol.com  Sat Aug 17 20:13:07 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Sun, 18 Aug 1996 11:13:07 +0800
Subject: Orbiting Datahavens
Message-ID: <199608180102.SAA20983@adnetsol.adnetsol.com>


On Or About 17 Aug 96, 5:24, Brian C. Lane wrote:
> 
>   How about an orbiting DataHaven. No jurisdiction to bother with,
> extremely difficult to get to (except by large governments...).

<SNIP>

> it would work. Might even be cheaper than outfitting the oil-rig
> with the rate that they are tossing satellites into space.
> 
>   If the HAM radio community can get a satellite into space, why not
>   the
> Cypherpunks/Linux communities?


This is a fascinating concept that needs to be further researched.  
It would be interesting to do some cost examinations.  I have always 
been behind any private space programs!  I am even behind the Govt. 
Programs.

Ross Wright
King Media:  Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From jfricker at vertexgroup.com  Sat Aug 17 20:23:28 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Sun, 18 Aug 1996 11:23:28 +0800
Subject: anonymizer and cookies
Message-ID: <2.2.32.19960818014330.0099b85c@vertexgroup.com>


is there anything definite about the Anonymizer and cookies? according to
the DEC browser tester at

http://www.research.digital.com/nsl/formtest/stats-by-test/NetscapeCookie.html


shows some successful cookies passing through www.anonymizer.com and some
bad cookies. What's the final word?






From jsw at netscape.com  Sat Aug 17 20:50:23 1996
From: jsw at netscape.com (Jeff Weinstein)
Date: Sun, 18 Aug 1996 11:50:23 +0800
Subject: Final release of Navigator (with strong crypto) now available
Message-ID: <321677C2.663B@netscape.com>


The final release of Navigator 3.0, complete with non-exportable
strong crypto, is now available for download by US citizens.  Note
that this is the released version of 3.0, so it will not expire.
You can get it from:

	http://wwwus.netscape.com/eng/US-Current/

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From m5 at tivoli.com  Sat Aug 17 20:59:40 1996
From: m5 at tivoli.com (Mike McNally)
Date: Sun, 18 Aug 1996 11:59:40 +0800
Subject: Hackers invade DOJ web site
Message-ID: <32167A0C.473C@tivoli.com>


CNN online (http://www.cnn.com) is reporting a "breakin" by "hackers"
to the DOJ web site.  They don't elaborate exactly how thy did it.
 
______c_________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX * For the time being,
       m5 at tivoli.com * m101 at io.com       *    
      <URL:http://www.io.com/~m101>      * three heads and eight arms.





From zachb at netcom.com  Sat Aug 17 21:32:58 1996
From: zachb at netcom.com (Z.B.)
Date: Sun, 18 Aug 1996 12:32:58 +0800
Subject: Orbiting Datahavens
In-Reply-To: <Pine.LNX.3.95.960702170220.402A-100000@opus.islet.com>
Message-ID: <Pine.3.89.9608171955.A28947-0100000@netcom20>



On Tue, 2 Jul 1996, Brian Lane wrote:

> On Sat, 17 Aug 1996, Derek Bell wrote:
> 
> 
> > >  If the HAM radio community can get a satellite into space, why not the
> > >Cypherpunks/Linux communities?
> > 
> > 	Wow - I've been out of touch with space programmes in the last few
> > years - which satellite was this? (The HAM radio one?)
> 
>   Embarrasingly enough, I cannot remember its name. I don't have a HAM
> license (although I've studied for it -- just never took the test), but my
> boss does. I think the satellite was launched in the mid to late 80's, and
> it used for experimental communications.
> 
The satellite is called OSCAR (Orbital-something-something-Amateur-Radio).
The first one was launched in 1961, and 20 more have been launched since 
then, as the older ones wear out or there are advances in technology.

---

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127






From lzirko at c2.org  Sat Aug 17 21:33:59 1996
From: lzirko at c2.org (Lou Zirko)
Date: Sun, 18 Aug 1996 12:33:59 +0800
Subject: Final release of Navigator (with strong crypto) now available
Message-ID: <199608180226.TAA07994@infinity.c2.org>


-----BEGIN PGP SIGNED MESSAGE-----

To: jsw at netscape.com, cypherpunks at toad.com, tomw at netscape.com
Date: Sat Aug 17 21:26:37 1996
Thanks for the info.  Downloading now and it appears to be going more 
smoothly than the time I got beta 6.  No delays and good throughput.  And I 
have yet to talk with someone that has successfully downloaded the `other 
guys` 128-bit version.  I sure have not been able to!

Thanks,

Lou Zirko

> The final release of Navigator 3.0, complete with non-exportable
> strong crypto, is now available for download by US citizens.  Note
> that this is the released version of 3.0, so it will not expire.
> You can get it from:
> 
>       http://wwwus.netscape.com/eng/US-Current/
> 
>       --Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw at netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
> 
> 



Lou Zirko                                (502)383-2175
Zystems                                  lzirko at c2.org
"We're all bozos on this bus" - Nick Danger, Third Eye

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: latin1

iQEVAwUBMhZ/dstPRTNbb5z9AQEIggf/d0Q53oNSB3gM2Kk0XMsZhQVVd1gqYfoS
sK1Ja5Qy6wqpzX452oEO21qetQsjs6yW19T3PdLqfr+YZW0zTbOcsbmUoNnzs8xF
+2hfKdtRiMeZRo1HpKZ1kx3SUGR9SCLymVV0mWecOpwpdnj8i69K8Xv3eEEhbX4S
aQJakxjr/qmjOtW5k5iuU93eosdhXjsHCkICY75YzuwX/VtkN3tMU28jsuYXGokf
LjxuXBoTi/1+U80iSlCLYwXFrwoeZ+FTc2NACRPDJnAnLX4GbatLlLbP92918Xvt
SeiVEeia46WQqRbJRHMnlif2z3gn1Fit0qdgn1U7f59aKUVgKQu95Q==
=LIdQ
-----END PGP SIGNATURE-----






From scraver at mnet.fr  Sat Aug 17 21:47:50 1996
From: scraver at mnet.fr (Arnauld Dravet)
Date: Sun, 18 Aug 1996 12:47:50 +0800
Subject: Unix passwd-cracker online?
In-Reply-To: <9608171527.AA26704@raptor.icubed.net>
Message-ID: <321693CF.3B156C9C@mnet.fr>


there's a new cracker under dos called John the Cracker, and coded by
UCF96. It's optimized for Pentiumsand is better than cracker jack on a
lot of points : can work with or without wordlists, and u can modify all
what u want....approx 30% faster than cracker jack on a pentium (i run
it at usually 4000 cps on a P90/32Mb ram and a 25Mb wordlist (yeah it's
big))

scraver at mnet.fr





From EALLENSMITH at ocelot.Rutgers.EDU  Sat Aug 17 21:51:00 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Sun, 18 Aug 1996 12:51:00 +0800
Subject: Possible opportunity for school recruitment
Message-ID: <01I8EDF65HPS9JD95Q@mbcl.rutgers.edu>


	One wonders if they could be persuaded, in return for a donation of
money or time, to include some cypherpunks-related web pages; these could
include ones on PGP and on anonymous remailers, so they could later get email &
ftp access and use these.
	-Allen

>   Centura
>               CYBERED BIG RIG TRUCKS INTERNET ACCESS TO SCHOOLS
>      Copyright &copy 1996 Nando.net
>      Copyright &copy 1996 Los Angeles Daily News
   
>   LOS ANGELES (Aug 17, 1996 00:00 a.m. EDT) -- Like some futuristic,
>   hi-tech bookmobile, "Ed" came calling on Charles Maclay Middle School
>   in suburban Los Angeles.
   
[...]

>   The privately funded CyberEd program is designed to provide hands-on
>   Internet experience and advanced, on-line communications training.
>   "Ed" -- a veritable cyber classroom on wheels, offers personal
>   computers, Internet connectivity and CD-ROMS, as well as presentation
>   facilities, printing, faxing and video conferencing capabilities.
   
[...]

>   Inside the yellow-and-black big rig in the Pacoima section of Los
>   Angeles, children and teachers alike tried their hand at surfing the
>   Net, pointing and clicking and generally immersing themselves in
>   everything from home pages of fellow students to cyberchats with
>   astronauts at the National Aeronautics and Space Administration
>   headquarters in Houston.
   
[...]

>   Plank said a $3 million fund-raising campaign was under way to
>   bankroll a fleet of rigs modeled after "Ed," each with a different
>   technological focus -- manufacturing, media, biotechnical and other
>   disciplines.
   
>   CyberEd is funded by the MCI Foundation, the William G. McGowan
>   Charitable Fund, DSC Communications Corp., Milken Family Foundation,
>   Corning Incorporated and Microsoft.
   
>    Copyright &copy 1996 Nando.net





From take at barrier-free.co.jp  Sat Aug 17 22:24:10 1996
From: take at barrier-free.co.jp (Hayashi_Tsuyoshi)
Date: Sun, 18 Aug 1996 13:24:10 +0800
Subject: Final release of Navigator (with strong crypto) now available
In-Reply-To: <321677C2.663B@netscape.com>
Message-ID: <199608180315.MAA15543@ns.barrier-free.co.jp>


On Sat, 17 Aug 1996 18:54:10 -0700, Jeff Weinstein said:
 >The final release of Navigator 3.0, complete with non-exportable
 >strong crypto, is now available for download by US citizens.  Note

Exportable (non-strong crypto) version is also available
from Japan?

# I use Linux on i486.

- Tsuyoshi Hayashi <take at barrier-free.co.jp>
- PGP public key: http://www.barrier-free.co.jp/take/pgpkey
- (CF 27 34 5B 46 FA 2A 12  D2 4C E3 F7 2A 45 E0 22)
- Barrier Free, Inc. (established on 25 Jan 1996)





From ichudov at algebra.com  Sat Aug 17 22:39:59 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Sun, 18 Aug 1996 13:39:59 +0800
Subject: MD5 completely broken!
Message-ID: <199608180349.WAA01402@manifold.algebra.com>


Cypherpunks -- 

Atfer much scientific research, I have finally found a way to restore 
any message given only its MD5 checksum. The method is based on the
so called "enthropy restoration" algorithm. I have also written a
libMD5hack library for restoring messages given their MD5 checksums.

I plan to license the library for commercial use.

The price of the library is to be determined.

	- Igor.





From jimbell at pacifier.com  Sat Aug 17 22:50:45 1996
From: jimbell at pacifier.com (jim bell)
Date: Sun, 18 Aug 1996 13:50:45 +0800
Subject: Orbiting Datahavens
Message-ID: <199608180358.UAA29680@mail.pacifier.com>


At 06:32 PM 8/17/96 -0500, snow wrote:

>
>     It is just as easy to take out a satelite in LOE as it is to sink an
>oil rig, plus swapping defective Hard Drives is a real bitch.

Hard drives don't work in a vacuum, at least conventional ones don't.  (And 
I'm not aware of any hard drives which are designed to be permanently 
pressurized against a hard vacuum, either...)

Jim Bell
jimbell at pacifier.com





From jamesd at echeque.com  Sat Aug 17 23:03:15 1996
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 18 Aug 1996 14:03:15 +0800
Subject: Software manpower exports and the power of governments
Message-ID: <199608180349.UAA13056@dns2.noc.best.net>


At 13:23 16/08/96 -0700, James A. Donald wrote:
> > It is overwhelmingly clear that the question is simply who has the 
> > power?  Those who wish to hire peoples services in order to produce
> > wealth, or those who can command peoples services because they have
> > guns?

At 06:17 PM 8/17/96 +0600, Arun Mehta wrote:
> Are you suggesting that Indian programmers come to work with like
> a chain gang, with armed government guard? 

No.  I am suggesting that the more that power over business 
activities and decisions lies with those who do not need to 
make a profit or serve the customers needs, the less of value 
will be produced.


> Look, governments in the 3rd world are often stupid and corrupt
> -- no doubt that contributes to poverty, but that isn't the only
> reason. I'm sure one of the reasons is cultural: 

Was the culture of the refugees who fled to Hong Kong any different
from those who failed to escape from Communist China?

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From stewarts at ix.netcom.com  Sat Aug 17 23:23:50 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sun, 18 Aug 1996 14:23:50 +0800
Subject: [NOISE] Re: Stopped Clock. Was: Schlafly on Crypto
Message-ID: <199608180424.VAA27288@toad.com>


At 02:18 PM 8/16/96 EDT, you wrote:
>Bill Stewart <stewarts at ix.netcom.com> writes:
>> (If Clinton had said things like "Of course I tried to avoid the draft
>> and smoked dope, I'm no fool" and had dropped the draft and the Drug War
>> instead of supporting both after he was President, I might have
>
>There been no draft for about 20 years.  What have _you been smoking?

There's still draft registration.  Sure, they don't currently ask that
your body show up at Camp LeJeune for basic training, but they still
insist that you register where you live and essentially give them
permission to draft you if they feel like taking the political heat 
for doing so.  It's illegal not to register if you're 18 and male.
And they do occasionally track whether people are registered;
college loan databases are used for it, and there are occasional
mentions in the press that they've used other sources of
lists-of-18-year-olds to "remind" people that they have to register,
such as public school records.

Some day that you're not too disgruntled, walk into a Post Office
and look at the posters oon the wall.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From snow at smoke.suba.com  Sun Aug 18 00:13:44 1996
From: snow at smoke.suba.com (snow)
Date: Sun, 18 Aug 1996 15:13:44 +0800
Subject: Orbiting Datahavens
In-Reply-To: <199608180358.UAA29680@mail.pacifier.com>
Message-ID: <Pine.LNX.3.93.960817225517.3114A-100000@smoke.suba.com>


On Sat, 17 Aug 1996, jim bell wrote:
> At 06:32 PM 8/17/96 -0500, snow wrote:
> >     It is just as easy to take out a satelite in LOE as it is to sink an
> >oil rig, plus swapping defective Hard Drives is a real bitch.
> Hard drives don't work in a vacuum, at least conventional ones don't.  (And 
> I'm not aware of any hard drives which are designed to be permanently 
> pressurized against a hard vacuum, either...)

     I'll rephrase that then. It is a real bitch to swap out defective hardware
on a satellite. 

     I don't know much about sats, and I realize that most of them are built 
to specs that are insane compared to anything that runs dirtside, but (and I 
am sure that someone will correct me if I am wrong) most sats aren't expected 
to deal with the wide range of tasks that your average network server deals 
with, nor do they have anywhere NEAR the memory capacities that we are talking 
about. 

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From amehta at giasdl01.vsnl.net.in  Sun Aug 18 00:16:06 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Sun, 18 Aug 1996 15:16:06 +0800
Subject: Software manpower exports and the power of governments
In-Reply-To: <199608180349.UAA13056@dns2.noc.best.net>
Message-ID: <Pine.OSF.3.91.960818103202.3366C-100000@giasdl01.vsnl.net.in>


On Sat, 17 Aug 1996, James A. Donald wrote:

> At 13:23 16/08/96 -0700, James A. Donald wrote:
> 
> At 06:17 PM 8/17/96 +0600, Arun Mehta wrote:
> > Look, governments in the 3rd world are often stupid and corrupt
> > -- no doubt that contributes to poverty, but that isn't the only
> > reason. I'm sure one of the reasons is cultural: 
> 
> Was the culture of the refugees who fled to Hong Kong any different
> from those who failed to escape from Communist China?

The individual can change far faster than the community, which is why
immigrants to the US, for instance, do so much better than back home. It
has, in the case of economic matters, to do with attitudes of government,
the chambers of commerce and all the institutions that influence economic
policy -- which can take long to change.

Arun






From Adamsc at io-online.com  Sun Aug 18 00:20:36 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sun, 18 Aug 1996 15:20:36 +0800
Subject: Post Office restrictions
Message-ID: <TCPSMTP.16.8.17.-10.18.34.2312274844.1082397132@tom.io-online.com>


I've told some people about a few of the loopholes mentioned on the list
about the new post office restrictions on airmail packages.  What's
disturbing is that none of the people I'd talked to, all of whom are
at least reasonably intelligent, had thought or heard, for instance,
that PanAm103 only took 12 ounces or that someone could just send two
packages.  How does the news media justify its existence? (Down here, it
seems to be serving as a propaganda arm for the Republicans)







From Adamsc at io-online.com  Sun Aug 18 00:24:32 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sun, 18 Aug 1996 15:24:32 +0800
Subject: forget photographing license plates!
Message-ID: <19960818051206140.AAC174@IO-ONLINE.COM>


On 15 Aug 96 01:31:08 -0800, null at void.com wrote:

>"In the 22 Jul 1996 issue of Fortune was an interesting look into the future
>of automobile electronics, "Soon Your Dashboard Will Do Everything (Except
>Steer)".  "
>From the control center, they can "electronically reach into the car" to
>unlock the doors, or honk the horn and flash its lights."
 ^^^^^^^^^^^^^^^^
How long do you think it would be before thieves subverted this feature?

>>>> It is extremely comforting to me -- I don't know about you -- to think >that GM will maintain a control center able to communicate with my auto >electronics.  Shit, why not TRW?

I'm just waiting for them to integrate with TRW. Then, with people
they've determined can afford a new one, they can trigger the car to have
mysterious engine failures...


| Chris Adams <adamsc at io-online.com> - Webpages for sale! Se habla JavaScript!
| http://www.io-online.com/adamsc/adamsc.htp
| Autoresponder: send email w/subject of "send resume" or "send PGPKEY"

 






From vznuri at netcom.com  Sun Aug 18 00:43:44 1996
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Sun, 18 Aug 1996 15:43:44 +0800
Subject: BlackNet as a Distributed, Untraceable, Robust Data Haven
In-Reply-To: <ae3939990d0210040b0a@[205.199.118.202]>
Message-ID: <199608180540.WAA16219@netcom14.netcom.com>



>I have to speak up here and say that there is an actual working exemplar of
>a distributed, untraceable data haven. While it lacks a robust _payment_
>mechanism, that is also untraceable, so does the "Visit Port Watson"
>example (which has never actually existed).

agree with Jim Bell that blacknet by any stretch of the imagination
is not a "data haven". it is a service for selling/buying secrets.
I'm quite surprised to see you misuse a term that I thought you
had largely invented/promolgated ("data haven"). as far as I understand
it, a "data haven" would function something like a remote disk drive.
blacknet did not claim to have anything to do with storing data
reliably like a drive does.

the idea of highlighting the fact that Blacknet was possible however
was something you certainly deserve all the notorious credit for <g>

others deserve the notorious credit for describing how a blacknet-like
scheme could be foiled or at least made difficult through the 
use of widespread decoys. <g> (and yet others deserve credit
for breaking the key to that <g>)

do you consider "decoys" "man in the middle attacks" as you wrote
in your essay, or are you conveniently ignoring this devastating issue
that was brought to your attention long ago?

one of your repeated claims is that a reputation service would help
identify the decoys, but I would like to see this happen in practice
before I believe it. remember that reputation services themselves
could be subject to infiltration and falsification. it becomes
a "who will give reputations on the people who give reputations"
infinite regress problem imho.

also, I always liked the way that you tied in Blacknet to 
anonymous assassinations. or maybe that was just part of my 
imagination. anyway I'm surprised that you haven't collaborated
with Jim Bell more who shares some of your ideas on the subject.

I certainly give you huge credit for discovering/elucidating
some of the more twisted uses of cyberspace long before they are actual
operating enterprises. <g>








From vznuri at netcom.com  Sun Aug 18 01:25:23 1996
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Sun, 18 Aug 1996 16:25:23 +0800
Subject: MD5 completely broken!
In-Reply-To: <199608180349.WAA01402@manifold.algebra.com>
Message-ID: <199608180556.WAA17567@netcom14.netcom.com>



>Atfer much scientific research, I have finally found a way to restore 
>any message given only its MD5 checksum.

uhm, congratulations <g>

>I plan to license the library for commercial use.

uhm, a slight kink you don't seem to have considered
and might want to ruminate on--

if MD5 is broken, no one will anymore have any use for
anything associated with it <g>

maybe next time when you break a code and want to make
some $$$, sell your solution in secret 
to the people who patented it!!

cryptoblackmail!!!

wheeeeeee!!! crypto is so much fun!!!





From vznuri at netcom.com  Sun Aug 18 02:24:01 1996
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Sun, 18 Aug 1996 17:24:01 +0800
Subject: MD5 completely broken! -- JOKE
In-Reply-To: <199608180610.BAA02817@manifold.algebra.com>
Message-ID: <199608180621.XAA19338@netcom14.netcom.com>



april 1 is not very near on my calendar, wiseguy.



Subject: Re: MD5 completely broken!
To: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Sun, 18 Aug 1996 01:10:33 -0500 (CDT)
From: ichudov at algebra.com (Igor Chudov @ home)

Vladimir Z. Nuri wrote:
> this is front page of new york times fodder for sure
> if what you claim is true. in fact it is a *major*
> *major* breakthrough if real. I would expect many
> months of press fallout based on it. in fact if 
> for real, you are guaranteed instant worldwide fame.

I agree, but my message was a joke.

	- Igor.





From mccoy at communities.com  Sun Aug 18 03:25:39 1996
From: mccoy at communities.com (Jim McCoy)
Date: Sun, 18 Aug 1996 18:25:39 +0800
Subject: Ad Hoc Bay Area Cypherpunks Thing--Sat., 24 Aug, 3 pm, Menlo Park
Message-ID: <v02140b00ae3c81fc4de4@[205.162.51.35]>


> On Sat, 17 Aug 1996, Timothy C. May wrote:
>
> > There is no Cypherpunks event scheduled for that Saturday, but we can have
> > an ad hoc gathering, informally arranged. I suggest meeting at 3 p.m. at
> > Cody's Bookstore, on El Camino Real in Menlo Park (hard to miss). Or at the
> > coffee shop next to it...either should be sufficient Schelling points to
>
> Do you mean Kepler's? That's the one right near Menlo Park caltrain
> station; the coffee shop next to it is  Cafe Borone. Get the Mocha.

[Typing from the courtyard outside Cafe Barone (love that Ricochet...)]

For those needing better directions, Cafe Barone/Keplers is at the Menlo Park
Center, at the corner of El Camino and Ravenswood in Menlo Park...

jim







From ogren at cris.com  Sun Aug 18 03:30:17 1996
From: ogren at cris.com (David F. Ogren)
Date: Sun, 18 Aug 1996 18:30:17 +0800
Subject: MD5 completely broken!
Message-ID: <199608180701.DAA13334@cliff.cris.com>

-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: cypherpunks at toad.com
Date: Sun Aug 18 02:56:44 1996
> 
> >Atfer much scientific research, I have finally found a way to restore 
> >any message given only its MD5 checksum.
> 
> uhm, congratulations <g>
> 
> 
> maybe next time when you break a code and want to make
> some $$$, sell your solution in secret 
> to the people who patented it!!
> 

Not to mention that this is complete nonsense and a troll. No matter how 
weak the MD5 algorithm may or may not be, there are an infinite number of 
possible messages for each checksum. And thus the original message could 
NEVER be restored. Its as secure as a OTP. That's why its called a 
'one-way' hash function.

Not to mention the fact that he misspelled both 'entropy' and 'after'.


P.S. But imagine if it was true! MD5 would become the ultimate compression 
algorithm. Any message could be reduced to a 128 bit archive.
- --
David F. Ogren                |
ogren at concentric.net          | "A man without religion is like a fish
PGP Key ID: 0x6458EB29        |  without a bicycle"
- ------------------------------|----------------------------------------
Don't know what PGP is?       | Need my public key?  It's available
Send a message to me with the | by server or by sending me a message
subject GETPGPINFO            | with the subject GETPGPKEY
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMha+reSLhCBkWOspAQFvkQf+PE2+p8gLJ5Fcg64fKogAaad1v0KUAm6N
PDWKqOF87hr4GK7Je0TnflQ5640w11CbqnhQeTeuMZ1vypJ+OMod7riY+okd4VQL
tLaAA91EuzDLUnSnh3VT16MmN152RTWWS0fufASdJPw2aknhC5NA8kp+0ryQUo+f
zICE619/4I0Hjz6qwIzuEYD7tMW1OEz5KGRpyLnZaiOFXObxLHQ4/QwUuJVfLrY0
GrKxNrmtIMiFyHqksbmg22G8f9SsziKa8TjoHDrq2UIL7ForTneC/C20HTOVh9iS
6+C9u2Wij+AFEgPQSZMyxP0Wb8m20DcoeOpnzbBLBVw9BfiqNApvUQ==
=Nu+T
-----END PGP SIGNATURE-----




From nobody at replay.com  Sun Aug 18 03:36:34 1996
From: nobody at replay.com (Anonymous)
Date: Sun, 18 Aug 1996 18:36:34 +0800
Subject: Data_havens
Message-ID: <199608180657.IAA05470@basement.replay.com>


> Auctually, the one real big problem is that the data is all in one place.  
	I would rephrase this slightly to read "the data, or knowledge of 
its location, is all in one place." Sure, with a satellite, both the data 
and the info required to access it is in the same physical location; it's 
a target as soon as someone tracks a transmission to its source.
	But I think there will be problems, even with distributed 
systems, for a haven under the control of any single entity. Whether that 
control is implicit, such as the coercive force of the host governments, 
or the explicit policies of the owner, it will tend to force patterns in 
data storage. This could become problematic.

[snip]
> The only workable solution to this that I can see has nothing to do with 
> floating countries or anything of the sort.  Instead, the use of 
> data-splitting programs could be used.  I'm not all up on the security or 
> reliability of these programs, so if I'm making unwarranted assumptions, 
> guess I did a lot of typing for nothing.  This has probably been proposed 
> before, too, but what the hey...
	Actually, Eric Hughes gave an inspirational talk on this very 
subject at DEF CON IV. I have to say that I'm a convert, now. Time to go 
forth and make the world safe for crypto-anarchy. Much of what I'm going 
to say is influenced by that talk. My only regret is that I didn't get his 
autograph. Enough about that...
	Basically, I think allowing a single entity to create such a 
network may lead to a dangerous concentration of information. If we are 
to assume that an attack on a data haven will involve the resources of 
large, unfriendly governments, along with the full legal (and 
extra-legal) powers of said governments...then it becomes possible to 
imagine a scenario where one's "network technique" is _studied_ in order 
to find possible caches for servers in the data-haven network.
	Once the location of the servers/caches are known, the network 
becomes vulnerable to seizure. In friendly jurisdictions, subopenas and 
warrants may be issued. In unfriendly or extra-jurisdictional 
circumstances (e.g. space), one uses anti-satellite measures, black-bag 
jobs, bribes, or, heck, let's be 
paranoid and say they can send TEMPEST-equipped vans to sit outside and 
read the hard drives directly. Even if seizure is made impossible, enough 
heat can be brought to bear to limit the growth of one's haven_net and 
concentrate new nodes in certain specific jurisdictions...which of course 
become more attractive targets for seizure tactics.
	The problem is that a single entity may tend to keep records of 
what nodes are situated where. Not necessarily in the protocols, either. 
All those computers will need servicing, upgrading, network links, etc. 
etc. This requires some kind of a control and payment structure. Setting 
up a new node is particularly hazardous, especially after initial 
deployment. To make matters worse, once a node is found, it may leak 
information about the rest of the network (traffic analysis, anyone?). 
	What is more, it leaves open the door for truly stupid acts, like 
keeping a network map where it might be found in case of a search. Don't 
laugh. A good deal of design will need to go into a data haven; if the 
documents are not destroyed or secured in some way, they could bring down 
the whole system.



> For example, lets say you set up an office in 100 countries (it would be 
> more effective to have more, but let's say 100).  Through the use of 
	This can be a double-edged sword. 100 countries means 100 
_different_ points for an adversary to bribe/steal/warrant his way onto a 
point in one's haven_net. Sure, maybe he can't get _all_ of them, but 
what can he do with the nodes he does have? Note that the haven operator 
may not necessarily know a jurisdiction or node has been compromised; how 
many times have you detected the NSA reading your personal e-mail? (on 
second thought, don't answer that question :)

	I honestly believe it is necessary to involve mass numbers of 
_individuals_ or small groups in a sort of Godwin-esque federation for a 
robust, reliable, and unkillable haven_net. This implies a certain degree 
of flux on the part of the network; nodes have the right to secede at any 
time. The trick is to make it financially rewarding to be a part of the 
network, so the number of new nodes exceeds the number of imprisoned 
crypto-rebels/dilettantes/students looking for a buck/other former 
node-type people. 
	A "data haven", then, in the sense of a corporation which manages 
and serves the stuff, is more of a coordinator or a broker than a 
warehouser. It acts as a front end to such a distributed system, and 
assumes the risk if the client's data should fall through the cracks. The 
added value over entering the system oneself comes from the technical 
assurance and insulation from legal risk. 	

[description of obtaining user ID and password thru anon remailers]
	Not such a bad idea, but I don't know about tying the ID and 
password to a specific number of nodes. Certainly it minimizes leakage of 
one's client list; certain nodes only serve a particular subset of 
clients. What happens if enough of the client's nodes are seized? 

Also, what about spoofing and lost identities? Sure, the protocols involved 
between haven and client may offer no chance of either, but what about 
the client's network? Just because they are paranoid enough to use a 
data-haven does not mean they are clueful enough to encrypt that modem 
link they may be using for SLIP, PPP, or whatever. 

> To get the data back, he would send in the ID and password, encrypted 
> again, to the nessecary number of offices in order to retrieve the data.
	One of the ideas advanced at DEF CON, and one I really liked, was 
to make the data retreivable simply by knowing its MD5 hash. No need for 
identies, no worrying about keeping a meta-secret or nym secret...just 
keeping or revealing the hash for file-by-file protection. 
	Now, of course, what if the user loses his hash?
 
> Payment, if nessecary, could be made by anonymous bank transfer or 
> something like ecash.
	I like the idea of allowing a node to accept payment up front, or 
accept for free (but charge a fee to downloaders). Each node can set its 
own prices in terms of e$/MB or other units (you like octets? 
megawords?) for a given amount of data. I'd like to accept "in-demand" 
data (Quake alpha, anyone?) on a 'consignment basis', but can't figure 
out how to ensure the node pays the original uploader w/o blowing away 
anonymity. Anyone got a paper lying around which could help (beg beg beg)?
	Anonymous bank transfer is probably a good idea, too, but it can 
be a major hassle. Not just from the State, either; how do you keep track 
of what money transfer came from which nym? 


  > 
> Proprietary encryption systems (PGP-like, with IDEA/RSA hybrid in it, but 
> can accept 5000+ bit keys and padding) might be used, as well.  
	IMHO, this kind of application will need to be built anew, and 
built well. Becoming a new node should be an install-and-forget process. 
This requires certain features. Most importantly, the node's owner should 
not known, and should not be _able_ to know what exactly he or she is 
storing. I haven't looked at the new steg and crypto packages for linux, 
but that's about what I'm thinking of.


> 
> This scheme has several pluses.  One, it doesn't rely on any fancy legal 
> manuevering with off-shore nationalities and crap.  Second, it isn't very 
	None of that is really necessary for a data haven, anyway. Why 
bother, when the whole point is to disappear it from physical space in 
the first place?? It simply allows Them to have a single point of attack.

> vunerable.  They would need to get legal jurisdiction in 70 different 
> countries to sieze the data, and then they have the encryption to deal 
> with.
	Unfortunately, it also means if they get jurisdiction in even one 
of those 70 countries, you are in trouble. Even if the encryption is 
good, just looking at how much data is on the server, and from where, 
could be most unfortunate for business. There's a more serious concern in 
reliability, too; if one uses a data-splitting scheme, capturing enough 
servers has a probability of removing access to data.
That's bad for business.

>  Third, if there's any server problems, it wouldn't affect the entire 
> system.  Fourth, you don't have to attach missle launchers and hire a 
	No, but again the splitting scheme needs to be smart. (M, N) 
thresholds would be good; losing one server wouldn't mean losing the 
data. It also forces Them to capture N servers instead of just one.

> private security force to defend it.  There are several problems, though.  
> First, it relies on the Internet, something which is inherantly insecure 
> anyway.  Second, if someone's being wiretapped in their own country, then 
> the whole effort is in vain.  Third, it would be incredibly costly, but 
	It is not necessary to obtain a warrant to wiretap. We know that. 
The system then relies upon the security of the locations of the servers. 
I am very skeptical of the idea that this can be acheived with a single 
organization.

> probably no more so than any kind of off-shore platforms.  In fact, it 
> would probably be cheaper.  
	What we really need is a robust architecture, like Eric Hughes' 
"Universal Piracy Network" which is as popular and as prevalent as 
<name your favorite app> is today. We need to make it easy, simple, 
profitable, and most of all, _FUN_. Getting people financially dependent 
on such a system wouldn't hurt, either.

> 
> Any comments?
	I have a vision...and I caught it just recently...of a day where 
I will be able to sell my disk space to the highest bidder, and know I am 
helping the cause of freedom and frictionless data.

A day where I can go forward and create value from "garbage" - unused 
cycles, unused HD space, underutilized graphics cards and coprocessors 
mouldering away in closets. Where people spontaneously join haven_nets 
because it's "cool", or "sensible", or any of the other justifications 
people make when they're jumping off the cliff with the other lemmings. 
When participation is a mouse-click away. When the NSA advises 
Congresscritters on how to best distribute their files, and spends most 
of its time figuring out cost/benefit analyses of the myriad haven_nets, 
and actively contributing its own latest, greatest, and "just 
unclassified" entry into the market for server software.

When no one will be able to imagine having a file without splitting it 
across half a dozen countries and half a hundred computers. Where it will 
be those who want un-encrypted data who are "strange" and "old fogies", 
because distributed data is _orthodox_, and the anonymity and e-cash is 
just a simple little feature, along with the rest, and hardly worth 
mentioning in and of itself. In short, no where. Utopia. But a nice 
vision to get wild-eyed and hand-waving about just the same.








From dfloyd at io.com  Sun Aug 18 03:48:02 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Sun, 18 Aug 1996 18:48:02 +0800
Subject: Orbiting Datahavens
In-Reply-To: <199608180358.UAA29680@mail.pacifier.com>
Message-ID: <199608180736.CAA08078@xanadu.io.com>


> 
> At 06:32 PM 8/17/96 -0500, snow wrote:
> 
> >
> >     It is just as easy to take out a satelite in LOE as it is to sink an
> >oil rig, plus swapping defective Hard Drives is a real bitch.
> 
> Hard drives don't work in a vacuum, at least conventional ones don't.  (And 
> I'm not aware of any hard drives which are designed to be permanently 
> pressurized against a hard vacuum, either...)

Also, the corona effect is a real bear too.  Hard drives wouldn't be able
to have the little bit of air the heads float on, and contact at 3600/7200
rpm is not good for the drives.

Then you get hard radiation that plays hob with the circutry.

Even if nobody attacked the LOE satellite, there is always space debris.

> 
> Jim Bell
> jimbell at pacifier.com
> 






From Adamsc at io-online.com  Sun Aug 18 04:09:51 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sun, 18 Aug 1996 19:09:51 +0800
Subject: Burden of proof
Message-ID: <19960818074654046.AAA160@IO-ONLINE.COM>


On 15 Aug 96 20:55:12 -0800, molnard1 at nevada.edu wrote:

>> This relates to something I have been wondering about:  If one could
>> get one's company to pay one in electronic cash, what is to stop one
>> from piling the coins in a Datahaven somewhere (assuming one existed
>> that would be usable for these purposes) and say to the IRS: Money?
>> What money?  Can you find any of my money?  I, uhh... lost it!  Yeah,
>> that's it!!
>	What is to stop the IRS from pointing out that you received the 
>money from your employer? Maybe you could convince them you were unable 
>to pay, but that would require squirreling away(and refraining from 
>using) all your assets. 

On the other hand, if your employer was willing to do some sneaky ecash
stuff, then it might get interesting.  Alternately, how about having an
off-shore bank that supposedly has very high interest rates and fees. 
"Sorry, this is all I have left"

| Chris Adams <adamsc at io-online.com> - Webpages for sale! Se habla JavaScript!
| http://www.io-online.com/adamsc/adamsc.htp
| Autoresponder: send email w/subject of "send resume" or "send PGPKEY"

 






From vince at offshore.com.ai  Sun Aug 18 04:27:13 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Sun, 18 Aug 1996 19:27:13 +0800
Subject: US Taxes on X-Pats
In-Reply-To: <Pine.OSF.3.91.960817172848.6275A-100000@pioneer.nevada.edu>
Message-ID: <Pine.LNX.3.91.960818042027.22538B-100000@offshore>




On Sat, 17 Aug 1996, DAVID A MOLNAR wrote:
> On Sat, 17 Aug 1996, Vincent Cate wrote:
> > It is not exactly that bad if you are outside the USA. I got ahold of the
> > IRS codes on this before I left the USA (so about 2 years ago).  The rule
> > then was that the first $70,000 you earned was tax free if you were
> > outside the USA for 330 days or more of the year.  From another x-pat in
> > Anguilla I heard that the $70 K had been increased. 
> 	Is this so? Last I had heard, Congress was looking at eliminating 
> the credit altogether. It's slightly misleading to call it "tax free", 
> though; the way I understand it, it's not included in the IRS's 
> estimation of your assets, but may play a factor in determining the final 
> amount of $$$ you end up paying. Very rarely does it translate directly 
> into a $70,000 break on your taxes, although it does help.

I am sure one of the 100+ X-Pats on this island would have been talking
about it if this were going to be eliminated, and I have not heard
anything. So I am sure it is still there.  But you can call 1-800-tax-1040
to check. After they finish with this question, ask them what it means in
the tax code where it says that income taxes are "voluntary complience". 
Have your Websters open to the definition of voluntary. Always good for a
laugh. 

The idea was no taxes on the first $70,000 earned outside the USA.
Dividends and interest were not counted as "earned".

Having $70,000 that you can earn tax free will never translate into a
$70,000 break on your taxes (unless they get to 100% tax rate). 

   --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/







From gbroiles at netbox.com  Sun Aug 18 04:30:49 1996
From: gbroiles at netbox.com (Greg Broiles)
Date: Sun, 18 Aug 1996 19:30:49 +0800
Subject: MD5 completely broken!
Message-ID: <2.2.32.19960818082658.006e7eec@mail.io.com>


At 10:49 PM 8/17/96 -0500, Igor Chudov wrote:

>Cypherpunks -- 
>
>Atfer much scientific research, I have finally found a way to restore 
>any message given only its MD5 checksum. The method is based on the
>so called "enthropy restoration" algorithm. I have also written a
>libMD5hack library for restoring messages given their MD5 checksums.
>
>I plan to license the library for commercial use.
>
>The price of the library is to be determined.

Research, my ass. You should stop drinking. 
--
Greg Broiles                |"Post-rotational nystagmus was the subject of
gbroiles at netbox.com         |an in-court demonstration by the People
http://www.io.com/~gbroiles |wherein Sgt Page was spun around by Sgt
                            |Studdard." People v. Quinn 580 NYS2d 818,825.






From dfloyd at io.com  Sun Aug 18 04:33:01 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Sun, 18 Aug 1996 19:33:01 +0800
Subject: forget photographing license plates!
In-Reply-To: <19960818051206140.AAC174@IO-ONLINE.COM>
Message-ID: <199608180819.DAA00270@xanadu.io.com>


> 
> I'm just waiting for them to integrate with TRW. Then, with people
> they've determined can afford a new one, they can trigger the car to have
> mysterious engine failures...

Or the minute one falls behind on their bill, the engine doesn't start.

This is legal, IIRC (I am not sure of the exact court case, but one
company had a software vendor disable their sales software by remote for
not paying their bill, and the court upheld the software vendor.  I don't
remember the specifics on this.)






From bjonkman at sobac.com  Sun Aug 18 04:54:02 1996
From: bjonkman at sobac.com (Bob Jonkman)
Date: Sun, 18 Aug 1996 19:54:02 +0800
Subject: Drive the SF Central Freeway, have your license plate
Message-ID: <9608180913.AB01288@xenon.xe.com>


> >At 21:55 8/8/96, i am not a number! wrote:

> >>CBS radio news this morning: 80,000 commuters traveling the
> >>central f'way in SF will have information mailed to them
> >>regarding the quake retrofit How?  Their license plates have
> >>been photographed.

> At 10:45 PM 8/8/96 -0700, Lucky wrote:

> >You *are* making this up, right? Please say you did.


Maybe '!number' was making it up, but license plate photography 
exists today in the Great White North.  A new freeway is being 
built through Brampton, the 407ETR, for Express Toll Route.  
At each on and off ramp there are electronic pickups and video 
cameras.  You can subscribe to the toll by buying a transducer 
that sits behind your rear-view mirror, signals from which will 
be picked up by the the toll gates as you enter and leave the 
freeway.  If you elect not to subscribe your license plate will 
be photographed and you'll get a bill in the mail.  If you elect 
not to pay the bill you'll be nabbed for it the next time you go 
to get your drivers license or car registration renewed...

Big Brother is not only watching, he's recording your location
and destination, measuring your distance travelled, and charging 
you for the privilege of driving...



=====
Bob Jonkman                         SOBAC Microcomputer Services
4 Gold Pine Court                      mailto:bjonkman at sobac.com
Brampton  ON  L6S 2K6  Canada                Voice: 905-793-4537
Networking   --   Office & Business Automation   --   Consulting
Key fingerprint: 9F AF A6 AC B5 67 BC 10 89 73 7C F0 CB 27 03 17
finger -l bjonkman at sobac.com or send mail with subject 'send key'






From fstuart at vetmed.auburn.edu  Sun Aug 18 04:57:18 1996
From: fstuart at vetmed.auburn.edu (Frank Stuart)
Date: Sun, 18 Aug 1996 19:57:18 +0800
Subject: Hackers invade DOJ web site
Message-ID: <199608180942.EAA08054@snoopy.vetmed.auburn.edu>


>CNN online (http://www.cnn.com) is reporting a "breakin" by "hackers"
>to the DOJ web site.  They don't elaborate exactly how thy did it.

I certainly don't support the person or people responsible for this and it may
very well end up having an overall negative impact.  Since it has happened,
however, I think those in a position to do so should start with the spin
control.  Some suggestions:

   The fact that even the U.S. Justice Department is unable to adequately
   protect it's own site from intruders underscores the need for widely-
   available strong encryption.

   While this is certainly a major embarrassment for the Justice Department,
   at least the mandatory "key escrow" program the Clinton administration is
   insisting upon has not yet been implemented; no private citizens' data
   appears to have been compromised this time.

   It's doubtful that a new law or government bureaucracy would have prevented
   this from happening but it's entirely possible that tools such as strong
   encryption could have.  It's ironic that the U.S. Government is focusing on
   the former while fighting use of the latter.

This event could potentially draw a lot of interest from the general public.
Since we're dealing with public perceptions largely created through the main-
stream media, it's important to remember that "sound bites" are more important
than carefully reasoned arguments.

                          | (Douglas) Hofstadter's Law:
                          | It always takes longer than you expect, even 
Frank Stuart              | when you take into account Hofstadter's Law.





From tcmay at got.net  Sun Aug 18 05:05:17 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 18 Aug 1996 20:05:17 +0800
Subject: Ad Hoc Bay Area Cypherpunks Thing--Sat., 24 Aug, 3 pm, Menlo Park
Message-ID: <ae3c327900021004da3d@[205.199.118.202]>


At 9:17 PM 8/17/96, Simon Spero wrote:
>On Sat, 17 Aug 1996, Timothy C. May wrote:
>
>> There is no Cypherpunks event scheduled for that Saturday, but we can have
>> an ad hoc gathering, informally arranged. I suggest meeting at 3 p.m. at
>> Cody's Bookstore, on El Camino Real in Menlo Park (hard to miss). Or at the
>> coffee shop next to it...either should be sufficient Schelling points to
>
>Do you mean Kepler's? That's the one right near Menlo Park caltrain
>station; the coffee shop next to it is  Cafe Borone. Get the Mocha.
>

Yeah, I was thinking of Kepler's. (Cody's is in Berkeley, of course.)

Once again: KEPLER'S BOOKS.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From usura at replay.com  Sun Aug 18 05:37:46 1996
From: usura at replay.com (Alex de Joode)
Date: Sun, 18 Aug 1996 20:37:46 +0800
Subject: Final release of Navigator (with strong crypto) now available
Message-ID: <199608181037.MAA14188@basement.replay.com>


Jeff Weinstein (jsw at netscape.com) wrote:

: The final release of Navigator 3.0, complete with non-exportable
: strong crypto, is now available for download by US citizens.  Note
: that this is the released version of 3.0, so it will not expire.
: You can get it from:

Would it be possible to both supply an Linux ELF and a.out binary ?

: 	http://wwwus.netscape.com/eng/US-Current/

: 	--Jeff

--
  Alex de Joode  | Replay IP Service & Web DZign  --  The Netherlands
usura at replay.com | http://www.replay.com       mailto:info at replay.com





From jsw at netscape.com  Sun Aug 18 05:59:26 1996
From: jsw at netscape.com (Jeff Weinstein)
Date: Sun, 18 Aug 1996 20:59:26 +0800
Subject: Final release of Navigator (with strong crypto) now available
In-Reply-To: <199608181037.MAA14188@basement.replay.com>
Message-ID: <3216F54C.425C@netscape.com>


Alex de Joode wrote:
> 
> Jeff Weinstein (jsw at netscape.com) wrote:
> 
> : The final release of Navigator 3.0, complete with non-exportable
> : strong crypto, is now available for download by US citizens.  Note
> : that this is the released version of 3.0, so it will not expire.
> : You can get it from:
> 
> Would it be possible to both supply an Linux ELF and a.out binary ?

  No, we will only be supplying ELF.  Since linux is not officially
supported, we really don't have the resources to do multiple versions.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From mycroft at actrix.gen.nz  Sun Aug 18 07:31:56 1996
From: mycroft at actrix.gen.nz (Paul Foley)
Date: Sun, 18 Aug 1996 22:31:56 +0800
Subject: _Secret Power_ (re: "world communications being monitored")
Message-ID: <199608180827.UAA07333@mycroft.actrix.gen.nz>


Forewords from Nicky Hager's book _Secret Power_:


Once upon a time life was easy for the intelligence community.
   Michael Joeseph Savage made a mark in the sands of history with his
`where Britain stands we stand' declaration.  It was only right that
we saw the world through British eyes and, when Britain retreated,
only sensible that we should go all the way with LBJ as an Australian
Prime Minister (in whose memory a swimming pool in Melbourne was
named) once declared.  The cold war kept us in line and on line.
   In the mid-1980s we bucked the system.  We may have been ahead of
our time on matters nuclear, but we were out of step with what was
called the `Western Alliance'.  It took a break with the United States
and Britain to make the people of New Zealand aware that we were part
of an international intelligence organisation which had its roots in a
different world order and which could command compliance from us while
withholding from us the benefits of others' intelligence.
   Life at the time was full of unpleasant surprises.  State-sponsored
terrorism was a crime against humanity as long as it wasn't being
practiced by the allies, when it was studiously ignored.  In the
national interest it became necessary to say `ouch' and frown and bear
certain reprisals of our intelligence partners.  We even went the
length of building a satellite station at Waihopai.  But it was not
until I read this book that I had any idea that we had been committed
to an international integrated electronic network.
   It was with some apprehension that I learned Nicky Hager was
researching the activity of our intelligence community.  He has long
been a pain in the establishment's neck.  Unfortunately for the
establishment, he is engaging, thorough, unthreatening, with a
dangerously ingenuous appearance, and an atonishing number of people
have told him things that I, as Prime Minister in charge of the
intelligence services, was never told.
   There are also many things with which I am familiar.  I couldn't
tell him which was which.  Nor can I tell you.  But it is an outrage
that I and other ministers were told so little, and this raises the
question of to whom those concerned saw themselves ultimately
anwserable.
   It also raises the question as to why we persist with the old order
of things.  New Zealand doesn't have much in common with Major's
Britain and probably less with Blair's Britain.  Are we
philosophically in tune with Clinton's USA?  Is he?
   Does all of that prejudice our new orientation to Asia?
   There will be two responses to this book.  One will take the easy
course of dumping on Hager.  He is quite small and can easily be
dumped on.  The other will be to challenge the existing assumptions
and to have a rational debate on security and intelligence.  I have
always enjoyed taking the easier course but we may have been the
poorer for it.


                                                           David Lange
                                 Prime Minister of New Zealand 1984-89



                  -------------------------------------


The world of signals intelligence is one that governments have
traditionally tried to keep hidden from public view.  The secrecy
attached to it by the United Kingdom and its allies in the Second
World War, particularly codebreaking operations, carried over into the
Cold War.  Whether their adversaries were attacking them with weapons
or diplomatic strategies, the concern was the same --- that
revelations about methods and successes would lead an adversary to
change codes and ciphers and deny the codebreaker the ability to read
the foe's secret communications.
   Another aspect of the Second World War that carried over into the
Cold War era was the close co-operation between five countries --- the
United States, the United Kingdom, Canada, Australia and New Zealand
--- formalised with the UKUSA Security Agreement on 1948.  Although
the treaty has never been made public, it has become clear that it not
only provided for a division of collection tasks and sharing of the
product, but for common guidelines for the classification and
protection of the intelligence collected as well as for personal
security.
   But over the last 50 years, codebreaking has become far more
difficult, and often impossible --- due to the use of computer based
encryption.  At the same time, the interception of unencrypted
communications (for example, air-to-ground communications) and other
electronic signals --- particularly radar emanations and missile
telemetry --- has grown dramatically in importance.  This expanded
role for signals intelligence was made evident in the construction and
operation of a vast networkof ground stations spread across the world,
aircraft equipped with intercept antenna patrolling the skies (and
sometimes being shot down), and eventually the launch of eavesdropping
satellites.  This activity did not escape the notice of the Soviet
Union, which also was busy establishing its own elaborate network.  It
also became very evident to outsider observers that signals
intelligence was an important and very expensive part of the Cold War.
   That signals intelligence became more noticeable did not, for many
years, alter the attitudes of the authorities about the necessity for
strict secrecy.  In the United States, the National Security Agency,
established in 1952, was officially acknowledged only in 1957.  For
years, what were well known to be US operated signals intelligence
stations have been officially described as facilities engaged in the
research of `electronic phenomena' or the `rapid-relay of
communications.'  It took the US over 20 years after the Soviet Union
obtained detailed information on a US signals intelligence satellite
even to acknowledge the existance of such satellites.  Other nations
have been equally reticent --- the very existance of Canada's
Communications Security Establishment was first revealed by the media
in 1975.
   In recent years some of the UKUSA governments have been somewhat
more forthcoming about signals intelligence sometimes with regard to
historical events, sometimes with respect to organisation structure,
and sometimes about some aspect of current operations.  But secrecy is
still intense (although no more than in other countries).  What the
public does know, it knows largely because of the efforts of
industrious researchers who have collected and analysed obscure
documents and media accounts, and interviewed present and former
intelligence officers who can shed light on signals intelligence
operations.  These researchers have included Desmond Ball in
Australia, James Bamford in the United States and Duncan Campbell in
the United Kingdom.
   Nicky Hager's _Secret Power_ earns him a place in that select
company.  Indeed, he has produced the most detailed and up-to-date
account in existance of the work of any signals intelligence agency.
His expos� of the organisation and operations of New Zealand's
Government Communications Security Bureau (GCSB) is a masterpiece of
investigative reporting and provides a wealth of information.
   The reader of Mr Hager's book will learn about not just New
Zealand's signals intelligence activities, but those of its partners.
Specifically, the reader will learn about the origins, the evolution,
and internal structure of the GCSB; the Tangimoana and Waihopai ground
stations and their operations; New Zealand's role in the UKUSA
alliance, and some of the signals intelligence operations of the other
UKUSA nations.  _Secret Power_ also serves as a fascinating case study
of the role of a junior partner in an intelligence alliance.
   Some, undoubtedly, will object to the unprecendented detail to be
found in the book, taking the traditional view that secrecy is far
more important than public understanding of how tax dollars are being
spent on intelligence.  Certainly, revelations that defeat the purpose
of legitimate intelligence activities are unfortunate and waste those
tax dollars.  But the UKUSA governments and their intelligence
services have been far too slow in declassifying information that no
longer needs to be secret and far too willing to classify information
that need not be restricted.  A Canadian newspaper made the point
rather dramatically a few years ago --- after being denied access to a
Canadian signals intelligence facility, the paper promptly purchased
on the open market, and published, a satellite photograph of the
facility, and its antenna system, first obtained by a Soviet spy
satellite.
   There are many individuals within the services who would prefer
greater openness, but they frequently cannot overcome the intense
opposition of those preaching the need for tight secrecy.  The
internal bureaucratic battle to get information declassified can be a
long and intense one and those opposing disclosure have an advantage
--- often they are those in charge of security, who have developed a
mindset which views any revelation as damaging.  In the meantime, the
public is kept in the dark.  A free press, as manifested in books such
as Mr Hager's, is large step towards alleviating the problem.


                                                  Jeffrey T. Richelson
                                                  Alexandria, Virginia
                                                             May, 1996


  Jeffrey Richelson is a leading authority on United States
  intelligence agencies and author of _America's Secret Eyes in the
  Sky_ and co-author of _The Ties That Bind_.





From m5 at tivoli.com  Sun Aug 18 07:40:39 1996
From: m5 at tivoli.com (Mike McNally)
Date: Sun, 18 Aug 1996 22:40:39 +0800
Subject: MD5 completely broken!
In-Reply-To: <199608180349.WAA01402@manifold.algebra.com>
Message-ID: <32170F4A.56F2@tivoli.com>


Igor Chudov @ home wrote:
> 
> Atfer much scientific research, I have finally found a way to restore
> any message given only its MD5 checksum....
>
> The price of the library is to be determined.

I'll trade ya my bridge for it.  (It's in New York now; I'd have to 
go get it.)

______c_________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX * For the time being,
       m5 at tivoli.com * m101 at io.com       *    
      <URL:http://www.io.com/~m101>      * three heads and eight arms.





From pjn at nworks.com  Sun Aug 18 08:23:58 1996
From: pjn at nworks.com (pjn at nworks.com)
Date: Sun, 18 Aug 1996 23:23:58 +0800
Subject: Orbiting Datahavens
Message-ID: <TCPSMTP.16.8.18.9.26.14.2645935021.663003@.nworks.com>


 In> How about an orbiting DataHaven. No jurisdiction to bother with,
 In> extremely difficult to get to (except by large governments...). You
 In> could put together a couple of Linux boxes with a RAID system, some
 In> backups and a large solar panel and have a very nice, secure DataHaven.

 I bet one of those "weather" satalites would blow that thing out of the
 air in no time flat... :)


 P.J.
 pjn at nworks.com



... "Very funny, Scotty. Now beam down my clothes."

___ Blue Wave/QWK v2.20 [NR]







From dlv at bwalk.dm.com  Sun Aug 18 08:51:39 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Sun, 18 Aug 1996 23:51:39 +0800
Subject: MD5 completely broken!
In-Reply-To: <199608180701.DAA13334@cliff.cris.com>
Message-ID: <HwTusD2w165w@bwalk.dm.com>


"David F. Ogren" <ogren at cris.com> writes:
> P.S. But imagine if it was true! MD5 would become the ultimate compression
> algorithm. Any message could be reduced to a 128 bit archive.

The following is true. There used to be company in Silicon Vallye that marketed
compression software guaranteed to reduce any file to no more than 128K, no
matter how large the input. That side worked. The decompression side didn't.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From scraver at mnet.fr  Sun Aug 18 09:33:00 1996
From: scraver at mnet.fr (Arnauld Dravet)
Date: Mon, 19 Aug 1996 00:33:00 +0800
Subject: Netscape under Linux (Vs microsoft)
In-Reply-To: <199608181037.MAA14188@basement.replay.com>
Message-ID: <32173372.25BEFC52@mnet.fr>


Jeff Weinstein wrote:
> 
> Alex de Joode wrote:
> >
> > Jeff Weinstein (jsw at netscape.com) wrote:
> >
> > : The final release of Navigator 3.0, complete with non-exportable
> > : strong crypto, is now available for download by US citizens.  Note
> > : that this is the released version of 3.0, so it will not expire.
> > : You can get it from:
> >
> > Would it be possible to both supply an Linux ELF and a.out binary ?
> 
>   No, we will only be supplying ELF.  Since linux is not officially
> supported, we really don't have the resources to do multiple versions.
> 
>         --Jeff
> 
> --


yesterday i was in #linux on irc , and several pplreports some bugs with
netscape under linux.i got some too many times a day... Netscape crashes
when i try to load some HTML pages...i assume it shouldn't and we got
ansolutly no probs with Netscape under windows.
SO we just wondered if it's not a kind of support to micro$oft.
Maybe Linux is 'not officially supported', but have to know unix is the
most used OS, and that since Linux is free, many people use it. So when
will you accept to recognize Linux as an entire OS ?? i just reinstalled
Windows95 on a HD yesterday and it has already crached 2x. Windows is
expensive and it crashes. Why should we pay for a fucked 'OS' ?

Arnauld Dravet
scraver at mnet.fr
sChTrOuMf on Undernet





From dlv at bwalk.dm.com  Sun Aug 18 09:33:08 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 19 Aug 1996 00:33:08 +0800
Subject: Credit enforcement
In-Reply-To: <Pine.SV4.3.91.960817184151.21584C-100000@larry.infi.net>
Message-ID: <XFVusD11w165w@bwalk.dm.com>


Alan Horowitz <alanh at infi.net> writes:

> I thought that classical libertarians agree that the enforcement of
> contracts is a proper function of the government.

Then your classical libertatians are fucking statists.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From dlv at bwalk.dm.com  Sun Aug 18 09:33:16 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 19 Aug 1996 00:33:16 +0800
Subject: Anguilla
In-Reply-To: <Pine.LNX.3.91.960817154651.21014E-100000@offshore>
Message-ID: <w5uusD10w165w@bwalk.dm.com>


Vincent Cate <vince at offshore.com.ai> writes:
> The rumor is that Cable and Wireless bribed the previous government with
> things like a free loan of a bulldozer worth $500/day for a couple weeks
> to get their 30 year monopoly contract.  Given that CandW is making
> millions each year, seems they got off cheap, if true.  Claim is that the
> UK does not mind their companies bribing officials, and CandW does it alot
> all around the world.

I don't see a problem with that. All governments are corrupt by definition.
As far as I know, the U.S. is the only country in the world prohibiting
its businesses from bribing foreign officials with the silly law known
as the Foreign Corrupt Practices act (as if U.S. politicians didn't take
bribes!) The results are: U.S. businesses not being competetive in the
international markets where bribes are the traditional part of doing
business, and a significant paperwork/compliance cost in all other
international markets.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From ses at tipper.oit.unc.edu  Sun Aug 18 09:53:49 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Mon, 19 Aug 1996 00:53:49 +0800
Subject: MD5 completely broken!
In-Reply-To: <32170F4A.56F2@tivoli.com>
Message-ID: <Pine.SUN.3.91.960818103543.4112A-100000@tipper.oit.unc.edu>


On Sun, 18 Aug 1996, Mike McNally wrote:
> 
> I'll trade ya my bridge for it.  (It's in New York now; I'd have to 
> go get it.)

Is this bridge SNMP aware?

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From janke at unixg.ubc.ca  Sun Aug 18 09:55:57 1996
From: janke at unixg.ubc.ca (janke at unixg.ubc.ca)
Date: Mon, 19 Aug 1996 00:55:57 +0800
Subject: Final release of Navigator (with strong crypto) now available
In-Reply-To: <321677C2.663B@netscape.com>
Message-ID: <m2vieg4vgl.fsf@clouds.heaven.org>



How's that database so that people in Canada can download the
128-bit version coming along?

Leonard





From qut at netcom.com  Sun Aug 18 10:23:28 1996
From: qut at netcom.com (Roger Healy OBC)
Date: Mon, 19 Aug 1996 01:23:28 +0800
Subject: Final release of Navigator (with strong crypto) now available
In-Reply-To: <3216F54C.425C@netscape.com>
Message-ID: <199608181505.IAA08709@netcom.netcom.com>


> Alex de Joode wrote:
> > 
> > Jeff Weinstein (jsw at netscape.com) wrote:
> > 
> > : The final release of Navigator 3.0, complete with non-exportable
> > : strong crypto, is now available for download by US citizens.  Note
> > : that this is the released version of 3.0, so it will not expire.
> > : You can get it from:
> > 
> > Would it be possible to both supply an Linux ELF and a.out binary ?
> 
>   No, we will only be supplying ELF.  Since linux is not officially
> supported, we really don't have the resources to do multiple versions.

ELF is cool.  What about BSD?  I've seen how you support BSDI so the 
binary should work with FreeBSD or NetBSD.?


--
Love,
Qut at netcom.com





From jimbell at pacifier.com  Sun Aug 18 11:00:11 1996
From: jimbell at pacifier.com (jim bell)
Date: Mon, 19 Aug 1996 02:00:11 +0800
Subject: BlackNet as a Distributed, Untraceable, Robust Data Haven
Message-ID: <199608181532.IAA18019@mail.pacifier.com>


At 10:40 PM 8/17/96 -0700, Vladimir Z. Nuri wrote:
>
>>I have to speak up here and say that there is an actual working exemplar of
>>a distributed, untraceable data haven. While it lacks a robust _payment_
>>mechanism, that is also untraceable, so does the "Visit Port Watson"
>>example (which has never actually existed).
>
>agree with Jim Bell that blacknet by any stretch of the imagination
>is not a "data haven". 

I've not yet commented on this thread!  Sounds like you're confusing me with somebody else.

Jim Bell
jimbell at pacifier.com





From jwilk at iglou.com  Sun Aug 18 11:47:19 1996
From: jwilk at iglou.com (Blake Wehlage)
Date: Mon, 19 Aug 1996 02:47:19 +0800
Subject: Private Idaho
Message-ID: <m0usAC7-0003CpC@mail.iglou.com>


Could anyone tell me the URL of the latest version of Private Idaho..... 

Thank You!
==========================================
   Blake Wehlage <jwilk at iglou.com>
   ��� R�V�L����� B�+ ��mP@� � ���
 Goto: http://members.iglou.com/jwilk






From bart.croughs at tip.nl  Sun Aug 18 12:06:30 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Mon, 19 Aug 1996 03:06:30 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <01BB8D2F.B10B2EA0@groningen12.pop.tip.nl>




Mike McNally wrote:

>Bart Croughs wrote:

>> ... better arguments (after reading the books I suggested)

>Like what is it with you and these books?  Is "Austrian" a code word
>for "Divine omniscient extraterrestrial super-being"?

No, but a number of posters claimed they were Austrians, and among them was Timothy May. So if I can show that Timothy's statements contradict the economic theories he says he supports on the most fundamental level (the level of methodology), then I have a pretty solid case that he is a bit confused and that he should do his homework better before he continues arguing. Unless of course he can show the Austrians (or me) to be wrong; but he hasn't done this yet.

      >Through all this sophist gibberish I've completely lost track of
      >what exactly it is you're trying to say.

I don't blame you when you get the impression that Austrian methodology, compressed in a couple of sentences, is sophist gibberish. Without the proper background knowledge, this is probably unavoidable; methodology is a rather difficult subject. But if you are really interested and want to know more about it, you now know where to look...

Bart Croughs





From alanh at infi.net  Sun Aug 18 12:11:45 1996
From: alanh at infi.net (Alan Horowitz)
Date: Mon, 19 Aug 1996 03:11:45 +0800
Subject: Possible opportunity for school recruitment
In-Reply-To: <01I8EDF65HPS9JD95Q@mbcl.rutgers.edu>
Message-ID: <Pine.SV4.3.91.960818115011.21967E-100000@larry.infi.net>


I wanna go to the Internet Big Rig Tractor Pull contest!





From bart.croughs at tip.nl  Sun Aug 18 12:22:31 1996
From: bart.croughs at tip.nl (Bart Croughs)
Date: Mon, 19 Aug 1996 03:22:31 +0800
Subject: Imprisoned Capital
Message-ID: <01BB8D2F.ABBEAD00@groningen12.pop.tip.nl>



James A. Donald wrote:

>[In response the argument that attempts to imprison capital will cause 
>capital flight]

>At 10:50 PM 8/16/96 +-200, Bart  Croughs wrote:
>> This is a good point when you talk about governments that will 
>> prevent *all* capital from flowing out. But a government could 
>> prevent the outflow of capital of it's own citizens, and still 
>> allow capital of foreigners to leave the country. As long as 
>> foreign capital isn't imprisoned, foreign capital could be 
>> attracted.

>Been tried.  Does not work.

>1.  If foreign capital is allowed to freely enter and leave, internal
>players find ways to sneak their capital out.  This forces the
>government to start regulating and supervising foreign businessmen
>in ways that at best terrify them (such controls look very much
>like creeping confiscation), and at worst cause them huge harm
>with no real benefits to anyone.

I think you are probably right that *in practice* it will not work when the government tries to prevent domestic capital from flowing out and at the same time will allow capital of foreigners to freely flow in and out. After all, government doesn't work. But this doesn't prove the theoretical case that an outflow of capital wouldn't hurt the standard of living of workers in a country. As long as this isn't proven, governments have an excuse to try again and impose controls on capital (and this time of course, they will do it better...)

Bart Croughs





From alanh at infi.net  Sun Aug 18 12:22:36 1996
From: alanh at infi.net (Alan Horowitz)
Date: Mon, 19 Aug 1996 03:22:36 +0800
Subject: Burden of proof
In-Reply-To: <19960818074654046.AAA160@IO-ONLINE.COM>
Message-ID: <Pine.SV4.3.91.960818122245.21967I-100000@larry.infi.net>


On Sun, 18 Aug 1996, Adamsc wrote:

> On the other hand, if your employer was willing to do some sneaky ecash
> stuff, then it might get interesting.

   Which alternate universe are you in, Chris, where employers don't want
to DECLARE AND DEDUCT their salary expenses - every last penny of it? 
Which planet is that, where a company can afford to set up a structural
cost in its operations, that its competitors don't have? 



> "Sorry, this is all I have left"

   No problem, they will get a judgement against all your future earnings.


There are ways around the taxation problem, but they don't involve hiding 
facts from the US Govt. This is the cold, hard reality. Get used to it.





From jimbell at pacifier.com  Sun Aug 18 12:39:03 1996
From: jimbell at pacifier.com (jim bell)
Date: Mon, 19 Aug 1996 03:39:03 +0800
Subject: FCC_ups
Message-ID: <199608181544.IAA18394@mail.pacifier.com>


At 03:36 AM 8/18/96 +0000, Vipul Ved Prakash wrote:

>> >First flat rates would have to go out.
>> >If Alice uses her phone for 5 hrs in month and pay _x_ dollars and Bob uses
>> >his for 100 hrs and pays _x_ dollars, then Alice is subsidising Bob, which
>> >is not really ethical. Everyone should pay for the amount of bandwith 
>> >one is using.  
>> 
>> I'm afraid you're promoting what I consider a rather old (and, now, odd) 
way 
>> to look at it.  Unlike old mechanical telephone switches, the new hardware 
>> does not "wear out" and thus a person who uses it more doesn't cost the 
>> phoneco any more bucks.  If that's the case, I don't see the logic in 
>> charging a person more for greater use.  
>> 
>Machinery 'wear and tear' is a small part of Infrastructure maintainance 
costs. There are tons of other things. Hidden costs, management, laying new 
pipes,etc. 

Well, let's consider such costs.  Most of which (maintenance, management, 
rolling stock) are unrelated to amount of telephone usage.  So there is no 
reason that these costs should be unequally attributed to a person who makes 
local calls 1 hour per day, as opposed to another who only calls 15 minutes 
per day, for example.

As for the "laying new pipes" issue:  Years ago in the the US, when 
inter-central-office trunk connections were all implemented using large 
bundles of copper pairs, it would have been _correct_ to say that higher 
telephone usage resulted in larger costs, since more trunk lines were 
necessary.  Today, on the other hand, inter-office trunks (at least the new 
ones, and I presume that even many of the old ones have been switched over) 
are implemented in fiber optics.  Extra capacity is either automatically 
available (since the capacity of a given fiber is unlikely to be fully used) 
or can be fairly simply added by converting old fiber from about 450 
megabits per second to 2.4 gigabits, or even faster rates which have become 
more recently available.


>But you miss my point, if a phoneco is not getting a penny for its long 
distanceservices (which subsidise the flat rate local calls) then the choice 
would
>be to close down. Which would be a severe attack to the local internet usage.

That's an entirely unsupported claim.  Nobody claims that telephone usage 
(term used generically) is on the way out.  "Closing down" is only going to 
happen if local phonecos cease to be able to provide a service that people 
are willing to pay for.

And as for the amount of the subsidy, let's look at it.  I've read around 
here recently that the amount of the charge is 3 cents per minute.  If we 
assume an average LD rate of 15 cents per minute, that's 20% of the  bill.  
If an average LD bill is $15 per month, that's only $3 per line, per month.  
It seems to me that those local phonecos could simply raise their local 
charges by this and totally compensate for the loss of that subsidy.  
However, an even more likely outcome is that they will make structural 
changes which they've been able to avoid after decades as a regulated, 
monopolized business:  Reduce personnel levels, especially in areas other 
than those in which they are actually providing telephone service.  Reduce 
salaries from "comfy" to "competitive."  

Before it was broken up in 1983, AT+T was a regulated monopoly and was, more 
or less, guaranteed a profit.  Extra costs, such as higher staffing levels 
and higher salaries, simply increased the rates, they didn't reduce the 
profits.  This system is still in force with the local phoneco side of the 
business.

Anther thing which could be done, from the government's side (as part of an 
industry restructuring) is to allow phonecos to greatly accelerate their tax 
write-off of existing depreciating equipment, perhaps down to as low as 5 
years or so.  The theory is, these phonecos are going to start competing 
with companies who are only buying their equipment today, and it would be 
unfair to saddle the older companies with old, inefficient equipment without 
allowing them to completely write it off quickly.  (This, of course, doesn't 
mean that they need to actually take it out of service...)


Jim Bell
jimbell at pacifier.com





From joelm at eskimo.com  Sun Aug 18 12:56:23 1996
From: joelm at eskimo.com (Joel McNamara)
Date: Mon, 19 Aug 1996 03:56:23 +0800
Subject: Hackers invade DOJ web site
Message-ID: <199608181609.JAA22778@mail.eskimo.com>


At 04:42 AM 8/18/96 -0500, you wrote:
>>CNN online (http://www.cnn.com) is reporting a "breakin" by "hackers"
>>to the DOJ web site.  They don't elaborate exactly how thy did it.

Well the DOJ site still is down, but here's some details I pulled out of a
USENET newsgroup this morning (hopefully L.G. Shirley won't mind the
forward).  All in all, it sounds like a fairly childish stunt...

From: "L. G. Shirley" <lgshirley at mail.worldnet.att.net>
Newsgroups: rec.radio.scanner
Subject: DOJ homepage hacked!!!
Date: 17 Aug 1996 22:47:59 GMT
Organization: AT&T WorldNet Services
Lines: 49
Message-ID: <4v5i6v$hm8 at mtinsc01-mgt.ops.worldnet.att.net>

About 10PM last night I clicked on my bookmark for the Federal Gov't and 
then selected, by random, the Dept of Justice.


                      http://justice2.usdoj.gov/


SURPRISE!!!!!!!!!! Someone had made a few changes, For one it is now 
called the Department of Injustice. You are immediately greeted by the 
Nazi swastika all over your screen's background.

A flag w/the symbol is apparent. George Washington's picture is captioned 
with his words, "Move my grave to a free country! This rolling is making 
me an insomniac".

Janet Reno's portrait has been replaced by Hitler's. And a flag now bears 
the Nazi symbol. She is now called Attorney General Furher.

There is plenty of nudity and the many links will take you to places you 
may never have been before. I don't think we're in Kansas anymore Toto!

I have no clues how it was done or when. My guess is someone changed all 
the links to the DOJ page to another one, the one you see when you click 
on the DOJ's homepage.

I worked today and when I came home and tried to get back to the DOJ's 
page, no luck. Must be a major overload <grin> of people trying to get to 
the link of women clad in, well, next to nothing and tied with rope!

I don't think the author will make any brownie points w/women. He hacked 
the homepage they have w/the DOJ on violence against women. I'm not 
condoning such action and violence is a very serious issue but whoever did 
the hack was also very serious.

He changed a Clinton speech on affirmative action and insulted blacks with 
his choice of words. There is a lot of rambling about the internet and the 
Gov't taking away our rights on it.

The author has a interesting slant on things. This should be enough of a 
warning if you're easily offended by racism, hate, foul language, porn on 
the net, and general crudeness. Don't go there.

I would like to know just how this was done, any ideas? Is it that easy to 
hack someones homepage?

I wonder how long it'll be before this homepage link is removed and can 
they find who did the evil deed? Two months on the Net and just when I 
think I'd seen it all, wow.






From m5 at tivoli.com  Sun Aug 18 12:58:48 1996
From: m5 at tivoli.com (Mike McNally)
Date: Mon, 19 Aug 1996 03:58:48 +0800
Subject: National Socio-Economic Security Need for Return Key
In-Reply-To: <01BB8D2F.B10B2EA0@groningen12.pop.tip.nl>
Message-ID: <3217525C.72C@tivoli.com>


Bart Croughs typed, deftly avoiding the enormous key labeled "Return":
>
> I don't blame you when you get the impression that Austrian
> methodology, compressed in a couple of sentences, is sophist
> gibberish.

Seems to me that ya gotta be mighty careful when interpreting piles
of egghead "gedanken" experiments.  If you feel you can squeeze the
contents of one more book into your head, I'd suggest one by another
economist (sorta), Stuart Chase's "Tyranny of Words".

______c_________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX * For the time being,
       m5 at tivoli.com * m101 at io.com       *    
      <URL:http://www.io.com/~m101>      * three heads and eight arms.





From dlv at bwalk.dm.com  Sun Aug 18 13:27:08 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 19 Aug 1996 04:27:08 +0800
Subject: CS First Boston lawsuit
Message-ID: <Rq6usD20w165w@bwalk.dm.com>


In a lawsuit files in federal court in New York City, CS First Bostom has
charged an unknown party with libel, slander and violation of the Federal
Telecommunications Act, as well as with impoerly obtaining confidential
financial information and sending it out in e-mail messages.

The lawsuit seeks damages of at least $1M against "FBCbuster" and "FBCbuster2",
the aliases of an America Online AOL) subscriber or subscribers. AOL was not
named as a defendant in the lawsuit, which concerns two separate e-mail
messages sent to First Boston employees.

The suit sais the firsy e-mail message, which was sent on March 3, included a
"macabre poem" about the destruction of the firm. In a second message, sent a
week later, the lswsuit states that the writer included confidential salary
information about current and former officers of the firm.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From stephen at iu.net  Sun Aug 18 13:27:54 1996
From: stephen at iu.net (Stephen Cobb)
Date: Mon, 19 Aug 1996 04:27:54 +0800
Subject: US Taxes on X-Pats
Message-ID: <1.5.4.32.19960818182834.00bb88ac@iu.net>


Pardon me for jumping in...but a year ago I won a case in tax court brought
aainst me by the IRA for not paying taxes on income earned while living
overseas...apart from the verdict, the whole thing was a complete farce!

My advice is to research the subject in detail before leaving the country
and file IRS returns faithfully every year regardless of where you live even
if you owe no tax (I owed no tax so filed no returns, penalty for not filing
= % of tax owed, so no penalty for not filing, but only IF the IRS agrees
you don't owe).

Yes, there has been talk in the Clinton administration of dropping the
overseas earning provision. You might want to email either Sen. Byron Dorgan
or Sen. Kent Conrad of N.D. since both these guys were State Tax
Commssioners before going to Washington and seem to be clued in on federal
tax issues. The report I read in the Orlando Sentinel suggested that Clinton
felt the exclusion was a money loser desined to help US corporations get
employees to work overseas. However, it seems to me that it is also part of
the complex web of international tax treaties designed to prevent double
taxation. If you are a US citizen earning in a country that has an income
tax they are likely going to expect you to pay tax, just as we tax foreign
nationals living here.

My impression is that many IRS staff lack in-depth knowledge of this very
complex area (for example, I paid tax on my overseas income to the
government of the country in which I was living when I earned it and that
country has a tax treaty with the US...after about 6 very scary phone calls
the agent assigned to the case agreed that I did not owe income tax...but
then he tried to hit me up for thousands fo dollars in self-employed soc sec
contribution -- when I told him that was also covered under a reciprocal
treaty it was complete news to him...he asked me, and I wish I had taped the
call, to send him the IRS document in which I had read this!)

The result is often months of very stressful waiting, staring huge penalties
in the face, while they learn up on the subject and say "I guess you're
right, you don't owe that $60,000 in unpaid tax and penalties we asked the
judge to award us." I still have a state tax lien triggered by this bogus
action against me lying around on one of my credit reports.

Respectfully...Stephen

ps The recent US legislation denying soc sec benefits to legal aliens seems
to be a breach of the referred to above. 

pps The relation to cypto is :-)? 






From stephen at iu.net  Sun Aug 18 13:28:45 1996
From: stephen at iu.net (Stephen Cobb)
Date: Mon, 19 Aug 1996 04:28:45 +0800
Subject: Schlafly on crypto
Message-ID: <1.5.4.32.19960818182839.00bde080@iu.net>


At 06:44 PM 8/17/96 -0400, you wrote:
>I don't think that Schlafy is a usefull aly any more than Bob Dole
>basically its just opportunist politicians latching onto the rhetoric
>of debates without engaging in the argument. Dole senses that the mood
>of the country is pro crypto so he supports that, he senses that it
>is anti porn so he will support that.
>
>Basically Schlafy is playing the same game. She is saying things that
>she knows will curry favour so she can get people to join her Wacko
>club. 
>
Phil
   I tend to agree...anyone who thinks victory for Dole/Kemp in 96 means
strong free unescrowed crypto in 97 needs to read a few history books.
   Stephen






From cmcurtin at research.megasoft.com  Sun Aug 18 13:32:32 1996
From: cmcurtin at research.megasoft.com (C Matthew Curtin)
Date: Mon, 19 Aug 1996 04:32:32 +0800
Subject: THE POUCH
Message-ID: <199608181757.NAA10242@goffette.research.megasoft.com>


-----BEGIN PGP SIGNED MESSAGE-----


Allow me to quote from your web page:
http://www.flagler.com/security.html

Quote #1:
"The POUCH is a secure e-mail terminal program for IBM compatible
computers. It uses a secret key phrase, advanced cryptographic
techniques and several unpublished algorithms to protect data in the
body of e-mail messages. The key phrase, which can be up to 48 bytes
long, is easily remembered and communicated. The POUCH is highly
resistant to all known forms of cryptographic attack."

Quote #2:
"We warrant that the product when delivered to you has no short cuts,
covert channels or secret solutions of any kind. No other warranty,
either expressed or implied is given."

These two statements are contradictory; an unpublished algorithm is
itself a secret solution, and a covert channel.

Why is it that software manufacturers keep popping up and spewing
nonsense? Obscurity is not security. Making the algorithm proprietary
does extremely little in making it resistant to attack. All of your
statements regarding the security of "The Pouch" are worthless, for
you have no data with which to substantiate your claims.

If it is any good, there's no way for us to know. But your marketing
of the product has every indication that it's nothing more than smoke
and mirrors. To coin a phrase, "pseudocrypto."

Please refrain from your bogus marketing techniques. This kind of
stuff, by claiming to be "real cryptography" makes real cryptographers
look bad.

- -- 
C Matthew Curtin        MEGASOFT, LLC        Director, Security Architecture
I speak only for myself.  Don't whine to anyone but me about anything I say.
Hacker Security Firewall Crypto PGP Privacy Unix Perl Java Internet Intranet
cmcurtin at research.megasoft.com http://research.megasoft.com/people/cmcurtin/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Have you encrypted your data today?

iQCVAwUBMhdZaBhyYuO2QvP9AQHaxQP+OvqYc9U/3BTPwnEhL/9ADkzL+ulhILpj
1zbyhktoCB4yMB13WQgm05DM6lolUufo63nkhsX4giMhrQ2XCBeM5/8pxJOD2ThY
3+foxma7e3tUv8r6PjNlnhn2TzVPPgbN+6NdpUCbNtOpG8GsD4EdQ35S+H0Y+aJm
75FfHfaDrNQ=
=6Zxy
-----END PGP SIGNATURE-----





From dlv at bwalk.dm.com  Sun Aug 18 13:32:59 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 19 Aug 1996 04:32:59 +0800
Subject: MD5 completely broken!
In-Reply-To: <Pine.SUN.3.91.960818103543.4112A-100000@tipper.oit.unc.edu>
Message-ID: <H65usD19w165w@bwalk.dm.com>


Simon Spero <ses at tipper.oit.unc.edu> writes:

> On Sun, 18 Aug 1996, Mike McNally wrote:
> >
> > I'll trade ya my bridge for it.  (It's in New York now; I'd have to
> > go get it.)
>
> Is this bridge SNMP aware?

We'll cross this bridge when we come to it.

(Hey, it costs us $7 to cross the Verazano bridge, it must be good to own one.)

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From stephen at iu.net  Sun Aug 18 13:36:36 1996
From: stephen at iu.net (Stephen Cobb)
Date: Mon, 19 Aug 1996 04:36:36 +0800
Subject: Hackers invade DOJ web site
Message-ID: <1.5.4.32.19960818184633.00c0c884@iu.net>


At 09:03 PM 8/17/96 -0500, you wrote:
>CNN online (http://www.cnn.com) is reporting a "breakin" by "hackers"
>to the DOJ web site.  They don't elaborate exactly how thy did it.
> 
>______c_________________________________________________________________
>Mike M Nally * Tiv^H^H^H IBM * Austin TX * For the time being,
>       m5 at tivoli.com * m101 at io.com       *    
>      <URL:http://www.io.com/~m101>      * three heads and eight arms.
>
If anyone happens to know which vulnerability(s) this hack exploited I would
be most grateful if they could let me know, either on the list or privately
(stephen at iu.net). I am not asking for someone to publish the attack script
or specifics of what was done to get in, but I would like to know what holes
were used (e.g. cgi script error).

Respectfully...Stephen






From snow at smoke.suba.com  Sun Aug 18 14:08:00 1996
From: snow at smoke.suba.com (snow)
Date: Mon, 19 Aug 1996 05:08:00 +0800
Subject: Software manpower exports and the power of governments
In-Reply-To: <Pine.OSF.3.91.960818103202.3366C-100000@giasdl01.vsnl.net.in>
Message-ID: <Pine.LNX.3.93.960818132639.945B-100000@smoke.suba.com>


On Sun, 18 Aug 1996, Arun Mehta wrote:
> On Sat, 17 Aug 1996, James A. Donald wrote:
> > At 13:23 16/08/96 -0700, James A. Donald wrote:
> > At 06:17 PM 8/17/96 +0600, Arun Mehta wrote:
> > > Look, governments in the 3rd world are often stupid and corrupt
> > > -- no doubt that contributes to poverty, but that isn't the only
> > > reason. I'm sure one of the reasons is cultural: 
> > Was the culture of the refugees who fled to Hong Kong any different
> > from those who failed to escape from Communist China?
> The individual can change far faster than the community, which is why
> immigrants to the US, for instance, do so much better than back home. It

     Of course the individual immigrant doing better in America _could_ have
something to do with the high degree of "class mobility" (note quotes).

> has, in the case of economic matters, to do with attitudes of government,
> the chambers of commerce and all the institutions that influence economic
> policy -- which can take long to change.

     Which falls back on the community "culture" in America. 

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From sdudar at westeel.ca  Sun Aug 18 14:10:33 1996
From: sdudar at westeel.ca (Shawn Dudar)
Date: Mon, 19 Aug 1996 05:10:33 +0800
Subject: Private Idaho
Message-ID: <2.2.32.19960818190412.00300e94@mail.solutions.net>


At 11:55 AM 8/18/96 EDT, Blake Wehlage wrote:
>Could anyone tell me the URL of the latest version of Private Idaho..... 
>
>Thank You!
>==========================================
>   Blake Wehlage <jwilk at iglou.com>
>   ��� R�V�L����� B�+ ��mP@� � ���
> Goto: http://members.iglou.com/jwilk
>
>

http://www.eskimo.com/~joelm/


   __________________
  / PGP public key   |___________________________
 /   available on    |     ~ Shawn Dudar ~       |___________________
(     keyserver      |                           |Fingerprint:      /
 \ KeyID: 0xC0AF244D |  <sdudar at solutions.net>   |90 AA D0 52 D3 A6/
  \__________________|   <sdudar at westeel.ca>     |93 96 AD C2 CB  (
                   (_____________________________|98 12 C0 FF 30   \
PGP.  Use it!  Protect yourself!               (____________________\
For more info, point your browser to http://www.ifi.uio.no/pgp/


"There are two major products to come out of Berkeley: LSD and UNIX. We 
don't believe this to be a coincidence."
 -- Author Unknown --

"Practice safe eating - always use condiments."
 -- Author Unknown --

"In a press conference held yesterday in Seattle, WA, Bill Gates formally
announced that Microsoft Corporation has declared bankruptcy..."
 -- Dream headline --







From dlv at bwalk.dm.com  Sun Aug 18 14:12:17 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 19 Aug 1996 05:12:17 +0800
Subject: BlackNet as a Distributed, Untraceable, Robust Data Haven
In-Reply-To: <199608181532.IAA18019@mail.pacifier.com>
Message-ID: <ey9usD21w165w@bwalk.dm.com>


jim bell <jimbell at pacifier.com> writes:

> At 10:40 PM 8/17/96 -0700, Vladimir Z. Nuri wrote:
> >
> >>I have to speak up here and say that there is an actual working exemplar of
> >>a distributed, untraceable data haven. While it lacks a robust _payment_
> >>mechanism, that is also untraceable, so does the "Visit Port Watson"
> >>example (which has never actually existed).
> >
> >agree with Jim Bell that blacknet by any stretch of the imagination
> >is not a "data haven".
>
> I've not yet commented on this thread!  Sounds like you're confusing me with

It's hard to keep track of Lance's tentacles.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From snow at smoke.suba.com  Sun Aug 18 14:14:15 1996
From: snow at smoke.suba.com (snow)
Date: Mon, 19 Aug 1996 05:14:15 +0800
Subject: Drive the SF Central Freeway, have your license plate
In-Reply-To: <9608180913.AB01288@xenon.xe.com>
Message-ID: <Pine.LNX.3.93.960818123852.945A-100000@smoke.suba.com>


On Sat, 17 Aug 1996, Bob Jonkman wrote:
> > >At 21:55 8/8/96, i am not a number! wrote:
> > >>CBS radio news this morning: 80,000 commuters traveling the
> > >>central f'way in SF will have information mailed to them
> > >>regarding the quake retrofit How?  Their license plates have
> > >>been photographed.
> > At 10:45 PM 8/8/96 -0700, Lucky wrote:
> > >You *are* making this up, right? Please say you did.
> to get your drivers license or car registration renewed...
> Big Brother is not only watching, he's recording your location
> and destination, measuring your distance travelled, and charging 
> you for the privilege of driving...

     No, you are paying to use the road. You allowed to purchase the land 
to build your own road, and probably could even charge to use it. Assuming 
of course that you could _afford_ to. 

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From whgiii at amaranth.com  Sun Aug 18 14:26:07 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Mon, 19 Aug 1996 05:26:07 +0800
Subject: DEADBEEF Attack??
Message-ID: <199608181930.OAA27678@mailhub.amaranth.com>


Hi,

I am looking for some detailed information on the "DEADBEEF" attack for key fingerprint spoofing.

If anyone has any information or know where to find it please let me know.

Thanks,

--
-----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
-----------------------------------------------------------






From zachb at netcom.com  Sun Aug 18 14:36:55 1996
From: zachb at netcom.com (Z.B.)
Date: Mon, 19 Aug 1996 05:36:55 +0800
Subject: MD5 completely broken!
In-Reply-To: <HwTusD2w165w@bwalk.dm.com>
Message-ID: <Pine.3.89.9608181231.A18509-0100000@netcom20>


On Sun, 18 Aug 1996, Dr.Dimitri Vulis KOTM wrote:

> The following is true. There used to be company in Silicon Vallye that marketed
> compression software guaranteed to reduce any file to no more than 128K, no
> matter how large the input. That side worked. The decompression side didn't.
> 
I remember reading this file somewhere...it was satirizing either 
Microsoft or IBM, and in a very serious manner, described a revolutionary 
new compression program that would reduce any file to a size of one 
byte.  However, in order to decompress the file, a larger file containing
all of the information of the original file needed to be attached to it.  
Fun to read...

---

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127









From perry at alpha.jpunix.com  Sun Aug 18 14:41:04 1996
From: perry at alpha.jpunix.com (John Perry)
Date: Mon, 19 Aug 1996 05:41:04 +0800
Subject: New type-I middleman!
Message-ID: <87sp9kqyq1.fsf@alpha.jpunix.com>


The following message is a courtesy copy of an article
that has been posted as well.

-----BEGIN PGP SIGNED MESSAGE-----

Hello Everyone!

	I just completed beta testing my Type-I (ghio-style) Middleman
remailer and I'm ready for it to go online publically. Just like the
Middleman type-II (mixmaster) remailer, the type-I Middleman randomly
selects a remailer path to send messages based on Raph Levien's
remailer list. Additionally, to foil traffic analysis, the Middleman
type-I remailer also supports message reordering. This means that
middleman at jpunix.com is now a fully functional type-I/type-II remailer
that uses the middleman random remailer feature in additon to
reordering. All of the available functionlity that you would find in
either a Mixmaster remailer as well as a Cypherpunks remailer is
available in the middleman at jpunix.com remailer. Below is the public
PGP key for middleman at jpunix.com.

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzIXHroAAAEEAPLBq/n4a5ldzm8F51Lk63iHyOJfm+lmxW8PgjbKdAPAJBHk
xUHXEeOX/gQ8RXV0W6vYwmiFcQBA7b4w3iJwptC8GN98t4o31SVHlouQozjMwaVH
eu5dDUg/CJ9P2Wnwc0AtP4s9cBxQho3FK7mjeqhMXKhB2oqliX+quM/iBuHlAAUR
sAGHtD5NaWRkbGVNYW4gVHlwZS1JIFJlbWFpbGVyIGF0IEpQVW5peC5Db20gPG1p
ZGRsZW1hbkBqcHVuaXguY29tPrABA4kAlQMFEDIXMfh/qrjP4gbh5QEBc2kD/1hw
oHPcTasnlSVzMxD68hoCI1GYNNM4JSU+rHS+3PVy++992PcyuhqdH8PhuDozeYkz
C8Q5y4tmddg30ED+/W2QJwYS0iySG3yH4jrvOstws+Kn5LpD1JQJT1qGLVWHpTxG
n5MZO014NGT+wVkySRCornpuaqevTum8ygp+lyPIsAHH
=/xR/
- -----END PGP PUBLIC KEY BLOCK-----


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhdusVOTpEThrthvAQErOwQAqBZo5D7RaSAiymovj7Y/FU649scaYI+v
JwP9Nm1T9ZQ1rX3mscN/a37PpohKKoLHf9gYvgkJm5kPdODd9HRNoSdBcp72xrxo
JDnhYdAW6iw4c6xZOde7o54maIWuITiN8X1kQcZ591Ava7DaVSdjMypm9hGzq9tx
PRqQEvVDb2I=
=lN7a
-----END PGP SIGNATURE-----





From alano at teleport.com  Sun Aug 18 14:46:42 1996
From: alano at teleport.com (Alan Olsen)
Date: Mon, 19 Aug 1996 05:46:42 +0800
Subject: forget photographing license plates!
Message-ID: <2.2.32.19960818194231.00b28600@mail.teleport.com>


At 08:46 PM 8/17/96 -0800, Adamsc wrote:
>On 15 Aug 96 01:31:08 -0800, null at void.com wrote:
>
>>"In the 22 Jul 1996 issue of Fortune was an interesting look into the future
>>of automobile electronics, "Soon Your Dashboard Will Do Everything (Except
>>Steer)".  "
>>From the control center, they can "electronically reach into the car" to
>>unlock the doors, or honk the horn and flash its lights."
> ^^^^^^^^^^^^^^^^
>How long do you think it would be before thieves subverted this feature?

It already happens now.

There is a device for determining the code sequence and frequency of
electronic locks that was designed for locksmiths and repair personel.
Thieves have been using it for breaking into vehicles.  The scam usually
happens in large mall parking lots. They just sit in their car and wait for
you to open yours, watching for the lock information displayed.  Once you
are gone, they unlock it and swipe all of your freshly purchaced goodies.

Theives have also been known to use replacement garage door openers to open
up the homes of those too ignorant to change the default codes of their
garage door systems.

Something to be said for low tech in this case...
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From warlord at MIT.EDU  Sun Aug 18 14:50:31 1996
From: warlord at MIT.EDU (Derek Atkins)
Date: Mon, 19 Aug 1996 05:50:31 +0800
Subject: DEADBEEF Attack??
In-Reply-To: <199608181930.OAA27678@mailhub.amaranth.com>
Message-ID: <9608181941.AA19952@pickled-herring.MIT.EDU>


Hi,

> I am looking for some detailed information on the "DEADBEEF" attack
> for key fingerprint spoofing.
> 
> If anyone has any information or know where to find it please let me know.

I'm not sure what you mean by the DEADBEED attack on fingerprint
spoofing.  There is a DEADBEEF attack on keyIDs, where you can
generate a key that matches the keyID, since the keyID is only the
lowest bits of the key's modulus.  Basically, you can choose p and q
such that ((P*Q) & 0xFFFFFFFF) is the keyID you want to mimick.

There have been a number of lengthy posts about it in the past.  I'd
suggest you look in the cypherpunks or other appropriate archive.

-derek





From dlv at bwalk.dm.com  Sun Aug 18 14:54:26 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 19 Aug 1996 05:54:26 +0800
Subject: THE POUCH
In-Reply-To: <199608181757.NAA10242@goffette.research.megasoft.com>
Message-ID: <yegVsD28w165w@bwalk.dm.com>


C Matthew Curtin <cmcurtin at research.megasoft.com> writes:
> and mirrors. To coin a phrase, "pseudocrypto."

I love it!

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From dlv at bwalk.dm.com  Sun Aug 18 15:00:41 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Mon, 19 Aug 1996 06:00:41 +0800
Subject: Schlafly on crypto
In-Reply-To: <1.5.4.32.19960818182839.00bde080@iu.net>
Message-ID: <HDgVsD27w165w@bwalk.dm.com>


Stephen Cobb <stephen at iu.net> writes:
>    I tend to agree...anyone who thinks victory for Dole/Kemp in 96 means
> strong free unescrowed crypto in 97 needs to read a few history books.

Yes - their platform contained mucho guano and nothing about GAK.

Still, they have no blood on their hands - yet.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From m5 at tivoli.com  Sun Aug 18 15:50:17 1996
From: m5 at tivoli.com (Mike McNally)
Date: Mon, 19 Aug 1996 06:50:17 +0800
Subject: CS First Boston lawsuit
In-Reply-To: <Rq6usD20w165w@bwalk.dm.com>
Message-ID: <32178436.30E4@tivoli.com>


Dr.Dimitri Vulis KOTM wrote:
> 
> In a lawsuit filed in federal court in New York City, CS First 
> Boston has charged an unknown party with libel ...

Does this mean that *we* don't know who the party is, or that the
party's identity is unknown to everybody?  I'm not exactly sure how
things would work if the latter.

______c_________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX * For the time being,
       m5 at tivoli.com * m101 at io.com       *    
      <URL:http://www.io.com/~m101>      * three heads and eight arms.





From ichudov at algebra.com  Sun Aug 18 17:22:01 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Mon, 19 Aug 1996 08:22:01 +0800
Subject: Hackers invade DOJ web site
In-Reply-To: <1.5.4.32.19960818184633.00c0c884@iu.net>
Message-ID: <199608182219.RAA10538@manifold.algebra.com>


Stephen Cobb wrote:
> If anyone happens to know which vulnerability(s) this hack exploited I would
> be most grateful if they could let me know, either on the list or privately
> (stephen at iu.net). I am not asking for someone to publish the attack script
> or specifics of what was done to get in, but I would like to know what holes
> were used (e.g. cgi script error).

The more details the better.

	- Igor.





From jamesd at echeque.com  Sun Aug 18 17:26:39 1996
From: jamesd at echeque.com (James A. Donald)
Date: Mon, 19 Aug 1996 08:26:39 +0800
Subject: National Socio-Economic Security Need for Encryption Technology
Message-ID: <199608182241.PAA18496@dns2.noc.best.net>


At 05:59 PM 8/18/96 +-200, Bart  Croughs wrote:
> No, but a number of posters claimed they were Austrians, 
> and among them was Timothy May. So if I can show that 
> Timothy's statements contradict the economic theories 
> he says he supports on the most fundamental level 
> (the level of methodology), 

Obviously the Austrians, like anyone with half a brain, said that more
capital means more wealth for everyone, and more capital relative
to workers means a bigger share for the workers.

It does not follow however, that the Austrians said that 
if the government directs the flow of other peoples capital 
like a farmer watering his fields, the fields so watered will
benefit.



 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jsw at netscape.com  Sun Aug 18 18:52:30 1996
From: jsw at netscape.com (Jeff Weinstein)
Date: Mon, 19 Aug 1996 09:52:30 +0800
Subject: Final release of Navigator (with strong crypto) now available
In-Reply-To: <321677C2.663B@netscape.com>
Message-ID: <3217ACAE.116D@netscape.com>


janke at unixg.ubc.ca wrote:
> 
> How's that database so that people in Canada can download the
> 128-bit version coming along?

  I believe that we have located a vendor, and are negotiating
terms.  I have not yet received the data.  When everything is in
place I will make an announcement.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From sameer at c2.net  Sun Aug 18 18:54:46 1996
From: sameer at c2.net (sameer)
Date: Mon, 19 Aug 1996 09:54:46 +0800
Subject: COMMUNITY CONNEXION ANNOUNCES STRONGHOLD VERSION 1.3
Message-ID: <199608182350.QAA24313@atropos.c2.org>


For Immediate Release - August 19, 1996
Contact: Sameer Parekh 510-986-8770

	       COMMUNITY CONNEXION ANNOUNCES STRONGHOLD
			     VERSION 1.3

Oakland, CA - Community ConneXion, Inc., the leader in uncompromising
security for the Internet, today announced the version 1.3 release of
Stronghold, the commercial version of Apache-SSL. Stronghold is based
on the popular Apache server, the most popular webserver on the
Internet, according to the Netcraft server survey at
http://www.netcraft.com/survey/.

Stronghold 1.3 is a significant improvement from the Stronghold 1.2
product. The latest version is based on Apache 1.1.1, which supports
features such as Keep-Alive, server information modules, a proxy
server, an easier to use API, more flexibility in authentication, and
greater configurability.

"We're happy to have a final release version of 1.3 available," said
Sameer Parekh, President of Community ConneXion. "Because of our close
involvement with the Apache Group, we can quickly track new Apache
releases. We expect to have an Apache 1.2-based server available soon
after the Apache 1.2 release."  Stronghold 1.3 is the result of an
extensive Internet-wide beta test, which started soon after the full
release of Apache 1.1.1.

Apache 1.1.1 includes features such as the status module, which gives
the server administrator the ability to monitor in real time the
server's activity. An information module is also available which gives
administrators easy access to a list of which modules have been
installed on their server, as well as their configuration directives.
The latest version includes modules which support database access,
including mSQL and Postgres95.

Apache 1.1.1 has much more flexible configuration with regards to
virtual hosts and multiple IP addresses. This feature allows such
innovations as the ability within Stronghold 1.3 to serve both SSL and
nonSSL documents from the same server instance.

The latest version of Stronghold supports "Session ID Caching," which
allows for dramatic performance improvements. Session caching allows
servers to process connections much faster because the processor
intensive calculations happen less often. Limited performance tests
have shown speed improvements of eight hundred percent. "With Session
ID Caching, the SSL protocol is not noticably slower than not using
the encryption protocol. There is no excuse not to encrypt
everything," said Parekh.

Community ConneXion is now shipping binaries for Sparc Solaris 2.5,
x86 Solaris 2.5, Sparc SunOS 4.1.3_U1, FreeBSD 2.1, BSDI 1.1, AIX
3.2.5, IRIX 5.3, HP/UX, OSF/1, Ultrix, BSDI 2.0, and Linux (ELF &
a.out). More platforms will be available soon, and even more may be
supported on request.  Stronghold may be ordered and downloaded at
http://www.us.apache-ssl.com/. Existing commercial licensees may
download the latest version free of charge.

Portions developed by the Apache Group, taken with permission from the
Apache Server http://www.apache.org/.  This product includes software
developed by Ben Laurie for use in the Apache-SSL HTTP server project.
This product includes software developed by Eric Young
(eay at mincom.oz.au).





From tcmay at got.net  Sun Aug 18 19:05:20 1996
From: tcmay at got.net (Timothy C. May)
Date: Mon, 19 Aug 1996 10:05:20 +0800
Subject: Why BlackNet *IS* a Data Haven
Message-ID: <ae3cf6e603021004c004@[205.199.118.202]>



Jim McCoy and Larry Dettweiler have, in their own ways, raised objections
to my characterization of BlackNet (and that class of mechanisms) as a
distributed, untraceable, robust "data haven."

Without splitting too many semantic hairs about the precise definition of
"data haven," let me examine some ways in which BlackNet behaves
identically to a conventional data haven.

Imagine a piece of data has been outlawed in some jurisdiction. For
simplicity, imagine this to be a book, a text. Let's give it a name, "The
Necronomicon." This "Necronomicon" is contraband, illegal, forbidden,
banned, on The Index in many countries, including the Vatican and the
United States.

(This is just an example. Replace "Necronomicon" with "child porn" for a
more realistic, if distasteful to many, example.)

The classical, Sterling-style "data haven" would have it that this piece of
data, this book, is stored and is available (perhaps for a price) in a
physical site. Maybe Anguilla (thought this is appearing less and less
likely), maybe "The Raft," maybe an orbiting DeathStar, maybe a weather
balloon drifting in the jet stream...

The classical data haven is closely identified with "place." To many
people, they naturally assume "data haven" = a haven for data, a "harbor"
(same IE root as haven) = a physical place.

But is "place" important?

Consider someone in the United States who wants a copy of the Necronomicon.
He can't get it locally, as it is banned. He can try dialing-in or
connecting to a country where it is not banned, but this introduces risks
(as with those who download child porn, arrrange to have it shipped to
them, etc.).

(And the physical jurisdictions which carrry the Necronomicon, or child
porn, or Church of Scientology secrets, etc., will likely be under pressure
to limit or deny access.)

Cryptography offers another way, as it does in so many other areas.

A person in the U.S. seeking the Necronomicon posts a message to BlackNet
(or any similar forum, using the same methods) asking for a copy of it, or
offering to pay for it. (Whether the information is free or for a fee is
not central to the idea.) This request is, of course, untraceable.

Anyone, anywhere in the world, with a copy of this banned material on his
or her private machines may see this request and respond, either giving the
material away, or negotiating a fee. (As I said before, the absence of a
robust digital cash system, bidirectionally untraceable, is a known
limitation of all such systems.)

Thus, it is as if there is a "virtual data haven" (tm), or a "virtual
library," for banned/controversial/etc. materials.

Anyone may "check out" materials by submitting requests (and perhaps paying
a fee). The source of the materials is, of course, unknown. The receiver of
the materials if, of course, unknown.

I call this at least as functional as a "physical data haven," where
someone might physically travel to Anguilla, say, to buy a copy of the
Necronomicon...

...and a whole lot more convenient.

This is, then, my vision of a "distributed, robust, untraceable data haven."

It's a data haven.

And it exists, or at least there are exemplars of it. It's lacking robust
digital money, to keep the transactions untraceable, but it's here.

The Church of Scientology documents essentially exist at this virtual data
haven site. Think about it.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From admin at anon.penet.fi  Sun Aug 18 20:58:57 1996
From: admin at anon.penet.fi (admin at anon.penet.fi)
Date: Mon, 19 Aug 1996 11:58:57 +0800
Subject: Anonymous info
Message-ID: <9608182236.AA22590@anon.penet.fi>


You have requested information about your account at anon.penet.fi.

Your code name is: <an611909 at anon.penet.fi>
Your real e-mail address is: <cypherpunks at toad.com>
Your nickname is: <>
Your password is: <>

Regards,

	admin at anon.penet.fi






From carleens at net-link.net  Sun Aug 18 21:02:42 1996
From: carleens at net-link.net (Andy)
Date: Mon, 19 Aug 1996 12:02:42 +0800
Subject: MSIE 128 bit version
Message-ID: <1.5.4.32.19960819015832.0066eed4@serv01.net-link.net>


                -----BEGIN PGP SIGNED MESSAGE-----

I know this topic has been covered before, but could somebody point me to
MSIE's 128 bit version?  Thanks.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhfJNtZDmDuLFgC9AQEdgwP+MjfLcs+KiZkMg/MIR0Hp+Gz6ksgjRSvL
D2NS3k3zzPNqj316Kod0/i8p+rNoWcWJ08aQRsykni1mPSkhPSxCVgEbSRv/eb+g
3ePKekPhZEaXWQDskcQ1yw4rC7meqQqKF2R1nwrohzQvX369hGsrg1xxP0jlvBuF
nrrUeP3Sg4E=
=d3S9
-----END PGP SIGNATURE-----






From nobody at huge.cajones.com  Sun Aug 18 21:04:32 1996
From: nobody at huge.cajones.com (Huge Cajones Remailer)
Date: Mon, 19 Aug 1996 12:04:32 +0800
Subject: Hackers invade DOJ web site
In-Reply-To: <32167A0C.473C@tivoli.com>
Message-ID: <199608190146.SAA19133@fat.doobie.com>


> CNN online (http://www.cnn.com) is reporting a "breakin" by "hackers"
> to the DOJ web site.  They don't elaborate exactly how thy did it.

Did anyone save a copy of the altered web page?  I would like to see
what the crackers did.

Thanks.





From qut at netcom.com  Sun Aug 18 21:12:38 1996
From: qut at netcom.com (Roger Healy OBC)
Date: Mon, 19 Aug 1996 12:12:38 +0800
Subject: Netscape under Linux (Vs microsoft)
In-Reply-To: <32173372.25BEFC52@mnet.fr>
Message-ID: <199608190219.TAA03733@netcom.netcom.com>


> > > Would it be possible to both supply an Linux ELF and a.out binary ?
> > 
> >   No, we will only be supplying ELF.  Since linux is not officially
> > supported, we really don't have the resources to do multiple versions.
> 
> yesterday i was in #linux on irc , and several pplreports some bugs with
> netscape under linux.i got some too many times a day... Netscape crashes
> when i try to load some HTML pages...i assume it shouldn't and we got
> ansolutly no probs with Netscape under windows.
> SO we just wondered if it's not a kind of support to micro$oft.
> Maybe Linux is 'not officially supported', but have to know unix is the
> most used OS, and that since Linux is free, many people use it. So when
> will you accept to recognize Linux as an entire OS ?? i just reinstalled
> Windows95 on a HD yesterday and it has already crached 2x. Windows is
> expensive and it crashes. Why should we pay for a fucked 'OS' ?

No shit.  I was thrilled to watch the entire disk overwritten by unix.  
Everthing which came with the system was boring and useless.  Gimmee BSD 
anyday, a socialist operating system


--
Love, Qut OBC





From qut at netcom.com  Sun Aug 18 21:17:18 1996
From: qut at netcom.com (Roger Healy OBC)
Date: Mon, 19 Aug 1996 12:17:18 +0800
Subject: Whereis is the shell scsh?
Message-ID: <199608190221.TAA04183@netcom.netcom.com>


Yes, I printed and skimmed through the Secure Shell FAQ.  Is there a 
version for csh instead of sh?


--
OBC





From qut at netcom.com  Sun Aug 18 21:30:51 1996
From: qut at netcom.com (Roger Healy OBC)
Date: Mon, 19 Aug 1996 12:30:51 +0800
Subject: Final release of Navigator (with strong crypto) now available
In-Reply-To: <3217A9EE.3F6B@netscape.com>
Message-ID: <199608190211.TAA02034@netcom.netcom.com>


> > > > Jeff Weinstein (jsw at netscape.com) wrote:
> > > >
> > > > : The final release of Navigator 3.0, complete with non-exportable
> > > > : strong crypto, is now available for download by US citizens.  Note
> > > > : that this is the released version of 3.0, so it will not expire.
> > > > : You can get it from:
> > > >
> > > > Would it be possible to both supply an Linux ELF and a.out binary ?
> > >
> > >   No, we will only be supplying ELF.  Since linux is not officially
> > > supported, we really don't have the resources to do multiple versions.
> > 
> > ELF is cool.  What about BSD?  I've seen how you support BSDI so the
> > binary should work with FreeBSD or NetBSD.?
> 
>   I'm not quite sure what the question is here.

Your old version supported BSDI.  Will the new 128bit version support 
BSDI in ELF or a.out?

> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw at netscape.com - http://home.netscape.com/people/jsw


--
Love,
Qut at netcom.com





From alanh at infi.net  Sun Aug 18 21:49:53 1996
From: alanh at infi.net (Alan Horowitz)
Date: Mon, 19 Aug 1996 12:49:53 +0800
Subject: No Subject
Message-ID: <199608190239.WAA03658@larry.infi.net>


On Sat, 17 Aug 1996, Faun A. Skyles wrote:

> Are the typical "mom & pop" mail forwarding companies going to understand
> snail-mail gateways?  Some of them refuse to use a computer!

   Oh my God. A business that didn't computerize itself. Don't they know, 
that modern situational ethics require a business to place itself at the 
mercy of a computer, whether or not the old, manual systems were working 
JUST FINE.  And then they have to upgrade their hardare every two years, 
so that they can balance their checkbook in 256 colors. And then they 
have to upgrade to the latest version of WordPerfect every two years, 
whether or not the old typewriter and manila file folders were working 
JUST FINE.

Oh how superior we young squirts are to those antiquarians. Hey, let's 
sit around and make fun of them and criticize them.



> For example,
> many charge $2 - $3 to transcribe a telephone message for you, then they
> snail mail it to your next location.

    Oh my God. Charging the customer for each service rendered, so that
those who place demands on the time of the business - pay for it. Oh my
God, someone using the Postal System, which is still head-and-shoulder
above the Internet in universal accessibility on the road, entry costs and
security. Hey let's sit around and criticise that. After all, we don't 
want to admit that not every message in the world needs to be delivered 
to the recipient in ten minutes or less.





> It's pretty low-tech.  I'd like to offer a high-tech alternative.

    And who's stopping you? I've got ten dollars that says that you 
don't have the balls/intestinal fortitude to do it, and keep it going 
for  - oh, let's say the five years that the IRS uses to judge a 
business's profitability?




> My grandparents are still using old forms of communications too! 

   Well that's the final straw. What a useless and meaningless life they 
have. We couldn't admit or accept that they've got a completely happy 
life, could we.






From alanh at infi.net  Sun Aug 18 22:31:38 1996
From: alanh at infi.net (Alan Horowitz)
Date: Mon, 19 Aug 1996 13:31:38 +0800
Subject: US Taxes on X-Pats
In-Reply-To: <1.5.4.32.19960818182834.00bb88ac@iu.net>
Message-ID: <Pine.SV4.3.91.960818232317.3477E-100000@larry.infi.net>


As I understand the proposal, the immigrant-benefits thing would be for 
immigrants admitted AFTER the act was, uh, enacted. So, no ex-post-facto 
problems.





From alanh at infi.net  Sun Aug 18 22:31:40 1996
From: alanh at infi.net (Alan Horowitz)
Date: Mon, 19 Aug 1996 13:31:40 +0800
Subject: CS First Boston lawsuit
In-Reply-To: <32178436.30E4@tivoli.com>
Message-ID: <Pine.SV4.3.91.960818232701.3477F-100000@larry.infi.net>


I suspect they are trying to get a judgement against "John Doe", in the 
hopes of tracking him down later.

Actually, if I had a sizeable judgement against such a John Doe, I could 
probably find a private detective who would find the dude for a 
contingent fee. Wow, a whole new class of factoring (commerce definition) 
opens up. Get me a lawyer....





From an224850 at anon.penet.fi  Sun Aug 18 22:41:06 1996
From: an224850 at anon.penet.fi (scythe)
Date: Mon, 19 Aug 1996 13:41:06 +0800
Subject: terrorists to hit Dem convention?
Message-ID: <9608190004.AA24526@anon.penet.fi>




The following is brought to you thanks, in part, to the kind 
assistance of CyberNews and the fine folks at Cornell University.


              Conspiracy Nation -- Vol. 8  Num. 85
             ======================================
                    ("Quid coniuratio est?")
 
 
- -----------------------------------------------------------------
 
RUMOR MILL NEWS SERVICE #4
==========================
 
The Rumor Mill News  Service  is  edited by "RU".  The following,
from what I can tell, appears to be RUMOR ONLY.  What is more,  I
have  NO  IDEA  who  the  author  is;  I  received  the following
anonymously, with the promise of "more to come".
 
 +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +
 
                        HIT THE ROAD JACK!
                        ==================
                    Clinton Told to Step Aside
                   Before Democratic Convention
                   ----------------------------
                     The President Retaliates:
                       EXECUTIVE ORDER 13010
                     Creates Terrorist Gestapo
                   ----------------------------
                  CHICAGO BRACING FOR TERRORISTS!
                  -------------------------------
                Police State Reactivated In Chicago
                     Is The Nation Far Behind?
                -----------------------------------
         Will Clinton Use EO# 13010 To Declare Martial Law?
         --------------------------------------------------
 
Later this month, the  Democratic  Convention returns to Chicago.
When it was there in 1968, the country was  ablaze  in  anti-Viet
Nam  War  fever.   Anti-war  demonstrators  all  but  brought the
convention and Chicago to their knees.
 
In today's world,  demonstrators  are  labeled terrorists.  Armed
with today's stronger "label," the Chicago police are gearing  up
for a repeat performance of the Chicago 7 and "Brutalmania."
 
Terrorists have officially  replaced  demonstrators, according to
the  terrorist  bill  recently  passed  by   Congress.    As   an
accompaniment  to  the  terrorist  bill,  "Terrorist Bill" signed
Presidential Executive Order  13010,  the Critical Infrastructure
Protection Order.  This Presidential Order creates a special Task
Force called the Infrastructure Protection Task Force, IPTF.  The
sweeping array of power and information that will be provided  to
the  IPTF  makes  FEMA [Federal Emergency Management Association]
look like the Mouseketeers.
 
               -+- Effective Date August 17 -+-
 
The Presidential Order goes  into  effect August 17, just shortly
after the Republican Convention.   Speculation  exists  that  the
Terrorist  Gestapo  will  be  trotted out just in time to prevent
riots and terrorism in Chicago at the Democratic Convention.
 
As a result of the  expected terrorist threat, the Chicago police
superintendent has seen fit to restore all the old police powers,
powers that some citizens of Chicago say  bordered  on  a  police
state.
 
        -+- The Red Squad Joins The Terrorist Gestapo -+-
 
The infamous Chicago Police intelligence unit, the Red Squad, has
been  reactivated  and  given  an  all-encompassing  directive of
keeping the city  free  from  terrorist  activity.  The Red Squad
bears a striking resemblance, on a local level, to the  Terrorist
Gestapo  created  by  Presidential  Executive Order #13010, which
goes into effect on August  17.  The Democratic Convention begins
August 26.
 
Thanks to the new terrorist bill and the  Presidential  Executive
Order   on   protecting  the  critical  infrastructure,  the  new
handy-dandy terrorist label can  easily  fit almost anyone in any
situation.  Back in 1968, the police were slightly encumbered  by
the  Constitution  and "probable cause."  Under today's terrorist
bill, which was passed in  the  nick  of time to ensure terrorist
cooperation at the convention, the Chicago police no longer  have
to be hamstrung by the "outdated," "antiquated" Constitution.
 
"The  IPTF's  function  is  to  identify  and coordinate existing
expertise, inside and  outside  of  the  Federal Government."  In
Chicago, the  "existing  expertise"  is  the  Red  Squad.   Under
Executive  Order 13010 the IPTF, otherwise known as the Terrorist
Gestapo, is ordered to "provide, or facilitate and coordinate the
provision of, expert  guidance  to  critical infrastructures *to*
*detect*, *prevent*, *halt*, *or* *confine* *an* *attack*..."
 
Chicago is getting ready  to  declare  martial law to protect the
President and other members of the Democratic  party  while  they
are  at the convention.  They will coordinate all activities with
the Terrorist Gestapo.  The IPTF  has  been given the go-ahead to
detect, prevent,  halt  or  confine  an  attack.   All  executive
departments  and agencies have been ordered to cooperate with the
IPTF  and   provide   requested   assistance.   Furthermore,  all
executive departments and agencies have  been  ordered  to  share
information when "requested" by IPTF.
 
In   other  words,  the  Terrorist  Gestapo  has  been  given  an
all-encompassing power by Executive  Order  13010.  Anyone or any
agency or department that refuses a "request" made  by  the  IPTF
can   be   labeled  a  traitor  or  a  terrorist  and  prosecuted
accordingly.
 
This  Terrorist  Gestapo  force  will  parlay  its  power  into a
national police force.  The tap  dance  they  plan  on  doing  in
Chicago with the old Chicago Red Squad will be a trial run to see
how  much  they  can  get  away with in order to call up the next
round of Presidential Executive Orders and Directives.
 
         -+- Even the Sewer Covers Are Welded Shut -+-
 
To prevent terrorist  moles  from  infiltrating  any  part of the
convention, the police have even welded shut all the storm sewers
around the United Center in Chicago, the forum for the Democratic
Convention.
 
                -+- Step Down or Step Aside -+-
 
Does all  the  rapid  activity  in  the  Office  of  Presidential
Executive  Orders have anything to do with the secret White House
meeting which took place Saturday, August 3, 1996?
 
The meeting took place barely  a  day  and a half after President
Clinton raged at a Rose Garden  news  conference.   He  had  been
asked  if he had gone back on his word to pay the legal bills for
fired and then  prosecuted  White  House  Travel Office employee,
Billy Dale.  He bristled in anger and rage and began berating the
CBS correspondent who asked the  question.   As  his  temper  and
voice  rose,  Chief  of  Staff  Leon Panetta was seen frantically
waving to  press  aides  to  end  the  news  conference.   As the
President's staff tried to herd him back into the safety  of  the
Oval Office, the President was heard screaming at the media.
 
Could the reason for this uncharacteristic outburst of temper and
rage have been that the President knew that 10 of the top leaders
of  the  Democratic  party  were planning on ordering him to step
down or step aside,  and  do  it  two  days before the Democratic
Convention begins in Chicago?
 
RMNews sources from the  Chicago  and  Washington  stations  have
reported  that  the  secret  meeting  was  chaired  by former DNC
Chairman and Ambassador to  Russia, Robert Strauss.  Mr. Strauss,
who vehemently denies being at the  meeting,  is  considered  the
ranking elder statesman of the Democratic party.
 
Strauss  and  his  gang  of  10  high-ranking  Democratic leaders
allegedly told Clinton  that  the  gathering storm of indictments
and revelations against  Hillary  would  destroy  the  Democratic
Party.
 
The  President  was  shown  a  photograph of the upcoming federal
criminal indictment which accuses  her of perjury and obstruction
of justice.
 
The President shouted in rage  that  they  were  all  "traitors."
Knowing that Executive Order 13010 had just created the Terrorist
Gestapo,  the  President's  angry use of the word traitor carried
sinister and potentially deadly overtones to the 10 brave men who
are risking their careers and lives to save the Democratic Party.
 
Countering  Clinton's  raging  outburst  with  one  of  his  own,
Ambassador Strauss reportedly smashed  an  ashtray on a desk near
the President and shouted, "You use cocaine and liquor.  You  are
unfit  to  deal  with  worldwide  emergencies."   The   President
screamed back at Strauss with a string of obscenities and curses.
Strauss  fired  back that the President is acting deranged and as
such could be removed by the 25th Amendment to the Constitution.
 
Strauss allegedly ordered the President to resign his  office  or
to declare before the Democratic Convention that he does not wish
to  be  nominated  for  a  second  term.  The President has never
officially declared that he is a candidate for the Presidency.
 
Of course, since, as already noted, Strauss  denies  having  been
present  in person at the August 3rd meeting, he presumably would
also deny having smashed  down  an  ashtray,  having engaged in a
shouting match with President Clinton, etc.
 
Prior to the secret meeting, the "Gang of 10," with  the  aid  of
others,  have  secretly  arranged  for  damaging  stories  on the
president and his wife to leak out.
 
One   story  was  already  leaked  by  the  Director  of  Central
Intelligence,  John  Deutch.    The   CIA  Director  ordered  the
Inspector General to investigate claims  that  U.S.  Intelligence
Agencies  were  involved  in  illegal  arms  shipments  and  drug
smuggling  at  an  isolated airstrip in Mena, Arkansas during the
years that  Bill  Clinton  was  Governor.   Susan  Schmidt of the
Washington Post broke the story on  August 7, four days after the
secret White House ultimatum.  [CN:  Late breaking:   Deutch  now
says  he wants to resign as DCIA and return to the Pentagon.  Did
trying to lift the lid on  Mena  expose him to too much hostility
within CIA?  Or perhaps,  as  suggested  by Linda Thompson, it is
"cross pollination" between CIA and the military.]
 
Clinton later sent word to the Gang  of 10 that he did not accede
to their demands.  He was then told that a floor fight would take
place at the Democratic Convention by prominent delegates.  These
delegates would charge him and the first lady with  participating
in  a  string of crimes and accuse them of damaging or destroying
the Democratic Party.
 
                -+- The Secret Trials Begin -+-
 
With the all-encompassing powers  given  to the Terrorist Gestapo
by Presidential Order 13010, "Terrorist Bill" has  the  power  to
"confine an attack."  The attack upon the Office of the President
is coming from loyal Democrats.  Using the power of the Executive
Order  that  he  just  signed, the President now has the power to
label any loyal Democrat a  traitor and a terrorist and "confine"
him in order  to  "halt"  his  upcoming  activities  against  the
President.   The  words  within the quotation marks are the exact
words taken from Executive Order 13010.
 
RMNews has reported that Chicago is run by the Rothschild family.
In that issue, Bill Clinton's illegitimate Rockefeller roots were
detailed.  The  deadly  feud  between  the  Rockefellers  and the
Rothschilds was also described.  Bill  Clinton,  the  politician,
was  created by his maternal grandfather, Winthrop Rockefeller, a
former governor of Arkansas.   He  was  promoted and supported by
the Rockefellers.   But  even  the  Rockefellers  have  seen  the
writing  on  the  wall.   Bill Clinton is a disaster for America.
Four more  years  of  Clinton  and  his  wife  could  destroy the
Rockefeller base in America.
 
It could bring down the illegal Federal Reserve, abolish the  IRS
and  create  full-scale warfare in the streets of America.  While
limited riots and wars are always  good for business, the type of
war that a continued Clinton presidency could bring will  totally
devastate  and  destroy  the  Rockefeller  family, as well as all
other  wealthy  Americans.   In  other  words,  America  would be
leveled and possibly conquered by  an  outside  power.   If  this
outside  power  is backed by the blood enemy of the Rockefellers,
the Rothschilds, there  is  little  doubt  that  any  of the vast
Rockefeller fortune would be spared.  More than likely  it  would
all be nationalized for the benefit of the state.
 
Sensing  the danger to themselves by their illegitimate creation,
the Rockefellers have seen fit to demand that Bill Clinton remove
himself from the office.  If  he  chooses  to fight them, he will
have the support of their enemies, the Rothschilds.   Could  that
be  the  real reason that the Democratic convention is being held
in Chicago this year?  Is the Chicago Red Squad owned outright by
the Rothschilds?  Will the Gang of 10 find themselves "confined,"
i.e., detained for questioning for the duration of the Democratic
Convention?
 
    RMNews Agency.  Serving Liberty and Freedom Worldwide.
 
 +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +
 
For reprints of  other  RMNews  editions,  send a self-addressed,
stamped envelope with 3 or more FRN's (Federal Reserve notes)  to
cover the cost of copying to:
RMNews Agency
PO Box 1784
Aptos, CA  95001-1784
Books and Tapes list also available.
 
- -----------------------------------------------------------------
       Views expressed do not necessarily  reflect  those
       of Conspiracy Nation, nor of its Editor in Chief.
- -----------------------------------------------------------------
     I encourage distribution of "Conspiracy Nation."
- -----------------------------------------------------------------
If you would like "Conspiracy Nation" sent to your e-mail 
address, send a message in the form "subscribe cn-l My Name" to 
listproc at cornell.edu          (Note: that is "CN-L" *not* "CN-1")
- -----------------------------------------------------------------
    For information on how to receive the improved Conspiracy 
  Nation Newsletter, send an e-mail message to bigred at shout.net
- -----------------------------------------------------------------
Want to know more about Whitewater, Oklahoma City bombing, etc? 
(1) telnet prairienet.org (2) logon as "visitor" (3) go citcom
- -----------------------------------------------------------------
       See also: http://www.europa.com/~johnlf/cn.html
- -----------------------------------------------------------------
          See also: ftp.shout.net  pub/users/bigred
- -----------------------------------------------------------------
Aperi os tuum muto, et causis omnium filiorum qui pertranseunt.
Aperi os tuum, decerne quod justum est, et judica inopem et 
  pauperem.                    -- Liber Proverbiorum  XXXI: 8-9 



- -> Send "subscribe   snetnews " to majordomo at alterzone.com
- ->  Posted by: Brian Redman <bigred at duracef.shout.net>


--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From alanh at infi.net  Sun Aug 18 23:03:06 1996
From: alanh at infi.net (Alan Horowitz)
Date: Mon, 19 Aug 1996 14:03:06 +0800
Subject: No Subject
Message-ID: <199608190352.XAA07594@larry.infi.net>


On Aug 18, 96 11:12:16 am, Joel M Snyder, Now Overwhelmed Again wrote:

> Back to the original topic: email-to-snail-mail.  That's not hard,
> technologically.  The problem as I see it is billing.  If I were to offer
> such a service, I'd want to keep my cost to the consumer low, on the order
> of $0.75 to $1.00 per message, with marginal charges for additional pages. 
> I might possibly barely be able to find some slave labor to make a profit
> at doing it, IF I HAD THE VOLUME (which I probably wouldn't), but the
> overhead of setting up a billing arrangement with every TDH who wants to do
> it would eat the profits up instantly.  
> 
> It's difficult to conceive of a setup which a technomad would use in
> sufficient volumes to be cost-effective.  


How about the sender provides a Digicash e-cash payment for the
appropriate amount with each message, kind of like a electronic postage
stamp?  A script on the receiving side could automatically check the
payment amount, bouncing the message back to sender with an
"insufficient payment" message if necessary.  Or you could use a web
page to submit messages and payments.  Either way no one needs to worry
about billing, account tracking, etc.  Payment/billing is taken care of
immediately.  Of course, there is some overhead with the fees on e-cash,
but it probably would be more cost effective than other methods.


P.S. I have an alpha version of a program which may be of interest to
technomads: it automatically executes scripts received by email from a
remote machine and then mails back the results.  The scripts (shell
scripts, perl scripts, or whatever) are encrypted and signed with PGP
before being sent to provide security and prevent unauthorized users
from executing scripts on your machine.  The program runs on unix
systems, and submissions can be from anything that runs PGP and is able
to send email.  See:

  http://www.bmen.tulane.edu/~carpente/emscrypt/emscrypt.html

for more info.


--Matt

--
mcarpent at mailhost.tcs.tulane.edu    PGP mail preferred, finger for public key.






From rich at c2.org  Sun Aug 18 23:28:51 1996
From: rich at c2.org (Rich Graves)
Date: Mon, 19 Aug 1996 14:28:51 +0800
Subject: Why BlackNet *IS* a Data Haven
In-Reply-To: <ae3cf6e603021004c004@[205.199.118.202]>
Message-ID: <Pine.GUL.3.95.960818211954.27653A-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

True, for controversial political and artistic materials whose
authors/distributors have an interest in disseminating.

However, with neither a government to enforce contracts nor an identifiable
location/identity that can be used for the private enforcement of, ahem,
contracts, the barrier to entry for anonymous markets in real commercial
products seems rather high. How are buyers and sellers to trust each other?
How do you build reputation capital from zero? Once you have reputation,
transaction costs should be pretty low, but building it?

If what you're selling is a physical product, you're ultimately going to
have a location. If what you're selling is information, how do you
demonstrate the worth and trustworthiness of your data without distributing
it? And once you have distributed it, what's to stop a "counterfeiter" from
redistributing it, stealing your profits before you have had a chance to
establish your reputation capital as the preferred source?

I don't see anonymous digital cash as the tightest bottleneck. Distributed
trust in an anonymous marketplace seems more difficult.

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMhftl5NcNyVVy0jxAQFJNQH/XaNdrku42unvP56Dku+QhPwWged5Qbdw
9wLcrwuSbBLeJg0lgsjN33oXMTTQUWV7JtY8hEhh0zS7WuWcEi5S8A==
=oiuA
-----END PGP SIGNATURE-----






From attila at primenet.com  Sun Aug 18 23:28:55 1996
From: attila at primenet.com (attila)
Date: Mon, 19 Aug 1996 14:28:55 +0800
Subject: CypherPunk Insolence
Message-ID: <199608190425.WAA20936@InfoWest.COM>



#include <stdio.h>
#include <signal.h>
 
void insolence()
{
    Discus unrelated central "Bellism" of your own ();  

    if ( gun_control_issue )
        respond to every message with the observation genetically
          superior tomatoes seem to play an important role ();
    else
        change_subject_again();

    process_threatening_messages();

    while (1)
    {
        if ( PerryGram )
            break;
        else
        {
            respond_to_all();
            argue_with_TCMay();
            continue;
        }
    }
}
  


--
Now, with a black jack mule you wish to harness, you walk up,
look him in the eye, and hit him with a 2X4 over the left eye.  
If he blinks, hit him over the right eye! 
He'll cooperate --so will politicians.






From unicorn at schloss.li  Sun Aug 18 23:30:47 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Mon, 19 Aug 1996 14:30:47 +0800
Subject: "Utilization Review"
Message-ID: <Pine.SUN.3.94.960819002043.18087A-100000@polaris>



I listened with horror this evening to a radio program which 
discussed the state of medical record privacy today.

In one segment a doctor (psychologist) described an experience 
she had after a session which was covered by the patient's 
insurance plan.

The doctor in question received a phone message with a 1-800 
number and the request to return the call.  On returning it she 
was connected with a very polite representative of the insurance 
company (who apparently had some experience in mental health, but 
not a M.D.) who proceeded to ask the most sensitive questions 
about the patient's session in order to conduct a "utilization 
review to determine medical necessity."  Most alarmingly, the 
representative could be heard typing on a computer during the 
entire review.

The program went on to indicate that among the provisions in the 
most recent health insurance reform bill there was a provision 
for information sharing among insurance companies to facilitate 
the transfer of insurance policies when the insured switches 
jobs.  Among the more alarming suggestions in the legislation is 
the use of a "unique medical identifier."  Many of you will see 
this coming.  One of the currently proposed "identifiers" is the 
Social Security Number.

Members of the list might also wish to consider that companies 
which self insure their employees for health benefits are 
entitled to all their medical records directly.

The prospect of cradle to grave medical files as an everyday 
reality in the United States is but around the corner.

In my view it is time for the foundation of an offshore insurance 
company which recognizes the basic tenant that client medical 
records are the property of the client, used in a license 
capacity at the pleasure of the insured, and not an entitlement 
to which the company is automatically privy.


--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From tcmay at got.net  Sun Aug 18 23:52:38 1996
From: tcmay at got.net (Timothy C. May)
Date: Mon, 19 Aug 1996 14:52:38 +0800
Subject: Why BlackNet *IS* a Data Haven
Message-ID: <ae3d3dfe080210047546@[205.199.118.202]>


At 4:29 AM 8/19/96, Rich Graves wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>True, for controversial political and artistic materials whose
>authors/distributors have an interest in disseminating.

And artistic, political, cultural, etc. materials are of course one of the
main markets, as the large number of bookstores shows. (And the success of
"Primary Colors," by "Anonymous," shows that one need not the True Name of
an author, obvious to all persons on this list.)

>However, with neither a government to enforce contracts nor an identifiable
>location/identity that can be used for the private enforcement of, ahem,
>contracts, the barrier to entry for anonymous markets in real commercial
>products seems rather high. How are buyers and sellers to trust each other?
>How do you build reputation capital from zero? Once you have reputation,
>transaction costs should be pretty low, but building it?

Yes, a topic we've discussed many times over the years. I don't have the
time to compose a new essay on this, so I'll refer folks to either the
archives or my Cyphernomicon FAQ, which discusses reputations, third party
escrow services, etc.

(Imagine an equally anonymous "Ace Escrow Service," which holds the cash
until a product is transferred. Essentially, this is what a _store_ does.
For example, a Barnes and Noble or a Home Depot chooses which products to
stock based on their own evaluations, tests, and reputation
assessments...and they make good on defective products, etc. This lessens
the risks to the consumer that he will be screwed by a vendor he has little
recourse against. "Middlemen.")

>If what you're selling is a physical product, you're ultimately going to
>have a location. If what you're selling is information, how do you
>demonstrate the worth and trustworthiness of your data without distributing
>it? And once you have distributed it, what's to stop a "counterfeiter" from
>redistributing it, stealing your profits before you have had a chance to
>establish your reputation capital as the preferred source?

Sure, these are all issues. (As the Assyrian merchant said in 1300 B.C.
"This idea of a "store" you have...I can think of many problems. How will
they all be solved?")

>I don't see anonymous digital cash as the tightest bottleneck. Distributed
>trust in an anonymous marketplace seems more difficult.

I disagree, but this was obvious from the focus of my post. I believe we
see "distributed trust" (though this is not the choice of words I would
use) all around us.

Too many issues to debate here.

My point was that the BlackNet approach *is* like a physical data haven,
except with some advantages.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From cjs at netcom.com  Mon Aug 19 00:01:16 1996
From: cjs at netcom.com (cjs)
Date: Mon, 19 Aug 1996 15:01:16 +0800
Subject: Hackers invade DOJ web site
In-Reply-To: <199608190146.SAA19133@fat.doobie.com>
Message-ID: <199608190501.WAA01334@netcom20.netcom.com>


> > CNN online (http://www.cnn.com) is reporting a "breakin" by "hackers"
> > to the DOJ web site.  They don't elaborate exactly how thy did it.
> 
> Did anyone save a copy of the altered web page?  I would like to see
> what the crackers did.

		  http://www.otol.fi/~jukkao/usdoj/

I think that a lot of what the freedom hacker was trying to say got
lost due to some of the pictures he included. His alterations to the
battered women's page are not going to win him any points with me or
anyone else. Nor is his "Kill the Nigs" version of clinton's
speach. Neither is particularly humerous or has anything to do with
our diminishing rights. In fact, the whole thing is more likely to
backfire then it is to do any good.

So Mr. Freedom Hacker, wherever you are out there, if you ever get a
chance to do it again, here is a little advice to you. 1) pick a
single point or common theme. 2) do not alienate 60% of your audience
in the process 3) try to be more professional and 4) let whoever did
the caption for george washington write the rest of it.

Christopher






From tcmay at got.net  Mon Aug 19 00:09:25 1996
From: tcmay at got.net (Timothy C. May)
Date: Mon, 19 Aug 1996 15:09:25 +0800
Subject: CS First Boston lawsuit
Message-ID: <ae3d43f90a021004dcf8@[205.199.118.202]>


At 3:29 AM 8/19/96, Alan Horowitz wrote:
>I suspect they are trying to get a judgement against "John Doe", in the
>hopes of tracking him down later.
>
>Actually, if I had a sizeable judgement against such a John Doe, I could
>probably find a private detective who would find the dude for a
>contingent fee. Wow, a whole new class of factoring (commerce definition)
>opens up. Get me a lawyer....

Lawyers out there can and should correct me if I'm wrong, but I don't
believe either the criminal or civil justice system has the concept of a
"John Doe" trial! The ability to have the advice of an attorney, to
confront one's accusers, cross-examine witnesses, and mount a defense, and
all that constitutional stuff. Rather hard to do if the trial is in the
past tense.

Can you cite an example of such a "John Doe" trial in the U.S.?

(There may be trials "in absentia," more so in other countries than in the
U.S., but not when no persons have been identified at all!)


--Tim May, who hopes he is never identified as the "John Doe" indicted,
tried, convicted, and sentenced in 1979 in Washington County, Oregon, for
the crime of unlawful foddering in a public place.

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From Adamsc at io-online.com  Mon Aug 19 00:16:45 1996
From: Adamsc at io-online.com (Adamsc)
Date: Mon, 19 Aug 1996 15:16:45 +0800
Subject: Orbiting Datahavens
Message-ID: <19960819050233078.AAA175@IO-ONLINE.COM>


On Tue, 2 Jul 1996 17:06:47 -0700 (PDT), Brian Lane wrote:
>> 	I'm not sure who would launch it - a Japanese launcher? (ESA is
>> strapped for cash, which was one reason for the phenomenaly stupid move of
>> putting space probes onto the maiden flight of the Ariane 5.)
>
>  We'd want someone more reliable than ESA! I doubt that we could afford
>to have a backup satellite in case of a disaster. Once the Delta Clipper
>is functional the payload costs to orbit is supposed to drop tremendously.

Or, who knows. NASA could finally wake up, really that the shuttle sucks
as a cargo hauler, start using something like the Phoenix (They
stonewalled it - would have made them look bad) to build orbital industry
and then setup giant solar-powered launch lasers and have surface to
orbit at pennies per pound.  Oh well...  Who'd have thought we'd go to
the moon and stop.

| Chris Adams <adamsc at io-online.com> - Webpages for sale! Se habla JavaScript!
| http://www.io-online.com/adamsc/adamsc.htp
| Autoresponder: send email w/subject of "send resume" or "send PGPKEY"

 






From tcmay at got.net  Mon Aug 19 00:50:31 1996
From: tcmay at got.net (Timothy C. May)
Date: Mon, 19 Aug 1996 15:50:31 +0800
Subject: "Utilization Review"
Message-ID: <ae3d463d0b0210046542@[205.199.118.202]>


At 4:22 AM 8/19/96, Black Unicorn wrote:
>I listened with horror this evening to a radio program which
>discussed the state of medical record privacy today.
>
>In one segment a doctor (psychologist) described an experience
>she had after a session which was covered by the patient's
>insurance plan.

A friend of mine is a psychotherapist very concerned with such issues.
There are many pressures on him to reveal information about patients, most
of which are "unsurprising" in a world of what can only be called
"socialized medicine."

(I say "socialized" in that very few persons pay cash or their own money
for medical care, psychiatric treatment, sports injury therapy, etc. Most
are paying only a per-visit deductible, if even that, and the rest of the
charges are picked up by their employers, their insurance plans through
employers, the various social welfare institutions, etc.)

Insurance companies want proof that the treatments are needed, or are
working, and cannot merely take the word of a shrink, for example, that his
services are needed. (I can think of some solutions, such as "second
opinions" and "independent review panels," but, I can tell you, such things
are not common with psychotherapy regimens.)

>The doctor in question received a phone message with a 1-800
....
>about the patient's session in order to conduct a "utilization
>review to determine medical necessity."  Most alarmingly, the
>representative could be heard typing on a computer during the
>entire review.

Let's hope the resulting entries did not show up on a Web page!

(This has actually happened, accidentally. Only discovered when the search
spiders found the data and others then found the records.)

>The program went on to indicate that among the provisions in the
>most recent health insurance reform bill there was a provision
>for information sharing among insurance companies to facilitate
>the transfer of insurance policies when the insured switches
>jobs.  Among the more alarming suggestions in the legislation is
>the use of a "unique medical identifier."  Many of you will see
>this coming.  One of the currently proposed "identifiers" is the
>Social Security Number.

First, Clinton's dormant Health Plan (her husband is not pushing it)
would've _required_ such cross-linking of records. My friend the
psychotherapist is a liberal, but was aghast at this and lobbied with his
fellow mental health care professionals against this. He also got PGP as a
result of this scare.

Second, the "Social Security Number" worry is misplaced. They _already_
have enough identifiers to cross-link records til the cows come home.
Thinking one is safe if  the SSN is not used is "ostrich security." The
real issue is having confidential medical or psychiatric or legal records
out of the containment of a trusted holder.

>Members of the list might also wish to consider that companies
>which self insure their employees for health benefits are
>entitled to all their medical records directly.

Indeed, when I was at Intel an engineer was outraged almost to the point of
quitting and filing a lawsuit when he learned that his "Human Relations"
bimbo in a cubicle down the hall had the details of his vasectomy.

I'm sure by now the news of his vasectomy is a hundred different file
system in a dozen different institutions. An Alta Vista search should turn
it up.

--Tim May

ObCrypto Relevance: One of the ways safes (the steel kind, not the
alternative to vasectomies kind) got stronger was not through imploring and
lecturing, as we in the crypto community do, but through _insurance_. Why?
A way to discount future costs/risks to the present. A merchant who has
never been robbed probably doesn't think about the security of his safe.
But his insurer does. And he says to the merchant: "The charge is $2000 a
year if you continue with your current safe, and $1000 a year if you get a
Mosler Titan-2 safe. Your call."

The same motivation is, I think, what will eventually get security and
crypto more widely used. A hospital sued for multiple millions because its
records got intercepted and placed on the Web will have its insurance
company rethinking policies and rates, and setting procedures for
protection of information. This will drive security in a way that lectures,
rules, and even scare stories will not.

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From winsock at c2.org  Mon Aug 19 02:04:10 1996
From: winsock at c2.org (WinSock Remailer)
Date: Mon, 19 Aug 1996 17:04:10 +0800
Subject: No Subject
Message-ID: <199608190658.XAA16050@infinity.c2.org>



          DISCORDIAN SOCIETY SUPER SECRET CRYPTOGRAPHIC CYPHER CODE

Of possible interest to all Discordians, this information is herewith 
release
from the vaults of A.I.S.B., under the auspices of Episkopos Dr. Mordecai
Malignatius, KNS.

SAMPLE MESSAGE: ("HAIL ERIS")

CONVERSATION:
A B C D E F G H I J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26

STEP 1. Write out the message (HAIL ERIS) and put all the vowels at the end
        (HLRSAIEI)
STEP 2. Reverse order (IEIASRLH)
STEP 3. Convert to numbers (9-5-9-1-19-18-12-8)
STEP 4. Put into numerical order (1-5-8-9-9-12-18-19)
STEP 5. Convert back to letters (AEHIILRS)

This cryptographic cypher code is GUARANTEED TO BE 100% UNBREAKABLE.







From mccoy at communities.com  Mon Aug 19 02:36:38 1996
From: mccoy at communities.com (Jim McCoy)
Date: Mon, 19 Aug 1996 17:36:38 +0800
Subject: Why BlackNet *IS* a Data Haven
Message-ID: <v02140b00ae3dd1760748@[204.179.131.64]>


Tim May writes:
> Without splitting too many semantic hairs about the precise definition of
> "data haven," let me examine some ways in which BlackNet behaves
> identically to a conventional data haven.

I would be willing to concede the point if you would take a few seconds
to examine the issue of complete lack of persistence in BlackNet.

Your descriptions of BlackNet as a data haven seem to be completely
based upon the presumption that an anonymous contact service and contract
exchange is the functional equivalent to a data haven.  Here are a few
reasons why I would disagree:

As a publisher of "naughty bits" I do not have the ability to just toss
data up and assume that it will be there when someone wants it.  I am forced
to continuously monitor the appropriate newsgroups to find messages from
people asking me to post the blueprints to the orbital mind control lasers
or kiddie porn.  I cannot put my data onto "the Net" with an expectation
that any arbitrary user will be able to get the bits one month later.  To
maintain persistence I need to constantly repost my data, making it easier
for authorities to trace me through simple taffic analysis if nothing else.

> The classical data haven is closely identified with "place." To many
> people, they naturally assume "data haven" = a haven for data, a "harbor"
> (same IE root as haven) = a physical place.
>
> But is "place" important?

No one has really claimed place is important, in fact the ideal data haven
has no physical existence whatsoever.  This is a given.  As a practical
matter it is a lot easier if you start off in a "place" because there are
fewer complications but this has never been a necessity.

> A person in the U.S. seeking the Necronomicon posts a message to BlackNet
> (or any similar forum, using the same methods) asking for a copy of it, or
> offering to pay for it. (Whether the information is free or for a fee is
> not central to the idea.) This request is, of course, untraceable.
>
> Anyone, anywhere in the world, with a copy of this banned material on his
> or her private machines may see this request and respond, either giving the
> material away, or negotiating a fee. (As I said before, the absence of a
> robust digital cash system, bidirectionally untraceable, is a known
> limitation of all such systems.)

Now you reveal the objection I had to BlackNet being a data haven.  What if
only one person has a copy of this banned material?  It may not be in this
publishers interest to have the data available to anyone for posting in
response to the query ("Information does not want to be free, it wants to
be expensive and liberated...") and some data is not widespread enough or of
interest to enough people to assume that multiple copies exist to those who
read BlackNet postings. Therefore the only way for a publisher to maintain
availability of their data is to constantly monitor the appropriate newsgroups
and republish for each request, persistence is maintained only through
eternal vigilence (much like liberty, only requiring a lot more effort :)

> It's a data haven.

No, it is an anonymous contact service.  To claim this is a data haven is
like claiming that the classified ads in a newspaper are the equivalent to
a mall; you could probably find the same goods if you looked long enough, but
there is a reason that manufacturers sell goods through stores rather than
just posting classified ads across the country.  When one does not have the
time to check the classified ads, wants to goods from a reputable source, and
wants the goods in a timely fashion they will go to a shopping center.

jim







From mikev at is.co.za  Mon Aug 19 03:06:23 1996
From: mikev at is.co.za (Mike van der Merwe)
Date: Mon, 19 Aug 1996 18:06:23 +0800
Subject: THE POUCH
In-Reply-To: <199608181757.NAA10242@goffette.research.megasoft.com>
Message-ID: <Pine.GSO.3.95.960819093205.27171F-100000@admin.is.co.za>



Hi

>> "The POUCH is a secure e-mail terminal program for IBM compatible
>> computers. It uses a secret key phrase, advanced cryptographic
>> techniques and several UNPUBLISHED ALGORITHMS to protect data in the
>> body of e-mail messages. The key phrase, which can be up to 48 bytes
>> long, is easily remembered and communicated. The POUCH is highly
>> resistant to all known forms of cryptographic attack." [emphasis mine]

The INSTANT one see's the words "unpublished algorithms" appear in the
context of cryptography one knows that snake oil is being purveyed.
Resistant to all known forms of cryptographic attack?? Words fail me.

> Making the algorithm proprietary
> does extremely little in making it resistant to attack. All of your
> statements regarding the security of "The Pouch" are worthless, for
> you have no data with which to substantiate your claims.

Absolutely.

> If it is any good, there's no way for us to know. But your marketing
> of the product has every indication that it's nothing more than smoke
> and mirrors. To coin a phrase, "pseudocrypto."
> Please refrain from your bogus marketing techniques. This kind of
> stuff, by claiming to be "real cryptography" makes real cryptographers
> look bad.

Quite right. I'm not a "real cryptographer" myself, however I do feel that
many people on this list subscribe to a similar set of values and are
equally angered by people who sell snake oil to unsuspecting people.

Later
Mike








From vipul at pobox.com  Mon Aug 19 03:43:26 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Mon, 19 Aug 1996 18:43:26 +0800
Subject: Billy boy's satellites [Was - Floating DataHaven]
In-Reply-To: <321446BF.20431CA7@systemics.com>
Message-ID: <199608190016.AAA00419@fountainhead.net>


> 
> Vincent Cate wrote:
>  
> > You can get Internet via radio links for reasonable prices.  And via
> > satellite for almost affordable prices.  When Bill Gates 900 satellites
> > get up there it should be very affordable.
> 
> ... if a tad unrealiable?
> 
> The thought of 900 satelites in low orbit, all running NT, makes me
> shudder.  Brings a new meaning to the expression "OS crash".
> 
> What are cypherpunks thoughts on this?  Who really believes it'll work?
> 
> Doesn't the low orbit part mean that the satellites will have a low life
> expectancy, meaning a new launch every couple of days? (where's Gerald
> Bull when you need him - oh yes, now I remember ...)

The Iridium Project was pretty neat in this respect. I don't know what
is happenning with it as of now. It had some 230+ satellites, and some
smart routing techniques, if a satellite goes down. 

Vipul
vipul at pobox.com







From 73064.1247 at compuserve.com  Mon Aug 19 03:43:35 1996
From: 73064.1247 at compuserve.com (Theodor Schlickmann)
Date: Mon, 19 Aug 1996 18:43:35 +0800
Subject: ETS Call
Message-ID: <960819081531_73064.1247_DHS31-2@CompuServe.COM>


The European Commission  DGXIII/7 
Security of Telecommunications and Information Systems has anounced an open call
for tenders in the Official Journal as part of our preparatory work for ETS (the
Europe-wide network of Trusted Third Party Services).

The work proposed tackles the area of ETS infrastructure specification, design
and implementation in the form of field trials or "pilots" as well as performing
studies on communication and legal aspects.

>From the above data, further details of the Call can be found on our Web site:

http://www.cordis.lu/infosec/

For those who are unable to access the Web site, please send an e-mail request
to Fiona Allan at the following address:

fiona.allan at bxl.dg13.cec.be

The identical information will then be mailed to you using the normal postal
services.

After reading the documentation, please direct any queries that you may have to
Theodor Schlickmann at the following address:

73064.1247 at compuserve.com

Kind regards

Theodor W. Schlickmann






From couto at oim.uem.mz  Mon Aug 19 04:06:18 1996
From: couto at oim.uem.mz (couto at oim.uem.mz)
Date: Mon, 19 Aug 1996 19:06:18 +0800
Subject: Unix passwd-cracker online?
Message-ID: <322337ec.oim@oim.uem.mz>



Hi Arnauld!

Where can I get this file???
Is there a new version of Cracker Jack than 1.4?
There is a whay of puting Cracker Jack to manage passwords bigger 
than 8 characters?

Thanx in advance,

cRaZy bYtE
couto at oim.uem.mz

On 17 Aug 96 at 22:53, Arnauld Dravet wrote:

> Date sent:      Sat, 17 Aug 1996 22:53:51 -0500
> From:           Arnauld Dravet <scraver at mnet.fr>
> To:             cypherpunks at toad.com
> Subject:        Re: Unix passwd-cracker online?

> there's a new cracker under dos called John the Cracker, and coded by
> UCF96. It's optimized for Pentiumsand is better than cracker jack on a
> lot of points : can work with or without wordlists, and u can modify all
> what u want....approx 30% faster than cracker jack on a pentium (i run
> it at usually 4000 cps on a P90/32Mb ram and a 25Mb wordlist (yeah it's
> big))
> 
> scraver at mnet.fr
> 





From mikev at is.co.za  Mon Aug 19 04:47:53 1996
From: mikev at is.co.za (Mike van der Merwe)
Date: Mon, 19 Aug 1996 19:47:53 +0800
Subject: your mail
In-Reply-To: <199608190658.XAA16050@infinity.c2.org>
Message-ID: <Pine.GSO.3.95.960819110629.27171L-100000@admin.is.co.za>




On Mon, 19 Aug 1996, WinSock Remailer wrote:

> 
>           DISCORDIAN SOCIETY SUPER SECRET CRYPTOGRAPHIC CYPHER CODE
> 
> Of possible interest to all Discordians, this information is herewith 
> release
> from the vaults of A.I.S.B., under the auspices of Episkopos Dr. Mordecai
> Malignatius, KNS.
> 
> SAMPLE MESSAGE: ("HAIL ERIS")
> 
> CONVERSATION:
> A B C D E F G H I J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z
> 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
> 
> STEP 1. Write out the message (HAIL ERIS) and put all the vowels at the end
>         (HLRSAIEI)
> STEP 2. Reverse order (IEIASRLH)
> STEP 3. Convert to numbers (9-5-9-1-19-18-12-8)
> STEP 4. Put into numerical order (1-5-8-9-9-12-18-19)
> STEP 5. Convert back to letters (AEHIILRS)
> 
> This cryptographic cypher code is GUARANTEED TO BE 100% UNBREAKABLE.
> 
> 

You have GOT to be joking. This isn't happening... I can't believe I just
read this. I am at a complete loss for words...

Mike

___________________

"Those that give up essential liberty to obtain a little temporary
 safety deserve neither liberty nor safety." -- Benjamin Franklin (1773)






From Adamsc at io-online.com  Mon Aug 19 04:49:02 1996
From: Adamsc at io-online.com (Adamsc)
Date: Mon, 19 Aug 1996 19:49:02 +0800
Subject: (null)
Message-ID: <19960819091932218.AAA178@IO-ONLINE.COM>


On Sat, 17 Aug 1996 07:03:32 +0200 (MET DST), Anonymous wrote:

>>There are many computer companies that are full of Bozos,
>>Microsoft isn't one of them. Most of the people griping about
>>Microsoft can't code any better.

>Gee Phill, as I'm preparing to leave MS after 6 years, I have to 
>disagree with you.  Mediocrity and bureaucracy have eatten away 
>at a lot of the core of the company.  It is entirely marketing driven 
>now, and the coders have definitely gone down hill since I first
>started in Apps.  The "bozo" factor has steadily increased.  Only 
>those new hires without a sense of history think it's a real cool 
>place to work.  And, a few egocentric folks totally tripped on 
>power and greed.  (Apologies to any MSofties on the list I don't
>know personally.)

That would match my general impression of the way things have gone. 
Originally Microsoft was a small company that *had* to write good code
(anyone remember DR DOS?) to survive.  At the time, they had to do tons
of work producing usable products out of IBM's code. (Apparently due to
optimization, at one point MS was writing a negative total codelines for
OS/2 1.x)  Now, IBM is writing good code (Warp/Merlin/etc) and making
usable products out of MS blunders (Win-OS/2. It may crash (not quite as
much as the real Windows - separate sessions) but it doesn't bring down
the whole house...

>Talk to HR about the turnover of people with 5.5 to 8 years
>under their belts who are bailing with their stock options because
>it ain't a fun place to work anymore.  Testers, developers, UE,
>you name it.
>
>I can gripe because I was there.  I never seem to recall seeing
>your name on any internal e-mail.
>
>Oh yeah, this is coming through a remailer, because I'm reading
>the list at work.  And I doubt BillG would appreciate my opinions
>being sent out over MS resources.



| Chris Adams <adamsc at io-online.com> - Webpages for sale! Se habla JavaScript!
| http://www.io-online.com/adamsc/adamsc.htp
| Autoresponder: send email w/subject of "send resume" or "send PGPKEY"

 






From rp at rpini.com  Mon Aug 19 05:51:50 1996
From: rp at rpini.com (Remo Pini)
Date: Mon, 19 Aug 1996 20:51:50 +0800
Subject: Unbreakable Hoax
Message-ID: <9608190958.AA24335@srzts100.alcatel.ch>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Mon Aug 19 11:55:19 1996
> 
>           DISCORDIAN SOCIETY SUPER SECRET CRYPTOGRAPHIC CYPHER CODE
> 
> Of possible interest to all Discordians, this information is herewith 
> release
> from the vaults of A.I.S.B., under the auspices of Episkopos Dr.
>  Mordecai
> Malignatius, KNS.
> 
> SAMPLE MESSAGE: ("HAIL ERIS")
> 
> CONVERSATION:
> A B C D E F G H I J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z
> 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
> 
> STEP 1. Write out the message (HAIL ERIS) and put all the vowels at the
>  end
>         (HLRSAIEI)
> STEP 2. Reverse order (IEIASRLH)
> STEP 3. Convert to numbers (9-5-9-1-19-18-12-8)
> STEP 4. Put into numerical order (1-5-8-9-9-12-18-19)
> STEP 5. Convert back to letters (AEHIILRS)
> 
> This cryptographic cypher code is GUARANTEED TO BE 100% UNBREAKABLE.

I found an optimisation to reduce computation time:
Replace steps 1 to 5 by the following step a:

STEP a. Sort the string according to the alphabet.

The properties of the algorithm are still the same, it's unbreakable 
(unfortunately also by the originator, but that's a petty detail).

;-)

- ------< fate favors the prepared mind >------
Remo Pini                        rp at rpini.com
PGP:  http://www.rpini.com/crypto/crypto.html
- ----< words are what reality is made of >----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMhg6ChFhy5sz+bTpAQHlZggAwr3W4+XGpF+yqd2D/8YFbBK4v+ddjlSB
Wgjd7xU4N+KB0bRcNLMZzdiHVyeLMoi6TMmxTNarhAzqTmn5dEjhwysSkWxWsKUo
cK7T3pXO5A33r+Htv6L6W1mTlFhIW6neFM45P4NQgYdYwhPJAP8B+xMy0z0OIcoM
BHwvmaDZFJVY6ps/T23gClzKDWQI8XDFbGyL8iNNefRXKWnwLS3YZgRXGKJD9BrX
R/LtW1KzKJk63tPFWngehXItQc2WeuCdR/BhO9hCVN66j4B7t40d9e4mxCkr2f/Z
kqhaI9Cl81BA/Xj508sLADgq3NGa6ps7dIFg6Js+UD7K9NIuAfg/jg==
=qkkB
-----END PGP SIGNATURE-----






From declan at eff.org  Mon Aug 19 07:51:33 1996
From: declan at eff.org (Declan McCullagh)
Date: Mon, 19 Aug 1996 22:51:33 +0800
Subject: proxy servers in Singapore
In-Reply-To: <1.5.4.32.19960817031055.006c95e4@poptart.home.net>
Message-ID: <Pine.SUN.3.91.960819050928.6457G-100000@eff.org>


On Fri, 16 Aug 1996, Brendon Macaraeg wrote:

> Did anyone else catch the AP wire story
> (it ran here in the SF Chronicle on Thursday)
> about the Singapore government cracking
> down on "undesirable" (e.g., sex smut, anti-govt.
> postings etc.) content on web sites, usenet etc.
> Their basically forcing, by law, Singapore  ISPs to use
> proxy servers that contain the information
> that the govt. deems fit. 

Yep, I have that and other Singapore stuff at:
  http://www.eff.org/~declan/global/

-Declan


// declan at eff.org // I do not represent the EFF // declan at well.com //







From declan at eff.org  Mon Aug 19 08:41:28 1996
From: declan at eff.org (Declan McCullagh)
Date: Mon, 19 Aug 1996 23:41:28 +0800
Subject: Hackers invade DOJ web site
In-Reply-To: <199608190146.SAA19133@fat.doobie.com>
Message-ID: <Pine.SUN.3.91.960819053428.6457M-100000@eff.org>


On Sun, 18 Aug 1996, Huge Cajones Remailer wrote:
> 
> Did anyone save a copy of the altered web page?  I would like to see
> what the crackers did.

Check out the attached message. If anyone has any info, I'd love to hear 
more.

-Declan


// declan at eff.org // I do not represent the EFF // declan at well.com //


>---------- Forwarded message ----------
>Date: Sat, 17 Aug 1996 00:50:51 -0700
>From: v0!d <voidmstr at PRIMENET.COM>
>To: Multiple recipients of list VOXERS-AT-LARGE <VOXERS-AT-LARGE at USA.NET>
>Subject: Re: quick! b4 it's gone DOJ WWW Page hacked
>
>At 10:59 PM -0700 8/16/96, voidmstr wrote:
>>http://www.usdoj.gov/
>
>
>gone, but not forgotten!
>
>check these mirrors from alert VAL ppl:
>
>http://www.doobie.com/~baby-x/usdoj/
>
>http://spam.ppp0.dorsai.org/dojhack/
>
>i have at the source and files (mac format) @
>
>http://www.primenet.com/~voidmstr/usdojhack.sit.bin
>
>







From ses at tipper.oit.unc.edu  Mon Aug 19 08:47:44 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Mon, 19 Aug 1996 23:47:44 +0800
Subject: Discordians a-gogo (aggoo)
In-Reply-To: <199608190658.XAA16050@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.960819085811.6502B-100000@tipper.oit.unc.edu>


On Mon, 19 Aug 1996, WinSock Remailer wrote:
> 
>           DISCORDIAN SOCIETY SUPER SECRET CRYPTOGRAPHIC CYPHER CODE

BTW, have you ever looked really closely at a Terisa systems business 
card. Really closely? HAve you seen the Fnord?

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From stephen at iu.net  Mon Aug 19 09:53:12 1996
From: stephen at iu.net (Stephen Cobb)
Date: Tue, 20 Aug 1996 00:53:12 +0800
Subject: US Taxes on X-Pats (getting off topic)
Message-ID: <1.5.4.32.19960819135353.009e0510@iu.net>


At 11:24 PM 8/18/96 -0400, you wrote:
>As I understand the proposal, the immigrant-benefits thing would be for 
>immigrants admitted AFTER the act was, uh, enacted. So, no ex-post-facto 
>problems.
>
>
I know this is getting way off topic...but what I am not clear about is this:

1. Americans living and working in London used to be eligible for certain
benefits from the British social security system, into which they are
required to pay. There is a reciprocal arrangement between the US and UK on
soc sec benefits and payments. The new US law seems to alter that, which
could affect the US citizen living in London, as in, "sorry mate, you can't
come in here with that knife wound, not without your cheque book you can't."

2. Making legal immigrants living in the US pay soc sec "taxes" without
being eligible for benefits sounds pretty unfair, even "unamerican."

Maybe someone who knows more about the law in these matters can clarify.

Stephen






From raph at CS.Berkeley.EDU  Mon Aug 19 10:02:51 1996
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Tue, 20 Aug 1996 01:02:51 +0800
Subject: List of reliable remailers
Message-ID: <199608191350.GAA20209@kiwi.cs.berkeley.edu>


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list at kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail. For more information, see:
http://www.c2.org/~raph/premail.html

   For the PGP public keys of the remailers, finger
pgpkeys at kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list at kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail at miron.vip.best.com> cpunk pgp special";
$remailer{"c2"} = "<remail at c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon at anon.penet.fi> penet post";
$remailer{"flame"} = "<remailer at flame.alias.net> cpunk mix pgp. hash latent cut post reord";
$remailer{"mix"} = "<mixmaster at remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"replay"} = "<remailer at replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"ecafe"} = "<cpunk at remail.ecafe.org> cpunk mix";
$remailer{"amnesia"} = "<amnesia at chardos.connix.com> cpunk mix pgp hash latent cut ksub";
$remailer{'alpha'} = '<alias at alpha.c2.org> alpha pgp';
$remailer{'nymrod'} = '<nymrod at nym.jpunix.com> alpha pgp';
$remailer{"lead"} = "<mix at zifi.genetics.utah.edu> cpunk pgp hash latent cut ek";
$remailer{"nemesis"} = "<remailer at meaning.com> cpunk pgp hash latent cut";
$remailer{"exon"} = "<remailer at remailer.nl.com> cpunk pgp hash latent cut ek";
$remailer{"vegas"} = "<remailer at vegas.gateway.com> cpunk pgp hash latent cut";
$remailer{"haystack"} = "<haystack at holy.cow.net> cpunk mix pgp hash latent cut ek";
$remailer{"ncognito"} = "<ncognito at rigel.cyberpass.net> mix cpunk pgp hash latent";
$remailer{"lucifer"} = "<lucifer at dhp.com> cpunk mix pgp hash latent cut ek";
$remailer{"jam"} = "<remailer at cypherpunks.ca> cpunk mix pgp hash latent cut ek";
$remailer{"winsock"} = "<winsock at c2.org> cpunk pgp hash cut ksub reord";
$remailer{'nym'} = '<config at nym.alias.net> newnym pgp';
$remailer{"balls"} = "<remailer at huge.cajones.com> cpunk pgp hash latent cut ek";
catalyst at netcom.com is _not_ a remailer.
lmccarth at ducie.cs.umass.edu is _not_ a remailer.
usura at replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(c2 alpha)
(flame replay)
(alumni portal)

Use "premail -getkeys pgpkeys at kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

Note: The remailer list now includes information for the alpha
nymserver.

Last update: Mon 19 Aug 96 6:47:01 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
balls    remailer at huge.cajones.com         *++********     3:33 100.00%
penet    anon at anon.penet.fi               .--..--...-  19:43:48  99.81%
nemesis  remailer at meaning.com              ***********    23:25  99.71%
jam      remailer at cypherpunks.ca          -***********  1:42:22  99.70%
winsock  winsock at c2.org                   -__----..--  10:02:35  99.67%
replay   remailer at replay.com              ***+********     4:30  99.51%
amnesia  amnesia at chardos.connix.com       ---  ------   3:51:56  98.85%
nymrod   nymrod at nym.jpunix.com            ###-+ #         21:25  97.41%
extropia remail at miron.vip.best.com        ----------    6:30:40  95.67%
mix      mixmaster at remail.obscura.com     -+---+++-++   1:35:16  92.72%
lead     mix at zifi.genetics.utah.edu       +--+++++  ++  1:01:56  86.82%
haystack haystack at holy.cow.net            --##**#* -      19:17  85.11%
ncognito ncognito at rigel.cyberpass.net     --+           7:57:35  15.59%
alpha    alias at alpha.c2.org               .             5:24:22   7.71%
lucifer  lucifer at dhp.com                  +               53:57   7.27%
c2       remail at c2.org                    .             5:59:32   6.81%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien





From anderson at optical.bms.com  Mon Aug 19 10:11:07 1996
From: anderson at optical.bms.com (anderson at optical.bms.com)
Date: Tue, 20 Aug 1996 01:11:07 +0800
Subject: THE POUCH
In-Reply-To: <199608181757.NAA10242@goffette.research.megasoft.com>
Message-ID: <199608191407.KAA10294@zymurgy.bms.com>


>>>>> "mattC" == C Matthew Curtin <cmcurtin at research.megasoft.com> writes:

mattC> -----BEGIN PGP SIGNED MESSAGE-----
mattC> Allow me to quote from your web page:
mattC> http://www.flagler.com/security.html

mattC> Quote #1:
mattC> "The POUCH is a secure e-mail terminal program for IBM compatible
mattC> computers. It uses a secret key phrase, advanced cryptographic
mattC> techniques and several unpublished algorithms to protect data in the
mattC> body of e-mail messages. The key phrase, which can be up to 48 bytes
mattC> long, is easily remembered and communicated. The POUCH is highly
mattC> resistant to all known forms of cryptographic attack."

mattC> Quote #2:
mattC> "We warrant that the product when delivered to you has no short cuts,
mattC> covert channels or secret solutions of any kind. No other warranty,
mattC> either expressed or implied is given."

mattC> If it is any good, there's no way for us to know. But your marketing
mattC> of the product has every indication that it's nothing more than smoke
mattC> and mirrors. To coin a phrase, "pseudocrypto."

To coin a phrase, "pseudocrapto" :-)


Jay

-- 
------------------------------------------------------
James P. Anderson III         anderson at optical.bms.com
Senior Network Engineer                          N3JMC
Bristol-Myers Squibb Pharmaceutical Research Institute
Princeton, NJ 08543               Work: (609)-252-6039






From hfinney at shell.portal.com  Mon Aug 19 10:35:11 1996
From: hfinney at shell.portal.com (Hal)
Date: Tue, 20 Aug 1996 01:35:11 +0800
Subject: Why BlackNet *IS* a Data Haven
In-Reply-To: <v02140b00ae3dd1760748@[204.179.131.64]>
Message-ID: <199608191403.HAA25315@jobe.shell.portal.com>


mccoy at communities.com (Jim McCoy) writes:
>Your descriptions of BlackNet as a data haven seem to be completely
>based upon the presumption that an anonymous contact service and contract
>exchange is the functional equivalent to a data haven.  Here are a few
>reasons why I would disagree:

I think part of the confusion here is the name "BlackNet".  As I envision
the concept, BlackNet is not really an anonymous contact service, or in
fact a network of any sort.  Rather, it is a vendor.  It buys and sells
information.  The name, while provocative, is a bit misleading in this
regard.  (This is just my model, and may not actually correspond with
Tim's or anyone else's idea.  But I think it more closely matches the
data haven concept, and in fact is more consistent with the original
announcement.)

BlackNet has a public key, and a known virtual location in the form of
certain newsgroups that it monitors.  Anyone can initiate a
communication interchange with BlackNet by posting a message to those
groups, encrypted with BlackNet's key.  Presumably in that message will
be included return address information in the form of a key and a set of
locations that will be monitored for replies.  In this way ongoing
conversations can be maintained between BlackNet and customers who are
either buying or selling to it.

BlackNet would not be used (as I see it) for direct communication
between buyers and sellers of information.  How would the BlackNet
public key fit into this model?  The existence of a specific BlackNet
public key is part of what drives me to picture it as a vendor.
Rather, BlackNet will buy information (plus unrestricted rights to
disseminate that information), add it to its catalog, and then
advertise its availability and price.

>As a publisher of "naughty bits" I do not have the ability to just toss
>data up and assume that it will be there when someone wants it.  I am forced
>to continuously monitor the appropriate newsgroups to find messages from
>people asking me to post the blueprints to the orbital mind control lasers
>or kiddie porn.  I cannot put my data onto "the Net" with an expectation
>that any arbitrary user will be able to get the bits one month later.  To
>maintain persistence I need to constantly repost my data, making it easier
>for authorities to trace me through simple taffic analysis if nothing else.

This model pictures BlackNet differently than I do.  As I see it, once
you sell your data to BlackNet you don't have to take any more steps.
There may still be problems, in that you may feel that BlackNet is
setting too high a price on the data you want to distribute.  However of
course anyone is free to start up a competing service, if they want to
take the risks.  BlackNet fees will in the long run be determined by
competitive market conditions based on the costs of maintaining
anonymity.

>[Quoting Tim May:]
>> A person in the U.S. seeking the Necronomicon posts a message to BlackNet
>> (or any similar forum, using the same methods) asking for a copy of it, or
>> offering to pay for it. (Whether the information is free or for a fee is
>> not central to the idea.) This request is, of course, untraceable.
>>
>> Anyone, anywhere in the world, with a copy of this banned material on his
>> or her private machines may see this request and respond, either giving the
>> material away, or negotiating a fee. (As I said before, the absence of a
>> robust digital cash system, bidirectionally untraceable, is a known
>> limitation of all such systems.)

This is a little different from my picture of BlackNet, as I wrote above.
I would see BlackNet as being a particular seller of information, who
will respond to this message.  It could have competitors like SafeHaven,
StrongHold, InfoBase, etc., each of which will offer data for a price,
and each of which will have its own reputation for reliability.

>Now you reveal the objection I had to BlackNet being a data haven.  What if
>only one person has a copy of this banned material?  It may not be in this
>publishers interest to have the data available to anyone for posting in
>response to the query ("Information does not want to be free, it wants to
>be expensive and liberated...") and some data is not widespread enough or of
>interest to enough people to assume that multiple copies exist to those who
>read BlackNet postings. Therefore the only way for a publisher to maintain
>availability of their data is to constantly monitor the appropriate newsgroups
>and republish for each request, persistence is maintained only through
>eternal vigilence (much like liberty, only requiring a lot more effort :)

Here is where BlackNet as an information middleman makes the most sense.
Its business model includes the costs of this sort of vigilance, which
after all can be automated.

>> It's a data haven.

>No, it is an anonymous contact service.  To claim this is a data haven is
>like claiming that the classified ads in a newspaper are the equivalent to
>a mall; you could probably find the same goods if you looked long enough, but
>there is a reason that manufacturers sell goods through stores rather than
>just posting classified ads across the country.  When one does not have the
>time to check the classified ads, wants to goods from a reputable source, and
>wants the goods in a timely fashion they will go to a shopping center.

Actually we now have "virtual malls" online.  These are in their infancy
but eventually they could become as easy to use and reliable as regular
malls (for appropriate kinds of goods).  All that BlackNet (as I picture
it) lacks is a WWW interface, and even that could be provided if the
gateway server could be made immune to legal pressure and if various
technicalities about anonymous WWW connections could be dealt with.

As for reputations, if BlackNet is one of several vendors of
information, like its competitors, they can all develop reputations of
their own for reliability, honesty, availability, etc.  There may be
problems if the testimonials of customers are all anonymous, but in
some cases such methods as signed transcripts of information exchanges
can be used by one side or the other to justify claims that the other
side has cheated.

Hal





From declan at eff.org  Mon Aug 19 10:39:07 1996
From: declan at eff.org (Declan McCullagh)
Date: Tue, 20 Aug 1996 01:39:07 +0800
Subject: Indonesia detains democracy activist after post to mailing list
Message-ID: <Pine.SUN.3.91.960819070454.9452B-100000@eff.org>






---------- Forwarded message ----------
Date: Sun, 18 Aug 1996 21:23:29 -0700 (PDT)
From: Declan McCullagh <declan at well.com>
To: fight-censorship at vorlon.mit.edu
Subject: Indonesia detains democracy activist after post to mailing list

Indonesia is joining the rest of the world in cracking down on online
speech. Perhaps the lesson here is that no matter how much the Internet
supposedly "routes around censorship," the most vulnerable points are the
humans on both ends. More info on the global net-crackdown is at: 
  http://www.eff.org/~declan/global/

-Declan

---

http://www.hotwired.com/netizen/96/34/special0a.html

   HotWired, The Netizen
   19 August 1996

   Trouble in Paradise
   by Declan McCullagh (declan at well.com)
   Washington, DC, 18 August
   
   Indonesian democracy activists have taken their fight for freedom
   to the Net, and the government doesn't approve.
   
   After distributing email messages about riots in Jakarta last month to
   an international Indonesian-politics mailing list, Prihadi Beny
   Waluyo, a lecturer at Duta Wacana Christian University, was arrested
   and interrogated by the military. Since then, the mailing list has
   been banned from the country and Waluyo has returned to his house,
   where he remains under surveillance.
   
   Until now, Indonesian cyberspace has been relatively free, with no
   regulations or laws explicitly restricting online discussions. By
   contrast, newspapers and magazines are subject to strict censorship,
   following a 1984 ministerial decree requiring the press to obtain
   licenses from the government.

[...]
   
   "He [Waluyo] was arrested and accused of sending messages to Holland
   and printing out photocopies," said Sidney Jones, executive director
   of Human Rights Watch/Asia. "The army is out to stop any kind of
   discussion of the riots."
   
   The censor-happy regime of President Suharto tried to stop journalists
   from reporting on the outbreaks of violence - which shattered his
   carefully cultivated image of a stable Indonesia. The worst domestic
   disturbance in a decade, the uprising started after police stormed the
   headquarters of an opposition party and ejected anti-government
   activists from the building...
   
[...]

---

August 14, 1996

His Excellency M. Arifin Siregar
Ambassador to the United States
Embassy of Indonesia
2020 Mass. Avenue, NW
Washington, DC  20036

Your Excellency:

     I am writing on behalf of Human Rights Watch/Asia to protest the
arrest of Drs. Prihadi Beny Waluyo, a lecturer at Duta Wacana Christian
University. Drs. Waluyo was arrested at his home by soldiers of the
district military command. He was reportedly accused of distributing
e-mail messages and also of sending messages relating to the July 27 riots
to a destination in Holland. His arrest came after an unidentified person
gave an officer photocopies of e-mail messages that were traced to Drs.
Waluyo. The person claimed the printouts came from a store in Kebumen, a
district of Yogyakarta. 

     Following his arrest, Drs. Waluyo was interrogated by the military
about his connections with the Peoples Democratic Party (PRD), which the
government has accused of masterminding the riots, but he denied any
involvement with the PRD. He acknowledged that he had sent messages over
the Internet. Following his questioning, he was reportedly ordered to go
to his home and was told to report to the district military command on a
regular basis. He is said to be under strict surveillance. 

     Human Rights Watch opposes actions by the Indonesian government to
restrict electronic communication. As stated in Article 19 of the
Universal Declaration of Human Rights: 

     Everyone has the right to freedom of opinion and expression: this     
     right includes freedom to hold opinions without interference and to
     seek, receive and impart information and ideas through any media and
     regardless of frontiers.

We believe that such forums provide a truly unique opportunity for people
from around the globe to share their views with an international audience.
By allowing unrestricted communication, important issues can receive the
benefit of serious discussion by the broadest cross-section of society. If
the Internet is to achieve its potential to become a global information
infrastructure, it is important, at the present moment, to agree to allow
its unrestricted development. 

     We urge that Drs. Waluyi and every other citizen be allowed to
receive and transmit electronic mail without fear of harassment,
intimidation, or arrest. 

Sincerely,
Sidney Jones
Executive Director
Human Rights Watch/Asia
                              
cc:  His Excellency Nugroho Wisnumurti, Ambassador to the United Nations 

---

[Thanks to Bruce Sterling for this excerpt. --Declan]
 
>From the INDEX ON CENSORSHIP web site:
 
http://www.oneworld.org/index_oc/
  
INDONESIA
 
 It was reported in May that the government has banned the book Bayang Bayang
 PKI (In the Shadows of the PKI). Published by the Institute for Studies on
 the Free Flow of Information (ISAI), it focuses on the 1965-1966 events
 leading to the assumption of power by President Soeharto. It is now a
 criminal offence for any person to process, publish, distribute, trade or
 reprint the book. (A19)
 
 The government has put pressure on the media to report positively on
 government-backed efforts to oust the leader of the opposition Indonesian
 Democratic Party (PDI), Megawati Sukarno-putri. On 2 June army officers
 invited most of Indonesia's chief editors to attend media briefings where,
 among other things, they were told not to use the words 'unseat' or 'topple'
 in their reporting.
 
 A rally in Jakarta organised by members loyal to Megawati on 20 June was
 broken up by troops, who killed at least one of the protesters, and arrested
 hundreds. Erwin Hadi, photographer with the weekly Sinar, Iqbal Wahyudin of
 CNN, Tomohiko Ohtsuka of Mainichi Shimbun and Reuters photographer Enny
 Nuraheini were among the journalists injured by soldiers during the rally.
 
 Local stations were also banned by the government from broadcasting images
 of the protest or from helping foreign news agencies feed their pictures of
 the rally abroad. Megawati was finally ousted as PDI leader on 22 June.
 (Institute for Studies on the Free Flow of Information)
 
 The Supreme Court voted on 13 June to uphold the government's ban on the
 independent newsweekly Tempo (Index 4&5/1994, 3/1995, 1/1996). The Court
 ruled that the information minister has the right to revoke publishing
 licences since he also has the right to issue them. (Institute for Studies
 on the Free Flow of Information)
 
 Index Index incorporates information from the American Association for the
 Advancement of
 Science Human Rights Action Network (AAASHRAN), Amnesty International (AI),
 Article 19
 (A19), the BBC Monitoring Service Summary of World Broadcasts (SWB), the
 Committee to
 Protect Journalists (CPJ), the Canadian Committee to Protect Journalists
 (CCPJ), the
 Inter-American Press Association (IAPA), the International Federation of
 Journalists (IFJ/FIP), the
 International Federation of Newspaper Publishers (FIEJ), Human Rights Watch
 (HRW), the Media
 Institute of Southern Africa (MISA), International PEN (PEN), Open Media
 Research Institute
 (OMRI), Reporters Sans Frontires (RSF), the World Association of Community
 Broadcasters
 (AMARC) and other sources

###








From campbell at c2.org  Mon Aug 19 11:21:00 1996
From: campbell at c2.org (Rick Campbell)
Date: Tue, 20 Aug 1996 02:21:00 +0800
Subject: No Subject
In-Reply-To: <199608190352.XAA07594@larry.infi.net>
Message-ID: <9608191513.AA11169@cfdevx1.lehman.com>


-----BEGIN PGP SIGNED MESSAGE-----

From: Rick Campbell <campbell at c2.org>
To: Alan Horowitz <alanh at infi.net>
CC: cypherpunks at toad.com
In-reply-to: Alan Horowitz' message of "Sun, 18 Aug 1996 23:52:05 EDT."
             <199608190352.XAA07594 at larry.infi.net> 

    From: Alan Horowitz <alanh at infi.net>
    Date: Sun, 18 Aug 1996 23:52:05 -0400 (EDT)

    P.S. I have an alpha version of a program which may be of interest to
    technomads: it automatically executes scripts received by email from a
    remote machine and then mails back the results.  The scripts (shell
    scripts, perl scripts, or whatever) are encrypted and signed with PGP
    before being sent to provide security and prevent unauthorized users
    from executing scripts on your machine.  The program runs on unix
    systems, and submissions can be from anything that runs PGP and is able
    to send email.  See:

Does your mechanism do anything to prevent replay attacks?

			Rick

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhiD+Bj0UvMeUesFAQF7ywP6ApwUwUWcSAs8+6HIvGkfogn69sFXJSc5
ExiktjjvzrG0903M/iihokr/xiICAAfeyylKJ4U6kbc7Ks4Tw2e0CJt5Bfrise/x
nlkcSn1+3vV7vOBfSusvVEqhIzVCdFcoi3UgavwBFp9JanldsxUhEmyuZEgc0sgU
Pg8QdEWcteo=
=ghZA
-----END PGP SIGNATURE-----





From wb8foz at nrk.com  Mon Aug 19 11:31:52 1996
From: wb8foz at nrk.com (David Lesher)
Date: Tue, 20 Aug 1996 02:31:52 +0800
Subject: proxy servers in Singapore
In-Reply-To: <Pine.SUN.3.91.960819050928.6457G-100000@eff.org>
Message-ID: <199608191511.LAA08225@nrk.com>


> Yep, I have that and other Singapore stuff at:
>   http://www.eff.org/~declan/global/
> 
> -Declan

Talk about an attractive target. Just paint a BIG bullseye
on that proxy server........



-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From unicorn at schloss.li  Mon Aug 19 12:36:29 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Tue, 20 Aug 1996 03:36:29 +0800
Subject: CS First Boston lawsuit
In-Reply-To: <ae3d43f90a021004dcf8@[205.199.118.202]>
Message-ID: <Pine.SUN.3.94.960819120150.9756A-100000@polaris>


On Sun, 18 Aug 1996, Timothy C. May wrote:

> At 3:29 AM 8/19/96, Alan Horowitz wrote:
> >I suspect they are trying to get a judgement against "John Doe", in the
> >hopes of tracking him down later.
> >
> >Actually, if I had a sizeable judgement against such a John Doe, I could
> >probably find a private detective who would find the dude for a
> >contingent fee. Wow, a whole new class of factoring (commerce definition)
> >opens up. Get me a lawyer....
> 
> Lawyers out there can and should correct me if I'm wrong, but I don't
> believe either the criminal or civil justice system has the concept of a
> "John Doe" trial! The ability to have the advice of an attorney, to
> confront one's accusers, cross-examine witnesses, and mount a defense, and
> all that constitutional stuff. Rather hard to do if the trial is in the
> past tense.
> 
> Can you cite an example of such a "John Doe" trial in the U.S.?

Not exactly, but judgements against John Doe's or even "$956,334.34" are
common.  Typically they are default judgements where a property seizure is
involved.

"The United States of America v. $534,444.00" and "The United States of
AMerica v. One Red Porsche" is a common theme.

> 
> (There may be trials "in absentia," more so in other countries than in the
> U.S., but not when no persons have been identified at all!)
> 
> 
> --Tim May, who hopes he is never identified as the "John Doe" indicted,
> tried, convicted, and sentenced in 1979 in Washington County, Oregon, for
> the crime of unlawful foddering in a public place.
> 
> Boycott "Big Brother Inside" software!
> We got computers, we're tapping phone lines, we know that that ain't allowed.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
> Licensed Ontologist         | black markets, collapse of governments.
> "National borders aren't even speed bumps on the information superhighway."
> 
> 
> 
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From jimbell at pacifier.com  Mon Aug 19 12:42:22 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 20 Aug 1996 03:42:22 +0800
Subject: [NOISE] Re: Stopped Clock. Was: Schlafly on Crypto
Message-ID: <199608191657.JAA18526@mail.pacifier.com>


At 01:18 AM 8/16/96 -0700, Bill Stewart wrote:
>>>>Subject: Clinton Is Trying to be Big Brother -- Phyllis Schlafly Column

>>It does seem really odd, doesn't it?  But look at it this way:  The only 
>>reason the knuckle-dragging conservatives are able to take the moral 
>>high-ground on this and other net-freedom issues is because the OTHER 
>>"unrependant liberals" have inexplicably abandoned the correct side of the 
>>argument.  The fact that the conservatives are right may seem odd, but the 
>>behavior of the liberals is truly astonishing.
>
>Liberals?  What Liberals?  Clinton's certainly no liberal;
>he's just a big-spending statist who likes to buy votes from
>poor, middle-class, and yuppie voters rather than buying them
>from defense contractors, not that he's above that.

Well, I should have been more clear and said, "...what passes for a liberal 
these days."

In any case, my opinion is that the WRONG airplane crashed a couple of days 
ago.  <sigh!>



Jim Bell
jimbell at pacifier.com





From nick at multipro.com  Mon Aug 19 13:10:23 1996
From: nick at multipro.com (Nick West)
Date: Tue, 20 Aug 1996 04:10:23 +0800
Subject: Hackers invade DOJ web site
Message-ID: <199608191642.LAA07079@server.multipro.com>


At 06:46 PM 8/18/96 -0700, you wrote:
>> CNN online (http://www.cnn.com) is reporting a "breakin" by "hackers"
>> to the DOJ web site.  They don't elaborate exactly how thy did it.
>
>Did anyone save a copy of the altered web page?  I would like to see
>what the crackers did.
>
>Thanks.
>
>
They showed a the page on CNN Headline News yesterday. They might show it
sometime again today, stay tuned.

Nick West
nick at multipro.com
Member of the National Wild Turkey Federation and 
The Libertarian Party of Tennessee

http://members.tripod.com/~NWest/index.html

PGP Fingerprint= F9 F7 92 D9 D3 0B 56 3E  FA 2A 78 59 27 32 7D 6F

Public key available on request.






From tcmay at got.net  Mon Aug 19 13:23:31 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 20 Aug 1996 04:23:31 +0800
Subject: Billy boy's satellites [Was - Floating DataHaven]
Message-ID: <ae3de8c50f02100494d9@[205.199.118.202]>


At 12:16 AM 8/19/96, Vipul Ved Prakash wrote:
>>
>> Vincent Cate wrote:

>> Doesn't the low orbit part mean that the satellites will have a low life
>> expectancy, meaning a new launch every couple of days? (where's Gerald
>> Bull when you need him - oh yes, now I remember ...)

LEO (Low Earth Orbit) is only relative to the main alternative placement
for broadcast satellites: geostationary orbit, out in the Clarke Belt. LEO
satellites are well above significant drag of the troposphere and are
expected to remain in orbit far longer than their lifetimes as useful
transponders.

>The Iridium Project was pretty neat in this respect. I don't know what
>is happenning with it as of now. It had some 230+ satellites, and some
>smart routing techniques, if a satellite goes down.

Actually, far fewer. The original number of satellites (not counting
spares) was equal to the atomic number of iridium, hence the name (though
maybe they altered the number of satellites to match the atomic number?).
They later reduced the needed number by a few, but kept the name.

An Alta Vista search on "iridium AND satellite" produces 1000 hits, so
there's plent of information out there.

There are also two major competing systems, also not yet deployed. One is
the Microsoft-McCaw Cellular project, another is being done by an aerospace
company working with Qualcomm, or a subsidiary. Again, the Web should
produce the information for anyone interested.

Which of the three (and maybe more) systems will actually get deployed, and
which will succeed in the market, is an interesting question.

There's some obvious crypto/GAK/New World Order issues: many countries may
not care for a communications system which allows citizen-units or enemy
agents to make phone calls from the middle of the Kalahari desert or from
within the jungles of Burma.

(The Israelis, for example, are insisting that all handheld units have
Explosives Escrow, for detonation with appropriate official orders.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Mon Aug 19 13:47:11 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 20 Aug 1996 04:47:11 +0800
Subject: Why BlackNet *IS* a Data Haven
Message-ID: <ae3de0b20e021004af28@[205.199.118.202]>


At 8:28 AM 8/19/96, Jim McCoy wrote:
>Tim May writes:
>> Without splitting too many semantic hairs about the precise definition of
>> "data haven," let me examine some ways in which BlackNet behaves
>> identically to a conventional data haven.
>
>I would be willing to concede the point if you would take a few seconds
>to examine the issue of complete lack of persistence in BlackNet.

There are various amounts of persistence, depending on which kind of "pool"
is used:


* Usenet newsgroups have a persistence of days to weeks, depending on one's
particular site. This is enough for parties to find each other _if_ they
are watching (or having agents watching). And of course Usenet archives are
expected--Alta Vista and Deja News has Usenet articles going back several
months in many cases.

* Mailing list message pools (a la Cuperman) have an effectively infinite
persistence, if parties archive the messages.

* Web-based message pools, which to my knowledge have not been used yet,
would have a persistence as long as the messages are archived...which could
be very long.

Rather than _persistence_, I'd say _access time_ or _latency_ is a more
serious criticism of my approach. In contrast to a large library or
bookstore, with access times of ~minutes, the access times for material on
BlackNet may be ~days to ~weeks. Or, of course, "never."

>Your descriptions of BlackNet as a data haven seem to be completely
>based upon the presumption that an anonymous contact service and contract
>exchange is the functional equivalent to a data haven.  Here are a few
>reasons why I would disagree:
>
>As a publisher of "naughty bits" I do not have the ability to just toss
>data up and assume that it will be there when someone wants it.  I am forced
>to continuously monitor the appropriate newsgroups to find messages from
>people asking me to post the blueprints to the orbital mind control lasers
>or kiddie porn.  I cannot put my data onto "the Net" with an expectation
>that any arbitrary user will be able to get the bits one month later.  To
>maintain persistence I need to constantly repost my data, making it easier
>for authorities to trace me through simple taffic analysis if nothing else.

I grant that my version is not like a "Mega-Barnes-and-Noble" bookstore,
with vast amounts of stuff available for browsing. It is more like a
"stacks"-based library. (Many universities have lesser-used books,
sometimes _all_ books, in "stacks," accessible only by qualified
librarians, or by permission.)

>> The classical data haven is closely identified with "place." To many
>> people, they naturally assume "data haven" = a haven for data, a "harbor"
>> (same IE root as haven) = a physical place.
>>
>> But is "place" important?
>
>No one has really claimed place is important, in fact the ideal data haven
>has no physical existence whatsoever.  This is a given.  As a practical
>matter it is a lot easier if you start off in a "place" because there are
>fewer complications but this has never been a necessity.

Some have focussed on "place," by focussing on ideas like offshore buoys,
orbiting broadcasters, and, of course, on finding accomodating
jurisdictions that will tolerate data havens in their midst.

You and I may agree that data havens need to be virtual. I'm just proposing
an architecture--and certainly not the final version!--that actually works.
Others can suggest their own alternatives, or build on versions that are
out there.

>> A person in the U.S. seeking the Necronomicon posts a message to BlackNet
>> (or any similar forum, using the same methods) asking for a copy of it, or
>> offering to pay for it. (Whether the information is free or for a fee is
>> not central to the idea.) This request is, of course, untraceable.
>>
>> Anyone, anywhere in the world, with a copy of this banned material on his
>> or her private machines may see this request and respond, either giving the
>> material away, or negotiating a fee. (As I said before, the absence of a
>> robust digital cash system, bidirectionally untraceable, is a known
>> limitation of all such systems.)
>
>Now you reveal the objection I had to BlackNet being a data haven.  What if
>only one person has a copy of this banned material?  It may not be in this
>publishers interest to have the data available to anyone for posting in
>response to the query ("Information does not want to be free, it wants to
>be expensive and liberated...") and some data is not widespread enough or of
>interest to enough people to assume that multiple copies exist to those who
>read BlackNet postings. Therefore the only way for a publisher to maintain
>availability of their data is to constantly monitor the appropriate newsgroups
>and republish for each request, persistence is maintained only through
>eternal vigilence (much like liberty, only requiring a lot more effort :)

What if only one person has a copy? Nothing in *my* concept of data haven
says anything about information being free, or cheap, or widely available.
Books aren't usually free, of course, so why should information be free

The issue of what happens if someone buys an item and then republishes or
redistributes it is, of course, orthogonal to the discussion here. It's a
tough problem, and the basis of the "information wants to be free"
aphorism. But not a key issue for differentiating forms of data havens, as
I see things.

>> It's a data haven.
>
>No, it is an anonymous contact service.  To claim this is a data haven is
>like claiming that the classified ads in a newspaper are the equivalent to
>a mall; you could probably find the same goods if you looked long enough, but
>there is a reason that manufacturers sell goods through stores rather than
>just posting classified ads across the country.  When one does not have the
>time to check the classified ads, wants to goods from a reputable source, and
>wants the goods in a timely fashion they will go to a shopping center.

I agree with the "classified ads vs. shopping mall" distinction. In fact,
it neatly summarizes the latency/availability issues. So be it.

Until the "shopping mall" exists, I'll settle for the "classified ads." If
BlackNet and similar systems function adequately as an anonymous classified
ad system, this will be an improvement over what exists now, which is, of
course, "nothing."

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From gimonca at skypoint.com  Mon Aug 19 13:50:57 1996
From: gimonca at skypoint.com (Charles Gimon)
Date: Tue, 20 Aug 1996 04:50:57 +0800
Subject: Indonesia detains democracy activist after post to mailing list (fwd)
Message-ID: <m0usY9P-00024YC@mirage.skypoint.com>


Forwarded message:
> Date: Mon, 19 Aug 1996 07:05:33 -0700 (PDT)
> From: Declan McCullagh <declan at eff.org>
> To: cypherpunks at toad.com
> Subject: Indonesia detains democracy activist after post to mailing list


>    HotWired, The Netizen
>    19 August 1996
> 
>    Trouble in Paradise
>    by Declan McCullagh (declan at well.com)
>    Washington, DC, 18 August
>    
>    Indonesian democracy activists have taken their fight for freedom
>    to the Net, and the government doesn't approve.
>    
>    After distributing email messages about riots in Jakarta last month to
>    an international Indonesian-politics mailing list, Prihadi Beny
>    Waluyo, a lecturer at Duta Wacana Christian University, was arrested
>    and interrogated by the military. Since then, the mailing list has
>    been banned from the country and Waluyo has returned to his house,
>    where he remains under surveillance.
>    

[dan lain-lain...]

Exactly which mailing list was "banned from the country"? All the
Indonesian mailing lists I'm on, including apakabar at clark.net, are
functioning normally, with no unusual complaints or interruptions.







From tcmay at got.net  Mon Aug 19 14:08:57 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 20 Aug 1996 05:08:57 +0800
Subject: Why BlackNet *IS* a Data Haven
Message-ID: <ae3debf410021004545e@[205.199.118.202]>


At 2:03 PM 8/19/96, Hal wrote:
>mccoy at communities.com (Jim McCoy) writes:
>>Your descriptions of BlackNet as a data haven seem to be completely
>>based upon the presumption that an anonymous contact service and contract
>>exchange is the functional equivalent to a data haven.  Here are a few
>>reasons why I would disagree:
>
>I think part of the confusion here is the name "BlackNet".  As I envision
>the concept, BlackNet is not really an anonymous contact service, or in
>fact a network of any sort.  Rather, it is a vendor.  It buys and sells
>information.  The name, while provocative, is a bit misleading in this
>regard.  (This is just my model, and may not actually correspond with
>Tim's or anyone else's idea.  But I think it more closely matches the
>data haven concept, and in fact is more consistent with the original
>announcement.)

Hal is right that BlackNet was presented as a _specific vendor_. But the
announcement also described how _anybody_ could set themselves up in the
same way, by sending out a similar announcement with their own public key.

My purpose was to:

-- demonstrate the coming future

-- use a concrete example, "BlackNet," to drive home the point (people
often pooh-pooh an abstract idea until a concrete, reified version is
produced)

-- stimulate debate about anonymous information markets

I'll comment on a few of Hal's points, but, to save space, will not comment
on most of them.


>BlackNet has a public key, and a known virtual location in the form of
>certain newsgroups that it monitors.  Anyone can initiate a
>communication interchange with BlackNet by posting a message to those
>groups, encrypted with BlackNet's key.  Presumably in that message will
>be included return address information in the form of a key and a set of
>locations that will be monitored for replies.  In this way ongoing
>conversations can be maintained between BlackNet and customers who are
>either buying or selling to it.

Exactly. And this is how it was used for several two-way communications,
back in Sept-Nov '93.

An article on the cover of "Information Week" last summer triggered new
interest, and a couple of new messages addressed to "BlackNet"--the ones I
tried to read apparently used a spoofed key, or the one Dettweiler created
and placed ahead of mine on the MIT keyserver (the shorter key that the MIT
group was able to eventually break).

>BlackNet would not be used (as I see it) for direct communication
>between buyers and sellers of information.  How would the BlackNet
>public key fit into this model?  The existence of a specific BlackNet
>public key is part of what drives me to picture it as a vendor.
>Rather, BlackNet will buy information (plus unrestricted rights to
>disseminate that information), add it to its catalog, and then
>advertise its availability and price.

It could be used for direct communications, via pools, a la the classified
ad analogy that Jim McCoy just used (and that, in fairness, I used to
describe it in a talk at Hackers several years ago).

There is "BlackNet the company" and "BlackNet the abstraction." Inasmuch as
the recipe is easy to duplicate, "BlackNet the company" would face heavy
competition.

....[stuff elided]...

>This is a little different from my picture of BlackNet, as I wrote above.
>I would see BlackNet as being a particular seller of information, who
>will respond to this message.  It could have competitors like SafeHaven,
>StrongHold, InfoBase, etc., each of which will offer data for a price,
>and each of which will have its own reputation for reliability.

Exactly.

Hal quoting Jim:

>>Now you reveal the objection I had to BlackNet being a data haven.  What if
>>only one person has a copy of this banned material?  It may not be in this
>>publishers interest to have the data available to anyone for posting in
>>response to the query ("Information does not want to be free, it wants to
...

>Here is where BlackNet as an information middleman makes the most sense.
>Its business model includes the costs of this sort of vigilance, which
>after all can be automated.

All sorts of automated vigilance can be done: scripts that scan newsgroups
and message pools, even Alta Vista-type spider searches, agents, etc.
Depending on the type of message pool, whether Usenet newsgroup, mailing
list, Web site, etc., various kinds of automation are possible. Which will
prove popular of course depends on a lot of factors.

...[more elided]...

>Actually we now have "virtual malls" online.  These are in their infancy
>but eventually they could become as easy to use and reliable as regular
>malls (for appropriate kinds of goods).  All that BlackNet (as I picture
>it) lacks is a WWW interface, and even that could be provided if the
>gateway server could be made immune to legal pressure and if various
>technicalities about anonymous WWW connections could be dealt with.

Agreed.

>As for reputations, if BlackNet is one of several vendors of
>information, like its competitors, they can all develop reputations of
>their own for reliability, honesty, availability, etc.  There may be
>problems if the testimonials of customers are all anonymous, but in
>some cases such methods as signed transcripts of information exchanges
>can be used by one side or the other to justify claims that the other
>side has cheated.

Again, agreed. Evolutionary learning will take place, reputations will be
strengthened and weakened, as always. Certainly some fraud will occur, as
in all markets.

The point being that this information market will be anarchic, in that no
government or official hierarchy will rule on legality of data. Various
access mechanisms will be tried.

The Usenet and mailing list pools are somewhat slow, but have already
worked for things like "I'd like a copy of the Church of Scientology secret
documents." (In fact, in addition to "alt.religion.scientology," for
discussions and requests, there is the newsgroup
"alt.binaries.scientology," for posting anonymized copies of restricted
documents.)

That the latency is not as low as some other markets seems to be more a
function of nascency (is this a word? it should be) than intrinsic
limitations.

---Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jt at freenix.fr  Mon Aug 19 15:28:28 1996
From: jt at freenix.fr (Jerome Thorel)
Date: Tue, 20 Aug 1996 06:28:28 +0800
Subject: lambda 2.10
Message-ID: <v01540b0cae3e6be5b238@[194.51.213.140]>


netizen's --> Lambda Bulletin 2.10 <-- contents
flash bulletin

+ French Constitution censors Internet control
+ Singapore and the Censorship Proxy Server
+ G7 and the EC take strong steps for Key Escrow Encryption


*               *               *               *               *


French Constitution censors Internet control

As we speculated in our last bulletin (2.09), the French Conseil
Constitutionnel, watchdog of the 1958 Constitution, censored 2 articles in
a new telecom act which were intended to establish a kind of administrative
control over Internet speech and online services.

The nine "Sages" said that the creation of the Conseil Superieur de la
Telematique, which would have make guidelines on Internet content, breaches
article 34 of the Constitution which states that the Parliament can act
alone to dictate rules concerning "civic rights and fundamentals garanties
given to citizens for a fair exercice of public liberties". The CST could
have undermine these principles, because the law didn't specify clearly how
it would have taken its decisions. So the Conseil recognized the particular
state of the Internet, which is not a basic medium.

Only one section remains in the censored law : it obliges ISPs to give
their clients "technical means" to forbid or select access to online
services, software that allows a so-called "parental control".

*               *               *               *               *

Singapore and the Censorship Proxy Server

A communique from SingNet, Singapore's main Internet Service Provider,
states that "ALL SingNet customers will be required to connect to SingNet's
proxy server by the deadline September 14th 1996, failing which you would
not be able to access the web without the proxy. This applies to all
dial-up, ISDN, and leased line customers (STIX customers are exempted). "

The proxy server will ease the ISP to "Deny access to blacklisted sites
supplied by SBA". SingNet said that "Access to sites banned by the SBA will
prompt the message :
The site you requested is not accessible
For more information on Singapore's Internet regulation, please check
http://www.gov.sg/sba/netreg/regrel.htm".

On July 11 the Singapore government passed the Singapore Broadcasting
Authority Act (Chapter 297) in which it announced a "Class Licence Scheme"
aimed "to encourage responsible use of the Internet while facilitating its
healthy development in Singapore. It encourages minimum standards in
cyberspace and seeks to protect Net users, particularly the young, against
the broadcast of unlawful or objectionable materials. ... SBA will focus on
content which may undermine public morals, political stability and
religious harmony of Singapore. However, SBA recognises that it is
impossible to regulate the Internet fully. ... Singaporeans can help SBA in
the identification of objectionable sites in order to keep cyberspace
clean. SBA welcomes public feedback on objectionable content found on the
Internet. Members of the public can write to SBA, call its toll-free
hotline ... or post their views on the SBA homepage at
http://www.gov.sg/sba. "

China, which has created its own Internet regulations aimed at controlic
data traffic and urged netizens to declare themselves to the authorities,
approved the Singapore Act and an official was quoted as saying, "China has
a lot to learn from Singapore's experience" (source : Fight-censorship
mailing list).

*               *               *               *               *

G7 and the EC take strong steps for Key Escrow Encryption

The European Commission's DG-13 division on information security (Infosec)
opened on July 30th a "call for tenders" for "preparatory works" towards
regulating encryption procedures. The plan is aimed to test the
introduction of the Europe-wide network of Trusted Third Party Services
(ETS).

Observers saw in this move the so-called "guidelines" the EC was to propose
last year, when press reports (Nature, Sept. 28, 1995) argued the
Commission and the Council of Europe in Strasbourg were willing to regulate
encryption use through the creation of TTPs.

The Infosec call for tenders, which will end by September 30, is to
"identify, define and verify ... operationnal, technical, regulatory and
legal aspects ... to assess the effectiveness, economics and acceptability
of Trusted Third Party Services."

Other voices in European talks, however, said these "preparatory works" are
to push for EU countries to adopt TTPs and the principles of key-escrow
encryption. Nordic countries such as Finland, Denmark and Sweden, are said
to be opposed to change encryption legislation, as France and Britain took
steps in June and July to enforce the creation of TTPs in their own
country.

On July 30 G7 countries agreed policies that would "accelerate
consultations on encryption that allows, when necessary, lawful government
access to data and communications in order to prevent or investigate acts
of terrorism, while protecting the privacy of legitimate communications".
The EPIC, in Washington, DC, said "stronger measures sought by the US to
restrict information on the Internet and limit the availabilioty of
encryption were apparently not adopted by the G7 countries". Among other
industrialised nations, Japan and Australia are said, like Nordic countries
in Europe, to oppose key escrow as a mean to regulate the free flow of
information. Remember the OECD talks in June, were the US tried to impose
key-escrow legislation to the 27-countries' club of the industrial world
(see lambda 2.09)

*****
Soon archived on www.freenix.fr/netizen

-----
Jerome Thorel =-= Journaliste/Free-lance Reporter =-= Paris, France
   =+= the lambda bulletin --> http://www.freenix.fr/netizen =+=







From tcmay at got.net  Mon Aug 19 15:33:33 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 20 Aug 1996 06:33:33 +0800
Subject: Agents, Spiders, Linda, and BlackNet
Message-ID: <ae3df4cf110210046906@[205.199.118.202]>



Key Phrases: agents, spiders, linda, blacknet, indexing, hierarchy,
alternatives to hierarchy, emergent indexing, aptical foddering, tuple
spaces, virtual communities, shared environments

A swirl of terms, related in some interesting ways. This mini-essay is
inspired by the debate whether BlackNet is or is not a meaningful
instantiation of a data haven.

How can information be retrieved from the Net? Is organization needed? Who
does the organizing?

As the ARPANet evolved, under various names, and as UUCP and other
machine-to-machine protocols evolved, the Usenet came into being. The first
"message pool." A basic classification existed, mostly of fairly reputable
top-level topics (sci, soc, comp, etc.). Then came "alt," largely created
by our own John Gilmore. There are of course now more than 20,000
newsgroups. Searches and greps of the newsgroup list are a way to find
potentially relevant newsgroups for posting a message or finding messages
of interest.

(As is well-known, the Usenet Cabal gets its orders from the Bilderbergers
as to which newsgroups fit in with New World Order sanctioned
epistemologies.)

Some are saying there is an alternate method. With the advent of search
engines which can index messages on the Usenet (and in Webspace, but the
idea is the same), why not this alternative: put your message in a bottle
and just throw it into the "sea" of possible messages. Let search engines
find the messages of interest (modulo a day or two of latency, as the
spiders reach the space where the message was placed). No newsgroups
needed. The "keywords" list at the beginning of this message would help the
search process, though of course the body of the message should have
sufficient keywords; a formal keyword list or field serves mainly to remind
the author to add some keywords (Schelling points) that he might not have
included in his message per se.

Conversations and threads would take place in a virtual meeting place, even
more so than today. This is of course largely happening already, and even
more clearly with mailing lists which get cc:ed to other mailing lists,
e.g, the way the e-spam list forwards some of our stuff to their list and
then replies pull in the orginal author.

(The connection with "Linda" is the connection with David Gelernter's
"Linda" system, based on "tuple spaces" into which messages are placed. A
kind of sea of messages in this tuple space. The connection with the
Unabomber is left as an exercise for the reader.)

Sometimes hierarchy is useful. Library call numbers and indices make
finding books easier than searching at random; however, sufficiently fast
"library crawlers" could find even randomly-placed books. (And friends of
mine are working on small RF "localizers" which, if small enough, could be
placed on books. One could type in "Find "Robinson Crusoe," and a book
anywhere in the library could chip "Here I am." Obviously the problem is
more easily solvable for data.)

With the rise of more powerful search engines, of distributed geodesic
networks, and with the decentralization of naming power, I see Linda-type
seas of objects as more and more attractive.

This helps BlackNet-type information markets and virtual data havens.

Just some ideas. Nothing new, to me at least. But I thought some of the
newer list members might not have seen some of these ideas, part of the
assumed culture to we crypto anarchists.

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From vznuri at netcom.com  Mon Aug 19 15:57:30 1996
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Tue, 20 Aug 1996 06:57:30 +0800
Subject: Why TCM thinks BlackNet *IS* a Data Haven
In-Reply-To: <ae3cf6e603021004c004@[205.199.118.202]>
Message-ID: <199608191838.LAA11887@netcom2.netcom.com>


1st: apologies to Jim Bell for misquoting him. I think I meant
Jim Mccoy.

>Without splitting too many semantic hairs about the precise definition of
>"data haven," let me examine some ways in which BlackNet behaves
>identically to a conventional data haven.

naw, let's split some semantic hairs. <g>

I am willing to agree in principle that blacknet is *similar* to
a data haven, as I wrote in my response. 
it involves similar ideas. however, in your *original*
Blacknet announcement it was explicitly portrayed to be essentially
an *intelligence*service*.  I agree that you could have modified
this announcement to pretend that you are also providing
"data haven" type services, but you didn't focus on this angle,
and I object to you going back and claiming you had some priority on this
idea via Blacknet (at least that's what you seem to be doing)
when you really did not. of course you have been
discussing data haven ideas for about as long as anybody here, and
may even have some degree of precedence in inventing aspects of the
idea, but I don't think it's fully legitimate to suggest that
your blacknet gedanken promoted the concept of a data haven,
or even contained it.

you neglect key points that I and others are raising.
raw data is not the same as intelligence-- it is far different.
with raw data you want a mechanism that has the reliability/fidelity
and access time of a hard drive, essentially. you want something
that doesn't alter or reformulate data-- something the Blacknet announcement
never promised at all, and in fact it was clearly implying that
the service would be involved in sorting out what data to sell to
whom and presumably repackaging it, so to speak. 

sending requests
to blacknet, "can you please send me a copy of [x]" does not
fit my idea of a hard drive type request. a data haven and
a blacknet intelligence operation share some *similarities* but
in principle there would be some vastly different
implementation issues for one or the other.

again, *in*theory* you could use blacknet for a data haven type
arrangement. a company that provided both would make a lot of
sense as far as consolodating similar functions. however to
claim that you were promoting the idea of a data haven with
the initial announcement of blacknet, that's just not correct
imho. I'd call that Blacknet II: the Sequel which you recently
cooked up.

>I call this at least as functional as a "physical data haven," where
>someone might physically travel to Anguilla, say, to buy a copy of the
>Necronomicon...

again, your original blacknet service made no guarantee whatsoever about
providing data back to someone who sent it in, in unaltered form, something
that would be key to a data haven. in fact it implied that the people
who sent in the data wouldn't be interested in getting it back--they
would only want the cash for its informational value to other buyers. you do
however point out that data havens in which material sent in by some people
and retrieved by others would tend to be another application. (when I 
think of data haven I think of person [x] submitting material in secret,
and then person [x] downloading it or making it available to others
based on his own decision. blacknet was explicitly making the decision
of availability on its own)

in fact this is a very important attribute you are glossing over
with your rather slippery exposition. let's say I submit some
secret data to Blacknet, and I want a guarantee they are not going to
sell it to other people, even if it is encrypted by me.  (otherwise they
might sell it to someone who wants to break it.)  the original 
blacknet announcement involved the antithesis of this confidentiality
arrangement-- it explicitly suggested that you would use the service
only to sell data that others might want. presumably they would have
no use for an encrypted file they could not decrypt and might just
throw it away.  

again, the original announcement made *no*guarantee* that Blacknet
would even save your data. they could throw it away. that is your
idea of a data haven? if it said, "we will also guarantee we will
reliably store your data for a fee which you can retrieve"-- just
that sentence and I would agree with you that the original blacknet
was also a data haven. but lacking that, I disagree. notice that this
is quite different than the original announcement, which implied
that only the people who wanted to buy the data would submit fees
to the service, not those who submit the information (who would
in fact be paid by blacknet for the semantic content value)

>It's a data haven.

it is, after you revise it as you are doing in your recent essays.
again your original announcement did not approach the data haven
angle you are now emphasizing whatsoever and in some ways as I 
enumerate was in direct conflict with it.







From tcmay at got.net  Mon Aug 19 16:07:13 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 20 Aug 1996 07:07:13 +0800
Subject: The "Best" as the Enemy of the "Pretty Good"
Message-ID: <ae3e02ce12021004b2c4@[205.199.118.202]>



Pretty Good Privacy, Pretty Good Remailers, Pretty Good Digital Cash,
Pretty Good Data Haven, .....

One of the main lessons of evolutioary learning theory (aka evolutionary
game theory, market learning, Darwinian selection, and related variants) is
that getting something out early is often more important than getting it
"right." Rigor is important, but, interestingly, rigor is often
best-established in an evolutionary learning environment. (We build
machines and buildings not based on first doing exhaustive analyses for
centuries, but on building actual instances and learning from
mistakes...bridges that fail, buildings that collapse, planes that crash.)

A recent example of this is the Xanadu project, whose members worked for
many years (and spent something like $7 million) to get all the long-range,
rigorous details of hypertext "right"...and were then "scooped" by Tim
Berners-Lee with his simple and straightforward HTML/URL approach. (I am
not basing this analysis on the hatchet jobs done in the press on Ted
Nelson and the other Xanafolks, but on personal contacts with many of them,
including an identical analysis from Mark Miller at an Extropaganza this
past Saturday.)

Another example is that of remailers. There is no denying that "DC-Nets"
are a more elegant approach than "mixes," but mixes (remailers) can be
easily implemented in Perl and deployed rapidly, while I know of not a
single, actual, operational DC-Net.

And of course we cannot forget Phil Zimmermann's "Pretty Good Privacy." Had
a "pretty good" version not come out, where would we be today? (And "pretty
good" does not mean PGP is weak or has been broken.)

Just a reminder that often the best is the enemy of the good.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jim at ACM.ORG  Mon Aug 19 16:17:19 1996
From: jim at ACM.ORG (Jim Gillogly)
Date: Tue, 20 Aug 1996 07:17:19 +0800
Subject: Why BlackNet *IS* a Data Haven
In-Reply-To: <ae3debf410021004545e@[205.199.118.202]>
Message-ID: <199608191857.LAA18109@mycroft.rand.org>



tcmay at got.net (Timothy C. May) writes:
>An article on the cover of "Information Week" last summer triggered new
>interest, and a couple of new messages addressed to "BlackNet"--the ones I
>tried to read apparently used a spoofed key, or the one Dettweiler created
>and placed ahead of mine on the MIT keyserver (the shorter key that the MIT
>group was able to eventually break).

For the record, the four of us who broke the 384-bit BlackNet key weren't
from MIT:  Paul Leyland (Oxford), Arjen Lenstra (Bellcore), Alec Muffet
(Sun-UK), and Jim Gillogly (RAND).

	Jim Gillogly
	27 Wedmath S.R. 1996, 18:56





From rich at c2.org  Mon Aug 19 16:37:41 1996
From: rich at c2.org (Rich Graves)
Date: Tue, 20 Aug 1996 07:37:41 +0800
Subject: Naked woman decapitates man on Internet!!!
Message-ID: <Pine.GUL.3.95.960819122021.1842D-100000@Networking.Stanford.EDU>


You just gotta love the headline. Anyone have the URL?

Seen on Newspage headlines; I assume the full text is on ClariNet.        

   NAKED WOMAN DECAPITATES MAN ON INTERNET - Pictures of a naked young
   woman decapitating a man with a saw are available on the Internet, to
   the consternation of police in Munich who say they are unable to do
   anything about it. [AGENCE FRANCE PRESSE, 175 words]

-rich
 who thought the associated press was bad






From bryce at digicash.com  Mon Aug 19 16:39:22 1996
From: bryce at digicash.com (bryce at digicash.com)
Date: Tue, 20 Aug 1996 07:39:22 +0800
Subject: search engine improvement
Message-ID: <199608191931.VAA02971@digicash.com>



-----BEGIN PGP SIGNED MESSAGE-----

Keywords: distributed ratings systems, search engines, spiders, 
spiderspace, idea futures, The Shockwave Rider, John Brunner


You know there is a trick that might greatly improve the 
effectiveness of a search engine at almost no cost to the end
user.  It is the well-known heuristic of "If Person A likes X
and Y, and Person B likes X, then Person B probably likes Y.",
combined with passive polling (which is getting information
about people's opinions just by watching their actions, instead
of by asking them).


A first simple implementation would keep a table of the pages
that people choose, keyed from the query that they originally
submitted.  Those pages that people choose most frequently from
the list of matching pages (and/or those pages that people
"stop" on-- that they do _not_ follow by further searching),
would get bumped up a little in the list.


This would be massively expensive in networking, storage, and
computation, giving those hi-tech Alpha clusters at AltaVista
something to do...  :^)


There are plenty of extras and refinements that could be added
(for example, put some keywords identifying your "affiliation"
in a separate field.  It will only consider the results from
other people who entered the same affiliation keywords when
weighting your search results.).  And there are some good topics
for further discussion, such as is it worthwhile to distinguish
between "relevancy" and "value"?


I don't have a comprehensive list of people who are already
working on this area (distributed ratings) (if I did, I might 
have Cc:'ed them), but I know that many people are.  I hope that
they and the search engine people get together and make cool
stuff soon.


There is the interesting issue of whether this will cause
self-reinforcing "degeneration", where people (or an
"affiliation"-keyed group of people) accidentally overlook a
worthy page early in the game, and then, using each other's
behavior to influence their own, reinforce that mistake.


As a final attribution note:  John Brunner thought of this idea
idea in his prophetic novel _The Shockwave Rider_ in the 75.  
There is a wonderful line which I can't find right now, about 
how it turned out to be a flywheel instead of an oracle, merely 
aggregating human mistakes and successes.


Regards,

Bryce

P.S.  ObCryptoRelevance:  Um...  you could get paid for your
ratings using Chaumian ecash, and even have your ratings popped
into the right "affiliation" using Chaumian credentials...

P.P.S.  CryptoRelevance isn't very Ob anymore, is it?  Just as
well, IMESHO.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2

iQB1AwUBMhjA+EjbHy8sKZitAQGpIQMAyDcdHUgK9/KhNskvUG8AAbourl1Hg6J5
ZIzo7aTnDq3ZGN9RnqKRkBRRmk4hjN1rFFWvQUYtA3XQQl85scE2XVGG/oURBoTW
EU4WwB2oMSsAVGkYHn02B4gFn8gO6hmA
=tZn3
-----END PGP SIGNATURE-----





From gary at systemics.com  Mon Aug 19 16:55:12 1996
From: gary at systemics.com (Gary Howland)
Date: Tue, 20 Aug 1996 07:55:12 +0800
Subject: CS First Boston lawsuit
In-Reply-To: <Pine.SUN.3.94.960819120150.9756A-100000@polaris>
Message-ID: <3218C83C.62319AC4@systemics.com>


Black Unicorn wrote:
> 
> On Sun, 18 Aug 1996, Timothy C. May wrote:
> >
> > Can you cite an example of such a "John Doe" trial in the U.S.?
> 
> Not exactly, but judgements against John Doe's or even "$956,334.34" are
> common.  Typically they are default judgements where a property seizure is
> involved.
> 
> "The United States of America v. $534,444.00" and "The United States of
> AMerica v. One Red Porsche" is a common theme.

And of course since the defendant is not a person, it does not have to
be presumed innocent :-(

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06





From sentiono at cycor.ca  Mon Aug 19 16:55:20 1996
From: sentiono at cycor.ca (Sentiono Leowinata)
Date: Tue, 20 Aug 1996 07:55:20 +0800
Subject: Indonesia detains democracy activist after post to mailing list
Message-ID: <199608191940.QAA11322@bud.peinet.pe.ca>


On Mon, 19 Aug 1996 07:05:33 -0700 (PDT), Declan McCullagh wrote:

>Date: Sun, 18 Aug 1996 21:23:29 -0700 (PDT)
>From: Declan McCullagh <declan at well.com>
>To: fight-censorship at vorlon.mit.edu
>Subject: Indonesia detains democracy activist after post to mailing list

>Indonesia is joining the rest of the world in cracking down on online
>speech. Perhaps the lesson here is that no matter how much the Internet
>supposedly "routes around censorship," the most vulnerable points are the
>humans on both ends. More info on the global net-crackdown is at: 
>  http://www.eff.org/~declan/global/
>-Declan

Hi there,

Just to add gasoline on the burning flame. 
It doesn't happen just now. It is always like that. 
The attention on Indonesia issues by people (western media) is too
much focus on East Timor and they forget that there are much more
severe violations happening. 
I just hope that this example will open people's eyes that
Indonesian's problems are not only East Timor affairs but much more.
Arrest of one mailing list's maintainer is common, you would be
surprised how many people actually 'disappear' because of this.

Regards,
Sent.

---------------------------------------------------------------------------
Sentiono Leowinata, sentiono at cycor.ca, 1-902-629-2488
Security Specialist  -  HookUp Communications.
Charlottetown, Prince Edward Island, Canada.






From rwright at adnetsol.com  Mon Aug 19 17:11:49 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Tue, 20 Aug 1996 08:11:49 +0800
Subject: BlackNet: Commercial Posts?
Message-ID: <199608192001.NAA26620@adnetsol.adnetsol.com>


On Or About 19 Aug 96, 7:03, Hal wrote:

> service, or in fact a network of any sort.  Rather, it is a vendor. 
> It buys and sells information. 

My question to the list:

Who benefits from all this publicity and brew-ha-ha?  Who makes all 
the BlackNet money?  Who really cares if it is a Data Haven or just a 
remailer?  I'm just asking.  

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From alano at teleport.com  Mon Aug 19 17:15:24 1996
From: alano at teleport.com (Alan Olsen)
Date: Tue, 20 Aug 1996 08:15:24 +0800
Subject: [fnord] Re: Discordians a-gogo (aggoo)
Message-ID: <2.2.32.19960819174537.00ac513c@mail.teleport.com>


At 09:00 AM 8/19/96 -0400, Simon Spero wrote:
>On Mon, 19 Aug 1996, WinSock Remailer wrote:
>> 
>>           DISCORDIAN SOCIETY SUPER SECRET CRYPTOGRAPHIC CYPHER CODE
>
>BTW, have you ever looked really closely at a Terisa systems business 
>card. Really closely? HAve you seen the Fnord?

If you do not see the fnord, then it cannot eat you.

ObDiscordian: Have you noticed that there are five levels of priority in Eudora?
---
|"Computers are Voodoo -- You just have to know where to stick the pins."|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From mcarpent at mailhost.tcs.tulane.edu  Mon Aug 19 17:21:58 1996
From: mcarpent at mailhost.tcs.tulane.edu (Matthew Carpenter)
Date: Tue, 20 Aug 1996 08:21:58 +0800
Subject: emscrypt and replay attacks
In-Reply-To: <9608191513.AA11169@cfdevx1.lehman.com>
Message-ID: <199608192023.PAA20241@rs6.tcs.tulane.edu>


Rick Campbell writes:

>>     P.S. I have an alpha version of a program which may be of interest to
>>     technomads: it automatically executes scripts received by email from a
>>     remote machine and then mails back the results.  The scripts (shell
      ... 
> 
> Does your mechanism do anything to prevent replay attacks?
> 
> 			Rick

Alan apparrently forwarded my message from technomads to cypherpunks,
but since I'm on cypherpunks too, I got this message.  Anyway, yes it
does have a simple replay attack prevention mechanism.  It keeps track
of the most recent time and date stamp from the PGP signature info and
refuses to executed any message that doesn't have a stamp more recent
than previously executed script.  This simple mechanism can cause
unwanted rejection if scripts are received out of order, but multiple
scripts can be batched into a single message to help overcome this.

See the following URL for a discussion of known limitations and security
concerns with emscrypt:

  http://www.bmen.tulane.edu/~carpente/emscrypt/emscrypt_doc.html#limits


--Matt

--
mcarpent at mailhost.tcs.tulane.edu    PGP mail preferred, finger for public key.





From llurch at networking.stanford.edu  Mon Aug 19 17:31:49 1996
From: llurch at networking.stanford.edu (Richard Charles Graves)
Date: Tue, 20 Aug 1996 08:31:49 +0800
Subject: Netscape-US for foreign students at Stanford, elsewhere?
Message-ID: <199608192034.NAA02945@Networking.Stanford.EDU>


The US version of Netscape 3.0 has been installed in /usr/pubsw for all
supported platforms, including Linux. /usr/pubsw can be mounted anonymously
via AFS. Is this true at other major universities? Is anyone interested in
prosecuting us? Nobody has ever complained about the PGP binary's being
available for years.

-rich
 speaking only for his evil twin skippy





From frantz at netcom.com  Mon Aug 19 17:38:21 1996
From: frantz at netcom.com (Bill Frantz)
Date: Tue, 20 Aug 1996 08:38:21 +0800
Subject: "Utilization Review"
Message-ID: <199608192029.NAA28776@netcom8.netcom.com>


At 12:22 AM 8/19/96 -0400, Black Unicorn wrote:
>I listened with horror this evening to a radio program which 
>discussed the state of medical record privacy today.

Unfortunatly, it is still true that whoever pays the piper calls the tune. 
The best way to ensure medical record privacy is to eliminate medical
insurance.  Perhaps, within our current social order, medical savings plans
are the best option on the table.


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From mpd at netcom.com  Mon Aug 19 17:44:23 1996
From: mpd at netcom.com (Mike Duvos)
Date: Tue, 20 Aug 1996 08:44:23 +0800
Subject: [RANT] Death of Usenet: Film at 11
Message-ID: <199608192034.NAA19771@netcom17.netcom.com>


tcmay at got.net (Timothy C. May) writes:

[snip]

 > There are of course now more than 20,000 newsgroups.
 > Searches and greps of the newsgroup list are a way to find
 > potentially relevant newsgroups for posting a message or
 > finding messages of interest.

 > (As is well-known, the Usenet Cabal gets its orders from
 > the Bilderbergers as to which newsgroups fit in with New
 > World Order sanctioned epistemologies.)

 > Some are saying there is an alternate method. With the
 > advent of search engines which can index messages on the
 > Usenet (and in Webspace, but the idea is the same), why not
 > this alternative: put your message in a bottle and just
 > throw it into the "sea" of possible messages. Let search
 > engines find the messages of interest (modulo a day or two
 > of latency, as the spiders reach the space where the message
 > was placed). No newsgroups needed.

Permit me to go off in an orthogonal direction here and say that
I think that we should do away with the concept of a pre-ordained
newsgroups in Usenet entirely, in favor of an IRC-like dynamic 
creation of message pools.

One of the nice things about IRC is that if the Empire State
Building suddenly blows up, you can tune to #bomb and generally
find several hundred people interested in discussing it without
having to go through some complicated newgroup/rmgroup/discussion
procedure.

The real data base of Usenet is the totality of messages, indexed
by message ID, and there are so many newsgroups now that allowing
the Newsgroups: line to have arbitrary contents in the message
header would do little to increase the confusion. Entering each
arbitrary entry in the Newsgroups: line into a secondary
searchable index would provide the same functionality as we have
now with the conventional arrangement of newsgroups.

News software would certainly be free to map the Usenet hierarchy
onto a directory structure, as is done today, or to simply keep
it as a large flat database with multiple indices, or to do any
combination of the above, such as an arrangement where populated
newsgroups get their own directory, and everything else resides
in a giant directory called "/usr/spool/news/krap."

With governments creating lists of "banned" newsgroups, and an
official creation process managed by the "Cabal", Usenet is much
more vulnerable to state control than it would be if newsgroups
were simply arbitrary strings which existed somewhere in the
current window into the history file.  A newsgroup would then
exist if there were messages in it, and wouldn't exist if it had
remained unused for some reasonable period of time.

Now that search engines are becoming the best way to read Usenet
anyway, and the Newsgroups: line is just another field in a set
of search specifications, there is no reasonable reason to limit
what may be placed there to some list of "20,000" pre-defined
strings, or some government controlled subset of the above.

If Singapore bans alt.sex.hooters, you could simply post to
alt.culture.singapore.i.got.your.hooters.right.here. This
would effectly jerk the rug out from under the "banned
newsgroups" gestapo, and create a namespace so large you would
always be able to construct an appropriately suggestive new entry
in the compliment of any part that was blocked.

It would also send the correct message that "newsgroups" are
simply one of many labels on an article, and are not cyberspacial
tearooms where bad people congregate and there is guilt by
association.

The alternative to doing something reasonable like this is
probably to see mass migration from "banned newsgroups" to
off-topic groups, like Lolita pictures in rec.pets.cats, when the
inevitable crackdown comes. As long as people can post
anonymously, they will simply switch to another existing
newsgroup when the one they are posting to becomes blocked. Once
the inevitable reciprocal pissing contest between posters and
censors gets going, Usenet as we know it will likely be
destroyed.

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $






From pjn at nworks.com  Mon Aug 19 18:01:44 1996
From: pjn at nworks.com (pjn at nworks.com)
Date: Tue, 20 Aug 1996 09:01:44 +0800
Subject: Hackers invade DOJ web si
Message-ID: <TCPSMTP.16.8.19.-16.34.12.2645935021.663275@.nworks.com>


 In> CNN online (http://www.cnn.com) is reporting a "breakin" by "hackers"
 In> to the DOJ web site.  They don't elaborate exactly how thy did it.

 They broke in and posted obscene messages and pornographic pictures...


 P.J.
 pjn at nworks.com



... Captian's log, stardate 25970-point-5.  I am nailed to the hull.

___ Blue Wave/QWK v2.20 [NR]







From alanh at infi.net  Mon Aug 19 18:06:26 1996
From: alanh at infi.net (Alan Horowitz)
Date: Tue, 20 Aug 1996 09:06:26 +0800
Subject: CS First Boston lawsuit
In-Reply-To: <ae3d43f90a021004dcf8@[205.199.118.202]>
Message-ID: <Pine.SV4.3.91.960819170711.22993B-100000@larry.infi.net>


Look at the bulletin board of your county courthouse. John Doe parties 
are not unusual at all.

Everyone is  deemed to have constructive  notice of notices on that board; 
furthermore, every jurisdiction I've ever seen, also provides for the 
_publication_ of process.  Ya know, that stuff in teensie-weensie print 
in the back of newspapers.

Most peoplke don't read that stuff. Some people do. It opens up a flavor 
of arbitraging.





From alanh at infi.net  Mon Aug 19 18:07:09 1996
From: alanh at infi.net (Alan Horowitz)
Date: Tue, 20 Aug 1996 09:07:09 +0800
Subject: your mail
In-Reply-To: <9608191513.AA11169@cfdevx1.lehman.com>
Message-ID: <Pine.SV4.3.91.960819173426.22993K-100000@larry.infi.net>


I didn't write the message, "I have an Alpha...."





From perry at alpha.jpunix.com  Mon Aug 19 18:09:26 1996
From: perry at alpha.jpunix.com (John Perry)
Date: Tue, 20 Aug 1996 09:09:26 +0800
Subject: Nymrod is shutting down
Message-ID: <87pw4nm38n.fsf@alpha.jpunix.com>


The following message is a courtesy copy of an article
that has been posted as well.

-----BEGIN PGP SIGNED MESSAGE-----

	The nymserver located at nymrod.jpunix.com is shutting down
due to abuse. The type-I/type-II MiddleMan remailers are unaffected.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhjnFVOTpEThrthvAQFcQAP+LYtkT16wJGmmzbYymzRJv1IRdVotwvrY
4hUKn5y+TyCTWoyHQlUR3//L0nRPzViqm1GBeT4Tw88kmEvmRSguCYTxuNV3gr6t
n8gOP/MKoYTZ1tdxYRMDd+LN2I4j2phUF90sItiLT04/JD65CwRNblD0bFWSbGr7
X8YiOIVkxTQ=
=VA6N
-----END PGP SIGNATURE-----





From alanh at infi.net  Mon Aug 19 18:14:40 1996
From: alanh at infi.net (Alan Horowitz)
Date: Tue, 20 Aug 1996 09:14:40 +0800
Subject: US Taxes on X-Pats (getting off topic)
In-Reply-To: <1.5.4.32.19960819135353.009e0510@iu.net>
Message-ID: <Pine.SV4.3.91.960819172944.22993I-100000@larry.infi.net>


It sounds unfair, for sure. However, the whole thing is a fraud based 
upon a myth. FICA witholding is NOT credited to an individual's account, 
or even to Social Security benefits in general. By statutory law, all 
such receipts go into the Treasury's general fund.

So, they are NOT "social security contributions". Period.





From aba at dcs.ex.ac.uk  Mon Aug 19 18:15:05 1996
From: aba at dcs.ex.ac.uk (Adam Back)
Date: Tue, 20 Aug 1996 09:15:05 +0800
Subject: CS8191 data sheet and ordering info...
In-Reply-To: <199608171837.LAA20948@comsec.com>
Message-ID: <199608190407.FAA00152@server.test.net>



Eric Blossom <eb at comsec.com> (CSC) writes:
> 
>                 Communication Security Corporation
>             CS8191 Triple-DES Telephone Privacy Device
> [...]
> Specifications:
> 
>  Modem
> 
>  * ITU V.32bis (14,400 bits/sec)
> 
>  * International standard GSM 06.10 full rate speech transcoding 
>    (13,000 bits/sec)
> 
> 
> Cryptographic Details:
> 
> * Unique session key generated for each conversation using Diffie-Hellman
>   exponential key exchange (2048 bit modulus) (U.S. Patent No. 4,200,770
>   licensed by Cylink Corporation)
> 
> * Defense against "man in the middle" active attack using interleave
>   protocol combined with voice verification of six digit key name derived
>   from the public exponentials
>
> * Hardware Random number generator based on Johnson noise
> 
> * Three Key Triple-DES (168 bit key), operating in modified counter mode.

To anyone who's read the PGPfone docs, this sounds very similar,
PGPfone uses 3DES (as one option: also CAST, Blowfish), but it's a 2
key 3DES rather than 3 key (I think).  PGPfone works with
9600/14400/28800 modems, uses Diffie Hellman key exchange, uses a
commitment to exchanges by passing the hashes of the exchanges prior
to traditional dh key-exchange (we'll see if this compares to what is
described here as an `interleave protocol').  PGPfone offers several
GSM codecs.

Do you see any barrier to PGPfone being able to interoperate with your
product once your specs are published?  (Aside from a fast PC/MAC to
keep up -- 3DES is the most computationaly expensive encryption
algorithm used by PGPfone).

Also I believe I read somewhere in your announce that upgrades are
possible -- can these happen in software only?  Flash BIOS upgrade?
If it is software upgradable are you releasing the programming specs
also?

A very nice product, sure beats the hell out of clipper based phones,
and the various snake oil offerings,

Adam
--
#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)





From rich at c2.org  Mon Aug 19 18:33:22 1996
From: rich at c2.org (Rich Graves)
Date: Tue, 20 Aug 1996 09:33:22 +0800
Subject: Indonesia detains democracy activist after post to mailing list (fwd)
In-Reply-To: <m0usY9P-00024YC@mirage.skypoint.com>
Message-ID: <Pine.GUL.3.95.960819144001.2971B-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 19 Aug 1996, Charles Gimon wrote:
[...]
> >    Trouble in Paradise
> >    by Declan McCullagh (declan at well.com)
> >    Washington, DC, 18 August
> >    
> >    Indonesian democracy activists have taken their fight for freedom
> >    to the Net, and the government doesn't approve.
> >    
> >    After distributing email messages about riots in Jakarta last month to
> >    an international Indonesian-politics mailing list, Prihadi Beny
> >    Waluyo, a lecturer at Duta Wacana Christian University, was arrested
> >    and interrogated by the military. Since then, the mailing list has
> >    been banned from the country and Waluyo has returned to his house,
> >    where he remains under surveillance.
> 
> [dan lain-lain...]
> 
> Exactly which mailing list was "banned from the country"? All the
> Indonesian mailing lists I'm on, including apakabar at clark.net, are
> functioning normally, with no unusual complaints or interruptions.

Never mind the details. What's important is that this is yet another example
of net censorship, like the Berkeley administration's reading student email
and the FBI's monitoring and disrupting patriot email. 

It's really sad, the difference between HRW/AI and Wired. You know, Amnesty
has some outstanding policies regarding accuracy, objectivity, and
universality. That's why they're accorded such respect. Human Rights Watch,
which has only been around since the late 70's and committed a few major
faux pas in Central America, is still learning. Wired decided that it had
all the answers years ago.

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMhjoIJNcNyVVy0jxAQG4rwH+L0du5/Ykcz1zu0VXjdQgS/5b9KVVmRbQ
Bj7nFO5P87+oZzw9JlBCMrVNZ4tM4oIxoKKhA/O8PytUd7T6B0U0yA==
=xQVR
-----END PGP SIGNATURE-----






From jimbell at pacifier.com  Mon Aug 19 18:44:44 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 20 Aug 1996 09:44:44 +0800
Subject: Phoneco vs X-Phone
Message-ID: <199608192246.PAA08982@mail.pacifier.com>


At 04:02 AM 8/20/96 +0000, Vipul Ved Prakash wrote:
>> 
>> Well, let's consider such costs.  Most of which (maintenance, management, 
>> rolling stock) are unrelated to amount of telephone usage.  So there is no 
>> reason that these costs should be unequally attributed to a person who 
makes 
>> local calls 1 hour per day, as opposed to another who only calls 15 minutes 
>> per day, for example.
>> 
>> As for the "laying new pipes" issue:  Years ago in the the US, when 
>> inter-central-office trunk connections were all implemented using large 
>> bundles of copper pairs, it would have been _correct_ to say that higher 
>> telephone usage resulted in larger costs, since more trunk lines were 
>> necessary.  Today, on the other hand, inter-office trunks (at least the new 
>> ones, and I presume that even many of the old ones have been switched over) 
>> are implemented in fiber optics.  Extra capacity is either automatically 
>> available (since the capacity of a given fiber is unlikely to be fully 
used) 
>> or can be fairly simply added by converting old fiber from about 450 
>> megabits per second to 2.4 gigabits, or even faster rates which have become 
>> more recently available.
>> 
> 
>Your view point doesn't really fit the facts, but since it is not the
>issue here, I'll let it go.

What do you mean, "doesn't really fit the facts"?!?  What part of it was 
incorrect?  Fiber-optic _is_ commonly used in inter-office trunks, right?  
It doesn't wear out, right?  Higher usage doesn't entail greater costs, 
right?  The capacity, while not strictly infinite, is high enough so 
expanded usage doesn't strain most links, right?  Finally, modern phone 
switches have sufficient connect capacity so that they can handle usage 
which would have been considered "unusual" by yesteryear's standards.  All 
of this points to an obvious conclusion:  Telephone companies do not, in 
general, have increased costs as a consequence of increased telephone usage.

Here's what I think is _really_ going on:  You have decided that you think 
the costs of the telephone system should be apportioned by usage EVEN IF 
higher usage is no more costly to provide.  That's why you don't want to  
disprove my claims.  You're afraid that you'll have to say, "Yes, you're 
right Jim, but I _still_ think billing should be porportional to use."


>Can't resist like someone has to pay those 80,000+ 
>employees at AT+T.

Some of whom are probably unnecessary.  Interestingly enough, the rumor is 
that half the costs for LD are in billing and customer service.  Most of 
these costs would disappear if LD was unmetered.  

>
>> >But you miss my point, if a phoneco is not getting a penny for its long 
>> distanceservices (which subsidise the flat rate local calls) then the 
choice 
>> would
>> >be to close down. Which would be a severe attack to the local internet 
usage.
>> 
>> That's an entirely unsupported claim.  Nobody claims that telephone usage 
>> (term used generically) is on the way out.  "Closing down" is only going to 
>> happen if local phonecos cease to be able to provide a service that people 
>> are willing to pay for.
>
>Exactly! Once "X-Phone" has its servers in US Cities, and its charging 10 
cents 
>a minute for long distance calls, I don't see if the phonecos would be able 
to provide any service that people are willing to pay for, I mean they won't
>be able to provide matching lucrative rates. 

I am confident that local phonecos can remain competitive even against 
"free" Internet telephone service.  What they need to do is simple:  
Entirely remove the LD/local subsidy, remove metering on LD (as well as 
local), bill yearly for far lower costs, etc.  Once this is done, LD will be 
"free", at least on a marginal basis, so no customer will have any 
motivation to move to "Internet telephone" service.


>You mean to say that, X-Phone will take advantage of the phoneco and mint 
>money for a minimal investment, whereas the phoneco who spent billions on the
>infrastructure will be just whistle down the road, and let the X-Phone 
>indulge in its own cyberdo.

In the US, the current telephone company infrastructure is ALREADY PAID FOR. 
 It was paid for by over-inflated rates during a monopolized era.   If 
anything, the locals have an "unfair advantage" over the rest of the 
companies:  Only they have a copper pair into every home.  


Jim Bell
jimbell at pacifier.com





From printing at explicit.com  Mon Aug 19 19:11:56 1996
From: printing at explicit.com (William Knowles)
Date: Tue, 20 Aug 1996 10:11:56 +0800
Subject: Naked woman decapitates man on Internet!!!
In-Reply-To: <Pine.GUL.3.95.960819122021.1842D-100000@Networking.Stanford.EDU>
Message-ID: <Pine.BSD.3.92.960819181607.5683A-100000@miso.wwa.com>


On Mon, 19 Aug 1996, Rich Graves wrote:

> You just gotta love the headline. Anyone have the URL?

Dan's Gallery of the Grotesk

http://www.grotesque.com

The series is 'Natural Born Losers' Where this biker chick and
her new boyfriend perform a sex act with the soon to be dead
ex-boyfriend, and then they both use a hacksaw to chop the poor
fellow into pieces.  The couple shot the film and dropped it
off to a 'friend' at a one-hour photo place and someone else
looked at the photos and called the police.  Don't eat *anything*
before viewing these pictures!

> Seen on Newspage headlines; I assume the full text is on ClariNet.
>
>    NAKED WOMAN DECAPITATES MAN ON INTERNET - Pictures of a naked young
>    woman decapitating a man with a saw are available on the Internet, to
>    the consternation of police in Munich who say they are unable to do
>    anything about it. [AGENCE FRANCE PRESSE, 175 words]
>
> -rich
>  who thought the associated press was bad

William Knowles
Graphically Explicit
printing at explicit.com


--
Graphically Explicit Advertising       <printing at explicit.com>
PGP mail welcome & prefered / KeyID 1024/415D7FF9
PGP Fingerprint D3 45 A4 38 73 99 77 4A   98 BB A2 81 97 68 73 03
--
Explicit isn't a dirty word, Or is it?








From maldrich at grci.com  Mon Aug 19 19:33:45 1996
From: maldrich at grci.com (Mark O. Aldrich)
Date: Tue, 20 Aug 1996 10:33:45 +0800
Subject: Naked woman decapitates man on Internet!!!
In-Reply-To: <Pine.GUL.3.95.960819122021.1842D-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SCO.3.93.960819184212.8520D-100000@grctechs.va.grci.com>


On Mon, 19 Aug 1996, Rich Graves wrote:

Yes, it's true.  Her boyfriend kills the guy while she's
giving him a blow job.  Then they "get naked," hack up the body, and pose
various body parts in, uh, 'interesting' positions.  The whole story's on
the Web site.  Check them out at:

http://www.grotesque.com/

The web site is the Gallery of the Grotesque.  The "exhibit" you're
looking for is the "Natural Born Losers" section.  Other sections are also
fascinating if you like this sort of stuff.

> You just gotta love the headline. Anyone have the URL?
> 
> Seen on Newspage headlines; I assume the full text is on ClariNet.        
> 
>    NAKED WOMAN DECAPITATES MAN ON INTERNET - Pictures of a naked young
>    woman decapitating a man with a saw are available on the Internet, to
>    the consternation of police in Munich who say they are unable to do
>    anything about it. [AGENCE FRANCE PRESSE, 175 words]
> 
> -rich
>  who thought the associated press was bad
> 
> 

------------------------------------------------------------------------- 
|Just as the strength of the Internet is  |Mark Aldrich                 |
|chaos, so the strength of our liberty    |GRCI INFOSEC Engineering     |
|depends upon the chaos and cacophony of  |maldrich at grci.com            |
|the unfettered speech the First Amendment|MAldrich at dockmaster.ncsc.mil |
|protects - District Judge Stewart Dalzell|                             |
|_______________________________________________________________________|
|The author is PGP Empowered.  Public key at:  finger maldrich at grci.com |
|    The opinions expressed herein are strictly those of the author     |
|         and my employer gets no credit for them whatsoever.           |
-------------------------------------------------------------------------






From Scottauge at aol.com  Mon Aug 19 19:45:59 1996
From: Scottauge at aol.com (Scottauge at aol.com)
Date: Tue, 20 Aug 1996 10:45:59 +0800
Subject: No Subject - Lesson in cracking (cryptoanalysis 001)
Message-ID: <960819193406_263572605@emout14.mail.aol.com>


In a message dated 96-08-19 05:44:34 EDT, you write:

> SAMPLE MESSAGE: ("HAIL ERIS")
>  
>  CONVERSATION:
>  A B C D E F G H I J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z
>  1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
>  
>  STEP 1. Write out the message (HAIL ERIS) and put all the vowels at the
end
>          (HLRSAIEI)
>  STEP 2. Reverse order (IEIASRLH)
>  STEP 3. Convert to numbers (9-5-9-1-19-18-12-8)
>  STEP 4. Put into numerical order (1-5-8-9-9-12-18-19)
>  STEP 5. Convert back to letters (AEHIILRS)
>  
>  This cryptographic cypher code is GUARANTEED TO BE 100% UNBREAKABLE.
>  
>  

Hmmmmm, lets see here....

The numbers are one to one with the letters - hence this suggests a frequency
attack right off the bat.  You see, poor pathetic soul, if we know the
algorithm, as you have spelt it out, and we know the alphabet of the
plaintext (thats the message your trying to protect), we know that the
language has certain letters used more frequently than others.  Like, ya know
"e" is a very popular letter, so is t and s.  Collect enough cypher text and
ya just match frequency to frequency - a high number of 6's are replaced with
an e, and so on down the line.

QED why you don't go one to one with the alphabet.

OK, so we got the letters we are interested in working with.  Now, still
knowing the language the alphabet represents, we know that certain letters
usually follow other letters.  For example, re, ent, th, st, ing, need I
really go on?

Now we just start chunking up the peices according to spelling rules we know
about - then with the help of a handy dandy spell checker like thing, when we
get close to a word, we clump the chunks together.

Actually, mixing your letters around helps cuz one needs to do a lot of
shuffling here - but believe me, algorithms are out there.  Plus, the more
cipher text you provide, the easier it is to nab your info cuz there is more
information for the particular algorithm I'm thinking of to work with.

Once ya get a likely set of words, ya start looking for a pattern that can
get ya these set of words into and gain the original pattern.

QED why one does not depend on shuffling for protection.

Anyone else wanna explain things too?





From ichudov at algebra.com  Mon Aug 19 19:55:02 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Tue, 20 Aug 1996 10:55:02 +0800
Subject: Hackers invade DOJ web site
In-Reply-To: <199608191642.LAA07079@server.multipro.com>
Message-ID: <199608200008.TAA16708@manifold.algebra.com>


Nick West wrote:
> >
> >Did anyone save a copy of the altered web page?  I would like to see
> >what the crackers did.
> >
> They showed a the page on CNN Headline News yesterday. They might show it
> sometime again today, stay tuned.

Now I have the "Department of INJUSTICE" Web page on my personal 
Web page, http://www.algebra.com/~ichudov (follow the links).

A tarred and gsipped content is available for download and mirroring.

I personally find the web page very well and artistically done, and
extremely funny. The guy who did it had a good taste.

	- Igor.





From frantz at netcom.com  Mon Aug 19 20:01:12 1996
From: frantz at netcom.com (Bill Frantz)
Date: Tue, 20 Aug 1996 11:01:12 +0800
Subject: [RANT] Death of Usenet: Film at 11
Message-ID: <199608200001.RAA02120@netcom8.netcom.com>


At  1:34 PM 8/19/96 -0700, Mike Duvos wrote:
>Permit me to go off in an orthogonal direction here and say that
>I think that we should do away with the concept of a pre-ordained
>newsgroups in Usenet entirely, in favor of an IRC-like dynamic 
>creation of message pools.

Moderated newsgroups gain reputation from their moderation policies and
probably should not be included in this scheme.


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From wendigo at pobox.com  Mon Aug 19 20:06:20 1996
From: wendigo at pobox.com (Mark Rogaski)
Date: Tue, 20 Aug 1996 11:06:20 +0800
Subject: [fnord] Re: Discordians a-gogo (aggoo)
In-Reply-To: <2.2.32.19960819174537.00ac513c@mail.teleport.com>
Message-ID: <199608200031.UAA17032@charon.gti.net>


-----BEGIN PGP SIGNED MESSAGE-----

An entity claiming to be Alan Olsen wrote:
: 
: ObDiscordian: Have you noticed that there are five levels of priority in Eudora?

Or that RFC23 is entitled "Transmission of multiple control messages"?

- -- 
    Mark Rogaski   | Why read when you can just sit and |      Member
  GTI System Admin |         stare at things?           | Programmers Local
  wendigo at gti.net  | Any expressed opinions are my own  |     # 0xfffe
 wendigo at pobox.com | unless they can get me in trouble. |     APL-CPIO


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhkHUA0HmAyu61cJAQFFIgP8CFjdpNaPJ2vCqX5nlc+TRpCjt1FgyMvg
FSd7PzwSgFu5jTXgeuWgZE/JkZ+6iZPo7vFdKgAGxU+pKok3jkXspgk38JP3Q4ay
uR1+GHq0auHbY5kGZseyzGPRBOAHglxUxMO41n67e7FdwoYuO1DeQVura8hGTYAr
kd94gHuvTFE=
=vNwc
-----END PGP SIGNATURE-----





From skeeve at skeeve.net  Mon Aug 19 20:23:26 1996
From: skeeve at skeeve.net (Skeeve Stevens)
Date: Tue, 20 Aug 1996 11:23:26 +0800
Subject: Hackers invade DOJ web site
In-Reply-To: <199608191642.LAA07079@server.multipro.com>
Message-ID: <199608200036.KAA08028@zztop.myinternet.net>


You, Nick West, said about something or other:
+
+At 06:46 PM 8/18/96 -0700, you wrote:
+>> CNN online (http://www.cnn.com) is reporting a "breakin" by "hackers"
+>> to the DOJ web site.  They don't elaborate exactly how thy did it.
+>
+>Did anyone save a copy of the altered web page?  I would like to see
+>what the crackers did.
+>
+>Thanks.
+>
+>
+They showed a the page on CNN Headline News yesterday. They might show it
+sometime again today, stay tuned.


Altavisa/Yahoo search "Department of Injustice"


--------------------------------------------------------------------
Skeeve Stevens                              Email: skeeve at skeeve.net
CEO/The Big Boss/All round nice guy      URL: http://www.skeeve.net/
MyInternet                               Australian Anglicans Online
http://www.myinternet.net/               http://www.anglican.asn.au/
Phone: (+612) 869-3334        Mobile: (0414) SKEEVE [+61414-753-383]
Key fingerprint  =  D2 7E 91 53 19 FE D0 5C  DE 34 EA AF 7A 5C 4D 3E





From rich at c2.org  Mon Aug 19 20:25:05 1996
From: rich at c2.org (Rich Graves)
Date: Tue, 20 Aug 1996 11:25:05 +0800
Subject: Naked woman decapitates man on Internet!!!
In-Reply-To: <Pine.BSD.3.92.960819181607.5683A-100000@miso.wwa.com>
Message-ID: <Pine.GUL.3.95.960819171725.2971E-100000@Networking.Stanford.EDU>


There seems to be some confusion about the facts of the case, i.e., whether
the pictures really came from a case that was solved. I assume that that
will all be cleared up, but I'm not laughing anymore. 

I can imagine some kid gleefully accepting such pics to put up on a
grotesque page as an anti-censorship demonstration -- and then finding out
that he had the only evidence to an unsolved crime. 

-rich






From llurch at networking.stanford.edu  Mon Aug 19 20:53:17 1996
From: llurch at networking.stanford.edu (Rich Graves)
Date: Tue, 20 Aug 1996 11:53:17 +0800
Subject: "Utilization Review"
In-Reply-To: <199608192029.NAA28776@netcom8.netcom.com>
Message-ID: <Pine.GUL.3.95.960819174621.2971G-100000@Networking.Stanford.EDU>


On Mon, 19 Aug 1996, Bill Frantz wrote:

> At 12:22 AM 8/19/96 -0400, Black Unicorn wrote:
> >I listened with horror this evening to a radio program which 
> >discussed the state of medical record privacy today.
> 
> Unfortunatly, it is still true that whoever pays the piper calls the tune. 
> The best way to ensure medical record privacy is to eliminate medical
> insurance.

Or even better: don't get sick.

> Perhaps, within our current social order, medical savings plans
> are the best option on the table.

What alternative social orders can you envision that would handle this
problem elegantly? I can't think of any off the top of my head. 

Medical savings plans do not work for anyone but the extremely rich and
healthy, because few normal people can self-insure to cover the risk. With
pooled risk, the prospective customer has the right to know the risks
already in the pool before diving in. Contracts based on infinite
uncertaintly tend not to work.

There's also the little matter of letting your doctor know your medical
history. That data needs to be stored somewhere in clear text (as respects
my lack of involvement in the release, that is). If I'm unconscious, I can't
tell them my passphrase. 

-rich






From scraver at mnet.fr  Mon Aug 19 20:55:57 1996
From: scraver at mnet.fr (Arnauld Dravet)
Date: Tue, 20 Aug 1996 11:55:57 +0800
Subject: Naked woman decapitates man on Internet!!!
In-Reply-To: <Pine.GUL.3.95.960819122021.1842D-100000@Networking.Stanford.EDU>
Message-ID: <32191CBE.63076145@mnet.fr>


Rich Graves wrote:
> 
> You just gotta love the headline. Anyone have the URL?
> 
> Seen on Newspage headlines; I assume the full text is on ClariNet.
> 
>    NAKED WOMAN DECAPITATES MAN ON INTERNET - Pictures of a naked young
>    woman decapitating a man with a saw are available on the Internet, to
>    the consternation of police in Munich who say they are unable to do
>    anything about it. [AGENCE FRANCE PRESSE, 175 words]
> 
> -rich
>  who thought the associated press was bad



U should try www.grotesque.com
i dunno if it exists any longer
cya
sChTrOuMf





From vldiaz at adnc.com  Mon Aug 19 21:01:17 1996
From: vldiaz at adnc.com (Vincent L. Diaz)
Date: Tue, 20 Aug 1996 12:01:17 +0800
Subject: Agents, Spiders, Linda, and BlackNet
Message-ID: <2.2.16.19960819180929.322f402c@mail.adnc.com>


Tim:

At 10:58 AM 8/19/96 -0700, you wrote:
>
>Key Phrases: agents, spiders, linda, blacknet, indexing, hierarchy,
>alternatives to hierarchy, emergent indexing, aptical foddering, tuple
>spaces, virtual communities, shared environments

(Snip)

>Just some ideas. Nothing new, to me at least. But I thought some of the
>newer list members might not have seen some of these ideas, part of the
>assumed culture to we crypto anarchists.

I currently subscribe to DigitalLiberty and am very new to Cypherpunks. I wanted
to thank you for thinking of us "Newbies" in the Crypto field with this
submission.

I hope that your will at some time in the future seriously consider a
comprehensive book
on this and other subjects skewed towards the general public.







Regards,

VINCENT L. DIAZ
U-SAVE COMMUNICATIONS
Business Line: 619-277-2411
Fax Line:         619-277-0298
http://www.cognigen.com/agencies/






From DMiskell at envirolink.org  Mon Aug 19 21:05:08 1996
From: DMiskell at envirolink.org (Daniel Miskell)
Date: Tue, 20 Aug 1996 12:05:08 +0800
Subject: your mail
Message-ID: <199608200120.VAA05671@envirolink.org>


So, how do you UNDO the encryptation?  Gee, no wonder it's uncrackable.

Daniel.






From llurch at networking.stanford.edu  Mon Aug 19 21:10:51 1996
From: llurch at networking.stanford.edu (Rich Graves)
Date: Tue, 20 Aug 1996 12:10:51 +0800
Subject: search engine improvement
In-Reply-To: <199608191931.VAA02971@digicash.com>
Message-ID: <Pine.GUL.3.95.960819173400.2971F-100000@Networking.Stanford.EDU>


On Mon, 19 Aug 1996 bryce at digicash.com wrote:

[good ideas about distributed ratings systems]

> There is the interesting issue of whether this will cause
> self-reinforcing "degeneration", where people (or an
> "affiliation"-keyed group of people) accidentally overlook a
> worthy page early in the game, and then, using each other's
> behavior to influence their own, reinforce that mistake.

It probably will. But people like being degenerates.

Another interesting issue for privacy is setting the granularity of the
information. If you know that only a few people have visited site A, and
you tell the distributing service that you like site A, then the rating
service has the potential to become a way to track people (to a certain
margin of error). Were I running such a service, I wouldn't hand out
information until enough static had accumulated to provide anonymity.

-rich






From zachb at netcom.com  Mon Aug 19 21:21:57 1996
From: zachb at netcom.com (Z.B.)
Date: Tue, 20 Aug 1996 12:21:57 +0800
Subject: No Subject - Lesson in cracking (cryptoanalysis 001)
In-Reply-To: <960819193406_263572605@emout14.mail.aol.com>
Message-ID: <Pine.3.89.9608191812.A24786-0100000@netcom16>


On Mon, 19 Aug 1996 Scottauge at aol.com wrote:

[highly insecure algorithm snipped]

Scottauge at aol.com wrote:

[very nice explanation of why above algorithm is insecure snipped]

> 
> Anyone else wanna explain things too?
> 
No, but I have this really great crypto program right here thet I'll give 
to you if you perform just a little debugging on it!!!  It uses the 
well-known and well-tested Noitutitsbus method and is GUARANTEED to be 
COMPLETELY UNBREAKABLE!!!  Get your copy NOW before its cracked...er...gone!

:)

---

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127








From tcmay at got.net  Mon Aug 19 21:37:26 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 20 Aug 1996 12:37:26 +0800
Subject: BlackNet: Commercial Posts?
Message-ID: <ae3e66b5150210042b54@[205.199.118.202]>


At 1:05 PM 8/19/96, Ross Wright wrote:
>On Or About 19 Aug 96, 7:03, Hal wrote:
>
>> service, or in fact a network of any sort.  Rather, it is a vendor.
>> It buys and sells information.
>
>My question to the list:
>
>Who benefits from all this publicity and brew-ha-ha?  Who makes all
>the BlackNet money?  Who really cares if it is a Data Haven or just a
>remailer?  I'm just asking.

Well, obviously I do. I receive $1.42 for every posting which mentions
BlackNet, 7% of gross sales for all commercial transactions, and 12.5% plus
a sliding finder's fee for all military and intelligence secrets sold via
BlackNet.

But all true paranoiacs knew this.

--Aldrich Ames

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From iang at cs.berkeley.edu  Mon Aug 19 21:56:30 1996
From: iang at cs.berkeley.edu (Ian Goldberg)
Date: Tue, 20 Aug 1996 12:56:30 +0800
Subject: Final release of Navigator (with strong crypto) now available
In-Reply-To: <199608181037.MAA14188@basement.replay.com>
Message-ID: <4vb5ud$skn@abraham.cs.berkeley.edu>


-----BEGIN PGP SIGNED MESSAGE-----

In article <3216F54C.425C at netscape.com>,
Jeff Weinstein  <jsw at netscape.com> wrote:
>Alex de Joode wrote:
>> 
>> Jeff Weinstein (jsw at netscape.com) wrote:
>> 
>> : The final release of Navigator 3.0, complete with non-exportable
>> : strong crypto, is now available for download by US citizens.  Note
>> : that this is the released version of 3.0, so it will not expire.
>> : You can get it from:
>> 
>> Would it be possible to both supply an Linux ELF and a.out binary ?
>
>  No, we will only be supplying ELF.  Since linux is not officially
>supported, we really don't have the resources to do multiple versions.
>
Not to mention that plugins are virtually impossible with a.out...

   - Ian

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhkbBUZRiTErSPb1AQF5fgP/V6r/aWB7KML48S4y0+MFaAb9XIaUxOQX
tRZNSJoRAldSveIxli5nAHN/BI7XGPgIcEmS992PWWJfkEtt+ogmtm6VpXRGf+pa
2bWpf01+4UYZddhH2UnjVlkd9cDigtmkXd4SVJBO5ebHEBMzesQvDOaUJeXshT7S
eWdxPj8lOh8=
=VErV
-----END PGP SIGNATURE-----





From shamrock at netcom.com  Mon Aug 19 21:59:12 1996
From: shamrock at netcom.com (Lucky Green)
Date: Tue, 20 Aug 1996 12:59:12 +0800
Subject: Naked woman decapitates man on Internet!!!
In-Reply-To: <Pine.SCO.3.93.960819184212.8520D-100000@grctechs.va.grci.com>
Message-ID: <Pine.3.89.9608191853.A17091-0100000@netcom14>





On Mon, 19 Aug 1996, Mark O. Aldrich wrote:

> On Mon, 19 Aug 1996, Rich Graves wrote:
> 
> Yes, it's true.  Her boyfriend kills the guy while she's
> giving him a blow job.  Then they "get naked," hack up the body, and pose
> various body parts in, uh, 'interesting' positions.  The whole story's on
> the Web site.  Check them out at:
> 
> http://www.grotesque.com/
That was intense...

--Lucky





From mpd at netcom.com  Mon Aug 19 22:41:22 1996
From: mpd at netcom.com (Mike Duvos)
Date: Tue, 20 Aug 1996 13:41:22 +0800
Subject: Naked woman decapitates man on Internet!!!
In-Reply-To: <Pine.3.89.9608191853.A17091-0100000@netcom14>
Message-ID: <199608200300.UAA25571@netcom8.netcom.com>


Lucky Green writes:

> That was intense...

It was...        "different"

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $





From declan at eff.org  Mon Aug 19 23:04:54 1996
From: declan at eff.org (Declan McCullagh)
Date: Tue, 20 Aug 1996 14:04:54 +0800
Subject: Indonesia detains democracy activist after post to mailing list (fwd)
In-Reply-To: <Pine.GUL.3.95.960819144001.2971B-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SUN.3.91.960819195846.3818B-100000@eff.org>



On Mon, 19 Aug 1996, Rich Graves wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> On Mon, 19 Aug 1996, Charles Gimon wrote:
> [...]
> > >    Trouble in Paradise
> > >    by Declan McCullagh (declan at well.com)
> > >    Washington, DC, 18 August
> > >    
> > >    Indonesian democracy activists have taken their fight for freedom
> > >    to the Net, and the government doesn't approve.
> > >    
> > >    After distributing email messages about riots in Jakarta last month to
> > >    an international Indonesian-politics mailing list, Prihadi Beny
> > >    Waluyo, a lecturer at Duta Wacana Christian University, was arrested
> > >    and interrogated by the military. Since then, the mailing list has
> > >    been banned from the country and Waluyo has returned to his house,
> > >    where he remains under surveillance.
> > 
> > [dan lain-lain...]
> > 
> > Exactly which mailing list was "banned from the country"? All the
> > Indonesian mailing lists I'm on, including apakabar at clark.net, are
> > functioning normally, with no unusual complaints or interruptions.
> 
> Never mind the details. What's important is that this is yet another example
> of net censorship, like the Berkeley administration's reading student email
> and the FBI's monitoring and disrupting patriot email. 
> 
> It's really sad, the difference between HRW/AI and Wired. You know, Amnesty
> has some outstanding policies regarding accuracy, objectivity, and
> universality. That's why they're accorded such respect. Human Rights Watch,
> which has only been around since the late 70's and committed a few major
> faux pas in Central America, is still learning. Wired decided that it had
> all the answers years ago.


Rich is frothing again. Time to killfile him again. Note he contributes
nothing of substance except a vapid anti-Wired rant that has been done
better elsewhere, like www.howtired.com. (Personally, I don't even read
Wired much anymore. To each his own.)

As for UCB and the FBI threads, Rich is talking about back
fight-censorship discussions. He seems to think that I endorse every
message I forward to a mailing list. He is incorrect. (Rather, I offer the
information to the list, as Judge Sloviter took Olsen's testimony, "for
what it's worth.")

Back to Indonesia -- my column should have said the Indonesian military is
*trying* to ban the mailing list from the country. They haven't succeeded
yet. Time will tell.

I have more information on Indonesia at http://www2.eff.org/~declan/global/ -- 
right now, use the www2 address since not all directories seem to be 
updating on the mirror servers properly right now.

-Declan



// declan at eff.org // I do not represent the EFF // declan at well.com //







From dlv at bwalk.dm.com  Mon Aug 19 23:06:25 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Tue, 20 Aug 1996 14:06:25 +0800
Subject: [RANT] Death of Usenet: Film at 11
In-Reply-To: <199608192034.NAA19771@netcom17.netcom.com>
Message-ID: <w8PXsD49w165w@bwalk.dm.com>


[I know the group-advice-lackey-Goebbels-reincarnation-stooge is reading this,
but he probably doesn't have the balls to reply]

mpd at netcom.com (Mike Duvos) writes:
> One of the nice things about IRC is that if the Empire State
> Building suddenly blows up, you can tune to #bomb and generally
> find several hundred people interested in discussing it without
> having to go through some complicated newgroup/rmgroup/discussion
> procedure.

Unfortunately, there's no easy way to rmgroup a usenet newsgroup once it
gets created. Many sites ignore all rmgroups. In fact, many large sites
now ignore all newgroups unless a user specifically asks to carry a new
newsgroup.

I believe the main reason why most newsadmins seem to want to have some
restrictions on newgrouping is the lack of efficient rmgrouping.

If we could newgroup misc.news.current-events.empire-state-bombing
and then have it disappear quetly and automatically once the non-spam
traffic is gone, I'm sure a lot fewer people would object to its creation.

> The real data base of Usenet is the totality of messages, indexed
> by message ID, and there are so many newsgroups now that allowing
> the Newsgroups: line to have arbitrary contents in the message
> header would do little to increase the confusion. Entering each
> arbitrary entry in the Newsgroups: line into a secondary
> searchable index would provide the same functionality as we have
> now with the conventional arrangement of newsgroups.

Assuming that this is done, why bother with newgroup/rmgroup at all?
If you think comp.language.algol is a worthwhile newsgroup (as I do),
just put it in your header and see if anyone sees your article.
Well-named keywords in Newsgroups: will act as these Snelling(?)
points senile Tim ranted about.

> With governments creating lists of "banned" newsgroups, and an
> official creation process managed by the "Cabal", Usenet is much
> more vulnerable to state control than it would be if newsgroups
> were simply arbitrary strings which existed somewhere in the
> current window into the history file.  A newsgroup would then
> exist if there were messages in it, and wouldn't exist if it had
> remained unused for some reasonable period of time.

The reason for Cabal's existence is twofold. First, it is a bunch
of control freaks who want to be in charge and get a kick out of
telling users "you can't do this". Second, sysadmins are willing
to put up with this shit because they think they need some means
to control newsgrouping.

> Now that search engines are becoming the best way to read Usenet
> anyway, and the Newsgroups: line is just another field in a set
> of search specifications, there is no reasonable reason to limit
> what may be placed there to some list of "20,000" pre-defined
> strings, or some government controlled subset of the above.

Absolutely.

> If Singapore bans alt.sex.hooters, you could simply post to
> alt.culture.singapore.i.got.your.hooters.right.here. This
> would effectly jerk the rug out from under the "banned
> newsgroups" gestapo, and create a namespace so large you would
> always be able to construct an appropriately suggestive new entry
> in the compliment of any part that was blocked.

Yes.

> It would also send the correct message that "newsgroups" are
> simply one of many labels on an article, and are not cyberspacial
> tearooms where bad people congregate and there is guilt by
> association.
>
> The alternative to doing something reasonable like this is
> probably to see mass migration from "banned newsgroups" to
> off-topic groups, like Lolita pictures in rec.pets.cats, when the
> inevitable crackdown comes. As long as people can post
> anonymously, they will simply switch to another existing
> newsgroup when the one they are posting to becomes blocked. Once
> the inevitable reciprocal pissing contest between posters and
> censors gets going, Usenet as we know it will likely be
> destroyed.

Usenet as I knew it 1- years ago has already been destroyed.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From tcmay at got.net  Mon Aug 19 23:15:19 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 20 Aug 1996 14:15:19 +0800
Subject: Naked woman decapitates man on Internet!!!
Message-ID: <ae3e8146170210046916@[205.199.118.202]>


At 2:00 AM 8/20/96, Lucky Green wrote:
>On Mon, 19 Aug 1996, Mark O. Aldrich wrote:
>
>> On Mon, 19 Aug 1996, Rich Graves wrote:
>>
>> Yes, it's true.  Her boyfriend kills the guy while she's
>> giving him a blow job.  Then they "get naked," hack up the body, and pose
>> various body parts in, uh, 'interesting' positions.  The whole story's on
>> the Web site.  Check them out at:
>>
>> http://www.grotesque.com/
>That was intense...

But not as intense as it could be with Internet video!

BTW, I've linked this page to my "A Childe's Own Primer on the Net," but I
have warned young impressionables to only view the page if they want to see
something gross. (Since no child wants to see something gross, this should
deter them.)

I wonder how the images were gotten? The site mentions that they were
entered as evidence in the trial of the two bikers, but presumably the
photo evidence would have been sealed. Not that this means much, given that
the autopsy photos of Nicole Brown Simpson made it out onto the Net shortly
after being taken.

(I guess one of the evidence clerks or attorneys had a scanner and access
to a remailer....)

I do expect this to be added to the list of evils that the peo-CDA
attorneys will cite.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From m5 at tivoli.com  Mon Aug 19 23:21:30 1996
From: m5 at tivoli.com (Mike McNally)
Date: Tue, 20 Aug 1996 14:21:30 +0800
Subject: Taxes on Internet access prediction
Message-ID: <32193A1F.31BB@tivoli.com>


States and municipalities are taxing internet access.  Who wants to
make a prediction about if/when the IRS will start to count net access
as a taxable fringe benefit of employment?

(At a small company where I once worked, a tax accountant visiting
one day noticed that we had a weight bench set up in a back corner of
the big "back room".  He advised us to be careful, because the IRS
could count that as a taxable employee benefit.)

-- 
______c_________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX * For the time being,
       m5 at tivoli.com * m101 at io.com       *    
      <URL:http://www.io.com/~m101>      * three heads and eight arms.





From bdurham at metronet.com  Mon Aug 19 23:35:07 1996
From: bdurham at metronet.com (Brian Durham)
Date: Tue, 20 Aug 1996 14:35:07 +0800
Subject: [NOISE] Naked woman decrapitates man on Internet!!!
In-Reply-To: <Pine.BSD.3.92.960819181607.5683A-100000@miso.wwa.com>
Message-ID: <32193CC8.415C@metronet.com>


> http://www.grotesque.com

You mean, like, no decrapitation?





From alano at teleport.com  Mon Aug 19 23:41:52 1996
From: alano at teleport.com (Alan Olsen)
Date: Tue, 20 Aug 1996 14:41:52 +0800
Subject: Naked woman decapitates man on Internet!!!
Message-ID: <2.2.32.19960820035848.00b201dc@mail.teleport.com>


At 07:00 PM 8/19/96 -0700, Lucky Green wrote:

>That was intense...

Just goes to show you what some people will do to get a head... ]:>

---
|"Computers are Voodoo -- You just have to know where to stick the pins."|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From daemon at anon.penet.fi  Tue Aug 20 00:02:50 1996
From: daemon at anon.penet.fi (daemon at anon.penet.fi)
Date: Tue, 20 Aug 1996 15:02:50 +0800
Subject: Anonymous password assignment failure (no password)
Message-ID: <9608200446.AA25374@anon.penet.fi>


You have requested the assignment of a new password
However, your message text didn't contain any password.
Remember that passwords should only contain letters and numbers.






From npoznick at Harding.edu  Tue Aug 20 00:18:04 1996
From: npoznick at Harding.edu (nathan poznick)
Date: Tue, 20 Aug 1996 15:18:04 +0800
Subject: Naked woman decapitates man on Internet!!!
In-Reply-To: <Pine.GUL.3.95.960819171725.2971E-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SOL.3.94.960820001143.11266A-100000@taz>


On Mon, 19 Aug 1996, Rich Graves wrote:

> There seems to be some confusion about the facts of the case, i.e., whether
> the pictures really came from a case that was solved. I assume that that
> will all be cleared up, but I'm not laughing anymore. 
> 
> I can imagine some kid gleefully accepting such pics to put up on a
> grotesque page as an anti-censorship demonstration -- and then finding out
> that he had the only evidence to an unsolved crime. 

i've visited Dan's Gallery of the Grotesk several times over the last few
months, and i can tell you, that Dan takes these pictures and the history
behin them quite seriously...
if you read all the pages, and all his thoughts, you can tell that he's
not just some kid that snatched up some gross pictures for the heck of
it...

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^		             Nathan Poznick				 ^
^	        	 <npoznick at harding.edu>				 ^
^                    http://www.harding.edu/~npoznick			 ^
^									 ^
^                  "640k should be enough for anybody."			 ^
^									 ^
^		          --Bill Gates, 1981--				 ^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^






From rwright at adnetsol.com  Tue Aug 20 00:32:36 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Tue, 20 Aug 1996 15:32:36 +0800
Subject: [NOISE] Naked woman decrapitates man on Internet!!!
Message-ID: <199608200525.WAA07739@adnetsol.adnetsol.com>


Sick, stuff.  Yet everyone has to sneek a peek, just like a car 
crash.  Hey, I did.  I made the whole trip through the lurid pages.

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From zachb at netcom.com  Tue Aug 20 00:42:08 1996
From: zachb at netcom.com (Z.B.)
Date: Tue, 20 Aug 1996 15:42:08 +0800
Subject: your mail
In-Reply-To: <199608200120.VAA05671@envirolink.org>
Message-ID: <Pine.3.89.9608192243.A19706-0100000@netcom12>


On Mon, 19 Aug 1996, Daniel Miskell wrote:

> So, how do you UNDO the encryptation?  Gee, no wonder it's uncrackable.
> 
> Daniel.
> 
Umm...you missed the joke.  Take a closer look at the word Noitutitsbus. :)





From proff at suburbia.net  Tue Aug 20 00:49:19 1996
From: proff at suburbia.net (Julian Assange)
Date: Tue, 20 Aug 1996 15:49:19 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
Message-ID: <199608200513.PAA23414@suburbia.net>


Forwarded message:
>From notes at igc.org  Tue Aug 20 15:07:25 1996
Date: Mon, 19 Aug 1996 20:27:27 -0700 (PDT)
Reply-To: Moderator of conference "justice.polabuse" <bwitanek at igc.apc.org>
From: Bob Witanek <bwitanek at igc.apc.org>
Subject: CIA Contra Crack and LA Gangs
To: Recipients of pol-abuse <pol-abuse at igc.apc.org>
Message-ID: <APC&1'0'a9f98b64'6db at igc.apc.org>
X-Gateway: conf2mail at igc.apc.org
Errors-To: owner-pol-abuse at igc.apc.org
Precedence: bulk
Lines: 364

From: Bob Witanek <bwitanek at igc.apc.org>

Posted mnovick at laedu.lalc.k12.ca.us  Sun Aug 18 22:23:45 1996

This is an astonishing mainstream media documentation of the role of the
U.S. state in the guns for drugs trade and its social devastation results in
the U.S. Although the piece focuses on U.S. involvement on the guns end in
Central America, this was a clear two-birds with one stone
counter-insurgency strategy at this end, too.  Given the continuing effect
of crack (and its hypocritical super-criminalization by the government),
genocide is probably too  mild a word for this.

'80s effort to assist guerrillas left legacy of drugs, gangs in black L.A.
By Gary Webb

Mercury News Staff Writer

For the better part of a decade, a Bay Area drug ring sold tons of cocaine to 
the Crips and Bloods street gangs of Los Angeles and funneled millions in drug 
profits to a Latin American guerrilla army run by the U.S. Central Intelligence 
Agency, a Mercury News investigation has found.

This drug network opened the first pipeline between Colombia's cocaine cartels 
and the black neighborhoods of Los Angeles, a city now known as the ``crack'' 
capital of the world. The cocaine that flooded in helped spark a crack explosion
 in urban America -- and provided the cash and connections needed for L.A.'s 
gangs to buy automatic weapons.

It is one of the most bizarre alliances in modern history: the union of a 
U.S.-backed army attempting to overthrow a revolutionary socialist government 
and the Uzi-toting ``gangstas'' of Compton and South-Central Los Angeles.

The army's financiers -- who met with CIA agents both before and during the time
 they were selling the drugs in L.A. -- delivered cut-rate cocaine to the gangs 
through a young South-Central crack dealer named Ricky Donnell Ross.

Unaware of his suppliers' military and political connections, ``Freeway Rick"'' 
-- a dope dealer of mythic proportions in the L.A. drug world -- turned the 
cocaine powder into crack and wholesaled it to gangs across the country.

The cash Ross paid for the cocaine, court records show, was then used to buy 
weapons and equipment for a guerrilla army named the Fuerza Democratica 
Nicaraguense (Nicaraguan Democratic Force) or FDN, the largest of several 
anti-communist groups commonly called the Contras.

While the FDN's war is barely a memory today, black America is still dealing 
with its poisonous side effects. Urban neighborhoods are grappling with legions 
of homeless crack addicts. Thousands of young black men are serving long prison 
sentences for selling cocaine -- a drug that was virtually unobtainable in black
 neighborhoods before members of the CIA's army brought it into South-Central in
 the 1980s at bargain-basement prices.

And the L.A. gangs, which used their enormous cocaine profits to arm themselves 
and spread crack across the country, are still thriving, turning entire blocks 
of major cities into occasional war zones.

``There is a saying that the ends justify the means,'' former FDN leader and 
drug dealer Oscar Danilo Blandon Reyes testified during a recent cocaine 
trafficking trial in San Diego. ``And that's what Mr. Bermudez (the CIA agent 
who commanded the FDN) told us in Honduras, OK? So we started raising money for 
the Contra revolution.''

Recently declassified reports, federal court testimony, undercover tapes, court 
records here and abroad and hundreds of hours of interviews over the past 12 
months leave no doubt that Blandon was no ordinary drug dealer.

Shortly before Blandon -- who had been the drug ring's Southern California 
distributor -- took the stand in San Diego as a witness for the U.S. Department 
of Justice, federal prosecutors obtained a court order preventing defense 
lawyers from delving into his ties to the CIA.

Blandon, one of the FDN's founders in California, ``will admit that he was a 
large-scale dealer in cocaine, and there is no additional benefit to any 
defendant to inquire as to the Central Intelligence Agency,'' Assistant U.S. 
Attorney L.J. O'Neale argued in his motion shortly before Ross' trial on cocaine
 trafficking charges in March.

The most Blandon would say in court about who called the shots when he sold 
cocaine for the FDN was that ``we received orders from the -- from other 
people.''

The 5,000-man FDN, records show, was created in mid-1981 when the CIA combined 
several existing groups of anti-communist exiles into a unified force it hoped 
would topple the new socialist government of Nicaragua.

>From 1982 to 1988, the FDN -- run by both American and Nicaraguan CIA
agents -- 
waged a losing war against Nicaragua's Sandinista government, the 
Cuban-supported socialists who'd overthrown U.S.-backed dictator Anastasio 
Somoza in 1979.

Blandon, who began working for the FDN's drug operation in late 1981, testified 
that the drug ring sold almost a ton of cocaine in the United States that year 
-- $54 million worth at prevailing wholesale prices. It was not clear how much 
of the money found its way back to the CIA's army, but Blandon testified that 
``whatever we were running in L.A., the profit was going for the Contra 
revolution.''

At the time of that testimony, Blandon was a full-time informant for the Drug 
Enforcement Administration, a job the U.S. Department of Justice got him after 
releasing him from prison in 1994.

Though Blandon admitted to crimes that have sent others away for life, the 
Justice Department turned him loose on unsupervised probation after only 28 
months behind bars and has paid him more than $166,000 since, court records 
show.

``He has been extraordinarily helpful,'' federal prosecutor O'Neale told 
Blandon's judge in a plea for the trafficker's release in 1994. Though O'Neale 
once described Blandon to a grand jury as ``the biggest Nicaraguan cocaine 
dealer in the United States,'' the prosecutor would not discuss him with the 
Mercury News.

A known dealer since '74

has stayed out of U.S. jails

Blandon's boss in the FDN's cocaine operation, Juan Norwin Meneses Cantarero, 
has never spent a day in a U.S. prison, even though the federal government has 
been aware of his cocaine dealings since at least 1974, records show.

Meneses -- who ran the drug ring from his homes in the Bay Area -- is listed in 
the DEA's computers as a major international drug smuggler and was implicated in
 45 separate federal investigations. Yet he and his cocaine-dealing relatives 
lived quite openly in the Bay Area for years, buying homes in Pacifica and 
Burlingame, along with bars, restaurants, car lots and factories in San 
Francisco, Hayward and Oakland.

``I even drove my own cars, registered in my name,'' Meneses said during a 
recent interview in Nicaragua.

Meneses' organization was ``the target of unsuccessful investigative attempts 
for many years,'' prosecutor O'Neale acknowledged in a 1994 affidavit. But 
records and interviews revealed that a number of those probes were stymied not 
by the elusive Meneses but by agencies of the U.S. government.

Agents from four organizations -- the DEA, U.S. Customs, the Los Angeles County 
Sheriff's Department and the California Bureau of Narcotic Enforcement -- have 
complained that investigations were hampered by the CIA or unnamed ``national 
security'' interests.

1988 investigation

hit a wall of secrecy

One 1988 investigation by a U.S. Senate subcommittee ran into a wall of official
 secrecy at the Justice Department.

In that case, congressional records show, Senate investigators were trying to 
determine why the U.S. attorney in San Francisco, Joseph Russoniello, had given 
$36,000 back to a Nicaraguan cocaine dealer arrested by the FBI.

The money was returned, court records show, after two Contra leaders sent 
letters to the court swearing that the drug dealer had been given the cash to 
buy weapons for guerrillas. Russoniello said it was cheaper to give the money 
back than to disprove that claim.

``The Justice Department flipped out to prevent us from getting access to 
people, records -- finding anything out about it,'' recalled Jack Blum, former 
chief counsel to the Senate subcommittee that investigated allegations of Contra
 cocaine trafficking. ``It was one of the most frustrating exercises that I can 
ever recall.''

It wasn't until 1989, a few months after the Contra-Sandinista war ended and 
five years after Meneses moved from the Peninsula to a ranch in Costa Rica, that
 the U.S. government took action against him -- sort of.

Federal prosecutors in San Francisco charged Meneses with conspiracy to 
distribute one kilo of cocaine in 1984, a year in which he was working publicly 
with the FDN.

In S.F. photo, Meneses

seen with CIA operative

Meneses' work was so public, in fact, that he posed for a picture in June 1984 
in a kitchen of a San Francisco home with the FDN's political boss, Adolfo 
Calero, a longtime CIA operative who became the public face of the Contras in 
the United States.

According to the indictment, Meneses was in the midst of his alleged cocaine 
conspiracy at the time the picture was taken.

But the indictment was quickly locked away in the vaults of the San Francisco 
federal courthouse, where it remains today -- inexplicably secret for more than 
seven years. Meneses was never arrested.

Reporters found a copy of the secret indictment in Nicaragua, along with a 
federal arrest warrant issued Feb. 8, 1989. Records show the no-bail warrant was
 never entered into the national law enforcement database called NCIC, which 
police use to track down fugitives. The former federal prosecutor who indicted 
him, Eric Swenson, declined to be interviewed.

After Nicaraguan police arrested Meneses on cocaine charges in Managua in 1991, 
his judge expressed astonishment that the infamous smuggler went unmolested by 
American drug agents during his years in the United States.

``How do you explain the fact that Norwin Meneses, implicated since 1974 in the 
trafficking of drugs . . . has not been detained in the United States, a country
 in which he has lived, entered and departed many times since 1974?'' Judge 
Martha Quezada asked during a pretrial hearing.

``Well, that question needs to be asked to the authorities of the United 
States,'' replied Roger Mayorga, then chief of Nicaragua's anti-drug agency.

U.S. officials amazed

Meneses remained free

His seeming invulnerability amazed American authorities as well.

A Customs agent who investigated Meneses in 1980 before transferring elsewhere 
said he was reassigned to San Francisco seven years later ``and I was sitting in
 some meetings and here's Meneses' name again. And I can remember thinking, 
`Holy cow, is this guy still around?' ''

Blandon led an equally charmed life. For at least five years he brokered massive
 amounts of cocaine to the black gangs of Los Angeles without being arrested. 
But his luck changed overnight.

On Oct. 27, 1986, agents from the FBI, the IRS, local police and the Los Angeles
 County sheriff fanned out across Southern California and raided more than a 
dozen locations connected to Blandon's cocaine operation. Blandon and his wife, 
along with numerous Nicaraguan associates, were arrested on drug and weapons 
charges.

The search warrant affidavit reveals that local drug agents knew plenty about 
Blandon's involvement with cocaine and the CIA's army nearly 10 years ago.

``Danilo Blandon is in charge of a sophisticated cocaine smuggling and 
distribution organization operating in Southern California,'' L.A. County 
sheriff's Sgt. Tom Gordon said in the 1986 affidavit. ``The monies gained from 
the sales of cocaine are transported to Florida and laundered through Orlando 
Murillo, who is a high-ranking officer of a chain of banks in Florida named 
Government Securities Corporation. From this bank the monies are filtered to the
 Contra rebels to buy arms in the war in Nicaragua.''

Corporate records show that Murillo -- a Nicaraguan banker and relative of 
Blandon's wife -- was a vice-president of Government Securities Corporation in 
Coral Gables, a large brokerage firm that collapsed in 1987 amid allegations of 
fraud. Murillo did not respond to an interview request.

Despite their intimate knowledge of Blandon's operations, the police raids were 
a spectacular failure. Every location had been cleaned of anything remotely 
incriminating. No one was ever prosecuted.

Ron Spear, a spokesman for Los Angeles County Sheriff Sherman Block, said 
Blandon somehow knew that he was under police surveillance. Others thought so, 
too.

``The cops always believed that investigation had been compromised by the CIA,''
 Los Angeles federal public defender Barbara O'Connor said in a recent 
interview. O'Connor knew of the raids because she later defended the raids' 
leader, Sgt. Gordon, against federal charges of police corruption. Gordon, 
convicted of tax evasion, declined to be interviewed.

Lawyer suggests aid

was at root of problem

FBI records show that soon after the raids, Blandon's defense attorney, Bradley 
Brunon, called the sheriff's department to suggest that his client's troubles 
stemmed from a most unlikely source: a recent congressional vote authorizing 
$100 million in military aid to the CIA's Contra army.

According to a December 1986 FBI Teletype, Brunon told the officers that the 
``CIA winked at this sort of thing. . . . (Brunon) indicated that now that U.S. 
Congress had voted funds for the Nicaraguan Contra movement, U.S. government now
 appears to be turning against organizations like this.''

That FBI report, part of the files of former Iran-Contra Special Prosecutor 
Lawrence Walsh, was made public only last year, when it was released by the 
National Archives at the Mercury News' request.

Blandon has also implied that his cocaine sales were, for a time, CIA-approved. 
He told a San Francisco federal grand jury in 1994 that once the FDN began 
receiving American taxpayer dollars, the CIA no longer needed his kind of help.

``When Mr. Reagan get in the power, we start receiving a lot of money,'' Blandon
 testified. ``And the people that was in charge, it was the CIA, so they didn't 
want to raise any (drug) money because they have, they had the money that they 
wanted.''

``From the government?'' asked Assistant U.S. Attorney David Hall.

``Yes, for the Contra revolution,'' Blandon said. ``So we started -- you know, 
the ambitious person -- we started doing business by ourselves.''

Asked about that, prosecutor Hall said, ``I don't know what to tell you. The CIA
 won't tell me anything.''

None of the government agencies known to have been involved with Meneses and 
Blandon over the years would provide the Mercury News with any information about
 them.

A Freedom of Information Act request filed with the CIA was denied on national 
security grounds. FOIA requests filed with the DEA were denied on privacy 
grounds. Requests filed months ago with the FBI, the State Department and the 
Immigration and Naturalization Service have produced nothing so far.

None of the DEA officials known to have worked with the two men would talk to a 
reporter. Questions submitted to the DEA's public affairs office in Washington 
were never answered, despite repeated requests.

Blandon's lawyer, Brunon, said in an interview that his client never told him 
directly that he was selling cocaine for the CIA, but the prominent Los Angeles 
defense attorney drew his own conclusions from the ``atmosphere of CIA and 
clandestine activities'' that surrounded Blandon and his Nicaraguan friends.

``Was he involved with the CIA? Probably. Was he involved with drugs? Most 
definitely,'' Brunon said. ``Were those two things involved with each other? 
They've never said that, obviously. They've never admitted that. But I don't 
know where these guys get these big aircraft . . .''

That very topic arose during the sensational 1992 cocaine trafficking trial of 
Meneses after Meneses was arrested in Nicaragua in connection with a staggering 
750-kilo shipment of cocaine. His chief accuser was his friend Enrique Miranda, 
a relative and former Nicaraguan military intelligence officer who had been 
Meneses' emissary to the cocaine cartel of Bogota, Colombia. Miranda pleaded 
guilty to drug charges and agreed to cooperate in exchange for a seven-year 
sentence.

In a long, handwritten statement he read to Meneses' jury, Miranda revealed the 
deepest secrets of the Meneses drug ring, earning his old boss a 30-year prison 
sentence in the process.

``He (Norwin) and his brother Luis Enrique had financed the Contra revolution 
with the benefits of the cocaine they sold,'' Miranda wrote. ``This operation, 
as Norwin told me, was executed with the collaboration of high-ranking 
Salvadoran military personnel. They met with officials of the Salvadoran air 
force, who flew (planes) to Colombia and then left for the U.S., bound for an 
Air Force base in Texas, as he told me.''

Meneses -- who has close personal and business ties to a Salvadoran air force 
commander and former CIA agent named Marcos Aguado -- declined to discuss 
Miranda's statements during an interview at a prison outside Managua in January.
 He is scheduled to be paroled this summer, after nearly five years in custody.

U.S. General Accounting Office records confirm that El Salvador's air force was 
supplying the CIA's Nicaraguan guerrillas with aircraft and flight support 
services throughout the mid-1980s.

Miranda did not name the Air Force base in Texas where the FDN's cocaine was 
purportedly flown. The same day the Mercury News requested official permission 
to interview Miranda, he disappeared.

While out on a routine weekend furlough, Miranda failed to return to the 
Nicaraguan jail where he'd been living since 1992. Though his jailers, who 
described him as a model prisoner, claimed Miranda had escaped, they didn't call
 the police until a Mercury News correspondent showed up and discovered he was 
gone.

He has not been seen in nearly a year.

Additional reporting for this series in Nicaragua and Costa Rica was done by 
Managua journalist Georg Hodel. Research assistance at the Nicaraguan Supreme 
Court in Managua was done by journalist Leonore Delgado.


This material is copyrighted and may not be republished without permission of 
the originating newspaper or wire service. NewsHound is a service of the San 
Jose Mercury News. For more information call 1-888-344-6863.



-- 
"Of all tyrannies a tyranny sincerely  exercised for the good of its victims  
 may be the most  oppressive.  It may be better to live under  robber barons  
 than  under  omnipotent  moral busybodies,  The robber baron's  cruelty may  
 sometimes sleep,  his cupidity may at some point be satiated; but those who  
 torment us for own good  will torment us  without end,  for they do so with 
 the approval of their own conscience."    -   C.S. Lewis, _God in the Dock_ 
+---------------------+--------------------+----------------------------------+
|Julian Assange RSO   | PO Box 2031 BARKER | Secret Analytic Guy Union        |
|proff at suburbia.net   | VIC 3122 AUSTRALIA | finger for PGP key hash ID =     |
|proff at gnu.ai.mit.edu | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 |
+---------------------+--------------------+----------------------------------+





From rwright at adnetsol.com  Tue Aug 20 00:54:51 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Tue, 20 Aug 1996 15:54:51 +0800
Subject: Naked woman decapitates man on Internet!!!
Message-ID: <199608200525.WAA07745@adnetsol.adnetsol.com>


On Or About 19 Aug 96, 20:37, Timothy C. May wrote:

> At 2:00 AM 8/20/96, Lucky Green wrote:
> >On Mon, 19 Aug 1996, Mark O. Aldrich wrote:
> >
> >> On Mon, 19 Aug 1996, Rich Graves wrote:
> >>
> >> http://www.grotesque.com/
> >That was intense...
> 
> But not as intense as it could be with Internet video!
> 
> --Tim May

Sick, stuff.  Yet everyone has to sneek a peek, just like a car 
crash.  Hey, I did.  I made the whole trip through the lurid pages.

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From jimbell at pacifier.com  Tue Aug 20 01:11:49 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 20 Aug 1996 16:11:49 +0800
Subject: [RANT] Death of Usenet: Film at 11
Message-ID: <199608200551.WAA05510@mail.pacifier.com>


At 01:34 PM 8/19/96 -0700, Mike Duvos wrote:

>The alternative to doing something reasonable like this is
>probably to see mass migration from "banned newsgroups" to
>off-topic groups, like Lolita pictures in rec.pets.cats, when the
>inevitable crackdown comes.

Or, perhaps, rec.humbert.humbert.humbert.humbert.humbert.humbert    B^)   (2x3=6)

Jim Bell
jimbell at pacifier.com





From frantz at netcom.com  Tue Aug 20 01:33:31 1996
From: frantz at netcom.com (Bill Frantz)
Date: Tue, 20 Aug 1996 16:33:31 +0800
Subject: "Utilization Review"
Message-ID: <199608200618.XAA18824@netcom8.netcom.com>


At  5:58 PM 8/19/96 -0700, Rich Graves wrote:
>On Mon, 19 Aug 1996, Bill Frantz wrote:
>> Perhaps, within our current social order, medical savings plans
>> are the best option on the table.
>
>What alternative social orders can you envision that would handle this
>problem elegantly? I can't think of any off the top of my head.

Well, under Cryptoanarchy the whole problem disappears.  Your medical
records are handled as per your contract with your doctor.  There are no
3rd party payers who have a stake.  With no taxes, the deduction for
medical savings plans disappears and with it the principle reason for them.
 (People would still need to save for medical costs.)
 

>Medical savings plans do not work for anyone but the extremely rich and
>healthy, because few normal people can self-insure to cover the risk.

The risk of catastrophic illness is indeed significant, but statistically
rare.  If we assume people will insure for it, and insurance companies
still have access to the records of the care they pay for, then we are
still better off than we are today with all care being paid by insurance
companies.  In this scenario, routine medical care is being paid by the
patient, and the records can be private between the patient and the doctor.
 This kind of system would prevent the general availability of information
such as whether a patient had a vasectomy.

Note that in the general case, people are healthy in their youth, and can
build up savings for when health problems develop with age.  TANSTAAFL.  On
the average, everyone has to pay the cost of their medical care.


>There's also the little matter of letting your doctor know your medical
>history.

I have no problem letting my doctor know my medical history protected by
doctor-patient confidentiality.  It's the insurance company/human resources
department/government access I worry about.


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From qut at netcom.com  Tue Aug 20 01:33:33 1996
From: qut at netcom.com (Roger Healy OBC)
Date: Tue, 20 Aug 1996 16:33:33 +0800
Subject: [RANT] Death of Usenet: Film at 11
In-Reply-To: <199608200001.RAA02120@netcom8.netcom.com>
Message-ID: <199608200621.XAA18741@netcom.netcom.com>


ON
> 
> At  1:34 PM 8/19/96 -0700, Mike Duvos wrote:
> >Permit me to go off in an orthogonal direction here and say that
> >I think that we should do away with the concept of a pre-ordained
> >newsgroups in Usenet entirely, in favor of an IRC-like dynamic 
> >creation of message pools.
> 
> Moderated newsgroups gain reputation from their moderation policies and
> probably should not be included in this scheme.

Moderated newsgroups have very few posts because hardly anyone reads 
them.  I second the above propsed IRC-like scheme if it only would apply 
to moderated groups, because of IRC's bad reputation of moderation.





From tob at world.std.com  Tue Aug 20 01:35:48 1996
From: tob at world.std.com (Tom Breton)
Date: Tue, 20 Aug 1996 16:35:48 +0800
Subject: [RANT] Death of Usenet: Film at 11
Message-ID: <199608200631.AA05778@world.std.com>


frantz at netcom.com (Bill Frantz) writes:
> At  1:34 PM 8/19/96 -0700, Mike Duvos wrote:
> >
> Moderated newsgroups gain reputation from their moderation policies and
> probably should not be included in this scheme.

Actually, this was hashed out a long time ago on the late, lamented
news.future. I'm pleased to see ideas I fought for coming to life again.

Moderation could easily fit in. A moderation-stamp would be just one
more field for the search to work with. Someone (I think it was me but
it's been years since all this was said!) speculated that this would
actually be an improvement in several ways:

* If rejected messages were indicated by simply missing a signature of
approval, voluntary not searched for by individual readers, it would be
harder to claim moderator censorship. Or to accomplish it, for that
matter.

* Multiple independent moderators could work on the same newsgroup.

* If the stamp of approval were dissociated from the message proper,
messages could propagate without waiting for the moderator's
receive-email-and-post cycle. The moderator's "OK" would catch up later,
for those readers that wait for it.


Imminent resurrection of Usenet predicted. Film-teaser at 5.

        Tom






From tcmay at got.net  Tue Aug 20 01:56:46 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 20 Aug 1996 16:56:46 +0800
Subject: [NOISE] Naked woman decrapitates man on Internet!!!
Message-ID: <ae3eacc200021004a5e4@[205.199.118.202]>


At 10:30 PM 8/19/96, Ross Wright wrote:
>Sick, stuff.  Yet everyone has to sneek a peek, just like a car
>crash.  Hey, I did.  I made the whole trip through the lurid pages.
>

Seven billion (thousand million for you Brits) people in the world. More
than 10,000 deaths every hour, or about 5 deaths per second.

What's so sick about one measly death? Just another crime, like thousands
of others every day. They just got caught. At least he's immortalized on
the Net.

--Tim

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jk at stallion.ee  Tue Aug 20 02:11:14 1996
From: jk at stallion.ee (=?ISO-8859-1?Q?J=FCri_Kaljundi?=)
Date: Tue, 20 Aug 1996 17:11:14 +0800
Subject: Final release of Navigator (with strong crypto) now available
In-Reply-To: <4vb5ud$skn@abraham.cs.berkeley.edu>
Message-ID: <Pine.GSO.3.93.960820100154.11840A-100000@nebula>


 19 Aug 1996, Ian Goldberg wrote:

> >  No, we will only be supplying ELF.  Since linux is not officially
> >supported, we really don't have the resources to do multiple versions.
> >
> Not to mention that plugins are virtually impossible with a.out...

You really think someone will write plug-ins for Unix versions of
Netscape? I am not so sure.

J�ri Kaljundi
AS Stallion
jk at stallion.ee






From mccoy at communities.com  Tue Aug 20 02:27:29 1996
From: mccoy at communities.com (Jim McCoy)
Date: Tue, 20 Aug 1996 17:27:29 +0800
Subject: [NOISE] Re: Indonesia detains democracy activist after post to mailing list (fwd)
Message-ID: <v02140b00ae3f22e546fe@[205.162.51.35]>


Declan wrote:
[...]
> Back to Indonesia -- my column should have said the Indonesian military is
> *trying* to ban the mailing list from the country. They haven't succeeded
> yet. Time will tell.
>
> I have more information on Indonesia at http://www2.eff.org/~declan/global/
>--
> right now, use the www2 address since not all directories seem to be
> updating on the mirror servers properly right now.

For those who are curious, Indonesia is an interesting test case among the
Pacific Rim counties because the current iron-fisted ruler is beginning to
get a bit long in the tooth and no one has any idea what it going to happen
when he finally croaks.  Indonesia has had almost no political opposition
since a rather violent anti-Communist crackdown/coup in the 60s.  All media
access was rigorously controlled and the possibilities the Internet and
similar computer networking technologies offer (ObCryptoAnarchy ref...) are
just now becoming apparent to those who are in charge.  How this plays out
will have interesting reprecussions in other such countries where politicial
discourse is a new phenomenon and where the Internet is just now being seen
as a threat to the current order.

jim, former exchange student to Indonesia who hopes the transition is less
bloddy than Indonesia's last change of government...







From DMiskell at envirolink.org  Tue Aug 20 02:34:01 1996
From: DMiskell at envirolink.org (Daniel Miskell)
Date: Tue, 20 Aug 1996 17:34:01 +0800
Subject: No Subject - Lesson in cracking (cryptoanalysis 001)
Message-ID: <199608200722.DAA20149@envirolink.org>


Wait wait wait!  I have a bridge I want to sell him first.  Course, I 
shouldn't talk.  I bought the planet yesterday.  You all owe me $5k/hour rent.

Daniel.






From DMiskell at envirolink.org  Tue Aug 20 02:49:15 1996
From: DMiskell at envirolink.org (Daniel Miskell)
Date: Tue, 20 Aug 1996 17:49:15 +0800
Subject: your mail
Message-ID: <199608200720.DAA20113@envirolink.org>


I feel like a fool now.  I think I'll go slam some Jello laced with Dew and
quack like a dolphin now.

Daniel.






From cabeen at netcom.com  Tue Aug 20 03:39:57 1996
From: cabeen at netcom.com (Ted Cabeen)
Date: Tue, 20 Aug 1996 18:39:57 +0800
Subject: Netscape 3.0 and encryption choices
Message-ID: <2.2.32.19960820080407.0035a35c@netcom16.netcom.com>


In Netscape 3.0, the program allows the user to specify which encryption
standards to allow connections with.  It allows encryption with 128-bit RC4,
128-bit RC2, and 156-bit(I think)3DES.  Of these three, which would be the
most secure method?  It is possible to restrict all secure connects to be of
3DES only for example.  What would be the most secure way to go, DES or RC4?
this is the newly released US-Only downloadable copy of Netscape 3.0
--
______________________________________________________________________________
Ted Cabeen         http://shadowland.rh.uchicago.edu         cabeen at netcom.com
Check Website or finger for PGP Public Key        secabeen at midway.uchicago.edu
"I have taken all knowledge to be my province." -F. Bacon   cococabeen at aol.com
"Human kind cannot bear very much reality."-T.S.Eliot 73126.626 at compuserve.com






From rich at c2.org  Tue Aug 20 04:19:08 1996
From: rich at c2.org (Rich Graves)
Date: Tue, 20 Aug 1996 19:19:08 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <199608200513.PAA23414@suburbia.net>
Message-ID: <Pine.GUL.3.95.960820012724.5850C-100000@Networking.Stanford.EDU>


I've heard that story so many times from so many less-than-worthless sources
(primarily the wacky-left "Christic Institute" and KPFK Radio) that I find
it difficult to take it seriously. But I do. The US, Cuban, and
"entrepreneurial" actors in Central America in the 80's were so fucked up
that just about anything is possible. 

Although... I thought it was pretty funny that today's story matter-of-
factly identified Calero as a CIA agent. Yeah, and registering Republican
makes me Barbara Bush. 

At least he's not quiting Agee.

-rich






From rich at c2.org  Tue Aug 20 04:21:17 1996
From: rich at c2.org (Rich Graves)
Date: Tue, 20 Aug 1996 19:21:17 +0800
Subject: [RANT] Death of Usenet: Film at 11
In-Reply-To: <199608200631.AA05778@world.std.com>
Message-ID: <Pine.GUL.3.95.960820013922.5850D-100000@Networking.Stanford.EDU>


On Tue, 20 Aug 1996, Tom Breton wrote:

> * If rejected messages were indicated by simply missing a signature of
> approval, voluntary not searched for by individual readers, it would be
> harder to claim moderator censorship. Or to accomplish it, for that
> matter.
> 
> * Multiple independent moderators could work on the same newsgroup.
> 
> * If the stamp of approval were dissociated from the message proper,
> messages could propagate without waiting for the moderator's
> receive-email-and-post cycle. The moderator's "OK" would catch up later,
> for those readers that wait for it.

Innaresting. Sort of a reverse NoCeM. I like it, but of course you'd have to
distribute the clients by magic.

Sounds good for discussion groups, especially soc.culture.* and
soc.religion.*, but there's still a role for strictly moderated *.announce
groups. 

-rich






From gary at systemics.com  Tue Aug 20 06:51:49 1996
From: gary at systemics.com (Gary Howland)
Date: Tue, 20 Aug 1996 21:51:49 +0800
Subject: [NOISE] Naked woman decrapitates man on Internet!!!
In-Reply-To: <ae3eacc200021004a5e4@[205.199.118.202]>
Message-ID: <32199D8B.500F9F30@systemics.com>


Timothy C. May wrote:
> 
> At 10:30 PM 8/19/96, Ross Wright wrote:
> >Sick, stuff.  Yet everyone has to sneek a peek, just like a car
> >crash.  Hey, I did.  I made the whole trip through the lurid pages.
> >
> 
> Seven billion (thousand million for you Brits) people in the world. More
> than 10,000 deaths every hour, or about 5 deaths per second.

Oh please - show me a Brit who can remember a billion as a million
million, and I'll show you a Brit who remembers pounds, shillings and
pence.

Gary

(PS - I think I've figured out how to change "Trash" to "Rubbish" with
Netscape, just in case anyone's interested).
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From gbroiles at netbox.com  Tue Aug 20 07:07:34 1996
From: gbroiles at netbox.com (Greg Broiles)
Date: Tue, 20 Aug 1996 22:07:34 +0800
Subject: CS First Boston lawsuit
Message-ID: <2.2.32.19960820101053.0069d994@mail.io.com>


At 12:03 PM 8/19/96 -0400, Black Unicorn wrote:
>On Sun, 18 Aug 1996, Timothy C. May wrote:
>
>> At 3:29 AM 8/19/96, Alan Horowitz wrote:
>> >I suspect they are trying to get a judgement against "John Doe", in the
>> >hopes of tracking him down later.
>> >
>> >Actually, if I had a sizeable judgement against such a John Doe, I could
>> >probably find a private detective who would find the dude for a
>> >contingent fee. Wow, a whole new class of factoring (commerce definition)
>> >opens up. Get me a lawyer....

Sure, there are collection people who do this regularly; it's also possible
to sell judgements for a fraction of their face value. 

>> Lawyers out there can and should correct me if I'm wrong, but I don't
>> believe either the criminal or civil justice system has the concept of a
>> "John Doe" trial! The ability to have the advice of an attorney, to
>> confront one's accusers, cross-examine witnesses, and mount a defense, and
>> all that constitutional stuff. Rather hard to do if the trial is in the
>> past tense.
>> 
>> Can you cite an example of such a "John Doe" trial in the U.S.?
>
>Not exactly, but judgements against John Doe's or even "$956,334.34" are
>common.  Typically they are default judgements where a property seizure is
>involved.
>
>"The United States of America v. $534,444.00" and "The United States of
>AMerica v. One Red Porsche" is a common theme.

It is possible to name unknown defendants in a suit - the tradition is to
name them as, literally, "John Doe" or "John Does 1-6, unknown Washington
County Sheriff's Deputies". The idea is that at some point prior to trial
you'll learn the names of the defendants and then ask the court for
permission to amend your complaint to add the newly found names. 

(e.g., Oregon Rule of Civil Procedure 20(H): "Fictitious Parties. When a
party is ignorant of the name of an opposing party and so alleges in a
pleading, the opposing party may be designated by any name, and when such
party's true name is discovered, the process and all pleadings and
proceedings in the action may be amended by substituting the true name.")

But naming someone in a suit is not sufficient to give them notice that
they've been sued, so that they know to file an answer and otherwise defend
themselves. At least in Oregon (state & Fed courts, since Fed courts borrow
the state's rules for service of process, Fed Rul Civ Pro 4(e)(1)), service
by publication (as mentioned in another message) is only allowed where the
plaintiff files an affidavit that they have tried every other appropriate
means of service and they have been unsuccessful, or that they have reason
to know it will be unsuccessful. ORCP 7(D)(7). Service by publication is
relatively rare. 

So Tim's correct (at least as far as I know, and I sure don't know
everything) when he says that John Doe *trials* are essentially unknown -
because if defendant(s) don't appear for trial but have been served, the
plaintiff can get a default judgement against them - which makes a trial
unnecessary, at least for those defendants. 

It's also possible (sometimes) for a defendant to overturn a default
judgement and ask for a real trial, if they can show that there was a good
reason why they didn't respond initially. Bad (or unattempted) service of
process is usually a good reason. 

The John Doe lawsuits are more likely to falter at the service-of-process
stage; before you get to ask for a default judgment, you've got to prove
that the defendant was served. And if you don't even know their name, it's
tough to serve them with the summons & complaint. No service, no judgement. 

The connection between the service-of-process problem and the in rem cases
Black Unicorn mentioned (e.g., "United States v. $405,089.23") is that the
owner of the property is supposedly put on notice by the seizure or
attachment of the property itself. A court can exercise jurisdiction over
*stuff* (e.g., property) and enter a judgement against the stuff even if it
hasn't gained jurisdiction (via service of process) over the person who owns
the stuff. In the most common seizures, the stuff is seized from one or more
people; those people are also given notice of the seizure and their right to
contest it.

(which is not to say that I'm a fan of forfeiture - I'm not - but the cases
I've seen/worked on haven't suggested that lack of notice is a problem.
Claimants/owners/possessors don't always understand the notice they're given
at seizure, and they don't always bother to act within the awfully short
deadlines (10-15 days, in some cases) required to file a claim. But people
do get (arguably inadequate) notice.) 

To some extent, in rem jurisdiction is practically necessary - otherwise
it'd be possible to have property in a wrong place, or creating
unwanted/harmful effects, which could not be legally moved or changed
without service of process on the owner - who may be dead or travelling or
uninterested or just hard to find. If cryptoanarchy becomes more prevalent,
and it becomes more difficult to trace ownership and control of interesting
stuff (e.g., physical or intellectual property, and/or "bots" of one flavor
or another), look for more in rem actions, not fewer.   

(I can't think of an example of a John Doe criminal proceeding, except that
I believe grand juries can hear testimony and investigate crimes where a
target has not yet been identified. But that's a very early stage of
criminal proceedings where the defendant doesn't have many rights even if
they are identified; so the lack of notice isn't much of an injury.) 

--
Greg Broiles                |"Post-rotational nystagmus was the subject of
gbroiles at netbox.com         |an in-court demonstration by the People
http://www.io.com/~gbroiles |wherein Sgt Page was spun around by Sgt
                            |Studdard." People v. Quinn 580 NYS2d 818,825.






From gem at rellim.com  Tue Aug 20 07:22:48 1996
From: gem at rellim.com (Gary E. Miller)
Date: Tue, 20 Aug 1996 22:22:48 +0800
Subject: 2nd request!
In-Reply-To: <199608131847.LAA01140@mail.compcurr.com>
Message-ID: <Pine.LNX.3.93.960815115338.20280B-100000@ns1.aplatform.com>


Yo Ariel!

On Tue, 13 Aug 1996 ariel at compcurr.com wrote:

> *******************************************************
> Inside Currents
> Vol 1, No. 5
> August 13, 1996
> 
> Inside Currents Newsletter
> An electronic update from Computer Currents Interactive
> http://www.currents.net
> 
> *******************************************************
> CONTENTS:
> 
> 1. Tech Support, on and off line:  This week's cover story in Computer
> Currents Magazine
> http://www.currents.net/covr
> 
> 2.  Gigglebytes turns 10!
> http://www.currents.net/gigg
> 
> 3. Check out our online Shopping Mall
> http://www.currents.net/mall
> 
> 4. Computer Catalogs Online
> http://www.currents.net/catalogs
> 
> 5. Coming soon, from Computer Currents Interactive
> 
> 6.  Computer Currents Interactive membership information
> http://www.currents.net/members
> 
> *****************************************************
> 1. Tech Support, on and off line:  
> Do you need help navigating the sea of available tech support resources?
> Read our exclusive Computer Currents cover story for information about 
> third
> party software and hardware support companies who sell phone support, plus
> fee and free online help you can find on the internet.  Also, new in our
> Columns section: "Corporate PC" looks at Post-It Software Notes; "Gizmos"
> explores the chaotic world of videoconferencing; Net Surfer tries Offline
> Web Browsing. 
> 
>        http://www.currents.net/covr
> 
> 
> 2. Gigglebytes turns 10!
> This month Computer Currents magazine celebrates the 10th anniversary of
> Gigglebytes. 
> Join author Lincoln Spector as he revisits his favorite articles over the 
> past
> decade.  Gigglebytes gives readers a humorous view on computer industry 
> events,
> trends and people.  
> 
>        http://www.currents.net/gigg
> 
> 3. Check out our online Shopping Mall
> Our new shopping mall area is still under construction, but we're already
> bringing together an exciting range of regionally based goods and 
> services.
> Of special note: Our Net Quote service allows you to solicit price bids on
> computer equipment--you can let the stores come to you.
> 
>         http://www.currents.net/mall
> 
> 
> 4. Computer Catalogs Online
> If you're thinking of buying a new computer, check out the new section 
> we've
> got up and running!  Now our users can research computer stores in
> their area (or mail order), and browse available hardware listings.  You 
> can
> find local contact numbers with just the click of a mouse!
> 
>         http://www.currents.net/catalogs
> 
> 5. Coming soon, from Computer Currents Interactive
> Discount coupons you can print out and use with local retailers;
> more ways to order online through CCI; our enhanced "Computer Advisor" 
> section;
> stimulating chat rooms and forums; contests and surveys; more FREE stuff.
> 
> 
> 6. Computer Currents Interactive membership
> CCI Membership is FREE and benefits abound! Create and edit your own 
> Gallery
> page,
> post your resume in our Talent Bank, receive special product discounts 
> from
> CCI vendors,
> participate in contests and surveys, and much more! If you're not already 
> a
> member, join CCI today.
> 
>        http://www.currents.net/members
> 
> *****************************************************
> How to subscribe to Inside Currents:
> 
> To Subscribe:
> 1. Join CCI at https://www.currents.net/members
> 2. Check yes to "subscribe to Inside Currents" box.
> 
> To Unsubscribe:
> 
>  1. If you are NOT interested in receiving Inside Currents, cut and paste
> this sentence and e-mail us at
> caliban at compcurr.com. We'll remove your address from our list. Please be
> sure to include your user name.
> 
> 2. If you need further assistance, please send e-mail to 
> ariel at compcurr.com
> 
> 
> *******************************************************
> Computer Currents Interactive   http://www.currents.net
> The full-service online resource for computer users!
> *******************************************************
> 
> 
> 


Please remove me, and my associated companies (aplatform.com, inow.com,
megamed.com, and rellim.com) from your SPAM list.

Do NOT respond to this message in any way.  Just go away!

It is in violation of United States Code, Title 47, Chapter 5, Subchapter II
to send an unsolicited email of any sort in the US.

Check out the following URL for information on your new legal liability:
	http://www.law.cornell.edu/uscode/47/227.html

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 2680 Bayshore Pkwy, #202 Mountain View, CA 94043-1009
gem at rellim.com  Tel:+1(415)964-1186 Fax:+1(415)964-1176 BBS:+1(415)964-8821






From bdolan at use.usit.net  Tue Aug 20 07:38:31 1996
From: bdolan at use.usit.net (Brad Dolan)
Date: Tue, 20 Aug 1996 22:38:31 +0800
Subject: AZ DMV: Citizenship to Drive? (fwd)
Message-ID: <Pine.SOL.3.91.960820073652.6866M-100000@use.usit.net>


Your papers, please?

---------- Forwarded message ----------
Date: Mon, 19 Aug 1996 21:04:07 -0700 (PDT)
From: Bob Witanek <bwitanek at igc.apc.org>
To: Recipients of pol-abuse <pol-abuse at igc.apc.org>
Subject: AZ DMV: Citizenship to Drive?

Posted: gdiazj at IMAP1.ASU.EDU

Today the Arizona Department of Motor Vehicles began requiring
proof of citizenship before issuing a drivers license or a state
identification. This policy was established by HB 2154 which passed
this last session (this one slipped passed me).

I am helping organize people in Arizona to oppose this.  Please
send your information ASAP, we need you your help.

VIVA LA RAZA
George Diaz, Jr.
gdiazj at imap1.asu.edu
GDIAZJ at aol.com
gdiaz at ci.phoenix.az.us







From bdolan at use.usit.net  Tue Aug 20 07:46:47 1996
From: bdolan at use.usit.net (Brad Dolan)
Date: Tue, 20 Aug 1996 22:46:47 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.GUL.3.95.960820012724.5850C-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SOL.3.91.960820073933.6866N-100000@use.usit.net>


Roger Morris has documented the base story nicely, first in an article 
intended for the Washington Post (but which wound up in Penthouse when the 
Post got cold feet) and now in a book, _Partners in Power_.

bd

On Tue, 20 Aug 1996, Rich Graves wrote:

> I've heard that story so many times from so many less-than-worthless sources
> (primarily the wacky-left "Christic Institute" and KPFK Radio) that I find
> it difficult to take it seriously. But I do. The US, Cuban, and
> "entrepreneurial" actors in Central America in the 80's were so fucked up
> that just about anything is possible. 
> 
> Although... I thought it was pretty funny that today's story matter-of-
> factly identified Calero as a CIA agent. Yeah, and registering Republican
> makes me Barbara Bush. 
> 
> At least he's not quiting Agee.
> 
> -rich
> 
> 





From gary at systemics.com  Tue Aug 20 10:05:29 1996
From: gary at systemics.com (Gary Howland)
Date: Wed, 21 Aug 1996 01:05:29 +0800
Subject: search engine improvement
In-Reply-To: <199608191931.VAA02971@digicash.com>
Message-ID: <3219B61D.7566F4CF@systemics.com>


bryce at digicash.com wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Keywords: distributed ratings systems, search engines, spiders,
> spiderspace, idea futures, The Shockwave Rider, John Brunner
> 
> You know there is a trick that might greatly improve the
> effectiveness of a search engine at almost no cost to the end
> user.  It is the well-known heuristic of "If Person A likes X
> and Y, and Person B likes X, then Person B probably likes Y.",
> combined with passive polling (which is getting information
> about people's opinions just by watching their actions, instead
> of by asking them).

Have you seen the similarities engine
(http://www.ari.net/se/ise/001/WC000001.html) that tries to find
similarities between bands?  I can't see a reason this wouldn't work for
web pages.  (Films would be noce too).

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From lharrison at csbh.mhv.net  Tue Aug 20 10:55:31 1996
From: lharrison at csbh.mhv.net (Lynne L. Harrison)
Date: Wed, 21 Aug 1996 01:55:31 +0800
Subject: Hackers invade DOJ web site
Message-ID: <1.5.4.16.19960820135236.0ca75906@pop.mhv.net>


At 07:08 PM 8/19/96 -0500, Igor Chudov wrote:
>
>I personally find the web page very well and artistically done, and
>extremely funny. The guy who did it had a good taste.

  I personally found the page to be offensive and disagree highly with the
person having "good taste".
  Following the premise that another posted to this list, there were ways of
focusing on opposing the CDA without insulting women and/or minorities.  I
also agree that this act is going to backfire by giving the DOJ fodder when
the case reaches the Supreme Court.
  IMO, it was patently obvious that it was a kid or kids that did it who
gave no substantial thought on the consequences of his/their act.


  

************************************************************
Lynne L. Harrison, Esq.       |    "The key to life:
Poughkeepsie, New York        |     - Get up;
lharrison at mhv.net             |     - Survive;
http://www.dueprocess.com     |     - Go to bed."
************************************************************

DISCLAIMER:  I am not your attorney; you are not my client.
             Accordingly, the above is *NOT* legal advice.






From David.K.Merriman at toad.com  Tue Aug 20 11:22:57 1996
From: David.K.Merriman at toad.com (David.K.Merriman at toad.com)
Date: Wed, 21 Aug 1996 02:22:57 +0800
Subject: 128-bit IE3.0 adventures
Message-ID: <199608201443.HAA12195@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com, webmaster at microsoft.com
Date: Tue Aug 20 09:42:56 1996
I *finally* managed to get through to the 1-800 number that pops up when an 
attempted download of 128-bit MSIE 3.0 fails. They can only send out 
128-bit version *2.0*, it seems. They referred me to the 1-800 Sales 
number, but of course, the sales droids weren't savvy enough to understand 
the problem, and tried to hand me off to a 206 area code number. At that 
point, I called off the drill - I'm not going to pay for a toll call to fix 
MS's screwup.

"original" 800 number: 1-800-455-2959
Alternate 800 number: 1-800-426-9400 (autobot) - select 3, then 4, then 1 
to get a Real Person.

Anyone else upset about being denied might want to give them a call, too. 
Who knows, maybe if they get enough calls, they'll send someone to fix it.

Dave

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome, encouraged, and PREFERRED. Visit my web
site at         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
I use Pronto Secure (tm) PGP-fluent Email software for Windows
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhkYK8VrTvyYOzAZAQE0SgQApRBedkueeR2JTAJknfA7JGER/oNReVUK
i8ImmNzjQDeionIkMbV2CuGOE/DwblVQ2yDgnUIBteNAFeiebwzdxaw9ysRKshRY
5AuvmXCyVsFJMNICFlZwNTRH+x4h7EPqA5BPxXJb+3b0sxWxqFcnU8QocJlFq+ap
ksb0mwgbVYc=
=L3IC
-----END PGP SIGNATURE-----






From jamesd at echeque.com  Tue Aug 20 11:31:21 1996
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 21 Aug 1996 02:31:21 +0800
Subject: Indonesia detains democracy activist after post to mailing list (fwd)
Message-ID: <199608201454.HAA04784@dns2.noc.best.net>


At 03:18 PM 8/19/96 -0700, Rich Graves wrote:
> You know, Amnesty
> has some outstanding policies regarding accuracy, objectivity, and
> universality.

Such as their policy that disappearances in Cuba are only mentioned in 
a vague and euphemistic way somewhere in the fine print of the middle
of their Cuban reports, whereas similar disappearances are shouted from
the rooftops when they happen in right wing South American dictatorships?
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From dlv at bwalk.dm.com  Tue Aug 20 11:37:00 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Wed, 21 Aug 1996 02:37:00 +0800
Subject: [RANT] Death of Usenet: Film at 11
In-Reply-To: <Pine.GUL.3.95.960820013922.5850D-100000@Networking.Stanford.EDU>
Message-ID: <9wJysD56w165w@bwalk.dm.com>


Rich Graves <rich at c2.org> writes:
> > * If rejected messages were indicated by simply missing a signature of
> > approval, voluntary not searched for by individual readers, it would be
> > harder to claim moderator censorship. Or to accomplish it, for that
> > matter.
> >
> > * Multiple independent moderators could work on the same newsgroup.
> >
> > * If the stamp of approval were dissociated from the message proper,
> > messages could propagate without waiting for the moderator's
> > receive-email-and-post cycle. The moderator's "OK" would catch up later,
> > for those readers that wait for it.
>
> Innaresting. Sort of a reverse NoCeM. I like it, but of course you'd have to
> distribute the clients by magic.

Why 'reverse'? NoCeM's can be used to both 'hide' and 'highlight' articles.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From rp at rpini.com  Tue Aug 20 12:00:54 1996
From: rp at rpini.com (Remo Pini)
Date: Wed, 21 Aug 1996 03:00:54 +0800
Subject: [NOISE] Naked woman decrapitates man on Internet!!!
Message-ID: <9608201457.AA17813@srzts100.alcatel.ch>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Tue Aug 20 16:55:54 1996
> Seven billion (thousand million for you Brits) people in the world.
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Actually everybody uses billion as 10^12 (except Americans -> 10^9).

;-) America is getting more and more of an island... ;-)

- ------< fate favors the prepared mind >------
Remo Pini                        rp at rpini.com
PGP:  http://www.rpini.com/crypto/crypto.html
- ----< words are what reality is made of >----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMhnR+xFhy5sz+bTpAQFAvggAwnWNgUTs0vpnwtK34AJjictQlLOZrhYl
ANY8xoZ3cLKlcLZmLIo2m+N9QOrO9Bdp4Q1op1KTa9BUUDH0vl5rZak5C/L/+TKw
EDp2N143ANWGrz5xd3BgFd/ly8VEPwVGQc85yjW6noRIl+5GUHaYKtNPGzr0V6oU
d83igcL3/zU9GGwT6l1r7o/U/+cjy6Poui2IZYlVqy564kE2s71ztlVH687ZAHaF
ZTRdkLZqi56AjI1g684zKik0qQ98SdQpHqz1CpzT6BuDS954bk3gip95Znu4PtYu
vSEDTsTNf05jNqpjDHTLtPSSELgjNmA07Sb8PLlqJOWLcWVmYQP3Eg==
=8mhr
-----END PGP SIGNATURE-----






From jbugden at smtplink.alis.ca  Tue Aug 20 12:01:00 1996
From: jbugden at smtplink.alis.ca (jbugden at smtplink.alis.ca)
Date: Wed, 21 Aug 1996 03:01:00 +0800
Subject: [NOISE] Naked woman decrapitates man on Internet!!!
Message-ID: <9607208405.AA840563232@smtplink.alis.ca>


tcmay at got.net (Timothy C. May) wrote:
>Seven billion (thousand million for you Brits) people in the world. More
>than 10,000 deaths every hour, or about 5 deaths per second.

>What's so sick about one measly death? Just another crime, like >thousands of
others every day. They just got caught. At least he's >immortalized on the Net.

Only 24 hours in each day. How do you spend your time?

James

Spray my name on a subway train
Carve my name in a video game
Out looking for the camera crew
Sell my soul for a second on the six-o'clock news
Gonna live 'til the bubble pops
Hold my breath when the big one drops
Immortality is what I'm buying
But I'd rather be immortal
                by not dying.






From sean at rosewood.his.ucsf.EDU  Tue Aug 20 12:19:14 1996
From: sean at rosewood.his.ucsf.EDU (Sean McGrath)
Date: Wed, 21 Aug 1996 03:19:14 +0800
Subject: Indonesia detains democracy activist after post to mailing list (fwd)
Message-ID: <Pine.A32.3.91.960820075229.31719B-100000@rosewood.his.ucsf.edu>



> ...llike the Berkeley administration's reading student email ...
 
This was a paranoid fantasy that became a rumor and is on its was to an 
urban ledgend.  The UC administration does not have the inclination, 
interest or resources to monitor email.

Sean McGrath







From ses at tipper.oit.unc.edu  Tue Aug 20 12:24:55 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Wed, 21 Aug 1996 03:24:55 +0800
Subject: search engine improvement
In-Reply-To: <3219B61D.7566F4CF@systemics.com>
Message-ID: <Pine.SUN.3.91.960820110529.9582A-100000@tipper.oit.unc.edu>


The idea of sharing ratings on the web is literally as old as the web; 
it was part of the original idea (remember the original client was also an 
editor). 



 ---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From willday at rom.oit.gatech.edu  Tue Aug 20 13:01:51 1996
From: willday at rom.oit.gatech.edu (Will Day)
Date: Wed, 21 Aug 1996 04:01:51 +0800
Subject: Hackers invade DOJ web site
In-Reply-To: <199608180942.EAA08054@snoopy.vetmed.auburn.edu>
Message-ID: <199608201554.LAA04383@rom.oit.gatech.edu>


-----BEGIN PGP SIGNED MESSAGE-----

A short time ago, at a computer terminal far, far away, Frank Stuart wrote:
>however, I think those in a position to do so should start with the spin
>control.  Some suggestions:
>
>   The fact that even the U.S. Justice Department is unable to adequately
>   protect it's own site from intruders underscores the need for widely-
>   available strong encryption.
>
>   While this is certainly a major embarrassment for the Justice Department,
>   at least the mandatory "key escrow" program the Clinton administration is
>   insisting upon has not yet been implemented; no private citizens' data
>   appears to have been compromised this time.
>
>   It's doubtful that a new law or government bureaucracy would have prevented
>   this from happening but it's entirely possible that tools such as strong
>   encryption could have.  It's ironic that the U.S. Government is focusing on
>   the former while fighting use of the latter.

I understand how it affects their claim for the security of escrowed
keys, but I'm afraid I don't follow the other argument.  How would the
wide availability of strong encryption have helped prevent the breakin?
How would encryption in general prevent breakins?  I'd love to use this
as an argument for strong encryption, but I don't see how it really
applies.

===
Will Day       <PGP mail preferred>           *  *  *  *  *  *  *  *  *  *  *
willday at rom.oit.gatech.edu                      HARRY BROWNE FOR PRESIDENT
http://rom.oit.gatech.edu/~willday/            http://www.HarryBrowne96.org/
OIT, Georgia Tech, Atlanta 30332-0715         *  *  *  *  *  *  *  *  *  *  *
  =->  Opinions expressed are mine alone and do not reflect OIT policy  <-=

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQCVAwUBMhnfhRDHlOdPw2ZdAQHIagQAktlsSEN4Ojt54JwZqWIujZ3BDc9n8e5D
tokubxvVSdMyh9v/xVhVBfIOne1/+htiMdTWHYch0ZrJGqPR3rbicnuVm57Qq964
KMR9E3P9jNBgo+V9J3V01GcT3+VzxyOMTKqq64fLlRDnF1dg+UNWfCxNYc3bQnw+
HvYOMUv8mqs=
=k72n
-----END PGP SIGNATURE-----





From cmcurtin at research.megasoft.com  Tue Aug 20 13:05:18 1996
From: cmcurtin at research.megasoft.com (C Matthew Curtin)
Date: Wed, 21 Aug 1996 04:05:18 +0800
Subject: Securing Internet mail at the MTA level
Message-ID: <199608201529.LAA01469@goffette.research.megasoft.com>



Hi,

Recently, I've been looking into securing email at the MTA level, and
would like to get your thoughts on implementation possibilities and
related issues.

The problems that I'm trying to solve are:
    1. Host authentication
    2. Data privacy

In order for the widespread encryption to work, several things need to
occur:
    1. Phase-in of the new stuff
    2. Backward compatibility (ability to continue to work in the
       clear) for a period of years
    3. A single worldwide mechanism, defined by an RFC, and freely
       available, except, perhaps, in the case of commercial
       MTAs. (i.e., the use of RSA seems appropriate for host and
       session key management, and is free via RSAREF in the US, free
       outside of the US, but not free for commercial use. This seems
       acceptable to me.)

Two types of approaches are possible:
    1. Adding to the SMTP protocol itself, allowing for MTAs to
       identify crypto-capable peers, and then performing
       authentication and session encryption where possible.
    2. Waiting for a cryptographic transport layer network protocol
       (such as what is being proposed in draft-ietf-tls-ssh-00),
       allowing SMTP to remain untouched, and only requiring MTAs to
       add support for the new network protocol.

I like the second approach better, because it allows more problems to
be solved with one move, and it would be easier to add crypto
functionality to our common network utilities by simply making them
aware of the new transport layer protocol. The first approach would
require redefinitions of RFCs for each of the services, and lots of
redundant work.

I mentioned my interest in an SSH-capable MTA to Tatu Ylonen
<ylo at ssh.fi>, and he as also expressed interest. The word from him on
the status of the SSH Internet Draft is that a reference
implementation should be available early next month. I'm considering
using that reference implementation to add SSH capability to an MTA,
perhaps sendmail.

My questions are:
    1. Which of the two approaches seems to make the most sense to
       you?
    2. Is there another approach that could work better?
    3. Is there interest in adding SSH functionality to sendmail in
       the near future (either by the draft spec, or once the RFC has
       been published)?

Please feel free to pass this around, if you deem appropriate. I'm
interested in lots of feedback before deciding if and how to go ahead
with the project.

Thanks.

-- 
C Matthew Curtin        MEGASOFT, LLC        Director, Security Architecture
I speak only for myself.  Don't whine to anyone but me about anything I say.
Hacker Security Firewall Crypto PGP Privacy Unix Perl Java Internet Intranet
cmcurtin at research.megasoft.com http://research.megasoft.com/people/cmcurtin/





From bdavis at thepoint.net  Tue Aug 20 13:13:52 1996
From: bdavis at thepoint.net (Brian Davis)
Date: Wed, 21 Aug 1996 04:13:52 +0800
Subject: Billy boy's satellites [Was - Floating DataHaven]
In-Reply-To: <ae3de8c50f02100494d9@[205.199.118.202]>
Message-ID: <Pine.BSF.3.91.960820122328.689C-100000@mercury.thepoint.net>


On Mon, 19 Aug 1996, Timothy C. May wrote:

<Discussion re LEO satellites deleted>
> 
> There are also two major competing systems, also not yet deployed. One is
> the Microsoft-McCaw Cellular project, another is being done by an aerospace
> company working with Qualcomm, or a subsidiary. Again, the Web should
> produce the information for anyone interested.
> 
> Which of the three (and maybe more) systems will actually get deployed, and
> which will succeed in the market, is an interesting question.
> 
> There's some obvious crypto/GAK/New World Order issues: many countries may
> not care for a communications system which allows citizen-units or enemy
> agents to make phone calls from the middle of the Kalahari desert or from
> within the jungles of Burma.
>

Or the streets of New York or Washington.  Not too long ago, in my former 
life as a federal prosecutor, I attended a Computer Crimes conference at 
Quantico (the FBI part, not the Marine part).  One of the speakers 
discussed LEO satellites and satellite cellular phones.  The "difficulty" 
in wiretapping those phones was of grave concern to most of those present....

EBD

 
> (The Israelis, for example, are insisting that all handheld units have
> Explosives Escrow, for detonation with appropriate official orders.)
> 
> --Tim May
> 
> Boycott "Big Brother Inside" software!
> We got computers, we're tapping phone lines, we know that that ain't allowed.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
> Licensed Ontologist         | black markets, collapse of governments.
> "National borders aren't even speed bumps on the information superhighway."
> 
> 
> 
> 
> 





From rwright at adnetsol.com  Tue Aug 20 13:29:01 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Wed, 21 Aug 1996 04:29:01 +0800
Subject: BlackNet: Commercial Posts?
Message-ID: <199608201616.JAA18450@adnetsol.adnetsol.com>


On Or About 19 Aug 96, 18:40, Timothy C. May wrote:

> At 1:05 PM 8/19/96, Ross Wright wrote:
> >
> >My question to the list:
> >
> >Who benefits from all this publicity and brew-ha-ha?  Who makes all
> >the BlackNet money?  Who really cares if it is a Data Haven or just
> >a remailer?  I'm just asking.
> 
> Well, obviously I do. I receive $1.42 for every posting which
> mentions BlackNet, 7% of gross sales for all commercial
> transactions, and 12.5% plus a sliding finder's fee for all military
> and intelligence secrets sold via BlackNet.
> 
> But all true paranoiacs knew this.
> 
> --Aldrich Ames
> 
Hey, It's not funny.  So this is freeware?  I thought someone offered 
3 mil for the program.  Tim, you wrote this thing?  So who owns it 
now?  Can it be owned?  Maybe I misunderstand.

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From unicorn at schloss.li  Tue Aug 20 13:41:39 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Wed, 21 Aug 1996 04:41:39 +0800
Subject: CS First Boston lawsuit
In-Reply-To: <2.2.32.19960820101053.0069d994@mail.io.com>
Message-ID: <Pine.SUN.3.94.960820121113.10677A-100000@polaris>


On Tue, 20 Aug 1996, Greg Broiles wrote:

> At 12:03 PM 8/19/96 -0400, Black Unicorn wrote:
> >On Sun, 18 Aug 1996, Timothy C. May wrote:
> >
> >> At 3:29 AM 8/19/96, Alan Horowitz wrote:
> >> >I suspect they are trying to get a judgement against "John Doe", in the
> >> >hopes of tracking him down later.
> >> >
> >> >Actually, if I had a sizeable judgement against such a John Doe, I could
> >> >probably find a private detective who would find the dude for a
> >> >contingent fee. Wow, a whole new class of factoring (commerce definition)
> >> >opens up. Get me a lawyer....
> 
> Sure, there are collection people who do this regularly; it's also possible
> to sell judgements for a fraction of their face value. 
> 
> >> Lawyers out there can and should correct me if I'm wrong, but I don't
> >> believe either the criminal or civil justice system has the concept of a
> >> "John Doe" trial! The ability to have the advice of an attorney, to
> >> confront one's accusers, cross-examine witnesses, and mount a defense, and
> >> all that constitutional stuff. Rather hard to do if the trial is in the
> >> past tense.
> >> 
> >> Can you cite an example of such a "John Doe" trial in the U.S.?
> >
> >Not exactly, but judgements against John Doe's or even "$956,334.34" are
> >common.  Typically they are default judgements where a property seizure is
> >involved.
> >
> >"The United States of America v. $534,444.00" and "The United States of
> >AMerica v. One Red Porsche" is a common theme.
> 
> It is possible to name unknown defendants in a suit - the tradition is to
> name them as, literally, "John Doe" or "John Does 1-6, unknown Washington
> County Sheriff's Deputies". The idea is that at some point prior to trial
> you'll learn the names of the defendants and then ask the court for
> permission to amend your complaint to add the newly found names. 

I should have been clearer.

Indeed an in rem jurisdiction case relies on the property seizure as
notice.  A default judgement against for example, $233,445.00 and several
unnamed individuals" would clearly have problems along the service of
process lines if ever contested.

Practically speaking, however, the above are judgements against "John
Doe"'s.  Clearly this is not a "trial" in the strict sense of the word.

> But naming someone in a suit is not sufficient to give them notice that
> they've been sued, so that they know to file an answer and otherwise defend
> themselves. At least in Oregon (state & Fed courts, since Fed courts borrow
> the state's rules for service of process, Fed Rul Civ Pro 4(e)(1)), service
> by publication (as mentioned in another message) is only allowed where the
> plaintiff files an affidavit that they have tried every other appropriate
> means of service and they have been unsuccessful, or that they have reason
> to know it will be unsuccessful. ORCP 7(D)(7). Service by publication is
> relatively rare. 

Agreed.

> The connection between the service-of-process problem and the in rem cases
> Black Unicorn mentioned (e.g., "United States v. $405,089.23") is that the
> owner of the property is supposedly put on notice by the seizure or
> attachment of the property itself. A court can exercise jurisdiction over
> *stuff* (e.g., property) and enter a judgement against the stuff even if it
> hasn't gained jurisdiction (via service of process) over the person who owns
> the stuff. In the most common seizures, the stuff is seized from one or more
> people; those people are also given notice of the seizure and their right to
> contest it.
 
Nicely put.

> --
> Greg Broiles                |"Post-rotational nystagmus was the subject of
> gbroiles at netbox.com         |an in-court demonstration by the People
> http://www.io.com/~gbroiles |wherein Sgt Page was spun around by Sgt
>                             |Studdard." People v. Quinn 580 NYS2d 818,825.

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From morgan at keilin.helsinki.fi  Tue Aug 20 14:27:21 1996
From: morgan at keilin.helsinki.fi (Joel Morgan)
Date: Wed, 21 Aug 1996 05:27:21 +0800
Subject: [NOISE] other distributed searches
Message-ID: <199608201726.UAA23102@keilin.helsinki.fi>


Two distributed searches on the net are described in Science (9 August
1996 p. 743).

One is a search for "Mersenne" prime numbers: 
http://ourworld.compuserve.com/homepages/justforfun/prime.htm

The other is called SETI at home and apparently going to use idle time on
people's computers (a screen saver) to search for patterns in data from
Arecibo.  The report says the project will be set up by Woody Sullivan
of University of Washington, Seattle and will operate out of a server
in Berkeley.  (I wasn't able to locate any information about this on
the web.)

-- 
=====================================================================
Joel.Morgan at Helsinki.FI              http://blues.helsinki.fi/~morgan
    "Over the mountains there are mountains."   -- Chang-rae Lee 
=====================================================================





From stephen at iu.net  Tue Aug 20 14:27:25 1996
From: stephen at iu.net (Stephen Cobb)
Date: Wed, 21 Aug 1996 05:27:25 +0800
Subject: US Taxes on X-Pats (getting off topic)
Message-ID: <1.5.4.32.19960820173846.007137e4@iu.net>


At 05:32 PM 8/19/96 -0400, you wrote:
>It sounds unfair, for sure. However, the whole thing is a fraud based 
>upon a myth. FICA witholding is NOT credited to an individual's account, 
>or even to Social Security benefits in general. By statutory law, all 
>such receipts go into the Treasury's general fund.
>
>So, they are NOT "social security contributions". Period.
>
Very true...what I am saying is that, as far as my reading goes, LEGAL
aliens are going to be required to pay social security "taxes" while not
having any "entitlement" in return. They pay income taxes and get certain
things, like law and order, in return. They will be paying soc sec money to
the government without getting anything in return. This sounds not only
unfair but wrong, part of an isolationist, "we killed the natives so this
land is our land and the rest of you f@*k-off" revival that includes the
recent posting about requiring proof of citizenship before issuing drivers
licenses.

Stephen






From ryan at tach.net  Tue Aug 20 14:34:39 1996
From: ryan at tach.net (Ryan M. Leach)
Date: Wed, 21 Aug 1996 05:34:39 +0800
Subject: ok ok ok i know
Message-ID: <Pine.LNX.3.91.960820125632.14431A-100000@Bogon.Tach.Net>


sorry to bother the list with this but i lost the message describing the 
"unsubscribing" methods for this list (it's way to big for me) can some 
one mail me instr. on unsubscribing? TIA





From tcmay at got.net  Tue Aug 20 14:45:14 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 21 Aug 1996 05:45:14 +0800
Subject: Taxes on Internet access prediction
Message-ID: <ae3f3913000210049dc3@[205.199.118.202]>


At 4:07 AM 8/20/96, Mike McNally wrote:
>States and municipalities are taxing internet access.  Who wants to
>make a prediction about if/when the IRS will start to count net access
>as a taxable fringe benefit of employment?
>
>(At a small company where I once worked, a tax accountant visiting
>one day noticed that we had a weight bench set up in a back corner of
>the big "back room".  He advised us to be careful, because the IRS
>could count that as a taxable employee benefit.)

I think the test of whether something is a "perq" (or is it "perk"?), and
thus possibly taxable to the employee, is whether it is outside the normal
bounds of work. Thus, one's office cubicle, computer, office supplies,
etc., are not taxable fringe benefits.

Membership in a country club is, though.

Net access, if primarily used for work-related things, would not be. Just
as company phone calls are not treated as a fringe benefit for the
employees making the phone calls. Or business trips. And so on.

At least one community has tried to treat _parking places_ (and I don't
mean special, tree-shaded, reserved, V.I.P. parking places) as taxable
benefits. This is to try to get more people to car-pool, or telecommute, or
somesuch. Howls of protest pretty much drove this idea back into the hole
from whence it came.

Many of my Intel friends have Net accounts, obviously, and yet the number
of posts on the Usenet or elsewhere from "*.intel.com" are relatively low.
I asked a couple of friends of mine about this, and they confirmed that
Intel management has discouraged public postings and comments from
*.intel.com domain accounts. Understandable, for reasons I have discussed
many times. Many employees of companies find it easier to purchase their
own account from Netcom, Earthlink, Best, etc., and so have a Net name
unaffiliated with their employer.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From rich at c2.org  Tue Aug 20 14:47:59 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 21 Aug 1996 05:47:59 +0800
Subject: Indonesia detains democracy activist after post to mailing  list (fwd)
In-Reply-To: <199608201454.HAA04784@dns2.noc.best.net>
Message-ID: <Pine.GUL.3.95.960820090807.8262A-100000@Networking.Stanford.EDU>


On Tue, 20 Aug 1996, James A. Donald wrote:

> At 03:18 PM 8/19/96 -0700, Rich Graves wrote:
> > You know, Amnesty
> > has some outstanding policies regarding accuracy, objectivity, and
> > universality.
> 
> Such as their policy that disappearances in Cuba are only mentioned in 
> a vague and euphemistic way somewhere in the fine print of the middle
> of their Cuban reports, whereas similar disappearances are shouted from
> the rooftops when they happen in right wing South American dictatorships?

In a word, no. I wasn't talking about their policy to oppress the Easter
Bunny, either. 

I meant their policy of not taking sides, which in Latin America has often
meant that they have less of a left-wing bias than Human Rights Watch. They
do not describe people with loaded terms like "pro-democracy," "worker's
rights advocate," "freedom fighter," or "social justice activist." They say
"this person is in prison for political reasons," and leave it at that.
Usually, they don't even identify the reasons -- just the abuse of state
power.

I've always favored a carefully tailored formalistic approach to human
rights and free speech issues, without taking sides on the underlying issues
of political controversy. Amnesty and the ACLU generally follow this
approach. When they have deviated from that approach to make sweeping
statements not tied to *individual* human rights, as Amnesty's general
opposition to apartheid and the ACLU's guarded support for majority-minority
gerrymandering, I have opposed them.

Happily, most of the time, they stay above the fray, which I believe is the
only appropriate role for a "human rights organization." I have no objection
to anti-communist, anti-fascist, or whatever organizations, but I don't
think they should bill themselves as human rights organizations. The
Wiesenthal Center to be a "human rights organization"; it's an anti-fascist
organization, which does some good, some bad, but always focused on one
issue. Human Rights Watch didn't start out as a "human rights organization"; 
it started out as an anti-communist organization. They have since broadened
their scope and international coverage considerably, but their history of
making substantitive statements on larger political questions remains.
Ironically, now they tend to show a leftist bias.

-rich






From stephen at iu.net  Tue Aug 20 14:49:53 1996
From: stephen at iu.net (Stephen Cobb)
Date: Wed, 21 Aug 1996 05:49:53 +0800
Subject: AZ DMV: Citizenship to Drive? (fwd)
Message-ID: <1.5.4.32.19960820172648.00cf4364@iu.net>


At 07:37 AM 8/20/96 -0400, you wrote:
>Your papers, please?
>
>---------- Forwarded message ----------
>Date: Mon, 19 Aug 1996 21:04:07 -0700 (PDT)
>From: Bob Witanek <bwitanek at igc.apc.org>
>To: Recipients of pol-abuse <pol-abuse at igc.apc.org>
>Subject: AZ DMV: Citizenship to Drive?
>
>Posted: gdiazj at IMAP1.ASU.EDU
>
>Today the Arizona Department of Motor Vehicles began requiring
>proof of citizenship before issuing a drivers license or a state
>identification. This policy was established by HB 2154 which passed
>this last session (this one slipped passed me).
>
>I am helping organize people in Arizona to oppose this.  Please
>send your information ASAP, we need you your help.
>
>VIVA LA RAZA
>George Diaz, Jr.
>gdiazj at imap1.asu.edu
>GDIAZJ at aol.com
>gdiaz at ci.phoenix.az.us
>
Not quite sure what this has to do with crypto, but here goes:

As with the recent federal legislation denying soc sec benefits to LEGAL
aliens who are required by law to pay into the system and can by law be
required to serve in the US armed forces, this appears to my untrained eye
to be yet another case of isolationist paranoia...I am sure this one
violates international agreements that the US has made concerning reciprocal
accodomations as far as driving is concerned.

I used to be a tax-paying soc sec paying legal alien, but I got so fed up
with head-in-the-dirt hicks who thought you had to be a citizen to breathe
the prairie dust that I became a citizen for an easier life (and I mean some
of these ignorant fools were sons of immigrants who voted agianst the US
fighting Hitler!!!!). 

Because I still talk with something of a foreign accent I still get
uneducated idiots, who couldn't pass the test they make foreigners take,
lecturing me on what I cannot do because I am a foreigner. The only thing I
can't do is run for President. 

I despair of backwater state legislators, I really do. What to do about this
particular problem? Check out the rules on International drivers licenses. I
know can drive on them for a year...If you are not allowed a drivers license
because you are an alien, maybe you don't need their stinking licenses.

Stephen






From talon57 at well.com  Tue Aug 20 15:12:00 1996
From: talon57 at well.com (Brian D Williams)
Date: Wed, 21 Aug 1996 06:12:00 +0800
Subject: phoneco vs X-phone
Message-ID: <199608201800.LAA22929@well.com>



Jim bell writes:

>What do you mean, "doesn't really fit the facts"?!?  What part of
>it was incorrect?  Fiber-optic _is_ commonly used in inter-office
>trunks, right? It doesn't wear out, right?  Higher usage doesn't
>entail greater costs, right?  The capacity, while not strictly
>infinite, is high enough so expanded usage doesn't strain most
>links, right?  Finally, modern phone switches have sufficient
>connect capacity so that they can handle usage which would have
>been considered "unusual" by yesteryear's standards.  All 
>of this points to an obvious conclusion:  Telephone companies do
>not, in general, have increased costs as a consequence of
>increased telephone usage.

Fiber does not wear out per se, but it does need replacing, partly
from the inevitable contractor accidents (landscapers) and
occasional entropic events. Mux cards and repeaters do go bad on a
regular basis, there is a correlation between usage and increased
maintenance, and of course increased usage means increased
electricity usage.

One point that seems to be missed here is the very high cost of
compliance with government regulations. If the internet phone
people have to comply with the same regulations it will drive up
their costs dramatically, and if the regulations are lifted for
all, the RBOC's think they can out compete them.

Thank you for your interesting post.

Brian

"Zazen? Well it beats sitting around on your ass all day doing
nothing."





From tcmay at got.net  Tue Aug 20 15:15:37 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 21 Aug 1996 06:15:37 +0800
Subject: Billy boy's satellites [Was - Floating DataHaven]
Message-ID: <ae3f4b0601021004d5a1@[205.199.118.202]>


At 4:26 PM 8/20/96, Brian Davis wrote:
>On Mon, 19 Aug 1996, Timothy C. May wrote:

>> There's some obvious crypto/GAK/New World Order issues: many countries may
>> not care for a communications system which allows citizen-units or enemy
>> agents to make phone calls from the middle of the Kalahari desert or from
>> within the jungles of Burma.
>>
>
>Or the streets of New York or Washington.  Not too long ago, in my former
>life as a federal prosecutor, I attended a Computer Crimes conference at
>Quantico (the FBI part, not the Marine part).  One of the speakers
>discussed LEO satellites and satellite cellular phones.  The "difficulty"
>in wiretapping those phones was of grave concern to most of those present....

I am sure this is a very real concern and a very real motivation for some
of the work being done on international key escrow (GAK--Global Access to
Keys?).

The various governments may be trying to get the several LEO satellite
projects to incorporate GAK circuitry now, before it's too late. Once the
satellites are up, and the handheld units sold in Fry's and CompUSA, it's
too late.

I'd hate to see the U.S. on the same side of the issue of free and open
communications (which means encrypted, if people so choose) as Burma,
Libya, Singapore, and France.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From vipul at pobox.com  Tue Aug 20 15:18:20 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Wed, 21 Aug 1996 06:18:20 +0800
Subject: Phoneco vs X-Phone
In-Reply-To: <199608181544.IAA18394@mail.pacifier.com>
Message-ID: <199608200402.EAA00380@fountainhead.net>


> 
> Well, let's consider such costs.  Most of which (maintenance, management, 
> rolling stock) are unrelated to amount of telephone usage.  So there is no 
> reason that these costs should be unequally attributed to a person who makes 
> local calls 1 hour per day, as opposed to another who only calls 15 minutes 
> per day, for example.
> 
> As for the "laying new pipes" issue:  Years ago in the the US, when 
> inter-central-office trunk connections were all implemented using large 
> bundles of copper pairs, it would have been _correct_ to say that higher 
> telephone usage resulted in larger costs, since more trunk lines were 
> necessary.  Today, on the other hand, inter-office trunks (at least the new 
> ones, and I presume that even many of the old ones have been switched over) 
> are implemented in fiber optics.  Extra capacity is either automatically 
> available (since the capacity of a given fiber is unlikely to be fully used) 
> or can be fairly simply added by converting old fiber from about 450 
> megabits per second to 2.4 gigabits, or even faster rates which have become 
> more recently available.
> 
 
Your view point doesn't really fit the facts, but since it is not the
issue here, I'll let it go. Can't resist like someone has to pay those 80,000+ 
employees at AT+T.

> >But you miss my point, if a phoneco is not getting a penny for its long 
> distanceservices (which subsidise the flat rate local calls) then the choice 
> would
> >be to close down. Which would be a severe attack to the local internet usage.
> 
> That's an entirely unsupported claim.  Nobody claims that telephone usage 
> (term used generically) is on the way out.  "Closing down" is only going to 
> happen if local phonecos cease to be able to provide a service that people 
> are willing to pay for.

Exactly! Once "X-Phone" has its servers in US Cities, and its charging 10 cents 
a minute for long distance calls, I don't see if the phonecos would be able to provide any service that people are willing to pay for, I mean they won't
be able to provide matching lucrative rates. 

You mean to say that, X-Phone will take advantage of the phoneco and mint 
money for a minimal investment, whereas the phoneco who spent billions on the
infrastructure will be just whistle down the road, and let the X-Phone 
indulge in its own cyberdo.
 
Its like you write a book and the cover designer sells it in his name.

Best,

- Vipul

 





From rich at c2.org  Tue Aug 20 15:19:25 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 21 Aug 1996 06:19:25 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.SOL.3.91.960820073933.6866N-100000@use.usit.net>
Message-ID: <Pine.GUL.3.95.960820100659.8541A-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 20 Aug 1996, Brad Dolan wrote:

> Roger Morris has documented the base story nicely, first in an article 
> intended for the Washington Post (but which wound up in Penthouse when the 
> Post got cold feet) and now in a book, _Partners in Power_.

You're joking, right? I must admit that the irony of a story fabricated by
the far left being used against the left by the far right is delicious. 

Just in case you're serious, if you liked Partners in Power, you'll love
this... 

- -rich

             Gary Hart, George Bush, and Michael Williams

Lean forward in your chairs a little more. Get a little closer to the
monitor. You need to read every word of this, and slowly.

Senator Gary Hart, the man the overwhelming majority of Americans wanted
to be their President in 1988, was eliminated from the U.S. Presidential
race he was expected to win with the biggest landslide in American
history. His elimination from the race was engineered by vice president
(and former C.I.A. Director) George Bush, whose father, Senator Prescott
Bush, personally financed the political career of Adolf Hitler. 

Bush employed the use of the C.I.A. and other less official criminal
organisations to accomplish his goal of eliminating Hart from the race
after I refused to sabotage the Hart campaign and set Hart up for a
false arrest. The key C.I.A. operative in the scheme to eliminate Hart
from the race was international prostitute, Donna Rice.

After Bush and his band of scary men succeeded in eliminating Hart from
the race, I convinced him to re-enter it, something no one had ever done
before. I formed the "Draft Hart Committee", resurrected his campaign,
and managed it, until he was once again eliminated from the race by Bush
and his C.I.A. co-conspirators. 

As my "reward" for my work with the Man Who Would Be President, the
fascist criminal tyrant, George Bush, had the F.B.I. arrest me (without
any warrant or indictment), torture me for two years, break up my
family, arrange for the kidnap of my two small daughters, seize
virtually all of my significant assets and property, and, after several
assassination attempts failed (as had the attempted Bush-ordered C.I.A.
assassination of Senators Gary Hart and William Cohen when they flew to
Nicaragua on an Iran-Contra fact-finding mission) exile me to
Switzerland, where I have remained ever since, unable to safely return
to America, the land of my birth.

The story has never been told. Not one American publisher has the
courage to publish it.

It is fashionable in the United States to be a coward today. In the past
nine years, I have been unable to find an attorney willing to properly
represent me in my single-handed fight against the F.B.I. and U.S.
government, which continues to this day, lasting longer than World War
II. 

So, as it stands, the American people did not get the President they
wanted. Instead of President Hart, they got President Bush, who, along
with Richard M. Nixon and Lyndon B. Johnson led the conspiracy to
assassinate President John F. Kennedy on 22. November 1963 and the coup
d'etat it began. Each of the three men then took turns playing "El
Presidente" ... each of them were nothing more than four-year dictators.

For my role in defending America's liberty and right to vote, I lost
everything I had. The story ... has never been told. Just like the story
of the JFK assassination. You can visit my web site at:

http://www.iahushua.com/mbw.html

There, you will find enough information about what George Bush and the
fascist U.S. government did to me and my family to ruin your dinner.

Eight days ago, when George Bush visited his numbered bank accounts here
in Berne, one of the highest-ranking officers of the United States
government threatened my life in person. As a matter of fact, I am
risking my life by writing this. Even though very few, if any of you,
give a damn about what happened to me last Wednesday, or that fateful
day of 18 March 1988, when jack-booted thugs with badges broke into my
peaceful Rocky Mountain home, I am here to tell you about it, because,
as Americans, all of you who sit there on your sofas with your cans of
beer and bags of potato chips, doing nothing while your country sinks
even farther down the tubes, into a fascist police state, the likes of
which the world has never known ... you are all, each and every one of
you, equally as responsible for my pain and for the pain of your fellow
patriotic countrymen as George Bush and his gang of liars, traitors and
thieves. 

Little by little, the truth is trickling out. As I risk my life today, I
now give to you the opportunity to read an article put out by another
group of brave people. You lost your chance for President Hart to save
your nation. Now, read for yourself how the fascist criminal tyrant drug
dealer, George Herbert Walker Bush, who introduced heroin and other
hard drugs to the children of America, prevented you from voting for the
only man who loved his country enough to save it from what it has now
become.

Michael Williams
Patriot in Exile
06/20/96


              Conspiracy Nation -- Vol. 8  Num. 19
             ======================================
                    ("Quid coniuratio est?")

- -----------------------------------------------------------------
 
WHO IS DONNA RICE HUGHES?
=========================
 
Following the  recent  much-cheered  ruling  by  3 federal judges
which, for the moment anyway,  has  over-ruled  the  Clinton  law
against  "indecency"  on  the  Internet,  I noticed a woman named
Donna Rice Hughes appearing on the  TV networks.  She was said to
be with a group called "Enough is Enough", said to  be  organized
to  protect  children  against  pornographers  supposedly lurking
everywhere in cyberspace. 
 
Donna Rice Hughes.  Take away  the  "Hughes" and what do you get?
You  get  "Donna  Rice",  nemesis  to   1988   Democratic   Party
presidential  candidate  Gary  Hart.   You may remember how Hart,
looking  strong  as   the   potential   candidate,  was  sunk  by
allegations of his shocking (as in "I am shocked...   *shocked*")
affair with "party girl" Donna Rice.  Seems pretty tame, compared
with Lothario Bill Clinton's escapades, but for "some reason" the
mainstream  press  really  sat up and took notice, playing up the
affair for the couch potatoes in TV land.
 
So *if* this is the same Donna  Rice, one wonders if she has "got
religion"  or  if  the CIA has merely given her a new assignment:
working to shut down freedom of  speech under the guise of saving
our  children  from  pornography.   (You  remember  "saving   our
children",  don't  you?  Like with President Nixon in 1969 saying
he wants to "save our children" from drugs?)
 
Reading in the recent book by  Dr.  Roger  Morris,  *Partners  in
Power*,  one  finds  further background on former candidate Hart.
On March 27, 1987, Billy Clinton is sucking up to Hollywood types
on the west coast.   At  an  exclusive dinner, King Clinton dines
with, among others, Don Henley, formerly of the Eagles rock band.
Close friend to Henley is Donna Rice, who is at about  that  time
boarding a yacht called the *Monkey Business*.
 
Young  Senator  Hart  had  been  on  the  Church  committee which
investigated the CIA  and  its  ties  to  organized crime.  After
that, he was  on  the  Senate  Intelligence  Oversight  Committee
where,  says  Morris, he continued a relentless effort to uncover
CIA hanky-panky.  Hart strongly opposed the Nicaraguan Contra war
and was skeptical of the official  "Oswald did it" version of the
JFK assassination.  Mobster Santos Trafficante is alleged to have
stated, regarding Hart:  "We need to get rid  of  the  son  of  a
bitch."
 
Hart seems to have been  set  up, says Morris, and gives evidence
to back up the claim.  Readers  of  Conspiracy  Nation  are  most
likely  well-aware  as  to  how  CIA/Mafia have often used "party
girls" to compromise  and/or  ruin  politicians.   Was Donna Rice
just a "party girl", or was she more than  that?   And  just  who
*is*  this  person  called "Donna Rice Hughes" of an organization
called "Enough is Enough"?  Did "somebody" get a promotion?
 
- -----------------------------------------------------------------
     I encourage distribution of "Conspiracy Nation."
- -----------------------------------------------------------------
If you would like "Conspiracy Nation" sent to your e-mail 
address, send a message in the form "subscribe cn-l My Name" to 
listproc at cornell.edu          (Note: that is "CN-L" *not* "CN-1")
- -----------------------------------------------------------------
    For information on how to receive the improved Conspiracy 
  Nation Newsletter, send an e-mail message to bigred at shout.net
- -----------------------------------------------------------------
Want to know more about Whitewater, Oklahoma City bombing, etc? 
(1) telnet prairienet.org (2) logon as "visitor" (3) go citcom
- -----------------------------------------------------------------
       See also: http://www.europa.com/~johnlf/cn.html
- -----------------------------------------------------------------
          See also: ftp.shout.net  pub/users/bigred
- -----------------------------------------------------------------
Aperi os tuum muto, et causis omnium filiorum qui pertranseunt.
Aperi os tuum, decerne quod justum est, et judica inopem et 
  pauperem.                    -- Liber Proverbiorum  XXXI: 8-9

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMhn1OJNcNyVVy0jxAQGP/AIAyVm3nT87lX6looOpnQumn6xJtlK9YOwD
tBQCD3ol3PmzQof5JFX+agirdIZxUGC1/hhC0a3xMjtaBT1/y0KXvw==
=8Uaz
-----END PGP SIGNATURE-----






From fair at cesium.clock.org  Tue Aug 20 15:22:09 1996
From: fair at cesium.clock.org (Erik E. Fair (Time Keeper))
Date: Wed, 21 Aug 1996 06:22:09 +0800
Subject: Securing Internet mail at the MTA level
Message-ID: <v02140b24ae3fa8d7849e@[17.255.9.110]>


SSH, while a quite useful tool, is not the right long-term solution for
transport layer security - IP security is.

It's also clear to me that for E-mail, you don't want transport level
security for the system; you want "object" security, that is, digital
signature and encryption of the mail message. That way, no matter how many
MTAs the message passes through (and pretty much regardless of how
trustworthy they are) you have end-to-end authentication, integrity and
privacy.

        Erik Fair <fair at clock.org>







From tcmay at got.net  Tue Aug 20 15:22:34 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 21 Aug 1996 06:22:34 +0800
Subject: Taxes on Internet access prediction
Message-ID: <ae3f4d89020210046ca3@[205.199.118.202]>


At 5:54 PM 8/20/96, Mike McNally wrote:

>Sure, but clearly that's not exclusively the case.  (Amazingly enough
>to some might be the fact that my for-work e-mail volume far exceeds
>my not-for-work volume.)  Hopefully I haven't brought too much shame
>to my employer.
>
>In any case, with the IRS it's often less a matter of common sense
>than what they happen to decide is The Law.  Witness the changes in
>laws about what constitutes a "home office".  Currently, if you're
>(let's say) a freelance plumber who maintains a legitimate office
...

Caveat: I'm not a defender of income taxes, of course. Nor am I a defender
of the IRS.

However, on the "home office" situation, most of the examples I encounter,
in talking to friends, are clearly scams to save a thousand bucks (or less)
on their tax returns. Most of my friends who try to deduct a room in their
house because they've put their computer there are clearly not using "20%"
or "25%" or whatever of their house as a business.

For those who really do actually use a room in their home for building
things, for meeting with clients, for operating a home business of some
sort, then I think the IRS will have no problems allowing it. (If the
subject even comes up, in an audit. There are some reports that attempting
to declare a home office increases ones chances of being audited....)

As the saying goes, consult a competent expert. A few books detail the
expected amount of work that must be done in a "home office," and whether
one is likely to qualify.

As one data point, I have derived nearly all of my income over the past 10
years from investments. And yet the "work" needed to be done on my computer
is such a tiny fraction of my overall use of it that I don't even try to
write off my various computers as "investment expenses." Your mileage may
vary.

And I certainly have not tried to write off a room in my house as a home
office. (As it happens, I need few of the "office" resources, so I have my
PowerMac and 17" monitor sitting beside my recliner in the family room of
my house, where I can lie back, log in, and bliss out in cyberspace.)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From snow at smoke.suba.com  Tue Aug 20 15:23:37 1996
From: snow at smoke.suba.com (snow)
Date: Wed, 21 Aug 1996 06:23:37 +0800
Subject: Naked woman decapitates man on Internet!!!
In-Reply-To: <199608200525.WAA07745@adnetsol.adnetsol.com>
Message-ID: <Pine.LNX.3.93.960820114605.162A-100000@smoke.suba.com>


On Mon, 19 Aug 1996, Ross Wright wrote:
> On Or About 19 Aug 96, 20:37, Timothy C. May wrote:
> > At 2:00 AM 8/20/96, Lucky Green wrote:
> > >On Mon, 19 Aug 1996, Mark O. Aldrich wrote:
> > >> On Mon, 19 Aug 1996, Rich Graves wrote:
> > >> http://www.grotesque.com/
> > >That was intense...
> > But not as intense as it could be with Internet video!
> Sick, stuff.  Yet everyone has to sneek a peek, just like a car 
> crash.  Hey, I did.  I made the whole trip through the lurid pages.

    Yes, those two were a little sick, but I thought the pictures a little 
tame. They showed a total lack of imagination. Booorrrrriiiinnnngggg. 

    Then again, in a past existence I worked as a registration clerk in an
emergency room, so it takes a bit to turn my stomach (visually, smells _still_
get to me.) 


Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From frantz at netcom.com  Tue Aug 20 15:24:33 1996
From: frantz at netcom.com (Bill Frantz)
Date: Wed, 21 Aug 1996 06:24:33 +0800
Subject: [RANT] Death of Usenet: Film at 11
Message-ID: <199608201816.LAA22095@netcom8.netcom.com>


At 11:21 PM 8/19/96 -0700, Roger Healy OBC wrote:
>ON
>> 
>> At  1:34 PM 8/19/96 -0700, Mike Duvos wrote:
>> >Permit me to go off in an orthogonal direction here and say that
>> >I think that we should do away with the concept of a pre-ordained
>> >newsgroups in Usenet entirely, in favor of an IRC-like dynamic 
>> >creation of message pools.
>> 
>> Moderated newsgroups gain reputation from their moderation policies and
>> probably should not be included in this scheme.
>
>Moderated newsgroups have very few posts because hardly anyone reads 
>them.  I second the above propsed IRC-like scheme if it only would apply 
>to moderated groups, because of IRC's bad reputation of moderation.

Don't confuse quantity with quality.  When I want a FAQ for some area I
don't normally follow, I go to news.answers.  I know I won't be buried in
social good times the way someone who wants to know about cryptography is
buried when they go to cyperpunks.  I have no such assurance if I were to
go to the news group which created the FAQ.

The reason there are so many different models on the net is they each serve
a purpose.  Don't make the mistake of trying to jam everything into one
mold.

Bill


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From m5 at vail.tivoli.com  Tue Aug 20 15:32:15 1996
From: m5 at vail.tivoli.com (Mike McNally)
Date: Wed, 21 Aug 1996 06:32:15 +0800
Subject: Taxes on Internet access prediction
In-Reply-To: <ae3f3913000210049dc3@[205.199.118.202]>
Message-ID: <3219FBBF.5D6A@vail.tivoli.com>


Timothy C. May wrote:
> 
> Net access, if primarily used for work-related things, would not be.
> Just as company phone calls are not treated as a fringe benefit for 
> the employees making the phone calls. Or business trips. And so on.

Sure, but clearly that's not exclusively the case.  (Amazingly enough
to some might be the fact that my for-work e-mail volume far exceeds
my not-for-work volume.)  Hopefully I haven't brought too much shame
to my employer.

In any case, with the IRS it's often less a matter of common sense
than what they happen to decide is The Law.  Witness the changes in
laws about what constitutes a "home office".  Currently, if you're
(let's say) a freelance plumber who maintains a legitimate office 
in your home, where nothing at all but plumbing-related stuff is
kept and plumbing-related work is done (booking jobs over the phone),
but most of your actual workday is spent out under people's sinks 
and most of your money is made out there in the field, then the 
IRS will not allow you to treat that home office as an expense.

(At least, that's my recollection of an NPR story from a year or
two ago.)

______c_________________________________________________________________
Mike M Nally * Tiv^H^H^H IBM * Austin TX * For the time being,
       m5 at tivoli.com * m101 at io.com       *    
      <URL:http://www.io.com/~m101>      * three heads and eight arms.





From ses at tipper.oit.unc.edu  Tue Aug 20 16:09:59 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Wed, 21 Aug 1996 07:09:59 +0800
Subject: Securing Internet mail at the MTA level
In-Reply-To: <v02140b24ae3fa8d7849e@[17.255.9.110]>
Message-ID: <Pine.SUN.3.91.960820155556.10216C@tipper.oit.unc.edu>


you really need both object and transport level security; the transport 
level stuff helps protect against traffic analysis; the real 
authentication and privacy coming from the object level stuff.

Simon

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From rittle at comm.mot.com  Tue Aug 20 16:45:50 1996
From: rittle at comm.mot.com (Loren James Rittle)
Date: Wed, 21 Aug 1996 07:45:50 +0800
Subject: RFC1984 on Cryptographic Technology
Message-ID: <9608201826.AA26429@supra.comm.mot.com>



FYI,

To: IETF-Announce:;@ietf.org
Subject: RFC1984 on Cryptographic Technology
Cc: rfc-ed at isi.edu
Date: Tue, 20 Aug 96 08:40:43 PDT
Sender: ietf-announce-request at ietf.org
From: RFC Editor <rfc-ed at isi.edu>


A new Request for Comments is now available in online RFC libraries.


        RFC 1984:

        Title:      IAB and IESG Statement on Cryptographic Technology
                    and the Internet
        Author:     IAB & IESG
        Date:       August 1996
        Mailbox:    brian at dxcoms.cern.ch, fred at cisco.com
        Pages:      5
        Characters: 10,738
        Updates/Obsoletes:  none

        URL:        ftp://ds.internic.net/rfc/rfc1984.txt


The Internet Architecture Board (IAB) and the Internet Engineering
Steering Group (IESG), the bodies which oversee architecture and
standards for the Internet, are concerned by the need for increased
protection of international commercial transactions on the Internet,
and by the need to offer all Internet users an adequate degree of
privacy.  Security mechanisms being developed in the Internet
Engineering Task Force to meet these needs require and depend on the
international use of adequate cryptographic technology.  Ready access
to such technology is therefore a key factor in the future growth of
the Internet as a motor for international commerce and communication.

[...]





From eagle at armory.com  Tue Aug 20 16:47:18 1996
From: eagle at armory.com (Jeff Davis)
Date: Wed, 21 Aug 1996 07:47:18 +0800
Subject: Key Length Correlation
Message-ID: <9608201302.aa18129@deepthought.armory.com>


I've read Blaze and diffie's paper on Semetric Key Length.  I'm currious
how semetric key length correlates to public key cryptography length.  Does
public key length have to be much longer, (assuming the algorithms are strong),
to provide the same level of security as a shorter semetric key?  TIA   
-- 
According to John Perry Barlow:                       *What is EFF?* 
"Jeff Davis is a truly gifted trouble-maker." *email <info at eff.org>*
*** O U T L A W S  On The  E L E C T R O N I C  F R O N T I E R ****
US Out Of Cyberspace!!! Join EFF Today! *email <membership at eff.org>*   





From pstira at escape.com  Tue Aug 20 16:52:08 1996
From: pstira at escape.com (pstira at escape.com)
Date: Wed, 21 Aug 1996 07:52:08 +0800
Subject: lambda 2.10 (fwd) -- (ie -- French Consitution censors net)
Message-ID: <Pine.BSI.3.91.960820160511.24736C-100000@escape.com>


Just passing this on in case it strikes anyone's interest :)

---------- Forwarded message ----------
Date: Mon, 19 Aug 1996 20:10:02 +0100
From: Jerome Thorel <jt at freenix.fr>
To: thorel at netpress.fr
Subject: lambda 2.10

netizen's --> Lambda Bulletin 2.10 <-- contents
flash bulletin

+ French Constitution censors Internet control
+ Singapore and the Censorship Proxy Server
+ G7 and the EC take strong steps for Key Escrow Encryption


*               *               *               *               *


French Constitution censors Internet control

As we speculated in our last bulletin (2.09), the French Conseil
Constitutionnel, watchdog of the 1958 Constitution, censored 2 articles in
a new telecom act which were intended to establish a kind of administrative
control over Internet speech and online services.

The nine "Sages" said that the creation of the Conseil Superieur de la
Telematique, which would have make guidelines on Internet content, breaches
article 34 of the Constitution which states that the Parliament can act
alone to dictate rules concerning "civic rights and fundamentals garanties
given to citizens for a fair exercice of public liberties". The CST could
have undermine these principles, because the law didn't specify clearly how
it would have taken its decisions. So the Conseil recognized the particular
state of the Internet, which is not a basic medium.

Only one section remains in the censored law : it obliges ISPs to give
their clients "technical means" to forbid or select access to online
services, software that allows a so-called "parental control".

*               *               *               *               *

Singapore and the Censorship Proxy Server

A communique from SingNet, Singapore's main Internet Service Provider,
states that "ALL SingNet customers will be required to connect to SingNet's
proxy server by the deadline September 14th 1996, failing which you would
not be able to access the web without the proxy. This applies to all
dial-up, ISDN, and leased line customers (STIX customers are exempted). "

The proxy server will ease the ISP to "Deny access to blacklisted sites
supplied by SBA". SingNet said that "Access to sites banned by the SBA will
prompt the message :
The site you requested is not accessible
For more information on Singapore's Internet regulation, please check
http://www.gov.sg/sba/netreg/regrel.htm".

On July 11 the Singapore government passed the Singapore Broadcasting
Authority Act (Chapter 297) in which it announced a "Class Licence Scheme"
aimed "to encourage responsible use of the Internet while facilitating its
healthy development in Singapore. It encourages minimum standards in
cyberspace and seeks to protect Net users, particularly the young, against
the broadcast of unlawful or objectionable materials. ... SBA will focus on
content which may undermine public morals, political stability and
religious harmony of Singapore. However, SBA recognises that it is
impossible to regulate the Internet fully. ... Singaporeans can help SBA in
the identification of objectionable sites in order to keep cyberspace
clean. SBA welcomes public feedback on objectionable content found on the
Internet. Members of the public can write to SBA, call its toll-free
hotline ... or post their views on the SBA homepage at
http://www.gov.sg/sba. "

China, which has created its own Internet regulations aimed at controlic
data traffic and urged netizens to declare themselves to the authorities,
approved the Singapore Act and an official was quoted as saying, "China has
a lot to learn from Singapore's experience" (source : Fight-censorship
mailing list).

*               *               *               *               *

G7 and the EC take strong steps for Key Escrow Encryption

The European Commission's DG-13 division on information security (Infosec)
opened on July 30th a "call for tenders" for "preparatory works" towards
regulating encryption procedures. The plan is aimed to test the
introduction of the Europe-wide network of Trusted Third Party Services
(ETS).

Observers saw in this move the so-called "guidelines" the EC was to propose
last year, when press reports (Nature, Sept. 28, 1995) argued the
Commission and the Council of Europe in Strasbourg were willing to regulate
encryption use through the creation of TTPs.

The Infosec call for tenders, which will end by September 30, is to
"identify, define and verify ... operationnal, technical, regulatory and
legal aspects ... to assess the effectiveness, economics and acceptability
of Trusted Third Party Services."

Other voices in European talks, however, said these "preparatory works" are
to push for EU countries to adopt TTPs and the principles of key-escrow
encryption. Nordic countries such as Finland, Denmark and Sweden, are said
to be opposed to change encryption legislation, as France and Britain took
steps in June and July to enforce the creation of TTPs in their own
country.

On July 30 G7 countries agreed policies that would "accelerate
consultations on encryption that allows, when necessary, lawful government
access to data and communications in order to prevent or investigate acts
of terrorism, while protecting the privacy of legitimate communications".
The EPIC, in Washington, DC, said "stronger measures sought by the US to
restrict information on the Internet and limit the availabilioty of
encryption were apparently not adopted by the G7 countries". Among other
industrialised nations, Japan and Australia are said, like Nordic countries
in Europe, to oppose key escrow as a mean to regulate the free flow of
information. Remember the OECD talks in June, were the US tried to impose
key-escrow legislation to the 27-countries' club of the industrial world
(see lambda 2.09)

*****
Soon archived on www.freenix.fr/netizen

-----
Jerome Thorel =-= Journaliste/Free-lance Reporter =-= Paris, France
   =+= the lambda bulletin --> http://www.freenix.fr/netizen =+=









From kdf at gigo.com  Tue Aug 20 16:58:13 1996
From: kdf at gigo.com (John Erland)
Date: Wed, 21 Aug 1996 07:58:13 +0800
Subject: How To Subscribe?
Message-ID: <6e1_9608201252@gigo.com>



Would someone please netmail me the current subscription procedure?

Thanks.

        JE
--
: Fidonet:  John Erland 1:203/7707.12  .. speaking for only myself.
: Internet: kdf at gigo.com





From frantz at netcom.com  Tue Aug 20 17:07:02 1996
From: frantz at netcom.com (Bill Frantz)
Date: Wed, 21 Aug 1996 08:07:02 +0800
Subject: Netscape 3.0 and encryption choices
Message-ID: <199608201820.LAA22622@netcom8.netcom.com>


At  1:04 AM 8/20/96 -0700, Ted Cabeen wrote:
>In Netscape 3.0, the program allows the user to specify which encryption
>standards to allow connections with.  It allows encryption with 128-bit RC4,
>128-bit RC2, and 156-bit(I think)3DES.  Of these three, which would be the
>most secure method?

The gereral consensus of the experts is that 168 bit 3DES is the best
choice.  DES has been well studied, 168 bit keys are large enough to be
safe, and the ITAR forbids its export.  (ITAR also forbids export of 128
bit cyphers as well, but ITAR is the only NSA approved reputation agent for
crypto, so we use what we have.)


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From bdolan at use.usit.net  Tue Aug 20 17:28:59 1996
From: bdolan at use.usit.net (Brad Dolan)
Date: Wed, 21 Aug 1996 08:28:59 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.GUL.3.95.960820100659.8541A-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SOL.3.91.960820170146.11886A-100000@use.usit.net>




On Tue, 20 Aug 1996, Rich Graves wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> On Tue, 20 Aug 1996, Brad Dolan wrote:
> 
> > Roger Morris has documented the base story nicely, first in an article 
> > intended for the Washington Post (but which wound up in Penthouse when the 
> > Post got cold feet) and now in a book, _Partners in Power_.
> 
> You're joking, right? I must admit that the irony of a story fabricated by
> the far left being used against the left by the far right is delicious. 
> 
> Just in case you're serious, if you liked Partners in Power, you'll love
> this... 
> 
> - -rich
> 
>              Gary Hart, George Bush, and Michael Williams [...]

Goofy guy agrees with Morris about X, therefore Morris' well-documented 
claims about X and Y are false?

Maybe I should have cited R. Emmett Tyrell's _Boy Clinton_?  ;-)

It also rained cocaine in Tennessee in the '80s, 
but the authorities never seemed to notice.  Ask the Knoxville 
_News-Sentinel_ how many stories it can find in its archives relating 
to planes loaded with cocaine crash-landing on remote airstrips, 
airdrops being found in citizens' yards, etc.  Then ask the DEA what it did 
about those events.

bd

p.s. Donna Rice has lately been running point for a regulate-the-internet 
front group.  I wouldn't put anything past her.







From stephen at iu.net  Tue Aug 20 17:50:46 1996
From: stephen at iu.net (Stephen Cobb)
Date: Wed, 21 Aug 1996 08:50:46 +0800
Subject: Securing Internet mail at the MTA level
Message-ID: <1.5.4.32.19960820214340.005d0b98@iu.net>


At 11:29 AM 8/20/96 -0400, you wrote:
>
>Hi,
>
>Recently, I've been looking into securing email at the MTA level, and
>would like to get your thoughts on implementation possibilities and
>related issues.
>
>The problems that I'm trying to solve are:
>    1. Host authentication
>    2. Data privacy
>
Hmmm, have you thought about how this might fit/mesh/work with the security
mechanisms in IPv6? Just a thought...Stephen








From fair at cesium.clock.org  Tue Aug 20 17:52:55 1996
From: fair at cesium.clock.org (Erik E. Fair (Timekeeper))
Date: Wed, 21 Aug 1996 08:52:55 +0800
Subject: Securing Internet mail at the MTA level
In-Reply-To: <v02140b24ae3fa8d7849e@[17.255.9.110]>
Message-ID: <7314.840575777@cesium.clock.org>


While I agree in general, I think I'd rather see effort spent on
getting everyone on message security first, and worry about traffic
analysis later. My fear is that, having attempted (since it's unlikely
we'll ever manage to get 100%) to secure the transport, people will
stop worrying about message security, and let that slide.

To put it another way, the first order of business is to prevent
everyone from reading the mails. We can afford to worry about second
order effects like traffic analysis after message security is well
under way (say, 50% of all nominally private message traffic is
encrypted).

Or, put it yet another way: time for everyone to host a PGP key
signing party for your friends, neighbors, and co-workers!

	Erik E. Fair    fair at clock.org





From talon57 at well.com  Tue Aug 20 17:57:10 1996
From: talon57 at well.com (Brian D Williams)
Date: Wed, 21 Aug 1996 08:57:10 +0800
Subject: phoneco vs x-phones
Message-ID: <199608202121.OAA20223@well.com>



Disclaimer: The opinions expressed are my own, I do not speak for
Ameritech or it's alliance partners.

I wrote:

>>One point that seems to be missed here is the very high cost of
>>compliance with government regulations. If the internet phone
>>people have to comply with the same regulations it will drive up
>>their costs dramatically, and if the regulations are lifted for
>>all, the RBOC's think they can out compete them.

Jim Bell replies:

>If that is the main difference in costs, then we should abandon
>those regs. Another big cost is billing, which could be eliminated
>if usage were unmetered.   In any case, I tend to agree:  Make
>these changes, eliminate the LD/local subsidy, and  the LD
>companies would have no problem (at least domestically) competing
>against Internet phone.   (International may be a different story,
>because foreign telcos tend to be owned by countries.)

Yes compliance costs are a sore subject. Billing costs are actually
very cheap,(the mainframes are on the floor above me) the
difference between sending a metered bill or a flat rate bill is
tiny. Really tiny (NDA). The local/long distance subsidy was
eliminated at breakup, but long distance companies do have to pay
to use local networks, but as competition heats up these rates are
dropping and new players (competitors) join the table, Or they can
build their own. ;) 

One of the fun turns of events might be that the threat of x-phones
might lead the RBOC's to actually turn into an ISP's! We could pull
this off at amazing speed. (if you can't beat them, join them!) We
are after all one of the four major nodes of the Internet......

Heh heh heh.......


Brian

"Zazen? Well it beats sitting around on your ass all day doing
nothing."





From vipul at pobox.com  Tue Aug 20 18:00:53 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Wed, 21 Aug 1996 09:00:53 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <199608210407.EAA00568@fountainhead.net>


I don't know if there has been much discussion on the ethics of spamming
here? Is spamming free speech? 

- Vipul






From sopwith at redhat.com  Tue Aug 20 18:01:17 1996
From: sopwith at redhat.com (Elliot Lee)
Date: Wed, 21 Aug 1996 09:01:17 +0800
Subject: Securing Internet mail at the MTA level
In-Reply-To: <199608201529.LAA01469@goffette.research.megasoft.com>
Message-ID: <Pine.LNX.3.95.960820170631.8463B-100000@dilbert.redhat.com>


On Tue, 20 Aug 1996, C Matthew Curtin wrote:

> Recently, I've been looking into securing email at the MTA level, and

> Two types of approaches are possible:
>     1. Adding to the SMTP protocol itself, allowing for MTAs to
>        identify crypto-capable peers, and then performing
>        authentication and session encryption where possible.
>     2. Waiting for a cryptographic transport layer network protocol
>        (such as what is being proposed in draft-ietf-tls-ssh-00),
>        allowing SMTP to remain untouched, and only requiring MTAs to
>        add support for the new network protocol.
> 
> I like the second approach better, because it allows more problems to
> be solved with one move, and it would be easier to add crypto

> I mentioned my interest in an SSH-capable MTA to Tatu Ylonen

> My questions are:
>     1. Which of the two approaches seems to make the most sense to
>        you?

I think something like the first one would be a little bit better. In my
mind I see something similar to the "ESMTP" message appearing on
connection to the mail daemon - "SSLESMTP" if you will. Then client could
issue a "ENCD SSL" command (or whatever) and it would go crypto. I already
have used telnet and FTP clients that does something similar to this, and
they work almost transparently....

>     2. Is there another approach that could work better?
>     3. Is there interest in adding SSH functionality to sendmail in
>        the near future (either by the draft spec, or once the RFC has
>        been published)?

Have you looked at SSL? It allows different algorithms to be used, etc.
etc. (although the certificate & key distribution method uses x509, which
may be a pain...?). The SSLeay library is a freely available
implementation of SSLv2.

Just MHO,

 --==== Elliot Lee = <sopwith at redhat.com> == Red Hat Software ====--
"Usenet is like a herd of performing elephants with diarrhea; massive,
 difficult to redirect, awe-inspiring, entertaining, and a source of
 mind-boggling amounts of excrement when you least expect it."






From rich at c2.org  Tue Aug 20 18:05:43 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 21 Aug 1996 09:05:43 +0800
Subject: Indonesia detains democracy activist after post to mailing list (fwd)
In-Reply-To: <Pine.A32.3.91.960820075229.31719B-100000@rosewood.his.ucsf.edu>
Message-ID: <Pine.GUL.3.95.960820132436.9860B-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 20 Aug 1996, Sean McGrath wrote:

> > ...llike the Berkeley administration's reading student email ...
>  
> This was a paranoid fantasy that became a rumor and is on its was to an 
> urban ledgend.  The UC administration does not have the inclination, 
> interest or resources to monitor email.
> 
> Sean McGrath

I have clarified my sarcasm in private email. Apparently there are some new
people here who are unaware that I'm Evil, and thus misinterpreted my
meaning. Anyone who is still confused should check out articles
<199608138907.ZOG at c2.org> and <4urjjj$7v2 at Networking.Stanford.EDU> in
comp.org.eff.talk. 

- -rich
 fucking statist holocaust fetishist enemy of freedom content-free flamer (tm)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMhogZJNcNyVVy0jxAQEF4wH+M0T4LlIIKZta0EMQjpBf+Vo/Zrxatc/q
dpsjq3qImzoiKb+nYgd+a5tf2T2ai/pJVXgLqVYYfrIMjdNPFYyo3w==
=mvtx
-----END PGP SIGNATURE-----






From Scottauge at aol.com  Tue Aug 20 18:07:23 1996
From: Scottauge at aol.com (Scottauge at aol.com)
Date: Wed, 21 Aug 1996 09:07:23 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <960820183645_506047852@emout10.mail.aol.com>


Rush Limbaugh reports:

That a husband and wife are being jailed for yelling to Clinton "You Suck".

The Secret Service states additional words (yet un-uttered to the rest of us)
were mentioned that they deemed threatening.

Ahhh, good to live in a free country....





From vipul at pobox.com  Tue Aug 20 18:21:55 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Wed, 21 Aug 1996 09:21:55 +0800
Subject: Hackers invade DOJ web site
In-Reply-To: <199608201554.LAA04383@rom.oit.gatech.edu>
Message-ID: <199608210329.DAA00542@fountainhead.net>


> A short time ago, at a computer terminal far, far away, Frank Stuart wrote:
> >however, I think those in a position to do so should start with the spin
> >control.  Some suggestions:
> >
> >   The fact that even the U.S. Justice Department is unable to adequately
> >   protect it's own site from intruders underscores the need for widely-
> >   available strong encryption.
> >
> >   While this is certainly a major embarrassment for the Justice Department,
> >   at least the mandatory "key escrow" program the Clinton administration is
> >   insisting upon has not yet been implemented; no private citizens' data
> >   appears to have been compromised this time.
> >
> >   It's doubtful that a new law or government bureaucracy would have prevented
> >   this from happening but it's entirely possible that tools such as strong
> >   encryption could have.  It's ironic that the U.S. Government is focusing on
> >   the former while fighting use of the latter.
> 
> I understand how it affects their claim for the security of escrowed
> keys, but I'm afraid I don't follow the other argument.  How would the
> wide availability of strong encryption have helped prevent the breakin?
> How would encryption in general prevent breakins?  I'd love to use this
> as an argument for strong encryption, but I don't see how it really
> applies.

I think its a DOJ's doing. They prolly want to show the courts how
bad hackers can get so they can conjure up some support in forthcomming
trials. C'mon the sysadmins aren't fools, they surely see their own site.

- Vipul
vipul at pobox.com





From frantz at netcom.com  Tue Aug 20 18:23:38 1996
From: frantz at netcom.com (Bill Frantz)
Date: Wed, 21 Aug 1996 09:23:38 +0800
Subject: Key Length Correlation
Message-ID: <199608202153.OAA21170@netcom8.netcom.com>


At  1:02 PM 8/20/96 -0700, Jeff Davis wrote:
>I've read Blaze and diffie's paper on Semetric Key Length.  I'm currious
>how semetric key length correlates to public key cryptography length.  Does
>public key length have to be much longer, (assuming the algorithms are strong),
>to provide the same level of security as a shorter semetric key?  TIA   

According to Applied Cryptography V2, 

     Symmetric and Public-key Key Lengths 
with Similar Resistances to Brute-Force Attacks

      Symmetric                Public-key
      Key Length               Key Length
       56 bits                  348 bits
       64 bits                  512 bits
       80 bits                  768 bits
       112 bits                 1792 bits
       128 bits                 2304 bits

Regards - Bill


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From Scottauge at aol.com  Tue Aug 20 18:26:39 1996
From: Scottauge at aol.com (Scottauge at aol.com)
Date: Wed, 21 Aug 1996 09:26:39 +0800
Subject: cryptoanalysis 002
Message-ID: <960820183644_506047835@emout17.mail.aol.com>


I agree on expanding the symbols to represent the alphabet.

For example, if the crypto-alphabet for e is 23, 45, 190, 200, etc, one can
remove some of the frequency for a letter.  This definately makes it harder
to attack with the frequency analysis method because the "resolution" of the
distribution for the letter is lessened to a near randomness.  (So it looks,
there are still clues, eh?)






From jeffb at issl.atl.hp.com  Tue Aug 20 18:27:19 1996
From: jeffb at issl.atl.hp.com (Jeff Barber)
Date: Wed, 21 Aug 1996 09:27:19 +0800
Subject: Hackers invade DOJ web site
In-Reply-To: <1.5.4.16.19960820135236.0ca75906@pop.mhv.net>
Message-ID: <199608202041.QAA13905@jafar.issl.atl.hp.com>


Lynne L. Harrison writes:
> 
> At 07:08 PM 8/19/96 -0500, Igor Chudov wrote:
> >
> >I personally find the web page very well and artistically done, and
> >extremely funny. The guy who did it had a good taste.
> 
>   I personally found the page to be offensive and disagree highly with the
> person having "good taste".
>   Following the premise that another posted to this list, there were ways of
> focusing on opposing the CDA without insulting women and/or minorities.  I
> also agree that this act is going to backfire by giving the DOJ fodder when
> the case reaches the Supreme Court.
>   IMO, it was patently obvious that it was a kid or kids that did it who
> gave no substantial thought on the consequences of his/their act.

While I wouldn't say that the site was exactly "in good taste", there
was nothing there that was offensive to me.  And I don't really see why
anything there should have offended women (the mere sight of female
genitalia, presumably, is offensive to women?  One wonders how women ever
manage to get dressed in the morning without keeling over from self-induced
mortification?  Or is it hillaryshair.com that is offensive to women?),
or minorities (simply because Hitler's name and picture were displayed,
I guess?).

Besides, I've seen no evidence that the page was actually created by
an Evil Hacker who broke in; how do we know it wasn't just a low-level
DoJ sysadmin following orders?  After all, if the reaction you fear
from the Supremes is so likely, why couldn't a pro-CDA staffer simply
supply ready-made fodder.

The web page is pure satire and not poorly done, IMO, at least from a
political viewpoint.  If this sort of display would be banned by the
CDA, then I'd say we are all quite right to fear it  This is exactly
the kind of "speech" that the CDA must *not* be allowed to ban.

The bottom line for the DoJ is that this merely proves the need for
better security on their web site (if indeed it *was* a breakin by an
Evil Hacker, of course).


-- Jeff





From jimbell at pacifier.com  Tue Aug 20 18:35:47 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 21 Aug 1996 09:35:47 +0800
Subject: Pappieren, bitte! (and Taxes, National Debt)
Message-ID: <199608202257.PAA24418@mail.pacifier.com>


At 12:18 PM 8/20/96 -0700, Timothy C. May wrote:

>One estimate I have seen places the overall national debt, counting
>obligations and promised payments, at $20 trillion, or four times the
>official number. And it is still increasing every year. To see how large
>this is, there are 100 million taxpayers in the U.S., roughly. This means
>each of these taxpayers has an average indebtedness of $200,000. Most
>American households do not have this amount of money in total net worth,
>obviously. Thus, they "owe" much more than they are worth.
>
>Obviously enough, the portion of this debt is not distributed uniformly
>amongst households, or won't be if it is ever collected. But you get the
>drift. The country has been spending far more than it has been taking in
>for many years, and is far worse shape than "official" figures about the
>National Debt would tend to suggest.
>
>Neither Dole nor Clinton appear to want to talk about this, both having
>done their parts to make the situation what it is today.

This is exactly why I'm astonished when a few people occasionally (and, 
prematurely) reject my "Assassination Politics" idea.  If the problem is as 
big as all that (and it is!) then these people are well and truly guilty of 
way more than enough crimes to merit their deaths.  

Jim Bell
jimbell at pacifier.com





From rwright at adnetsol.com  Tue Aug 20 18:38:03 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Wed, 21 Aug 1996 09:38:03 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <199608202321.QAA00971@adnetsol.adnetsol.com>


On Or About 20 Aug 96, 18:36, Scottauge at aol.com wrote:

> Rush Limbaugh reports:

Well, if Rush was a reporter this might have some meaning.

> 
> That a husband and wife are being jailed for yelling to Clinton "You
> Suck".

How long were they in jail?  And many other questions come to mind.

> 
> The Secret Service states additional words (yet un-uttered to the
> rest of us) were mentioned that they deemed threatening.

I'd wonder about that.

> 
> Ahhh, good to live in a free country....
> 

This is as free as it gets these days.

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From alanh at infi.net  Tue Aug 20 18:38:39 1996
From: alanh at infi.net (Alan Horowitz)
Date: Wed, 21 Aug 1996 09:38:39 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.GUL.3.95.960820012724.5850C-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SV4.3.91.960820191108.9214E-100000@larry.infi.net>


I wish they'd get back in the business, but add an overt poison to the 
product.

Clean out the shit from the cities. Long live Darwinism.





From alanh at infi.net  Tue Aug 20 19:32:40 1996
From: alanh at infi.net (Alan Horowitz)
Date: Wed, 21 Aug 1996 10:32:40 +0800
Subject: CS First Boston lawsuit
In-Reply-To: <2.2.32.19960820101053.0069d994@mail.io.com>
Message-ID: <Pine.SV4.3.91.960820192122.9214F-100000@larry.infi.net>


Parties can also conceal their identity, by leave of the court. As in the 
notorious, Roe v. Wade
           ~~~





From alanh at infi.net  Tue Aug 20 19:40:04 1996
From: alanh at infi.net (Alan Horowitz)
Date: Wed, 21 Aug 1996 10:40:04 +0800
Subject: "Utilization Review"
In-Reply-To: <199608200618.XAA18824@netcom8.netcom.com>
Message-ID: <Pine.SV4.3.91.960820185545.9214C-100000@larry.infi.net>


We _had_  economic cryptoanarchy several centuries ago, with respect to 
unpredictable, but expected risks in merchant shipping.

A bunch of them thar crypro-anarchists were the ones who invented modern 
insurance, in the manifestation of Lloyds of London.

If you want to convince the masses - or even fashion elites such as myself
- to forego recourse to voluntary risk sharing.... you have your work cut
out for you.





From alanh at infi.net  Tue Aug 20 19:58:01 1996
From: alanh at infi.net (Alan Horowitz)
Date: Wed, 21 Aug 1996 10:58:01 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.GUL.3.95.960820100659.8541A-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SV4.3.91.960820194013.9214K-100000@larry.infi.net>


Yes, oh, I'm breathing hard now.


The majorityh of the nation wanted President Hart.

And that poor decent man was _raped_ by the bimbo. He didn't want to do 
it with her, but she forcibly made him do it.

Oh my God.





From alanh at infi.net  Tue Aug 20 20:05:14 1996
From: alanh at infi.net (Alan Horowitz)
Date: Wed, 21 Aug 1996 11:05:14 +0800
Subject: US Taxes on X-Pats (getting off topic)
In-Reply-To: <1.5.4.32.19960820173846.007137e4@iu.net>
Message-ID: <Pine.SV4.3.91.960820193307.9214J-100000@larry.infi.net>


You miss the point. The FICA never WAS a "social security tax". There 
never WAS any "entitlement".

THeir return on paying FICA is that the INS is funded to deport them if 
they go out of status. And good riddance.





From alanh at infi.net  Tue Aug 20 20:15:50 1996
From: alanh at infi.net (Alan Horowitz)
Date: Wed, 21 Aug 1996 11:15:50 +0800
Subject: CS First Boston lawsuit
In-Reply-To: <Pine.SUN.3.94.960820121113.10677A-100000@polaris>
Message-ID: <Pine.SV4.3.91.960820193116.9214I-100000@larry.infi.net>


Federal seizures are published before the levy is finalized, so that 
lien-holders can assert their interest.





From rwright at adnetsol.com  Tue Aug 20 20:26:15 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Wed, 21 Aug 1996 11:26:15 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <199608202313.QAA00726@adnetsol.adnetsol.com>


On Or About 21 Aug 96, 4:07, Vipul Ved Prakash wrote:

> I don't know if there has been much discussion on the ethics of
> spamming here? Is spamming free speech? 
> 
> - Vipul


The way I see it:  if you narrow your targeting, by research, you can 
send SPAM to people who may really have a need for your products and 
services.  I send spam.  I am very apologetic, but I send only to 
software manufacturers.  I sell software media and duplication, so 
most software makers can relate to a request for me to quote on their 
needs.  BUT I OBJECT to spamming of usenet, and my mailing lists that 
I read.

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From unicorn at schloss.li  Tue Aug 20 20:39:57 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Wed, 21 Aug 1996 11:39:57 +0800
Subject: CS First Boston lawsuit
In-Reply-To: <Pine.SV4.3.91.960820193116.9214I-100000@larry.infi.net>
Message-ID: <Pine.SUN.3.94.960820200540.6803A-100000@polaris>


On Tue, 20 Aug 1996, Alan Horowitz wrote:

> Federal seizures are published before the levy is finalized, so that 
> lien-holders can assert their interest.

The publication alone is not sufficent to constitute notice however.

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From fstuart at vetmed.auburn.edu  Tue Aug 20 20:44:49 1996
From: fstuart at vetmed.auburn.edu (Frank Stuart)
Date: Wed, 21 Aug 1996 11:44:49 +0800
Subject: Hackers invade DOJ web site
Message-ID: <199608202331.SAA25854@snoopy.vetmed.auburn.edu>


[...]
Will Day (willday at rom.oit.gatech.edu) wrote:
>I understand how it affects their claim for the security of escrowed
>keys, but I'm afraid I don't follow the other argument.  How would the
>wide availability of strong encryption have helped prevent the breakin?
>How would encryption in general prevent breakins?  I'd love to use this
>as an argument for strong encryption, but I don't see how it really
>applies.

Since we don't know how the intruders broke in, we can only speculate.  I
can think of several scenarios where cryptographic techniques could help.
I can also think of several where they wouldn't.  When you've only got 20
seconds to explain to a non-technical audience, I don't think it's dishonest
to say that it might have prevented it.

Off the top of my head, here are a couple examples:

   1. It's possible that a DOJ employee logged in from a remote site while
      the intruders were snooping somewhere along the way.  If the link had
      been encrypted, that would have made things much more difficult or
      impossible for the attackers.

   2. Perhpas the intruders used IP spoofing and .rhosts to break in.  If
      machines had to be cryptographically authenticated, a rsh from the
      wrong machine wouldn't work.

I think my 20 seconds are up.  :>

                          | (Douglas) Hofstadter's Law:
                          | It always takes longer than you expect, even 
Frank Stuart              | when you take into account Hofstadter's Law.





From rich at c2.org  Tue Aug 20 20:59:17 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 21 Aug 1996 11:59:17 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.SV4.3.91.960820191108.9214E-100000@larry.infi.net>
Message-ID: <Pine.GUL.3.95.960820161914.11228A-100000@Networking.Stanford.EDU>


On Tue, 20 Aug 1996, Alan Horowitz wrote:

> I wish they'd get back in the business, but add an overt poison to the 
> product.
> 
> Clean out the shit from the cities. Long live Darwinism.

Actually, I'd say that's closer to Lamarckism. The rich get richer, and the
poor get poorer, by the accumulation and inheritance of acquired rather than
innate goods.

If we were thrown back to a natural Darwinian world, I doubt many of us
would last long. 

-rich






From tcmay at got.net  Tue Aug 20 21:05:44 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 21 Aug 1996 12:05:44 +0800
Subject: Pappieren, bitte! (and Taxes, National Debt)
Message-ID: <ae3f5aed030210049231@[205.199.118.202]>


At 5:38 PM 8/20/96, Stephen Cobb wrote:
>At 05:32 PM 8/19/96 -0400, you wrote:
>>It sounds unfair, for sure. However, the whole thing is a fraud based
>>upon a myth. FICA witholding is NOT credited to an individual's account,
>>or even to Social Security benefits in general. By statutory law, all
>>such receipts go into the Treasury's general fund.
>>
>>So, they are NOT "social security contributions". Period.
>>
>Very true...what I am saying is that, as far as my reading goes, LEGAL
>aliens are going to be required to pay social security "taxes" while not
>having any "entitlement" in return. They pay income taxes and get certain
>things, like law and order, in return. They will be paying soc sec money to
>the government without getting anything in return. This sounds not only
>unfair but wrong, part of an isolationist, "we killed the natives so this
>land is our land and the rest of you f@*k-off" revival that includes the
>recent posting about requiring proof of citizenship before issuing drivers
>licenses.

Not only will they not be legally able to drive, but as we all have been
discussing, driver's licenses are the de facto forms of identification
demanded by most merchants, most airlines, etc.

I think the "no driver's licenses to illegal aliens" makes a certain kind
of sense, though. (Not that I don't have some compassion for them, being an
open borders advocate.) If the State gives official documents to illegal
aliens, what's the point of their being classified as illegal aliens?

Ditto for the various taxes, income or SS or property or whatever. If the
State says to someone, "OK, you don't have to pay taxes because you're an
illegal alien," the chaos that would follow is clear.

Employers cannot withold taxes (income, state, SS) from some employees and
not from others.

(Of course, employers are expected to get a SS number from all employees,
so, in theory, illegal aliens would be unable to work without one....)

One final note on the Social Security mess. Not only is it not a true
insurance plan, with contributions being invested in a fund of some sort,
it is much worse than this. Contributions are sent immediately into the
"general fund," to be spent on B-2 bombers, new administrative buildings,
salaries of government workers, pork for Congressvarmints, Seawolf
submarines, space stations, welfare payments, foreign aid to Israel and
Egypt, and so on and so forth. What the govenment does is to send an
"I.O.U." to the Social Security people, promising to someday make good on
the money already spent.

Distressingly, but not surprisingly, these I.O.U.s are *NOT* counted as
part of the National Debt. Thus, the national debt is much worse than the
$5 trillion or so it is officially estimated to be.

One estimate I have seen places the overall national debt, counting
obligations and promised payments, at $20 trillion, or four times the
official number. And it is still increasing every year. To see how large
this is, there are 100 million taxpayers in the U.S., roughly. This means
each of these taxpayers has an average indebtedness of $200,000. Most
American households do not have this amount of money in total net worth,
obviously. Thus, they "owe" much more than they are worth.

Obviously enough, the portion of this debt is not distributed uniformly
amongst households, or won't be if it is ever collected. But you get the
drift. The country has been spending far more than it has been taking in
for many years, and is far worse shape than "official" figures about the
National Debt would tend to suggest.

Neither Dole nor Clinton appear to want to talk about this, both having
done their parts to make the situation what it is today.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From proff at suburbia.net  Tue Aug 20 21:08:11 1996
From: proff at suburbia.net (Julian Assange)
Date: Wed, 21 Aug 1996 12:08:11 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.SV4.3.91.960820191108.9214E-100000@larry.infi.net>
Message-ID: <199608210005.KAA12548@suburbia.net>


> 
> I wish they'd get back in the business, but add an overt poison to the 
> product.
> 
> Clean out the shit from the cities. Long live Darwinism.

Darwinism is working as well as it ever was. You may not like it, but
shit is being selected for.


-- 
"Of all tyrannies a tyranny sincerely  exercised for the good of its victims  
 may be the most  oppressive.  It may be better to live under  robber barons  
 than  under  omnipotent  moral busybodies,  The robber baron's  cruelty may  
 sometimes sleep,  his cupidity may at some point be satiated; but those who  
 torment us for own good  will torment us  without end,  for they do so with 
 the approval of their own conscience."    -   C.S. Lewis, _God in the Dock_ 
+---------------------+--------------------+----------------------------------+
|Julian Assange RSO   | PO Box 2031 BARKER | Secret Analytic Guy Union        |
|proff at suburbia.net   | VIC 3122 AUSTRALIA | finger for PGP key hash ID =     |
|proff at gnu.ai.mit.edu | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 |
+---------------------+--------------------+----------------------------------+





From tcmay at got.net  Tue Aug 20 21:15:41 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 21 Aug 1996 12:15:41 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <ae3fa332050210048d05@[205.199.118.202]>


At 10:36 PM 8/20/96, Scottauge at aol.com wrote:
>Rush Limbaugh reports:
>
>That a husband and wife are being jailed for yelling to Clinton "You Suck".
>
>The Secret Service states additional words (yet un-uttered to the rest of us)
>were mentioned that they deemed threatening.
>
>Ahhh, good to live in a free country....

Ironically, at a recent Clinton rally the "person of poundage" comedienne
Rosie O'Donnell led a "Dole Sucks!" cheer. (This was reported in the news
because it apparently was an embarassment to the Clintons.)

A double standard?

Or is the crime the insulting of the monarch?

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jim at acm.org  Tue Aug 20 21:20:31 1996
From: jim at acm.org (Jim Gillogly)
Date: Wed, 21 Aug 1996 12:20:31 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <199608210407.EAA00568@fountainhead.net>
Message-ID: <199608202323.QAA21334@mycroft.rand.org>



Vipul Ved Prakash <vipul at pobox.com> writes:
>I don't know if there has been much discussion on the ethics of spamming
>here? Is spamming free speech? 

Your right to speak freely is protected in the US.  Your right to blare
simultaneously with a megaphone at every on-line crowd in the world is
not.  I know of no laws prohibiting your spamming, and I know of no laws
that would prevent someone from interfering with your spamming.  It's a
vigilante world... this year.

I oppose spamming because it's rude and inefficient, lowering the S/N
everywhere it happens.  Market droids favor it because it's cheap, and
no matter how many people they piss off bigtime, they make some sales.
People who oppose spam should do what they can to make it less
cost-effective... within legal limits, I suppose.

Perhaps the cypherpunk relevance is that next generation Usenet and
mailing lists could require the moderator's digital signature before
propagation happens... but I'd prefer to see an unexpected upwelling
of politeness.

	Jim Gillogly
	28 Wedmath S.R. 1996, 23:11





From qut at netcom.com  Tue Aug 20 21:25:24 1996
From: qut at netcom.com (Skip)
Date: Wed, 21 Aug 1996 12:25:24 +0800
Subject: PreRFD: comp.org.cypherpunks
Message-ID: <199608210110.SAA24006@netcom.netcom.com>


The Subject: line says it all.

My suggestion number #1:

No moderation.


--
Skip, OBC





From qut at netcom.com  Tue Aug 20 21:43:06 1996
From: qut at netcom.com (Skip)
Date: Wed, 21 Aug 1996 12:43:06 +0800
Subject: License Plates
Message-ID: <199608210102.SAA22053@netcom.netcom.com>


One method of protest against License Plate invasion of privacy is to 
simply not use license plates.  When I bought my car six years ago the 
front license plate was never drilled for license plate holes, so I 
simply took off the rear plate too, and in six months I only got two 
tickets for it, one for twenty dollars in Walnut Creek which I only had 
to pay, not needing to "fix the defect," and another on the Richmond 
Bridge, costing seventy six dollars because it was a fix it ticket which 
I didn't want to fix, and pulled over another time with only a warning.  
Not bad at all for California, has any one else practised this form of 
protest?  I had to put the rear plate back on though, because I acquired 
a drinking problem and I didn't want to get busted for drunk driving.
Now that I'm sober, and with worse threats concerning license plates, 
it's time to pull off that rear plate again!  Doing it tonight, join me!


--
Skip, OBC





From qut at netcom.com  Tue Aug 20 21:51:23 1996
From: qut at netcom.com (Skip)
Date: Wed, 21 Aug 1996 12:51:23 +0800
Subject: AZ DMV: Citizenship to Drive? (fwd)
In-Reply-To: <1.5.4.32.19960820172648.00cf4364@iu.net>
Message-ID: <199608210002.RAA09034@netcom.netcom.com>


ON
> 
> At 07:37 AM 8/20/96 -0400, you wrote:
> >Your papers, please?
> >
> >---------- Forwarded message ----------
> >Date: Mon, 19 Aug 1996 21:04:07 -0700 (PDT)
> >From: Bob Witanek <bwitanek at igc.apc.org>
> >To: Recipients of pol-abuse <pol-abuse at igc.apc.org>
> >Subject: AZ DMV: Citizenship to Drive?
> >
> >Posted: gdiazj at IMAP1.ASU.EDU
> >
> >Today the Arizona Department of Motor Vehicles began requiring
> >proof of citizenship before issuing a drivers license or a state
> >identification. This policy was established by HB 2154 which passed
> >this last session (this one slipped passed me).
> >
> >I am helping organize people in Arizona to oppose this.  Please
> >send your information ASAP, we need you your help.
> >
> >VIVA LA RAZA
> >George Diaz, Jr.
> >gdiazj at imap1.asu.edu
> >GDIAZJ at aol.com
> >gdiaz at ci.phoenix.az.us
> >
> Not quite sure what this has to do with crypto, but here goes:
> 
> As with the recent federal legislation denying soc sec benefits to LEGAL
> aliens who are required by law to pay into the system and can by law be
> required to serve in the US armed forces, this appears to my untrained eye
> to be yet another case of isolationist paranoia...I am sure this one
> violates international agreements that the US has made concerning reciprocal
> accodomations as far as driving is concerned.
> 
> I used to be a tax-paying soc sec paying legal alien, but I got so fed up
> with head-in-the-dirt hicks who thought you had to be a citizen to breathe
> the prairie dust that I became a citizen for an easier life (and I mean some
> of these ignorant fools were sons of immigrants who voted agianst the US
> fighting Hitler!!!!). 
> 
> Because I still talk with something of a foreign accent I still get
> uneducated idiots, who couldn't pass the test they make foreigners take,
> lecturing me on what I cannot do because I am a foreigner. The only thing I
> can't do is run for President. 
> 
> I despair of backwater state legislators, I really do. What to do about this
> particular problem? Check out the rules on International drivers licenses. I
> know can drive on them for a year...If you are not allowed a drivers license
> because you are an alien, maybe you don't need their stinking licenses.

Absolutely correct, America is extremely hostile to anyone who isn't an 
impoverished white, ie, a redneck.  You be sure and tell all your friends
that, especially your African and Asian friends, advising them to stay 
away from the devil's continent as if their life depends on it.





From frantz at netcom.com  Tue Aug 20 21:59:34 1996
From: frantz at netcom.com (Bill Frantz)
Date: Wed, 21 Aug 1996 12:59:34 +0800
Subject: "Utilization Review"
Message-ID: <199608210220.TAA19927@netcom8.netcom.com>


At  7:01 PM 8/20/96 -0400, Alan Horowitz wrote:
>If you want to convince the masses - or even fashion elites such as myself
>- to forego recourse to voluntary risk sharing.... you have your work cut
>out for you.

The insurance companies have every reason to perform "Utilization Reviews",
since only they have incentive to contain costs.  Our medical plans tend to
insure for routine medical care and as a result, give the insurance
companies the data about our routine care.  If they only paid for
catastrophic illness and accident care, they would only have reason to have
data on that care.

Do you want to share the risk of routine medical care?  Or do you just want
to share the risk of catastrophic illnesses and accidents?  Or do you want
to keep it all private.  What you pay for, you can keep private.  What they
pay for, they can review.  Your choice.


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From rich at c2.org  Tue Aug 20 22:05:31 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 21 Aug 1996 13:05:31 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <199608210407.EAA00568@fountainhead.net>
Message-ID: <Pine.GUL.3.95.960820180602.11228H-100000@Networking.Stanford.EDU>


On Wed, 21 Aug 1996, Vipul Ved Prakash wrote:

> I don't know if there has been much discussion on the ethics of spamming
> here? Is spamming free speech? 

Yes.

So is mailbombing the motherfucker, or more productively, virtually
picketing his ISP until they kick him off for net abuse.

Ethically? We don't talk ethics much here, but I'd say it's highly unethical
to abuse a service paid for by the pooled resources of many. 

-rich






From dcrocker at brandenburg.com  Tue Aug 20 22:16:10 1996
From: dcrocker at brandenburg.com (Dave Crocker)
Date: Wed, 21 Aug 1996 13:16:10 +0800
Subject: Securing Internet mail at the MTA level
In-Reply-To: <199608201529.LAA01469@goffette.research.megasoft.com>
Message-ID: <v03007821ae3fe53616d2@[205.214.160.151]>


At 8:29 AM -0700 8/20/96, C Matthew Curtin wrote:
>    2. Waiting for a cryptographic transport layer network protocol
>       (such as what is being proposed in draft-ietf-tls-ssh-00),
>       allowing SMTP to remain untouched, and only requiring MTAs to
>       add support for the new network protocol.
>
>I like the second approach better, because it allows more problems to
>be solved with one move, and it would be easier to add crypto

	This presumes that everyone uses Internet protocols for transport.

	That is a marginal assumption, in today's world.

	Probably ok for long term, though.

d/

--------------------
Dave Crocker                                            +1 408 246 8253
Brandenburg Consulting                             fax: +1 408 249 6205
675 Spruce Dr.                                 dcrocker at brandenburg.com
Sunnyvale CA 94086 USA                       http://www.brandenburg.com

Internet Mail Consortium               http://www.imc.org, info at imc.org







From rich at c2.org  Tue Aug 20 22:26:03 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 21 Aug 1996 13:26:03 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.SOL.3.91.960820170146.11886A-100000@use.usit.net>
Message-ID: <Pine.GUL.3.95.960820174341.11228F-100000@Networking.Stanford.EDU>


On Tue, 20 Aug 1996, Brad Dolan wrote:

> Goofy guy agrees with Morris about X, therefore Morris' well-documented 
> claims about X and Y are false? 

Lots of footnotes to "confidential interview" do not make a valid study. How
many "well-documented" studies of the Kennedy assassination and UFO
sightings have you read? 

I followed this wild goose chase to exhaustion back in 1986-7. I've
forgotten most of it, but I'm sure I have some notes and maybe some tapes
lying around. Yes, some contras and some sandinistas and some martistas and
*lots* of the senderos and M-19 ran drugs. That's what happens when you
criminalize a political movement -- political figures become criminals in
order to survive. (When the crime they're involved is simply free trade in
criminalized agricultural products, it just adds another layer of irony.)

There's a kernel of truth and plausibility to most conspiracy theories,
including this one. (It's a big mistake to say *all* conspiracy theories.) 
However, the money involved was rather small, the process was basically skew
to politics (both sides did it all), and I have never been convinced that
the CIA -- or even North's coterie in the NSC, which as you know ran a
number of ops that the CIA would never have gone for -- was in on it. 

(ObConspiracy: H. Ross Perot actually was involved in funneling money to the
contras. He was rather open and proud of it. Is he mentioned in Morris's
book?)

-rich






From shamrock at netcom.com  Tue Aug 20 22:34:22 1996
From: shamrock at netcom.com (Lucky Green)
Date: Wed, 21 Aug 1996 13:34:22 +0800
Subject: [NOISE] Airport legal question
Message-ID: <Pine.3.89.9608201919.A23972-0100000@netcom14>


I know that it is a violation of federal law to joke about explosives at 
the X-ray machine. Would an "I love Explosives" sticker on carry-on 
luggage violate any laws?

TIA,








From dsmith at prairienet.org  Tue Aug 20 22:39:51 1996
From: dsmith at prairienet.org (David E. Smith)
Date: Wed, 21 Aug 1996 13:39:51 +0800
Subject: your mail
Message-ID: <199608202137.QAA14069@bluestem.prairienet.org>


-----BEGIN PGP SIGNED MESSAGE-----

To: DMiskell at envirolink.org, cypherpunks at toad.com
Date: Tue Aug 20 16:41:01 1996
> So, how do you UNDO the encryptation?  Gee, no wonder it's uncrackable.
> 
> Daniel.
> 
> 
> 

It may very well be the ultimate one-way hash.

dave


- ---- David E. Smith  POB 324  Cape Girardeau MO USA 63702
dsmith at prairienet.org   http://www.prairienet.org/~dsmith
send mail of 'send pgp-key' subject for my PGP public key
"Reality is the original Rorshach" -- Principia Discordia
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Automagically signed with Pronto Secure for Windows.

iQEVAwUBMhow8DVTwUKWHSsJAQFm+wf+I7+0gcjYxrD0du/1I6Ufz/0jctIA6xJt
8ePhjW6X6rIzGPshzGapQ4dOpUZTa+dtsnvUccg7Fn4sBv71lELnGobNMvnSImzA
C7OT+25giz3XGsfKTX6M0EruV4EkwfutBGp129FuU6blXNnXpFTtvy0q4PbGqE0B
mti6n5/JQw2I3GVP72duvPKZ9Fac34Hr7e8OA1YYBLgTa0vIAl4F98x2O6CNjhfF
Y+/qbzZov1ltl2QggfPc2juxWvTV4trW8tLOi5TddiS/avHOHoMebe2FjAu6MATt
giO+HDT+AIvE4NZ+EZAct6VCz8HIkhRfJmgJBK9wQkwOvRkV4ZqnPQ==
=uVag
-----END PGP SIGNATURE-----






From rwright at adnetsol.com  Tue Aug 20 22:46:44 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Wed, 21 Aug 1996 13:46:44 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <199608210340.UAA06334@adnetsol.adnetsol.com>


On Or About 20 Aug 96, 18:09, Rich Graves wrote:

> On Wed, 21 Aug 1996, Vipul Ved Prakash wrote:
> 
> > I don't know if there has been much discussion on the ethics of
> > spamming here? Is spamming free speech? 
> 
> Yes.
> 
> So is mailbombing the motherfucker, or more productively, virtually
> picketing his ISP until they kick him off for net abuse

That is the kind of self righteous crap that gives me the creeps!!!

> 
> Ethically? We don't talk ethics much here, but I'd say it's highly
> unethical to abuse a service paid for by the pooled resources of
> many. 

I pay for my net access.  I pay for my Sunday paper, it's full of ads 
too!!  Ethics???  Let's rat out on the EVIL spammers!!  Let's turn 
them into thier ISP!!!  That's a load of CRAP!!!!

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From jimbell at pacifier.com  Tue Aug 20 22:49:52 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 21 Aug 1996 13:49:52 +0800
Subject: phoneco vs X-phone
Message-ID: <199608202048.NAA16694@mail.pacifier.com>


At 11:00 AM 8/20/96 -0700, Brian D Williams wrote:
>
>Jim bell writes:
>
>>What do you mean, "doesn't really fit the facts"?!?  What part of
>>it was incorrect?  Fiber-optic _is_ commonly used in inter-office
>>trunks, right? It doesn't wear out, right?  Higher usage doesn't
>>entail greater costs, right?  The capacity, while not strictly
>>infinite, is high enough so expanded usage doesn't strain most
>>links, right?  Finally, modern phone switches have sufficient
>>connect capacity so that they can handle usage which would have
>>been considered "unusual" by yesteryear's standards.  All 
>>of this points to an obvious conclusion:  Telephone companies do
>>not, in general, have increased costs as a consequence of
>>increased telephone usage.
>
>Fiber does not wear out per se, but it does need replacing, partly
>from the inevitable contractor accidents (landscapers) and
>occasional entropic events.

However, those events are generally uncorrelated with usage...

> Mux cards and repeaters do go bad on a
>regular basis, there is a correlation between usage and increased
>maintenance,

Well, technically that's true, but these devices are usually running 
continuously, not merely when a call is being made.  In other words, more 
talk != more failures. 

For the most relevant (though minor) example that I can think of, consider 
the typical laser diode used to drive fiber optic cables.  These devices 
have a finite wearout mechanism (as opposed to most IC's which generally do 
not wear out in normal usage), so they may be seen to have a limited 
lifetime.  However, in use they are continuously transmitting data, even 
when portions of the channel are unoccupied, so they have a constant life 
regardless of individual phone usage.


>and of course increased usage means increased electricity usage.

This is an extraordinarily minor effect, as you might imagine.


>One point that seems to be missed here is the very high cost of
>compliance with government regulations. If the internet phone
>people have to comply with the same regulations it will drive up
>their costs dramatically, and if the regulations are lifted for
>all, the RBOC's think they can out compete them.

If that is the main difference in costs, then we should abandon those regs.  
Another big cost is billing, which could be eliminated if usage were 
unmetered.   In any case, I tend to agree:  Make these changes, eliminate 
the LD/local subsidy, and  the LD companies would have no problem (at least 
domestically) competing against Internet phone.   (International may be a 
different story, because foreign telcos tend to be owned by countries.)  

Jim Bell
jimbell at pacifier.com





From declan at eff.org  Tue Aug 20 22:49:57 1996
From: declan at eff.org (Declan McCullagh)
Date: Wed, 21 Aug 1996 13:49:57 +0800
Subject: Justice Department stalls for time in CDA lawsuit, from HotWired
Message-ID: <Pine.SUN.3.91.960820201723.15023D-100000@eff.org>




---------- Forwarded message ----------
Date: Tue, 20 Aug 1996 20:12:42 -0700 (PDT)
From: Declan McCullagh <declan at eff.org>
To: fight-censorship at vorlon.mit.edu
Subject: Justice Department stalls for time in CDA lawsuit, from HotWired

[Read the complete column at the URL below... -Declan]


http://www.hotwired.com/netizen/

HotWired, The Netizen
21 August 1996

DOJ Dodge

by Declan McCullagh (declan at well.com)
Washington, DC, 20 August
  
   The US Department of Justice is stalling for time.

   The Supreme Court yesterday granted the government an extra month to
   submit the next phase of its Communications Decency Act appeal,
   allowing the DOJ a few more weeks to coordinate the original ACLU
   lawsuit with a lesser-known suit filed by Joe Shea, editor of the
   American Reporter.

[...]   
   
   But in truth, the DOJ shouldn't need any more time to file this
   paperwork. The "jurisdictional statement" the department's been
   working on for seven weeks - and now has until 29 September to submit
   - must argue only that there's a substantial constitutional issue at
   stake in the CDA lawsuit, something transcendently obvious to anyone
   who hasn't been napping through the 14 months since Time magazine's
   cyberporn cover hit the newsstands.
   
[...]

   While this is likely just normal legal skirmishing in a battle where
   the DOJ attorneys have few useful weapons and already have suffered
   one crushing defeat, the government's five-page application for an
   extension of time hints at why a delay would be to their advantage.
   
[...]   

   In other words, the CDA might be unconstitutional now, but
   _constitutional_ some months from now - depending on how labelling and
   blocking technologies such as PICS and SurfWatch evolve. Keeping kids
   out might have been a royal pain when the judges heard the case in
   March 1996, but by March 1997 it might amount to no more than the
   minor irritation of a constitutional hangnail.
   
   David Sobel, a lawyer for the Electronic Privacy Information Center
   and co-counsel on this case, said: "They could make the argument in
   the Supreme Court that the court in Philadelphia hasn't really
   completed its work on the case, and all that is entered is a
   preliminary injunction. They could argue that this case should go back
   to Philadelphia for further proceedings, since they're now prepared to
   answer the court's questions about what kind of technology may be
   coming down the pike."
   
   Whatever the reason for the DOJ's delay - summer bureaucratic
   slothfulness or malicious conniving - one thing is certain: we have
   the rest of the year to enjoy the government's lawyer tricks.
   
###







From rwright at adnetsol.com  Tue Aug 20 22:50:36 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Wed, 21 Aug 1996 13:50:36 +0800
Subject: License Plates
Message-ID: <199608210316.UAA05855@adnetsol.adnetsol.com>


On Or About 20 Aug 96, 18:02, Skip wrote:

> and with worse threats concerning license plates, it's time to pull
> off that rear plate again!  Doing it tonight, join me!


ALL RIGHT Skip!!!
Personal protest is the way to go.

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From zachb at netcom.com  Tue Aug 20 22:53:13 1996
From: zachb at netcom.com (Z.B.)
Date: Wed, 21 Aug 1996 13:53:13 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <960820183645_506047852@emout10.mail.aol.com>
Message-ID: <Pine.3.89.9608202046.A25476-0100000@netcom8>


On Tue, 20 Aug 1996 Scottauge at aol.com wrote:

> Rush Limbaugh reports:
> 
> That a husband and wife are being jailed for yelling to Clinton "You Suck".
> 
> The Secret Service states additional words (yet un-uttered to the rest of us)
> were mentioned that they deemed threatening.
> 
> Ahhh, good to live in a free country....
> 
A more detailed version of this story was posted on talk.politics.guns 
last week.  I could dig it up and post it if anyones interested.


---

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127








From EALLENSMITH at ocelot.Rutgers.EDU  Tue Aug 20 22:55:36 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Wed, 21 Aug 1996 13:55:36 +0800
Subject: Edited Edupage, 18 Aug 1996
Message-ID: <01I8ILKTLJ809JDB7O@mbcl.rutgers.edu>


From:	IN%"educom at educom.unc.edu" 18-AUG-1996 23:56:45.22

>*****************************************************************
>Edupage, 18 August 1996.  Edupage, a summary of news about information
>technology, is provided three times a week as a service by Educom,
>a Washington, D.C.-based consortium of leading colleges and universities
>seeking to transform education through the use of information technology.
>*****************************************************************

	Speaking of Net-in-Orbit (while distributed datahavens have their
points, sometimes you'd prefer not to have a given chunk of data on your
hard drive - even encrypted with a passphrase), what's the physical setup
for rewriteable optical drives? Are there any methods of doing those that
will work OK in orbit?

>ECHOSTAR TO DELIVER DATA, TOO
>EchoStar Communications has successfully completed a public test of the
>technology it will use in cooperation with Intel Corp. and Comstream to
>deliver data via satellite to subscribers.  Transmission rates could be
>several megabits per second, says EchoStar's director of program management,
>who adds that the opportunity to download Web content at higher speeds is
>attractive to people hampered by slow phone lines.  "If the download could
>be made quickly and it could be stashed on their hard drive, that might be
>something they'd be interested in," he says.  In the recent test,
>subscribers who use EchoStar's system to receive video and audio content
>were given cards to install in their PCs, enabling them to receive data as
>well.  (Broadcasting & Cable 12 Aug 96 p86)

[...]

>Edupage is written by John Gehl <gehl at educom.edu> & Suzanne Douglas
><douglas at educom.edu>.  Voice:  404-371-1853, Fax: 404-371-8057.

>Technical support is provided by Information Technology Services at the
>University of North Carolina at Chapel Hill.

>***************************************************************
>Edupage ... is what you've just finished reading.  To subscribe to Edupage:
>send mail to: listproc at educom.unc.edu with the message:  subscribe edupage
>Charles Baudelaire (if your name is Charles Baudelaire;  otherwise,
>substitute your own name).  ...  To cancel, send a message to:
>listproc at educom.unc.edu with the message: unsubscribe edupage.   (If you
>have subscription problems, send mail to manager at educom.unc.edu.)





From rmartin at aw.sgi.com  Tue Aug 20 22:56:37 1996
From: rmartin at aw.sgi.com (Richard Martin)
Date: Wed, 21 Aug 1996 13:56:37 +0800
Subject: Pappieren, bitte! (and Taxes, National Debt)
In-Reply-To: <ae3f5aed030210049231@[205.199.118.202]>
Message-ID: <9608201647.ZM3539@glacius.tor.aw.sgi.com>


On Aug 20, 12:18pm, Timothy C. May wrote:
> At 5:38 PM 8/20/96, Stephen Cobb wrote:
> >Very true...what I am saying is that, as far as my reading goes, LEGAL
> >aliens are going to be required to pay social security "taxes" while not
> >having any "entitlement" in return. They pay income taxes and get certain
> >things, like law and order, in return. They will be paying soc sec money to
> >the government without getting anything in return.
> I think the "no driver's licenses to illegal aliens" makes a certain kind
> of sense, though. (Not that I don't have some compassion for them, being an
> open borders advocate.) If the State gives official documents to illegal
> aliens, what's the point of their being classified as illegal aliens?

Erm. Tim seems to be writing about how it doesn't make much sense to give
driver's licenses to illegal aliens and Stephen is writing about how Arizona
is planning to not give driver's licenses to legal aliens. Which would
appear to be talking at crosspurposes.

I'm a PLRA in the USA, so it does matter somewhat to me that i might be unable
to get a driver's license in a country i could legally reside in because i'm
not a citizen of that country. Especially if that country won't let me drive
for extended periods of time on a driver's license issued elsewhere.

If the State won't give me official documents (as a legal alien), what's the
point of being classified as a legal alien? (Except more exciting
interrogations every time i cross the border?)

Tim's opinions on illegal immigrants, good, but don't really apply so much
to PLRAs (who cannot vote, but can pay taxes and be drafted). [Which is,
i think, what Stephen was writing about in the first place.]

richard

-- 
Richard Martin                                   [not speaking for a|w]
rmartin at aw.sgi.com                   http://reality.sgi.com/rmartin_aw/
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
 NOTE: My email address as of August 23 1996 is g4frodo at cdf.utoronto.ca





From nobody at huge.cajones.com  Tue Aug 20 22:56:45 1996
From: nobody at huge.cajones.com (Huge Cajones Remailer)
Date: Wed, 21 Aug 1996 13:56:45 +0800
Subject: Hackers invade DOJ web site
In-Reply-To: <199608202331.SAA25854@snoopy.vetmed.auburn.edu>
Message-ID: <199608210335.UAA16038@fat.doobie.com>


> Since we don't know how the intruders broke in, we can only speculate.  I
> can think of several scenarios where cryptographic techniques could help.
> I can also think of several where they wouldn't.  When you've only got 20
> seconds to explain to a non-technical audience, I don't think it's dishonest
> to say that it might have prevented it.

All webservers (except maybe Spinner?) are riddled with buffer overrun
bugs and other similar security holes.  If you run a webserver, you
should basically assume that anyone who really wants a shell on your
machine can get one.  Grab your favorite webserver and grep for
sprintf.

Crypto?  Get real.  The lock on the door matters little when you've
left the window wide open.






From rah at shipwright.com  Tue Aug 20 22:58:28 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Wed, 21 Aug 1996 13:58:28 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.GUL.3.95.960820100659.8541A-100000@Networking.Stanford.EDU>
Message-ID: <v0300780cae4008975ab2@[206.119.69.46]>


At 5:13 PM -0400 8/20/96, Brad Dolan wrote:

> p.s. Donna Rice has lately been running point for a regulate-the-internet 
> front group.  I wouldn't put anything past her.

Which reminds me of a story. 

First, however, a joke, which in hindsight taught me about the propagation of information across geodesic networks, that is, capital market trading rooms, long before I had ever heard of either Peter Huber or geodesic networks. 


To wit, 

Q: What did Donna Rice say to the press when they caught her leaving Gary Hart's house?  

A: She said she was taking a poll. <"Pole", get it? Hyuk!>


The reason I remember this paragon of modern political humor is that I heard it no more the 30 minutes after the story broke on the AP wire machine in the Morgan Stanley branch where I was clerking at the time. I heard the joke from trading assistant, who in turn had heard it over the "hoot & holler" line which wired Morgan's various trading desks together with a bunch of permanently open-miked full-duplex speakerphones. The joke originated somewhere else, and was probably told to someone at Morgan's New York office over a direct "ring-down" line linking one company's trading desk to another.

I thought at the time that someone should do a study of the velocity of information flow in the markets, using jokes as information proxies. I've since outgrown such foolishness, though I keep expecting to hear about someone's Ph.D thesis on the topic someday. :-). 


But, of course, that's not the story I *wanted* to tell. *This* one, of course, has absolutely no crypto relevance whatever...

All these conspiracy theories about Donna Rice and George Bush got me to remember something. Brian Smith, who shot that famous Pulitzer-winning(!) picture of Gary Hart with Ms. Rice seated on his lap and the "Monkey Business" lifering in the background, was a friend of mine at Missouri. 

Clever boy, Brian was. When he graduated from the Missouri School of Journalism (Missouri's most famous, er, "professional" school [God help us all], with alums like Carl Rowan, and Dan Rather, and John Chancellor, etc.), he managed to produce, out from under his graduation robes, his entire motor-driven Nikon SLR outfit, complete with strobe apparatus, and took a series of pictures of himself graduating, right down to the handshake from Van Gorton Sauter, the President of CBS News. 


I always wondered what that masonic pyramid, with the eyeball on top, was doing tattooed on Brian's forehead. Now I know. Beware the Illuminati.

Cheers,
Bob Hettinga







-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From rwright at adnetsol.com  Tue Aug 20 23:01:53 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Wed, 21 Aug 1996 14:01:53 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <199608210044.RAA02892@adnetsol.adnetsol.com>


On Or About 20 Aug 96, 16:23, Jim Gillogly wrote:
> 
> Vipul Ved Prakash <vipul at pobox.com> writes:
> >I don't know if there has been much discussion on the ethics of
> >spamming here? Is spamming free speech? 
> 

> I oppose spamming because it's rude and inefficient, lowering the
> S/N everywhere it happens.  Market droids

Market Droids????  As a salesman I take offence at this slur.

> favor it because it's
> cheap, and no matter how many people they piss off bigtime, they
> make some sales.

Even make sales to people who are pissed off at first...

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From liberty at gate.net  Tue Aug 20 23:04:03 1996
From: liberty at gate.net (Jim Ray)
Date: Wed, 21 Aug 1996 14:04:03 +0800
Subject: [NOISE]CIA Contra Crack and LA Gangs (fwd)
Message-ID: <199608210335.XAA87778@osceola.gate.net>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Tue Aug 20 23:34:46 1996
OK, Rich cites a loon, but the fact is that Southern Air Transport 
right here in Miami was in there early in the contraarms-coke 
trade. You don't make the real money in any transport business 
unless you can have full loads both ways. Also, the skills needed 
to land an overloaded airplane on an unimproved strip are different 
than those held by typical pilots, even very good, carrier-rated 
military pilots. Drugsmugglers had 'em, nobody else did, the CIA 
needed pilots with the skills to have their filthy little war. You 
can search the "major papers" libraries of West & Lexis for:
"mena /p cocaine" and find all kinds of stuff. You can look into 
the case of John Hall's ranch in Costa Rica and find all kinds of 
stuff, too. The best experiment I've run across is to ask anyone 
(especially anyone under 30, for some reason) the following:
"Do you think those planes came back empty?" When I do this, _I_ 
don't have to say the word "cocaine," they say it for me. Every 
time. It is a major, bipartisan, Watergate-style but bigger 
scandal, and the strange bedfellows in the media who were doing a 
halfway decent job of covering it [The Wall Street Journal and 
"High Times" magazine(!)] have fallen strangely silent on the 
subject as the election approaches. Hmmmmm.
JMR




Regards, Jim Ray -- DNRC Minister of Encryption Advocacy

"'Filegate' is starting to make _Ed_ _Meese_ look ethical."
 -- me
 Defeat the Duopoly! Vote "NOTA," not Slick/Dull in November.
 Harry Browne for President. Jo Jorgensen for Vice-president.
 http://www.HarryBrowne96.org/
___________________________________________________________________
PGP id.E9BD6D35 51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8
<mailto:liberty at gate.net> http://www.shopmiami.com/prs/jimray 
Coming
soon, the "Pennies For Perot" page. Keep billionaires off welfare!
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhqD221lp8bpvW01AQF1SwP+JOEoKPgIeFD5EEMMj+psfRaAZHoA+yzC
ntVGjl22ThuqwyUJbbhmNEEP2+/mcGd4D1AWvs2Q0yFwWRyQybGGlnTyXtNNVY8s
rY4pHCtkUftOxD9oxpB7FSaN2giZzYohbd3bduet1kO6DoXRRHxFq8F/4rbAZbA/
WnRbDSfblUQ=
=WDGI
-----END PGP SIGNATURE-----






From qut at netcom.com  Tue Aug 20 23:26:11 1996
From: qut at netcom.com (Skip)
Date: Wed, 21 Aug 1996 14:26:11 +0800
Subject: Canada Imprisons People For Human Rights Activity
In-Reply-To: <Pine.GUL.3.95.960820090807.8262A-100000@Networking.Stanford.EDU>
Message-ID: <199608210012.RAA11460@netcom.netcom.com>


ON
> 
> On Tue, 20 Aug 1996, James A. Donald wrote:
> 
> > At 03:18 PM 8/19/96 -0700, Rich Graves wrote:
> > > You know, Amnesty
> > > has some outstanding policies regarding accuracy, objectivity, and
> > > universality.
> > 
> > Such as their policy that disappearances in Cuba are only mentioned in 
> > a vague and euphemistic way somewhere in the fine print of the middle
> > of their Cuban reports, whereas similar disappearances are shouted from
> > the rooftops when they happen in right wing South American dictatorships?
> 
> In a word, no. I wasn't talking about their policy to oppress the Easter
> Bunny, either. 
> 
> I meant their policy of not taking sides, which in Latin America has often
> meant that they have less of a left-wing bias than Human Rights Watch. They
> do not describe people with loaded terms like "pro-democracy," "worker's
> rights advocate," "freedom fighter," or "social justice activist." They say
> "this person is in prison for political reasons," and leave it at that.
> Usually, they don't even identify the reasons -- just the abuse of state
> power.
> 
> I've always favored a carefully tailored formalistic approach to human
> rights and free speech issues, without taking sides on the underlying issues
> of political controversy. Amnesty and the ACLU generally follow this
> approach. When they have deviated from that approach to make sweeping
> statements not tied to *individual* human rights, as Amnesty's general
> opposition to apartheid and the ACLU's guarded support for majority-minority
> gerrymandering, I have opposed them.
> 
> Happily, most of the time, they stay above the fray, which I believe is the
> only appropriate role for a "human rights organization." I have no objection
> to anti-communist, anti-fascist, or whatever organizations, but I don't
> think they should bill themselves as human rights organizations. The
> Wiesenthal Center to be a "human rights organization"; it's an anti-fascist
> organization, which does some good, some bad, but always focused on one
> issue. Human Rights Watch didn't start out as a "human rights organization"; 
> it started out as an anti-communist organization. They have since broadened
> their scope and international coverage considerably, but their history of
> making substantitive statements on larger political questions remains.
> Ironically, now they tend to show a leftist bias.

Liar, you support imprisoning and deporting people based purely on their 
political ideas, such as the bile your mouth puked up all over the net this
whole year.  Re: Ernst Z�ndel and his years of imprisonment by a court 
for merely expressing his racist ideas, racist political ideas being 
strictly illegal in Canada, hell everywhere in the so called white world 
except for the USA, so far.


--
National socialism is the opposite of everything today.





From Kevin.L.Prigge-2 at tc.umn.edu  Tue Aug 20 23:29:15 1996
From: Kevin.L.Prigge-2 at tc.umn.edu (Kevin L Prigge)
Date: Wed, 21 Aug 1996 14:29:15 +0800
Subject: Key Length Correlation
In-Reply-To: <9608201302.aa18129@deepthought.armory.com>
Message-ID: <321a391f26cd002@noc.tc.umn.edu>


Jeff Davis said:
> I've read Blaze and diffie's paper on Semetric Key Length.  I'm currious
> how semetric key length correlates to public key cryptography length.  Does
> public key length have to be much longer, (assuming the algorithms are strong),
> to provide the same level of security as a shorter semetric key?  TIA   
> -- 

It's been calculated that in the case of PGP, to equal the work factor 
to brute force the 128 bit IDEA key would require a RSA key > 3000 bits.

Someone probably has a reference.

-- 
Kevin L. Prigge                     | "I rarely saw people sitting at
Systems Software Programmer         |  computers producing real code
Internet Enterprise - OIT           |  wearing ties." - Philippe Kahn
University of Minnesota             | (speech at Software Development '90)





From snow at smoke.suba.com  Tue Aug 20 23:39:00 1996
From: snow at smoke.suba.com (snow)
Date: Wed, 21 Aug 1996 14:39:00 +0800
Subject: US Taxes on X-Pats (getting off topic)
In-Reply-To: <1.5.4.32.19960820173846.007137e4@iu.net>
Message-ID: <Pine.LNX.3.93.960820221430.391B-100000@smoke.suba.com>


On Tue, 20 Aug 1996, Stephen Cobb wrote:

> At 05:32 PM 8/19/96 -0400, you wrote:
> "we killed the natives so this land is our land and the rest of you f@*k-off"

     That is the way Civilization usually works. 

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From vipul at pobox.com  Tue Aug 20 23:48:27 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Wed, 21 Aug 1996 14:48:27 +0800
Subject: Phoneco vs X-Phone
In-Reply-To: <199608192246.PAA08982@mail.pacifier.com>
Message-ID: <199608210402.EAA00558@fountainhead.net>


> What do you mean, "doesn't really fit the facts"?!?  What part of it was 
> incorrect?  Fiber-optic _is_ commonly used in inter-office trunks, right?  
> It doesn't wear out, right?  Higher usage doesn't entail greater costs, 
> right?  The capacity, while not strictly infinite, is high enough so 
> expanded usage doesn't strain most links, right?  Finally, modern phone 
> switches have sufficient connect capacity so that they can handle usage 
> which would have been considered "unusual" by yesteryear's standards.  All 
> of this points to an obvious conclusion:  Telephone companies do not, in 
> general, have increased costs as a consequence of increased telephone usage.
> 
> Here's what I think is _really_ going on:  You have decided that you think 
> the costs of the telephone system should be apportioned by usage EVEN IF 
> higher usage is no more costly to provide.  That's why you don't want to  
> disprove my claims.  You're afraid that you'll have to say, "Yes, you're 
> right Jim, but I _still_ think billing should be porportional to use."

No ulterior motives, Jim. Cool Down :)
Now lets see, you say we have enough capacity out there, alright, but then
why is everyone raving about "a slow internet". We all know in IT 640K
is never enough, niether is 640Mb. At some point in time, new cables
_have_ to be laid. Moreover you seem to be considering a static growth rate,
but we all know the Internet is nothing short of a big-bang. 

I am trying to debate a model rather than numbers and in which case its
important to to consider a long-term scenario.

This reminds me of a survey on a "proposed Rural Telecom Network" back in 
India, which finally decided that ROI will not justify the project
even in 20 years time. 

> Some of whom are probably unnecessary.  Interestingly enough, the rumor is 
> that half the costs for LD are in billing and customer service.  Most of 
> these costs would disappear if LD was unmetered.  
> 
> >
> >> >But you miss my point, if a phoneco is not getting a penny for its long 
> >> distanceservices (which subsidise the flat rate local calls) then the 
> choice would be to close down. Which would be a severe attack to the 
> local internet usage.
> >> 
> >> That's an entirely unsupported claim.  Nobody claims that telephone usage 
> >> (term used generically) is on the way out.  "Closing down" is only going to 
> >> happen if local phonecos cease to be able to provide a service that people 
> >> are willing to pay for.
> >
> >Exactly! Once "X-Phone" has its servers in US Cities, and its charging 10 
> cents 
> >a minute for long distance calls, I don't see if the phonecos would be able 
> to provide any service that people are willing to pay for, I mean they won't
> >be able to provide matching lucrative rates. 
> 
> I am confident that local phonecos can remain competitive even against 
> "free" Internet telephone service.  What they need to do is simple:  
> Entirely remove the LD/local subsidy, remove metering on LD (as well as 
> local), bill yearly for far lower costs, etc.  Once this is done, LD will be 
> "free", at least on a marginal basis, so no customer will have any 
> motivation to move to "Internet telephone" service.
> 
> 
> >You mean to say that, X-Phone will take advantage of the phoneco and mint 
> >money for a minimal investment, whereas the phoneco who spent billions on the
> >infrastructure will be just whistle down the road, and let the X-Phone 
> >indulge in its own cyberdo.
> 
> In the US, the current telephone company infrastructure is ALREADY PAID FOR. 
>  It was paid for by over-inflated rates during a monopolized era.   If 
> anything, the locals have an "unfair advantage" over the rest of the 
> companies:  Only they have a copper pair into every home.  

Alright, once again I try to show what exactly I am pointing at. Alice uses
the phone 23 hrs a day, Bob uses 10 mins, both get their connections
from ABCTel. The bandwidth with ABCTel saturates and it has to buy more 
bandwidth (if ABCTel is a babybel, it will be buying it from a BigBell,
and whether or not bandwidth exists is quite besides the point here)
Its because of subscribers like Alice ABCTel is buying more bandwidth,
and the flat rate revenues generated by addition of a couple of members won't 
justify the new bandwidth. 

Flat rates are based on the assumption that a subscriber will use the service
for X amount of time. Since the phoneco has no control over user behaviour,
more that reasonable number of Alice-type clients will screw up the phonecos 
economics.

With explosion of Internet, people have found a new way of using their phone
line, and all these companies are already in trouble. To top all that we
are loudly professing the Internet (ultra-low-cost) solutions to LD Calls
with phoneco. 


- Vipul
vipul at pobox.com






From jimbell at pacifier.com  Tue Aug 20 23:53:41 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 21 Aug 1996 14:53:41 +0800
Subject: Phoneco vs X-Phone
Message-ID: <199608210046.RAA01785@mail.pacifier.com>


At 04:02 AM 8/21/96 +0000, Vipul Ved Prakash wrote:

>Now lets see, you say we have enough capacity out there, alright, but then
>why is everyone raving about "a slow internet". We all know in IT 640K
>is never enough, niether is 640Mb. At some point in time, new cables
>_have_ to be laid. Moreover you seem to be considering a static growth rate,
>but we all know the Internet is nothing short of a big-bang. 
>
>I am trying to debate a model rather than numbers and in which case its
>important to to consider a long-term scenario.

Well, okay, here's some numbers: First, I've recently found out that in 
large quantities, it costs 10 cents per meter for bare fiber.

Assume 30 cents per meter per fiber for cabled fiber, or about $10 (US) per 
meter for 36-fiber cable.  Each fiber pair should be able to handle 
approximately 1 million conversations at current data rates, or a total of 
18 million conversations for that 18-pair cable, or 9.5 trillion 
conversation-minutes.

Multiply this cost by 10 for right of way, trenching, repeaters, and other 
auxiliary hardware, or $100 per meter.  This is probably just a ballpark 
estimate, but...

Let's assume that the average phone call goes through 5000 kilometers of 
fiber, which is approximately the width of the US.  (yes, I realize this is 
vastly over-inflated.  But my estimate is attempting to be conservative, on 
the "safe" side.)  A cable the width of the US costs  $500 million.  Assume 
that if it is to pay for itself, it must provide gross revenue of at least 
this amount to make a profit.

(It would probably be more accurate to say that the cable needs to actually 
profit by 10% of its value per year.  If it grossed 100% of its value, per 
year, then that would provide up to $450 million per year  in maintenance 
and other costs per year, and still be a profit of 10%.  But again, I'm 
trying to be CONSERVATIVE in how I account for costs.)

Assume an average of 1/10th of its capacity is used, or 950 billion 
conversation-minutes.  Do the division, dividing $500 million by 95 billion, 
and this works out to 1/20 of a penny per conversation-minute.

At this point, your jaw should drop.  Despite my dramatically over-inflated 
cost estimates for the fiber and installation and maintenance, and vastly 
underestimated utilization, I've still managed to justify only 1/20 penny 
per minute of cost. 


>This reminds me of a survey on a "proposed Rural Telecom Network" back in 
>India, which finally decided that ROI will not justify the project
>even in 20 years time.

I've read that estimates show that it would probably be cheaper to provide 
cellular-telephone service in China to everyone than to wire the country up 
with copper lines.  This isn't particularly surprising.  Cell-phones solve 
the "last few hundred yards/mile or two" problem quite well.  Since nearly 
all of the actual connections in a copperline telephone system are 
switch-to-individual-phone lines, going cellular saves a bundle of 
installation costs.
 

>> In the US, the current telephone company infrastructure is ALREADY PAID 
FOR. 
>>  It was paid for by over-inflated rates during a monopolized era.   If 
>> anything, the locals have an "unfair advantage" over the rest of the 
>> companies:  Only they have a copper pair into every home.  
>
>Alright, once again I try to show what exactly I am pointing at. Alice uses
>the phone 23 hrs a day, Bob uses 10 mins, both get their connections
>from ABCTel. The bandwidth with ABCTel saturates and it has to buy more 
>bandwidth (if ABCTel is a babybel, it will be buying it from a BigBell,
>and whether or not bandwidth exists is quite besides the point here)
>Its because of subscribers like Alice ABCTel is buying more bandwidth,
>and the flat rate revenues generated by addition of a couple of members won't 
>justify the new bandwidth. 


>Flat rates are based on the assumption that a subscriber will use the service
>for X amount of time. Since the phoneco has no control over user behaviour,
>more that reasonable number of Alice-type clients will screw up the phonecos 
>economics.

 Re-read my estimate, above.  Apparently, POTS-level "bandwidth" in a 
national fiber network should "cost" about 1/20 cent per minute, or maybe 
even less than that.  Your commentary just above shows that you are assuming 
a far greater cost.   For example, even your "23-hours-per-day" exaggeration 
should only cost 23x60x$0.0005, or $0.69 per day, or $21 per month.  High, 
but that usage is unrealistic, of course.  However, assuming one eighth of 
this usage, or 3 hours per day, that would be a daily cost of approximately 
$0.08, or about $2.75 per month.

Also, you need to remember that if the telephone usage (in for example, the 
US) was so high as to get a substantial fraction of the population on the 
phone, LD, for as long as 12 hours per day, the average utilization of the 
fiber cable I've projected would rise from the highly-conservative figure of 
10%, up to perhaps  25% or so.  Since this increased usage wouldn't increase 
the cost of the cable itself or the installation or maintenance, the 
corresponding cost estimate would drop from 0.0005 dollars per minute to 40% 
 of this or so, which is about $0.0002 per minute.  At that rate, a "12 
hours per day" usage would cost only $4.32 per month, which is well in line 
with current phone plans.

But again, remember that most of these "costs" are really merely the result 
of allocating some proportion of an existing, fixed cost.  Make that cost 
small enough (as fiber optics does) and spread it over enough users, and it 
becomes ignorable.


>With explosion of Internet, people have found a new way of using their phone
>line, and all these companies are already in trouble. To top all that we
>are loudly professing the Internet (ultra-low-cost) solutions to LD Calls
>with phoneco. 

I don't see any problem at all!  You're just (falsely) assuming that LD 
should, somehow, be more expensive than local calls.  Maybe it should be 
VERY SLIGHTLY more expensive,  but LD fiber is basically a one-time 
investment  with little maintenance costs.  

In order to determine how much more expensive LD should be over local, all 
you should have to do is figure out how much the additional equipment and 
fiber costs, and then consult an telephone engineer to figure out usage 
rates, and then go to an economist who can tell you how many more dollars 
you're going to have to charge.  (Based on typical ROI tables,etc.)   I've 
done enough of the numbers already to convince me that the amount is so tiny 
as to be ignorable.  


The fact is, LD phone is a business that, like it or not, is going to shrink 
drastically _in_terms_of_dollars_, simply because the cost of that service 
will likewise, go down.  That's life.


Jim Bell
jimbell at pacifier.com





From cbarnett at eciad.bc.ca  Wed Aug 21 00:09:59 1996
From: cbarnett at eciad.bc.ca (grad 96)
Date: Wed, 21 Aug 1996 15:09:59 +0800
Subject: raygun shielding
Message-ID: <Pine.SGI.3.91.960820105924.8084A-100000@oswald>


not being an authority on the uses of X-Ray technology, I have no idea 
how useful tinfoil or gold lamme would be for shielding. As a 
professional photographer, I do know that one can purchase lead lied bags 
to protectect one's film from being ruined by the X-Ray machines at the 
airport. They do not work. When the customs people come to an object in 
your bag that they can not see into, they turn up the power until they 
can. I have ruined film and customs officer testimony to back this up, 
that's why I have them do a visual inspection of my film. If you have a 
lot, they don't look very hard, which has it's own bundle of opportunity 
right there. Not that I am advocating that kind of behavior.

clint barnett
lord of the cosmos
emily carr institute






From snow at smoke.suba.com  Wed Aug 21 00:12:46 1996
From: snow at smoke.suba.com (snow)
Date: Wed, 21 Aug 1996 15:12:46 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.SV4.3.91.960820191108.9214E-100000@larry.infi.net>
Message-ID: <Pine.LNX.3.93.960820223234.391E-100000@smoke.suba.com>


On Tue, 20 Aug 1996, Alan Horowitz wrote:

> I wish they'd get back in the business, but add an overt poison to the 
> product.
> Clean out the shit from the cities. Long live Darwinism.

     Really? 

     What are you drinking right now? 

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From ponder at freenet.tlh.fl.us  Wed Aug 21 00:16:50 1996
From: ponder at freenet.tlh.fl.us (P. J. Ponder)
Date: Wed, 21 Aug 1996 15:16:50 +0800
Subject: Hackers invade DOJ web site
Message-ID: <Pine.OSF.3.91.960820222151.2689B-100000@fn3.freenet.tlh.fl.us>


keywords: Crypto-policy, digital signatures, Anti-Horsemen,
          secure-DNS, DOJ-web-prank, Ayn Rand, hydrazine          

Will Day <willday at rom.oit.gatech.edu> responed to Frank Stuart's
cogent and insightful posting on the DOJ hack and a possibility
of using the tawdry event to some advantage....  If you missed Frank 
Stuart's original message, much of it is in Will Day's response.

I have made some tedious reformatting here with prepended 'Day' and 
'FS' marks to separate the two and clipped some ephemeral lines. Will 
Day signed his message with Pretty Good Privacy, but I clipped the 
signature from that off, also, having already hosed it up with my 
editing of line lengths, &c., so that you couldn't check it anyway,
even if you wanted to.

The gist of Will Day's question is how can an argument be made that 
supports the greater availability of strong crypto from the fact that 
someone swapped spoofed-up (and inane) pages for the DOJ's own on the 
DOJ's own web site?

Let's start by trying to imagine a future world of geodesic networks
based on robust strong protocols that are ubiquitous, easy to use, and
embedded in the chips of even the most mundane devices.  In this world,
authentication of data, such as web pages, is required (or at least it
could be) for every packet we receive.  For data retrieved from remote
sites we may require multiple signatures, and certificates signed by
someone in whom we have placed a high reputation value. 

When (or if) freely available legal authentication technology becomes
ubiquitous and transparent, we will be able to use it for even low
risk, trivial, applications - like remote controls for televisions. 

We sure as hell won't have to stay up at night worrying that some punk
is going to change any of the bits on our web server and that such
changes might go undetected by our code-signed auto-gunsel.

We are a long way from crypto-Chaumian-utopia, and it appears as 
though the US federal government wants to make it harder for us to get 
there.  (As an aside, I think the Clinton administration gets more of 
the blame for this than they should, since it was entrenched policy 
before they got out of Arkansas.  I think the roots of Clipper and GAK 
are back in Reagan's stint, about the time of NSDD 145. But then, the 
current leaders aren't doing much to develop meaningful *public* 
cryptography policy, so they have to take the heat now.)

Strong crypto helps people protect what is theirs.  That is part of 
what Frank Stuart is saying, and he's right.  That is a good point, 
and it deserves some attention.  Strong crypto can help big powerful 
organizations like the DOJ, and it can help regular folks, too.

Frank Stuart's next point is a beauty - at least the DOJ site that was 
attacked didn't have copies of everyone's secret keys stored on it.  
We all may know that even if GAK were ever passed, no one would be 
stupid enough to store the keys on a web server sitting out on the big 
bad Internet, but the cleverness of this spin-vector is that it raises 
the issue of GAK-riskiness in the context of DOJ's computer security. 

The last point is that another law on the books isn't needed, and 
wouldn't be effective anyway.

I have gone on way too long already, but to sum up, the DOJ being 
abused may serve to help the cause, if the proper angle can be seen - 
and Frank Stuart is off to a good start.  The specific answer to Will 
Day's question, which is a good one - how does crytpo protect your 
poor little Linux box in the corner that serves up web pages? -
is left up to the student as an exercise. 
--

Day>A short time ago, at a computer terminal far, far away, Frank Stuart 
Day>wrote:

FS> however, I think those in a position to do so should start with 
FS> the spin control.  Some suggestions:
FS>
FS>   The fact that even the U.S. Justice Department is unable to 
FS> adequately  protect it's own site from intruders underscores the 
FS> need for widely-available strong encryption.
FS>
FS>   While this is certainly a major embarrassment for the Justice 
FS> Department, at least the mandatory "key escrow" program the Clinton
FS> administration is insisting upon has not yet been implemented; 
FS> no private citizens' data appears to have been compromised this time.
FS>
FS>   It's doubtful that a new law or government bureaucracy would have 
FS> prevented this from happening but it's entirely possible that tools 
FS> such as strong encryption could have.  It's ironic that the U.S. 
FS> Government is focusing on the former while fighting use of the latter.

Day> I understand how it affects their claim for the security of escrowed
Day> keys, but I'm afraid I don't follow the other argument.  How would
Day> the wide availability of strong encryption have helped prevent the
Day> breakin?  How would encryption in general prevent breakins?  I'd 
Day> love to use this as an argument for strong encryption, but I 
Day> don't see how it really applies.








From jimbell at pacifier.com  Wed Aug 21 00:18:37 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 21 Aug 1996 15:18:37 +0800
Subject: phoneco vs x-phones
Message-ID: <199608210437.VAA16416@mail.pacifier.com>


At 02:21 PM 8/20/96 -0700, Brian D Williams wrote:
>
>Disclaimer: The opinions expressed are my own, I do not speak for
>Ameritech or it's alliance partners.

>Jim Bell replies:
>
>>If that is the main difference in costs, then we should abandon
>>those regs. Another big cost is billing, which could be eliminated
>>if usage were unmetered.   In any case, I tend to agree:  Make
>>these changes, eliminate the LD/local subsidy, and  the LD
>>companies would have no problem (at least domestically) competing
>>against Internet phone.   (International may be a different story,
>>because foreign telcos tend to be owned by countries.)
>
>Yes compliance costs are a sore subject. Billing costs are actually
>very cheap,(the mainframes are on the floor above me) the
>difference between sending a metered bill or a flat rate bill is
>tiny. Really tiny (NDA). The local/long distance subsidy was
>eliminated at breakup, but long distance companies do have to pay
>to use local networks,

"the king is dead, long live the king!"???

The long distance companies are not "using local networks," your customers 
are...to connect to those long distance companies.  And any payments LD 
companies make to you are, indeed, a subsidy.   Tell me, how much is this 
_subsidy_, exactly?

BTW, in case you doubt this assessment, let's do a fair comparison, shall 
we?  Let's suppose, for the moment, that the amount of the subsidy is 3 
cents per minute.  (a figure I heard around here, recently.)  As an 
alternative, the phone company would presumably be entitled to be served by 
phone lines, at say $30 per month or so, through which their customers reach 
them.  $30 per month is $1 per day or 4 cents per hour or about 0.07 cents 
per minute.   3 cents doesn't equal 0.07 cents, now does it?!?

Tell me again how "the local/long distance subsidy was eliminated at 
breakup."  Tell me another one, daddy...


>but as competition heats up these rates are
>dropping and new players (competitors) join the table, Or they can
>build their own. ;) 

How has this remaining SUBSIDY dropped over time, assuming it has?  When is 
it scheduled to drop to zero?


>One of the fun turns of events might be that the threat of x-phones
>might lead the RBOC's to actually turn into an ISP's! We could pull
>this off at amazing speed. (if you can't beat them, join them!) We
>are after all one of the four major nodes of the Internet......

First, you need to figure out how to supply ISDN for a REASONABLE charge, 
like "no extra charge!" to customers.  It's been over 16 years after I first 
heard of ISDN.  At the time, it seemed like a wonderful idea...against the 
300 baud modems then in use.  Against modern 31K modems that you only have 
to pay for...ONCE...ISDN seems mighty lame.

Face it, ISDN used to be a good idea.  But it's just barely shown up the 
moment it's hit the end of its marketing window.  ISDN will have a marketing 
lifetime for maybe a couple of more years, and only then because you can't 
put more bits through a 3.4 khz passband.

Not to mention all the bullshit propaganda that claimed that with ISDN, you 
wouldn't have to buy any modems.  Well, maybe that's just because they 
didn't CALL them modems, but they charged way more for an essentially 
indistinguishable function.  Can you say, "Fraud"?  I knew you could!

Okay, go ahead, charge a little extra for ISDN.  How much more?  Well, let's 
see:  31K modems sell for $99.  ISDN is four times faster, so let's say it's 
worth four times more, or $400.  Amortized over 10 years, that's about $3.60 
per month.

Fair enough?




Jim Bell
jimbell at pacifier.com





From furballs at netcom.com  Wed Aug 21 00:29:05 1996
From: furballs at netcom.com (Paul S. Penrod)
Date: Wed, 21 Aug 1996 15:29:05 +0800
Subject: Taxes on Internet access prediction
In-Reply-To: <ae3f4d89020210046ca3@[205.199.118.202]>
Message-ID: <Pine.3.89.9608202145.A13012-0100000@netcom>




On Tue, 20 Aug 1996, Timothy C. May wrote:

> At 5:54 PM 8/20/96, Mike McNally wrote:
> 
> >Sure, but clearly that's not exclusively the case.  (Amazingly enough
> >to some might be the fact that my for-work e-mail volume far exceeds
> >my not-for-work volume.)  Hopefully I haven't brought too much shame
> >to my employer.
> >
> >In any case, with the IRS it's often less a matter of common sense
> >than what they happen to decide is The Law.  Witness the changes in
> >laws about what constitutes a "home office".  Currently, if you're
> >(let's say) a freelance plumber who maintains a legitimate office
> ...
> 
> Caveat: I'm not a defender of income taxes, of course. Nor am I a defender
> of the IRS.
> 
> However, on the "home office" situation, most of the examples I encounter,
> in talking to friends, are clearly scams to save a thousand bucks (or less)
> on their tax returns. Most of my friends who try to deduct a room in their
> house because they've put their computer there are clearly not using "20%"
> or "25%" or whatever of their house as a business.
> 
> For those who really do actually use a room in their home for building
> things, for meeting with clients, for operating a home business of some
> sort, then I think the IRS will have no problems allowing it. (If the
> subject even comes up, in an audit. There are some reports that attempting
> to declare a home office increases ones chances of being audited....)
> 
> As the saying goes, consult a competent expert. A few books detail the
> expected amount of work that must be done in a "home office," and whether
> one is likely to qualify.

As one who has regularly maintained a home office for many years, there 
are a couple of points on the above issue that should be made.

First, the stories about increased audits are true. This is one of the 
"red flag" items on Schedule C that the IRS looks for. If the types and 
amount of deductions taken for the space utilized evens smells like there 
is possible overlap with the interest deduction for the mortgage, it gets 
kicked out for review. This does not mean you get a letter or a phone 
call, but none the less, the more interest there is in the return the 
greater the chances for a tango downtown.

Schedule C has been a target for many years(especially since HB 1706) 
went to law concerning contract employee status vs consulting and the 
famous 20 point list et al. I had a 3 hour conversation with a regional 
supervisor of the IRS about this list and the impossiblity of any 
business (even one the size of IBM) and/or person qualifying as a 
contractor/consultant on all 20 points. He informed my unoffically that 
the litmus test centers around a majority of the conditions being 
satisfied of which one of the important ones is a home office, else a 
consultant is (for tax purposes) a contract employee and gets raped in 
both directions. You can't deduct for business expenses because you are 
technically an employee of the client, plus you have to pay the higher 
rate of self employment (15.16% or some such non-sense). Fun...

For the plumber that works "offsite" as well as the consultant, the home 
office is a legitimate deduction so long as they can prove that they set 
their own schedule and hours, have more than one "client", and generally 
operate as a "business". This usually means registering the business 
address at the residence, business license, checks, etc. and setting 
aside the workspace necessary to accomplish the adminstrative tasks to 
keep the business running. Taking a picture of the office helps alot, if 
there are questions about the legitimacy.

As for the closet consultant who looks for a cheap fast deduction, I have 
zero sympathy if they get caught. If it isn't legitmate, it isn't worth 
the risk. It will catch up with you. Fascist state or not, these are the 
rules of the game: Declare everything. Deductions are negotiable.

 > 
> As one data point, I have derived nearly all of my income over the past 10
> years from investments. And yet the "work" needed to be done on my computer
> is such a tiny fraction of my overall use of it that I don't even try to
> write off my various computers as "investment expenses." Your mileage may
> vary.
> 
> And I certainly have not tried to write off a room in my house as a home
> office. (As it happens, I need few of the "office" resources, so I have my
> PowerMac and 17" monitor sitting beside my recliner in the family room of
> my house, where I can lie back, log in, and bliss out in cyberspace.)
> 
> --Tim May

Again the deduction and the risk involved in taking it depends on the 
situation. If you are investing and/or running the numbers on the market, 
then there may not be enough there to make it worth your while. I have a 
client of mine who grosses 7+ figures - net from his commodities, and all 
he does is take the losses and never expenses anything else. There is no 
need to, as it's such a small part of his income as to make it ridiculous.






From furballs at netcom.com  Wed Aug 21 00:34:11 1996
From: furballs at netcom.com (Paul S. Penrod)
Date: Wed, 21 Aug 1996 15:34:11 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <199608210044.RAA02892@adnetsol.adnetsol.com>
Message-ID: <Pine.3.89.9608202254.A13012-0100000@netcom>




On Tue, 20 Aug 1996, Ross Wright wrote:

> On Or About 20 Aug 96, 16:23, Jim Gillogly wrote:
> > 
> > Vipul Ved Prakash <vipul at pobox.com> writes:
> > >I don't know if there has been much discussion on the ethics of
> > >spamming here? Is spamming free speech? 
> > 
> 
> > I oppose spamming because it's rude and inefficient, lowering the
> > S/N everywhere it happens.  Market droids
> 
> Market Droids????  As a salesman I take offence at this slur.

Don't bother. There is a difference between marketing and sales. Lighten 
up. Good salesmen are born with the ability - marketing is a bad attempt 
at appyling engineering principles to the same.

As for spamming, I get enough of it via snail-mail, I don't want to see 
it in my Inbox too. And, for the record, there are lots of people out 
there who pay on the bulk charge, not by time. Sending advertising or 
junk mail to these folks costs them money, maybe not much for the one 
message you sent, but several thousand over a month of a quarter add up 
to real money.

There is a time and place for legitimate advertising. I am sure that 
given time and impetus, a number of clear channel venues will open up to 
allow precision marketing and sales to happen electronicly. 

At the moment, it's bad nettiquette...

...Paul






From erehwon at c2.net  Wed Aug 21 00:42:03 1996
From: erehwon at c2.net (William Knowles)
Date: Wed, 21 Aug 1996 15:42:03 +0800
Subject: [NOISE] Airport legal question
In-Reply-To: <printing.1140.013575CD@explicit.com>
Message-ID: <Pine.SUN.3.94.960820223028.7867F-100000@infinity.c2.net>


Lucky,
 
>I know that it is a violation of federal law to joke about explosives at 
>the X-ray machine. Would an "I love Explosives" sticker on carry-on 
>luggage violate any laws?
 
Dunno, But you might get a kick out this from The Chicago Reader that 
published a list of the "bomb threats" made at O'Hare International 
airport a few weeks back.
  
7/18:  "I have nothing other than the bomb I am going to put on the plane."
7/18:  "I have a bomb that's going to go off in 30 seconds."
7/18:  "You mean the bomb I have in my bag?"
7/19:  "I don't have an ID, but I have a bomb."
7/21:  "There's a bomb in the bag in my hand."
7/23:  "I don't have a bomb in the bag."
7/23:  "I got a bomb in my bag to kill everyone here."
7/24:  "Well no, I left my pipe bomb at home."
7/25:  "The one that looks like [there's] a bomb in it."
7/26:  "I have a bomb in my bag.  Boom."
7/27:  "Where should I put the bomb?"
7/27:  "No, nothing but a bomb."
7/31:  "Are you checking for bombs?  I've got a bomb in my bag."
7/31:  "I have some explosives to transport."
8/1:  "It's not as if we were Swedish and here to blow up the airport."
8/2:  Offender:  "It's a bomb in the bag."  Witness:  "That's not funny."
Offender:  "I'm not playing."
8/3  "I have a bomb."

 
-- 

William Knowles
erehwon at c2.org


--
William Knowles    <erehwon at c2.org>
PGP mail welcome & prefered / KeyID 1024/2C34BCF9
PGP Fingerprint 55 0C 78 3C C9 C4 44 DE   5A 3C B4 60 9C 00 FB BD
Finger for public key
--
Vote for Harry Browne in November -- http://www.HarryBrowne96.org







From alano at teleport.com  Wed Aug 21 00:48:26 1996
From: alano at teleport.com (Alan Olsen)
Date: Wed, 21 Aug 1996 15:48:26 +0800
Subject: Hackers invade DOJ web site
Message-ID: <2.2.32.19960821051709.00e4b758@mail.teleport.com>


At 06:31 PM 8/20/96 -0500, Frank Stuart wrote:
>Since we don't know how the intruders broke in, we can only speculate.  I
>can think of several scenarios where cryptographic techniques could help.
>I can also think of several where they wouldn't.  When you've only got 20
>seconds to explain to a non-technical audience, I don't think it's dishonest
>to say that it might have prevented it.
>
>Off the top of my head, here are a couple examples:
>
>   1. It's possible that a DOJ employee logged in from a remote site while
>      the intruders were snooping somewhere along the way.  If the link had
>      been encrypted, that would have made things much more difficult or
>      impossible for the attackers.
>
>   2. Perhpas the intruders used IP spoofing and .rhosts to break in.  If
>      machines had to be cryptographically authenticated, a rsh from the
>      wrong machine wouldn't work.

One of the best comments I have seen (from another list) was:

"These are the people who want us to escrow our encryption keys with them
and yet they can't protect their own web site."

I think this can be used as a very valid example as to why they are
untrustworthy to be in charge of keeping anything private and/or protected,
let alone private encryption keys.

---
|  "Remember: You can't have BSDM without BSD. - alan at ctrl-alt-del.com  "|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From zachb at netcom.com  Wed Aug 21 01:08:30 1996
From: zachb at netcom.com (Z.B.)
Date: Wed, 21 Aug 1996 16:08:30 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <2.2.32.19960821051717.00ee312c@mail.teleport.com>
Message-ID: <Pine.3.89.9608202214.A15288-0100000@netcom18>


On Tue, 20 Aug 1996, Alan Olsen wrote:

> At 08:23 PM 8/20/96 -0700, you wrote:
> 
> >A more detailed version of this story was posted on talk.politics.guns 
> >last week.  I could dig it up and post it if anyones interested.
> 
> Post it.  I would like to see it at least...
> 
You got it...


Published in Washington, D.C.   July 9, 1996
Insult to Clinton leads to 2 arrests

------------------------------------------------------
By Ruth Larson
THE WASHINGTON TIMES
------------------------------------------------------
[A] Chicago-area couple were arrested on charges of
    disorderly conduct and interrogated for more than
12 hours last week, simply because the woman told
President Clinton exactly what she thought of him.
  Last Tuesday, Mr. Clinton made an impromptu stop at
the "Taste of Chicago" festival in Grant Park at
midafternoon.
  According to her husband, Patricia Mendoza, angered
and upset by the recent deaths of 19 U.S. airmen in
Saudi Arabia, told the president, "You suck, and
those boys died!"
  Once the president left the area, Secret Service
agents and Chicago police converged on Mrs. Mendoza
and accused her of threatening the president, a
charge her husband, Glenn, vehemently denies.
  "It doesn't take a rocket scientist to figure out
that if my wife had threatened the president -- which
she did not -- I can guarantee we wouldn't have been
locked up on charges of disorderly conduct," the
Westchester, Ill., man told The Washington Times in a
telephone interview last night.
  Mr. Mendoza served in the Navy for 4 1/2 years, and
he was on a ship off the Lebanese coast when the 1983
bombing of the U.S. Marine barracks in Beirut killed
241 Marines and sailors. "I didn't sit on an aircraft
carrier for four years to be railroaded by a bunch of
Secret Service agents," he said.
  Secret Service spokesman Ar nette Heintze said:
"People don't get locked up just for saying, 'You
suck.' You could say that all day long and it's not a
violation of law or local ordinances."
  Mr. Heintze insisted that Mrs. Mendoza "made a
threatening statement" to the president, but he
refused to elaborate, saying that the matter was
under investigation. "It's a situation that happens
from time to time, but it's something we take very
seriously," he said.
  The incident sparked a media frenzy in Chicago but
had yet to surface on the East Coast until radio
talk-show host G. Gordon Liddy discussed it on his
nationally syndicated program yesterday.
  Mr. Liddy told The Times: "I think it's outrageous.
Everybody agrees that if there's a threat, the Secret
Service clearly can detain the individuals and do an
investigation.
  "But 'You suck, those boys died' is not a threat.
It's an expression of anger, contempt or ridicule.
It's wrong for the Secret Service to detain someone
if there's no threat," he said.
  Mr. Mendoza, who owns a small electronics firm, and
his wife were at the festival with their employees,
unaware that the president was coming. Suddenly, he
recalled, the Secret Service descended on the park,
throwing up barriers and preventing anyone from
leaving the area.
  A black car drove up, Mr. Clinton leaped out and
began shaking hands with onlookers, and Mrs. Mendoza
found herself face to face with the president, Mr.
Mendoza said.
  Mr. Clinton shook her hand and she reacted by
pulling it back and telling him, "You suck, those
boys died," Mr. Mendoza said. He said the president
looked at her, then motioned to an assistant as he
moved along the rest of the line. "He wasn't
pleased," Mr. Mendoza said.
  Soon afterward, Mr. Mendoza said, Secret Service
agents began accusing his wife of threatening the
president's life. At that point, he said, he began
directing his wife: "Trish, don't say anything. We
need a lawyer."
  An officer told him to shut up and he responded,
"Screw you. I have a right to tell my wife to get a
lawyer when she's getting interrogated by the Secret
Service," Mr. Mendoza said.
  He concluded, "The fact is, I was arrested because
I was swearing at my wife."
  Chicago police arrested the couple at the request
of the Secret Service. The Mendozas were questioned
until their release on personal-recognizance bond at
4 a.m.
  Mr. Mendoza denied any political ill will toward
Mr. Clinton.
  "I'm apolitical. I was in the military, had a good
record, have a wife and two kids, a small business,"
he said. But he fears the incident will be
exaggerated because of election-year politics and the
Democratic National Convention coming to Chicago next
month.
  "They're making us look like Bonnie and Clyde,
Republican poster children. And that's not who we
are," Mr. Mendoza said.

------------

Published in Washington, D.C. July 10, 1996



By Ruth Larson
THE WASHINGTON TIMES

   The U.S. Secret Service yesterday sought to distance itself from
the arrest of a Chicago-area couple who "insulted" President
Clinton during his visit to a festival there last week.
   Yet even as it was discounting its role in the arrests of Glenn
and Patricia Mendoza, the Secret Service was consulting with
the U.S. attorney in Chicago about criminal charges against the
couple.
   And Secret Service and Chicago police spokesmen differed on
several details of the incident, which is triggering growing
outrage on talk radio and even from a prominent Republican
member of Congress.
   The Mendozas were at the Taste of Chicago festival in Grant
Park on July 2 when Mr. Clinton dropped by to shake hands in
the crowd. Mrs. Mendoza, upset over last month's bombing deaths
of 19 U.S. airmen in Saudi Arabia, told the president as he took
her hand: "You suck, and those boys died."
   Mr. Mendoza said the president looked at her, then motioned
to an assistant as he moved along shaking hands.
   After the president left, Secret Service agents accused Mrs.
Mendoza of threatening the president. Her husband stepped in
and ordered her not to say anything until they called a lawyer.
   "That is not accurate," Secret Service spokesman Arnette
Heintze said yesterday of the Men dozas' version. "A direct
threat was made, but I'm not going to elaborate. Mrs. Mendoza has
a right to fair representation of her case, as does the
prosecution, and the newspaper is not the proper place to air
this case.
   "We were there because a verbal threat was made to the
president, and the Secret Service is responsible for the
physical safety of the president."
   Rep. Robert Livingston, Louisiana Republican, is among
those angered by what he called Secret Service overreaction.
"Is this going to be the norm? If you criticize the president,
are you going to be arrested by a bunch of federal agents and
thrown in jail overnight? That's a frightening thought."
   "I think on the heels of this FBI investigation, with these
FBI files in the White House, this kind of symbolizes an
appalling lack of respect for human rights and for the rights of
people to speak out in this country," Mr. Livingston said in a
C-SPAN interview.
   Mr. Heintze, who complained about continuing media
interest in the Mendoza matter, said the Secret Service thought
there was no need to arrest the couple at the festival because
Mr. Clinton had moved on. He said Chicago police arrested the
Mendozas because of their conduct after the president left.
   "The Mendozas refused to follow police directions, and so
they opted to arrest them. We supported them in their action,
but it was an independent act by the police.
   "The arrest was separate and incidental to our questioning of
the Mendozas," Mr. Heintze said.
   The Mendozas were charged with disorderly conduct, a
misdemeanor, and were interrogated for 12 hours before they
were released. No federal charges have been filed.
   The case has been complicated by conflicting details from the
principals:
   The Chicago Police Department says it is handling the
matter. Department spokesman Patrick Camden said yesterday,
"There's no Secret Service involvement, to my knowledge." The
couple are scheduled to appear in misdemeanor court Aug. 27.
   But Ralph Grayson, special agent in charge of the Secret
Service's Chicago office, said his agency has an "ongoing
investigation" into the matter.
   The Secret Service said Mrs. Mendoza made a "threatening
statement" to the president that was far more serious than the
one Mrs. Mendoza says she made, but it declined to say what the
threat was.
   Mr. Camden said Mrs. Mendoza had hinted at "blowing up
the president." "She said something to the effect that 'He [Mr.
Clinton] should have been blown up instead of the 19
servicemen.'"
   Mr. Heintze said emphatically, "That is not accurate, and
don't try to find out what the threat was."
   A Chicago police spokesman said yesterday that the Secret
Service had not asked them to arrest the Mendozas, as was
previously reported, but that the couple were arrested for
creating a disturbance.
   The extent to which alcohol contributed to the incident is
also in question.
   Mr. Camden said: "Sure, there was alcohol. They both had
been drinking. A rational person doesn't act that way. This was
a family event, there were kids around, and these people were
saying a lot more than 'You suck.' In fact, it rhymed with
'suck.'"
   Mr. Mendoza acknowledged that when Secret Service agents
accused his wife of threatening the president's life, "I was
screaming at the top of my lungs. Granted, I was angry, scared,
upset, and if that's disorderly, I guess so."
   He said he was not drunk. Mr. Mendoza said he repeatedly
demanded that he be given a blood breath test, but the police
refused.
   "We wouldn't do a Breathalyzer test, even if he asked," the
police spokesman said.
   "We are so sensitive about First Amendment rights," said the
Secret Service spokesman. "I can assure you that if the Secret
Service was doing anything contrary to the Constitution, the
president would not tolerate it, and he would make big
changes," he said.


* Joyce Price contributed to this report.

---
 � KWQ/2 1.2i NR � Friends don't let friends run Windows.
                                                                                                        





---

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127









From rich at c2.org  Wed Aug 21 01:14:51 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 21 Aug 1996 16:14:51 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <199608210340.UAA06334@adnetsol.adnetsol.com>
Message-ID: <Pine.GUL.3.95.960820225659.13603C-100000@Networking.Stanford.EDU>


On Tue, 20 Aug 1996, Ross Wright wrote:

> On Or About 20 Aug 96, 18:09, Rich Graves wrote:
> 
> > On Wed, 21 Aug 1996, Vipul Ved Prakash wrote:
> > 
> > > I don't know if there has been much discussion on the ethics of
> > > spamming here? Is spamming free speech? 
> > 
> > Yes.
> > 
> > So is mailbombing the motherfucker, or more productively, virtually
> > picketing his ISP until they kick him off for net abuse
> 
> That is the kind of self righteous crap that gives me the creeps!!!

Good. That's called deterrence.* The market decides.

>From your earlier message, though, describing the "spamming" you do, I
really don't see you as needing deterrence. When I hear "spam" I think of
the Jeff Slaton/Vernon Hale/Crazy Kev/John Reese variety of carpet-bombing
both Usenet and millions of email addresses indiscriminately. OTOH, if you
really target your audience well, especially if a human and not a bot is in
charge of selecting prospects, then I'd call that "cold calling,"  not
"spamming." Unsolicited email is moderately annoying, but I don't think it's
anything to complain about. I filter all mail from unknown addresses anyway. 

* - The cool thing about this kind of deterrence is, since you're only
defending virtual turf, you can sabre-rattle to your heart's content without
worrying about having to actually follow through.

-rich






From rich at c2.org  Wed Aug 21 01:15:16 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 21 Aug 1996 16:15:16 +0800
Subject: "Utilization Review"
In-Reply-To: <199608210220.TAA19927@netcom8.netcom.com>
Message-ID: <Pine.GUL.3.95.960820224642.13603B-100000@Networking.Stanford.EDU>


On Tue, 20 Aug 1996, Bill Frantz wrote:

> Do you want to share the risk of routine medical care?  Or do you just want
> to share the risk of catastrophic illnesses and accidents?  Or do you want
> to keep it all private.  What you pay for, you can keep private.  What they
> pay for, they can review.  Your choice.

Oh, that's a different kettle of fish entirely. As a matter of fact I do
have catastrophic coverage only ($2500 annual deductible and other
limitations), but were I less hale and youthful, or had I a family, I would
probably opt for "managed care."

However, you'll find that catastrophic coverage really isn't that much
cheaper than full "managed care," because without intimate knowledge of my
habits and detailed records of regular doctor's visits, the insurance
company doesn't trust me as much as it trusts a "managed care" patient.

-rich






From Adamsc at io-online.com  Wed Aug 21 01:41:23 1996
From: Adamsc at io-online.com (Adamsc)
Date: Wed, 21 Aug 1996 16:41:23 +0800
Subject: Post Office restrictions
Message-ID: <19960821062923375.AAA66@IO-ONLINE.COM>


On Mon, 19 Aug 1996 10:18:42 -0400 (EDT"), Arley Carter wrote:

>> I've told some people about a few of the loopholes mentioned on the list
>> about the new post office restrictions on airmail packages.  What's
>> disturbing is that none of the people I'd talked to, all of whom are
>> at least reasonably intelligent, had thought or heard, for instance,
>> that PanAm103 only took 12 ounces or that someone could just send two
>> packages.  How does the news media justify its existence? (Down here, it
>> seems to be serving as a propaganda arm for the Republicans)
>                                                  ************
>
>Where are you that the news media serves as a lapdog for the Republicans?
>The local media, esp. the print media around here, Winston-Salem, NC
>leans so far to the left the letters fall off the page when you up the 
>newspaper. :-)

I'm talking about the San Diego Union-Tribune, the paper that posted huge
billboard welcoming the RNC around the area, the paper that paid for the
biggest fireworks display ever west of the miss, the paper that had a
6-20 page RNC insert daily, the paper that "spammed" the opinions page
with pro-RNC articles.  Are we starting to see what's it like? By the
end, I was something like "I don't care if Bob Dole gets raped to death
by a donkey, I don't want to hear about it!"

>As for the national media, esp. the (C)linton (N)ews (N)etwork, need I 
>say more?
Agreed

|Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
|Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
|Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
|AcuCOBOL-85: Migrate the easy way - 100% legacy compatible, 
|easy GUI, ODBC, 650+ platforms w/o recompiling (like Java).


 






From tcmay at got.net  Wed Aug 21 01:56:33 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 21 Aug 1996 16:56:33 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <ae3ff85d0b02100490f2@[205.199.118.202]>


At 5:16 AM 8/21/96, Paul S. Penrod wrote:
>On Tue, 20 Aug 1996, Ross Wright wrote:

>> Market Droids????  As a salesman I take offence at this slur.

Sales droids are subservient to market droids...sort of like R2D2, a sales
droid, getting his marching orders from C3PO, a market droid.


>As for spamming, I get enough of it via snail-mail, I don't want to see
>it in my Inbox too. And, for the record, there are lots of people out
>there who pay on the bulk charge, not by time. Sending advertising or
>junk mail to these folks costs them money, maybe not much for the one
>message you sent, but several thousand over a month of a quarter add up
>to real money.
>
>There is a time and place for legitimate advertising. I am sure that
>given time and impetus, a number of clear channel venues will open up to
>allow precision marketing and sales to happen electronicly.
>
>At the moment, it's bad nettiquette...

The basic problem is that, unlike paper mail, it costs a sender essentially
nothing to send nearly any size file to as many people as he wishes. This
is the basic economic fact of the Net at this time. Until this eventually
changes, spamming will be with us.

(I understand experts in the field of "spamming" have various names for
various flavors: spam, velveeta, jerky, etc. I'll call them all "unwanted
messages.")

The problem is one of economics and allocation of costs. Other industries
have the same issues:

* fax machines: costs of paper are borne by receiver, leading to high bills
when "junk faxes" are received (and hence some laws restricting such faxes)

* cellular phones: receiver of calls usually is charged air time. Thus,
"junk calls" cost money.

(My physical mailbox probably gets about $1 a day of junk mail, in terms of
postage paid. More, in terms of costs to print catalogs, fliers, freebies,
etc. It takes me about 20 seconds, tops, to decide what to discard
immediately and what to save, so at this point "their costs" > "my costs.")

In my view, attempting to legislate what is "junk" and what is not junk is
misguided. (And I suspect it rarely works in halting junk mail.) Junk is in
the eye of the beholder.

There are technological fixes which I would favor over attempts to ban
unwanted messages.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Wed Aug 21 02:16:50 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 21 Aug 1996 17:16:50 +0800
Subject: Hackers invade DOJ web site
Message-ID: <ae4001ef0d021004d083@[205.199.118.202]>


At 5:17 AM 8/21/96, Alan Olsen wrote:

>One of the best comments I have seen (from another list) was:
>
>"These are the people who want us to escrow our encryption keys with them
>and yet they can't protect their own web site."
>
>I think this can be used as a very valid example as to why they are
>untrustworthy to be in charge of keeping anything private and/or protected,
>let alone private encryption keys.

Something for future hackers to think about adding in future attacks (*):


"Press HERE to access National Law Enforcement Master Key Database"

or

"Back Door"   (with some semi-realistic-looking computer files....)

or

"Click HERE to download confidential FBI dossiers on Clinton's political
enemies."

(with a few entries on leading Republicans and former White House
occupants, for verisimilitude)


In other words, the DOJ attack _could have_ made some much stronger points
than merely saying DOJ is linked to Hitler and pornography, etc.

(* I am not by these words _encouraging_ such hacks, at least not in any
active, conspiratorial, RICO sense.)

--Tim May

Illegal speech if said to Herr Clinton: "You suck, and those boys died!"
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From npoznick at Harding.edu  Wed Aug 21 02:16:58 1996
From: npoznick at Harding.edu (nathan poznick)
Date: Wed, 21 Aug 1996 17:16:58 +0800
Subject: [NOISE] Airport legal question
In-Reply-To: <Pine.3.89.9608201919.A23972-0100000@netcom14.Harding.edu>
Message-ID: <Pine.SOL.3.94.960821020451.6102A-100000@taz>


On Tue, 20 Aug 1996, Lucky Green wrote:

> I know that it is a violation of federal law to joke about explosives at 
> the X-ray machine. Would an "I love Explosives" sticker on carry-on 
> luggage violate any laws?

i'm not sure about any specific laws, but i know the airlines take *any*
talk of explosives VERY seriously...

a few years back, while i was in high school, i was on an airplane with
about 15 other students, returning from an excursion...
one of the other students said something to the effect of, "oh sure...yea,
my cd player is really just a clever bomb in disguise.."
one of the flight attendants overheard him say this, (to another student)
and he was promptly taken to the front of the plane and restrained...they
actually took his cd player apart to make sure there were no explosives in
it...the only thing that stopped them from pressing criminal charges was
the fact that all of the adult sponsor on the trip vouched for him and
pleaded with the flight crew that he was just kidding...

he got off with a SEVERE talking to and a cd player in less-than perfect
condition...

nate.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^		             Nathan Poznick				 ^
^	        	 <npoznick at harding.edu>				 ^
^                    http://www.harding.edu/~npoznick			 ^
^									 ^
^                  "640k should be enough for anybody."			 ^
^									 ^
^		          --Bill Gates, 1981--				 ^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^






From rwright at adnetsol.com  Wed Aug 21 02:19:14 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Wed, 21 Aug 1996 17:19:14 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <199608210700.AAA10238@adnetsol.adnetsol.com>


On Or About 20 Aug 96, 23:12, Rich Graves wrote:

> > > So is mailbombing the motherfucker, or more productively,
> > > virtually picketing his ISP until they kick him off for net
> > > abuse
> > 
> > That is the kind of self righteous crap that gives me the
> > creeps!!!
> 
> Good. That's called deterrence.* The market decides.
> 
> >From your earlier message, though, describing the "spamming" you
> >do, I
> really don't see you as needing deterrence
<SNIP>
> indiscriminately. OTOH, if you really target your audience well,
> especially if a human and not a bot is in charge of selecting
> prospects, then I'd call that "cold calling,"  not "spamming."

Well, that's just the way I look at it.  But some people overreact...

> Unsolicited email is moderately annoying, but I don't think it's
> anything to complain about. I filter all mail from unknown addresses
> anyway. 
> 
> * - The cool thing about this kind of deterrence is, since you're
> only defending virtual turf, you can sabre-rattle to your heart's
> content without worrying about having to actually follow through.

I do enjoy a little of that from time to time.

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From Adamsc at io-online.com  Wed Aug 21 02:25:25 1996
From: Adamsc at io-online.com (Adamsc)
Date: Wed, 21 Aug 1996 17:25:25 +0800
Subject: Fwd: Re: No Subject - Lesson in cracking (cryptoanalysis 001)
Message-ID: <19960821071500515.AAA190@IO-ONLINE.COM>


==================BEGIN FORWARDED MESSAGE==================
>From: "Chris Adams" <adamsc at io-online.com>
>To: "Scottauge at aol.com" <Scottauge at aol.com>
>Date: Wed, 21 Aug 96 00:14:19 -0800
>Reply-To: "Chris Adams" <adamsc at io-online.com>
>Priority: Normal
>X-Mailer: Chris Adams's Registered PMMail 1.52 For OS/2
>MIME-Version: 1.0
>Content-Type: text/plain; charset="us-ascii"
>Content-Transfer-Encoding: 7bit
>Subject: Re: No Subject - Lesson in cracking (cryptoanalysis 001)
>

On Mon, 19 Aug 1996 19:34:07 -0400, Scottauge at aol.com wrote:

>In a message dated 96-08-19 05:44:34 EDT, you write:
>> SAMPLE MESSAGE: ("HAIL ERIS")
>"e" is a very popular letter, so is t and s.  Collect enough cypher text and
>ya just match frequency to frequency - a high number of 6's are replaced with
>an e, and so on down the line.

>Now we just start chunking up the peices according to spelling rules we know
>about - then with the help of a handy dandy spell checker like thing, when we
>get close to a word, we clump the chunks together.

>Actually, mixing your letters around helps cuz one needs to do a lot of
>shuffling here - but believe me, algorithms are out there.  Plus, the more
>cipher text you provide, the easier it is to nab your info cuz there is >more
>information for the particular algorithm I'm thinking of to work with.

Okay wise guy.  I'm going to give you a 14300 character string that
starts
out
EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE

EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEETTTTTTTTTTTTTTTTTTTTTTTTTTT

TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT

TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT

TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO

OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO. . .

How are you going to tell *what* I was talking about?  I guaruntee with
any message of practical length (i.e. not " ckosuuy") will have multiple
possibilities, particularly when you take things like mispellings,
software artifacts ("----- BEGIN PGP --------" "X-Received ..." etc.) and
deliberate attempts to throw you off.  That's why it's unbreakable - by
anyone!

|Home: Chris Adams <adamsc at io-online.com> |
http://www.io-online.com/adamsc/adamsc.htp
|Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
|Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
| Member in good standing of the GNU whirled hors d'oeuvre


===================END FORWARDED MESSAGE===================


|Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
|Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
|Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
| Member in good standing of the GNU whirled hors d'oeuvre






From attila at primenet.com  Wed Aug 21 02:26:42 1996
From: attila at primenet.com (attila)
Date: Wed, 21 Aug 1996 17:26:42 +0800
Subject: the number of the the beast is [666] (was: CIA Contra Crack and LA Gangs)
Message-ID: <199608210700.BAA07366@InfoWest.COM>


Addressed to: Rich Graves <rich at c2.org>
              Cypherpunks <cypherpunks at toad.com>

I'll see your bet...  and raise you five....


 THE MARK OF THE BEAST

        "He causes all, both small and great, 
        rich and poor, free and slave, 
        to receive a mark in  their right hand 
        and in their foreheads, and that no one 
        may buy of sell except one who has the 
        mark or the name of the Beast, 
        or the number of his name"

                Revelation 13:16-17

The following article appeared in Nexus magazine Vol 2, No.20:


        The Microchip and the Mark of the Beast

Dr Carl W. Sanders is an electronics engineer, inventer, author
and consultant to various government organisations as well as
IBM, General Electric, Honeywell and Teledyne.  He is also a
winner of the Presidents and Governors Award for Design
Excellence.

"Thirty two years of my life was spent in design engineering and
electronics designing microchips in the Bio-Med field.

"In 1968 I became involved, almost by accident, in a research and
development project in regard to a spinal bypass for a young lady
who had severed her spine.  They were looking at possibly being
able to connect motor nerves etc.

"It was a project we were all excited about.  There were 100
people involved and I was senior engineer in charge of the
project.  This project culminated in the microchip that we talk
about now a - microchip that I believe is going to be the
positive identification and mark of the beast.

"This microchip is recharged by body temperature changes.
Obviously you can't go in and have your battery changed every so
often, so the microchip has a recharging circuit that charges
based upon the body temperature changes.  Over one and a half
million dollars was spent finding out that the two places in the
body that the temperature changes the most rapidly are in the
forehead (primary position), right below the hairline, and the
back of the hand (alternative position).

"Working on the microchip, we had no idea about it ever being an
identification chip.  We looked at it as beig a very humanitarian
thing to do.  We were all excited about what we were doing.  We
were doing high-level integration for the very first time.  This
team was made up of people out of San Jose, people fron
Motorolla, General Electric, Boston Medical Center - it was quite
a group of people.  My responsibility had to do with the design
of the chip itself, not the medical side of if.

"As the chip came to evolve, there came a time in the project
when they said that the financial return on bypassing severed
spines is not a very lucrative thing for us to be into, so we
really need to look at some other areas.  We noticed that the
frequency of the chip had a great effect upon behaviour and so we
began to branch off and look possibly at behaviour modification.

"The project almost turned into electronic acupuncture because
what they ended up with was embedding the microchip to put out a
signal which effected certain areas.  They were able to determine
that you could cause behavioural change.

"One of the projects was called the Phoenix project which had to
do with Vietnam veterans.  We had a chip that was called the
Rambo chip.  This chip would actually cause extra adrenaline
flow.

"I wonder how many of you know that if you can stop the output of
the the pituitary gland (the signal from the pituitary gland that
causes oestrogen flow), you can put a person into instant
menopause and there is no conception.  This was tested in India
and other different parts of the world.  So here you have got a
birth control tool, based on a microchip.  Microchips can also be
used for migraine headaches, behaviour modification,
upper/downer, sexual stimulant and sexual depressant.  This is
nothing more that electronic acupuncture, folks.

"There are 250,000 components in the microchip, including a tiny
lithium battery.  I fought them over using lithium as a battery
source but NASA was doing alot with lithium at that time and it
was the going thing.  I had talked to a doctor at the Boston
Medical Center about what that concentration of lithium in the
body could do if the chip broke down.  He said that you would get
a boil or grievous sore.

"As the development moved along, I left the project and came back
as a consultant several times.  I was used in many meetings as an
expert witness in regard to the uses of the microchip.

"I was in one meeting where it was discussed.  How can you
control a people if you can`t identify them ?"  All of a sudden
the idea came:  "Lets make them aware of lost children, etc."

"This was discussed in meetings almost like people were cattle.
The CIA came up with an idea of putting pictures of lost children
on milk cartons.  Since the chip is now accepted, you don`t see
the pictures anymore, do you.  It's served it's purpose.

"As we developed this microchip, as the identification chip
became the focal point, there were several things that were
wanted.  They wanted a name, an image (picture of your face),
Social security number with the international digits on it,
finger print identification, physical description, family
history, address, occupation, income tax information and criminal
record.

"I've been in 17 "one world" meetings where this has been
discussed, meetings in Brussels, Luxembourg, tying together the
finances of the world.

"Just recently in the newspapers they`ve talked about the Health
Care Program, the "Womb to Tomb" identification!  A positive
identification.  There are bills before congress right now that
will allow them to inject a microchip in your child at the time
of birth for identification purposes.

"The president of the United States of America, under the
"Emigration of Control Act of 1986", Section 100 , has the
authority to deem whatever type of identification is necessary -
whether it be an invisible tattoo or electronic media under the
skin.  So I think you have to look at the facts, folks:  this is
not coming as some big shock.  The paving has been done ahead of
time."


--
"The road to tyranny, we must never forget, begins with the
destruction of the truth." 
        -- Bill Clinton, Oct. 15, 1995 at the University of Connecticut.







From tcmay at got.net  Wed Aug 21 02:26:44 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 21 Aug 1996 17:26:44 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <ae3ffd5a0c021004bce5@[205.199.118.202]>


At 5:32 AM 8/21/96, Z.B. wrote:

>Published in Washington, D.C.   July 9, 1996
>Insult to Clinton leads to 2 arrests
>
>------------------------------------------------------
>By Ruth Larson
>THE WASHINGTON TIMES
>------------------------------------------------------
>[A] Chicago-area couple were arrested on charges of
>    disorderly conduct and interrogated for more than
>12 hours last week, simply because the woman told
>President Clinton exactly what she thought of him.
>  Last Tuesday, Mr. Clinton made an impromptu stop at
>the "Taste of Chicago" festival in Grant Park at
>midafternoon.
>  According to her husband, Patricia Mendoza, angered
>and upset by the recent deaths of 19 U.S. airmen in
>Saudi Arabia, told the president, "You suck, and
>those boys died!"
...

Thanks for passing this on. So much for "free speech" in a formerly free
country.

I've modified my .sig yet again, to include the Verboten Phrase.

Clinton is truly looking like a power-mad fool. Still, I hope he wins in
November. (I want to see a real impeachment, as the Arkansas news continues
to come out.)

By the way, the case against Richard Jewell, "THE ATLANTA BOMBER!!!!,"
continues to crumble...the voice on the 911 call doesn't match his, he
couldn't have gotten to the phone at the time the call was made, and the
hordes of investigators who tore his apartment apart (and his cabin, and so
on) found no real evidence (just the "profile" evidence: some gun
magazines, a photo of him cradling an AR-15, his weight, and probably a
subscription to The Playboy Channel).

Further, experts point out that if Jewell was working with an accomplice
(to make the phone call), this blows all conventional theories of a
"would-be hero" out of the water: the last thing such a would-be hero wants
is an accomplice, who shares in the risk but gets none of the credit, and
who could turn him in.

Finally, even CNN is picking up the "CIA supplied drugs to L.A. gangs"
story that the "San Jose Mercury News" ran a few days ago. Nothing in this
story was a real surprise to me, as I listen occasionally to Dave Emory on
the radio. Emory is no raving lunatic, in my opinion (I've met him a couple
of times). The connections with the Mena, Arkansas airfield are of course
quite interesting.

--Tim May

Illegal speech if said to Herr Clinton: "You suck, and those boys died!"
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From unicorn at schloss.li  Wed Aug 21 02:36:01 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Wed, 21 Aug 1996 17:36:01 +0800
Subject: [NOISE] Airport legal question
In-Reply-To: <Pine.3.89.9608201919.A23972-0100000@netcom14>
Message-ID: <Pine.SUN.3.94.960821031541.26352A-100000@polaris>


On Tue, 20 Aug 1996, Lucky Green wrote:

> I know that it is a violation of federal law to joke about explosives at 
> the X-ray machine. Would an "I love Explosives" sticker on carry-on 
> luggage violate any laws?

Yes.

The laws are intended to prevent any behavior which may reasonably create
apprehension that a threat to a commercial airline exists.

You're in for trouble if you put that sticker on your luggage.

I'll quote the language if there is enough interest.

> 
> TIA,
> 
> 
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From mccoy at communities.com  Wed Aug 21 02:43:26 1996
From: mccoy at communities.com (Jim McCoy)
Date: Wed, 21 Aug 1996 17:43:26 +0800
Subject: Edited Edupage, 18 Aug 1996
Message-ID: <v02140b03ae4078d022b7@[204.179.131.38]>


"E. ALLEN SMITH" <EALLENSMITH at ocelot.Rutgers.EDU> writes:
>         Speaking of Net-in-Orbit (while distributed datahavens have their
> points, sometimes you'd prefer not to have a given chunk of data on your
> hard drive - even encrypted with a passphrase), what's the physical setup
> for rewriteable optical drives? Are there any methods of doing those that
> will work OK in orbit?

You want to avoid moving parts like the plague in orbit.  They eventually
wear out or fail and once that happens you have a very expensive piece of
junk in orbit.  Solid-state storage is the _only_ way to go if you want to
avoid things like neding to pressurize the drive (eliminating any cost
advantage over solid-state.)  Its not like you can go up to swap a dead drive
out you know...

The big problem with orbiting datahavens is the cost.  Access requires going
to a commercial launching agency (approx $100K cost to put a smallsat in
LEO.)  The smallsat itself is relatively cheap at $25K.  Then multiply that
by 30 because with LEO (you will not get a GEO slot, ever) you will need a
swarm of sats to provide constant coverage; the orbit the sats are in means
that they are only overhead for minutes at a time.  When you add all of this
up it begins to make the idea of buying an old tanker or fish processing boat
pretty cost effective.
The big problem is that no one has data that is worth protecting enough to
make such a venture pay off.

jim








From DMiskell at envirolink.org  Wed Aug 21 03:06:37 1996
From: DMiskell at envirolink.org (Daniel Miskell)
Date: Wed, 21 Aug 1996 18:06:37 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <199608210735.DAA27966@envirolink.org>


Ross Wright writes:
>On Or About 20 Aug 96, 18:09, Rich Graves wrote:
>
>> On Wed, 21 Aug 1996, Vipul Ved Prakash wrote:
>> 
>> > I don't know if there has been much discussion on the ethics of
>> > spamming here? Is spamming free speech? 
>> 
>> Yes.
>> 
>> So is mailbombing the motherfucker, or more productively, virtually
>> picketing his ISP until they kick him off for net abuse
>
>That is the kind of self righteous crap that gives me the creeps!!!

So civily dealing with a net abuser gives you the creeps?  THAT gives ME the 
creeps, honestly.

>> 
>> Ethically? We don't talk ethics much here, but I'd say it's highly
>> unethical to abuse a service paid for by the pooled resources of
>> many. 
>
>I pay for my net access.  I pay for my Sunday paper, it's full of ads 
>too!!  Ethics???  Let's rat out on the EVIL spammers!!  Let's turn 
>them into thier ISP!!!  That's a load of CRAP!!!!

We /all/ pay for our access.  Most of us work, most of us pay for the paper,
most of us put up with ads.  Spam is the price of free speech.  One must 
either, in minor cases, ignore it and move on, so as not to encourage; or, in
case of extravagent abuse, send word to the isp, spread the word on the net
that xxx.com is a spammer's haven (and otherwise discouraging further 
memberships), as well as filling the sysadmin's mailbox until the spammer is
deleted and we can all move on again.

It's not a load of crap, it's reality.  Everything provided for civil use and
enjoyment will be abused repeatedly, it's all in how we deal with it.

Greetings from $hell,
Daniel.






From mccoy at communities.com  Wed Aug 21 03:07:04 1996
From: mccoy at communities.com (Jim McCoy)
Date: Wed, 21 Aug 1996 18:07:04 +0800
Subject: PreRFD: comp.org.cypherpunks
Message-ID: <v02140b02ae40769e9ebb@[204.179.131.38]>


qut at netcom.com (Skip) writes:
> The Subject: line says it all.
>
> My suggestion number #1:
>
> No moderation.

Suggestion 1 on how to diminish the feeble S/N ratio on cypherpunks:

        make it a newsgroup

Suggestion 2:

        make it an unmoderated newsgroup


I can think of nothing that would cause the remaining clue to flee faster
than a CP newsgroup in wide distribution (if it were gatewayed to the list)

jim







From llurch at networking.stanford.edu  Wed Aug 21 03:11:44 1996
From: llurch at networking.stanford.edu (Rich Graves)
Date: Wed, 21 Aug 1996 18:11:44 +0800
Subject: [NOISE]CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <199608210335.XAA87778@osceola.gate.net>
Message-ID: <Pine.GUL.3.95.960821002948.14190A-100000@Networking.Stanford.EDU>


On Tue, 20 Aug 1996, Jim Ray wrote:

> OK, Rich cites a loon, but the fact is that Southern Air Transport 
> right here in Miami was in there early in the contraarms-coke 
> trade.

Oh, I don't think it's impossible or even unlikely that at least some of the
groups lumped together as "contras" were involved in drug smuggling, and I
think it's reasonable to have different views regarding how much money was
involved and who knew what when (my view is very little, and medium). What I
object to are conspiracy theories along the lines of: 

1. The Reagan Administration used the Contras to smuggle crack to the US in
   a deliberate attempt at genocide against Black people. (I heard this a
   lot, though seldom in so many words, on KPFK in the mid-80's; the SJ Merc
   series certainly has this as a subtext.)
2. Clinton was a CIA agent involved in the Contra drug-smuggling CaBaL. He
   was involved in anti-war protests only as a CIA informant. (This is the
   suggestion of the Morris book.)
3. Anything involving the Kennedy assassination, Donna Rice, or Elvis.

> It is a major, bipartisan, Watergate-style but bigger 
> scandal, and the strange bedfellows in the media who were doing a 
> halfway decent job of covering it [The Wall Street Journal and 
> "High Times" magazine(!)] have fallen strangely silent on the 
> subject as the election approaches. Hmmmmm.

4. Anything where vague unsupported asserions are thrown out, followed by
   a Hmmmmm (sorry).

-rich






From DMiskell at envirolink.org  Wed Aug 21 05:55:35 1996
From: DMiskell at envirolink.org (Daniel Miskell)
Date: Wed, 21 Aug 1996 20:55:35 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <199608210740.DAA28118@envirolink.org>


Ross Wright writes:
>On Or About 20 Aug 96, 16:23, Jim Gillogly wrote:
>> 
>> Vipul Ved Prakash <vipul at pobox.com> writes:
>> >I don't know if there has been much discussion on the ethics of
>> >spamming here? Is spamming free speech? 
>> 
>
>> I oppose spamming because it's rude and inefficient, lowering the
>> S/N everywhere it happens.  Market droids
>
>Market Droids????  As a salesman I take offence at this slur.

Well, look at it from the consumer point of view.  We log on, and see what is
eccentially a junk-email, written as a form letter, sitting in our box.  It's
gotten to the point were I have barely enough patience to skim my junk before
I delete it, just to be fair.  So, to most of it, it seems quite droidlike.  
If you want people referring to it in a more respectable manner, earn more
respect.  Do a more personalized canvass, or find better ways to advertise,
other than junk email.  You'll piss less people off, and get more respect.

>> favor it because it's
>> cheap, and no matter how many people they piss off bigtime, they
>> make some sales.
>
>Even make sales to people who are pissed off at first...

That doesn't make it right, in my opinion.  It just makes it worse, because
salesmen will not consider how annoying their canvass is to people before 
sending it out, and more and more people get pissed.  Selling is no 
justification, the ends do not justify the means.  People are still angered.
After all, you are not counting how many pissed off people you do NOT sell to.

Greetings from $hell,
Daniel.







From rich at c2.org  Wed Aug 21 06:31:22 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 21 Aug 1996 21:31:22 +0800
Subject: [NOISE] Re: Canada Imprisons People For Human Rights Activity
In-Reply-To: <199608210012.RAA11460@netcom.netcom.com>
Message-ID: <Pine.GUL.3.95.960821015840.14190B-100000@Networking.Stanford.EDU>


Skippy the Mad Troller <qut at netcom.com> Bcc'd to cypherpunks:

> Liar, you support imprisoning and deporting people based purely on their 
> political ideas, such as the bile your mouth puked up all over the net this
> whole year.  Re: Ernst Z�ndel and his years of imprisonment by a court 
> for merely expressing his racist ideas, racist political ideas being 
> strictly illegal in Canada, hell everywhere in the so called white world 
> except for the USA, so far.

Point of fact: since he came to Canada, Zundel has spent a total of 4 1/2
*days* in minimum-security lockup. The other seven errors in the paragraph
above aren't worth responding to. 

For further, totally off-topic reading on Skippy and me, see:

 http://www.nizkor.org/ftp.cgi?people/h/harman.david
 http://www.nizkor.org/ftp.cgi?people/nyms/an572010
 http://www.nizkor.org/ftp.cgi?people/g/graves.rich
 http://www.stanford.edu/~ajg/project.html

-rich






From rich at c2.org  Wed Aug 21 06:50:44 1996
From: rich at c2.org (Rich Graves)
Date: Wed, 21 Aug 1996 21:50:44 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <Pine.3.89.9608202214.A15288-0100000@netcom18>
Message-ID: <Pine.GUL.3.95.960821021046.14190C-100000@Networking.Stanford.EDU>


On Tue, 20 Aug 1996, Z.B. wrote:

> Published in Washington, D.C.   July 9, 1996
> Insult to Clinton leads to 2 arrests
> 
> ------------------------------------------------------
> By Ruth Larson
> THE WASHINGTON TIMES
> ------------------------------------------------------

I think you should try a more credible paper. Say, Scientology's Freedom
Magazine, rather than the Moonies'. You are of course free to believe
whatever you wish.

-rich






From rah at shipwright.com  Wed Aug 21 07:06:53 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Wed, 21 Aug 1996 22:06:53 +0800
Subject: Edited Edupage, 18 Aug 1996
In-Reply-To: <v02140b03ae4078d022b7@[204.179.131.38]>
Message-ID: <v0300780cae40a1df1e84@[206.119.69.46]>


At 4:35 AM -0400 8/21/96, Jim McCoy wrote:
> The big problem is that no one has data that is worth protecting enough to
> make such a venture pay off.

Well, maybe not yet.

An overnight backup copy of a $10 million foreign exchange banknote might.

$2 trillion in FX trxes a day, folks...

Cheers,
Bob Hettinga


-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From whgiii at amaranth.com  Wed Aug 21 07:10:42 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Wed, 21 Aug 1996 22:10:42 +0800
Subject: US Taxes on X-Pats (getting off topic)
In-Reply-To: <1.5.4.32.19960820173846.007137e4@iu.net>
Message-ID: <199608211156.GAA09206@mailhub.amaranth.com>


In <1.5.4.32.19960820173846.007137e4 at iu.net>, on 08/20/96 at 01:38 PM,
   Stephen Cobb <stephen at iu.net> said:

>Very true...what I am saying is that, as far as my reading goes, LEGAL
>aliens are going to be required to pay social security "taxes" while not
>having any "entitlement" in return. They pay income taxes and get certain
>things, like law and order, in return. They will be paying soc sec money to
>the government without getting anything in return. This sounds not only
>unfair but wrong, part of an isolationist, "we killed the natives so this
>land is our land and the rest of you f@*k-off" revival that includes the
>recent posting about requiring proof of citizenship before issuing drivers
>licenses.

So what?

I can gaurentee that I will never see any "entitlement" (not that I believe that there is any entitlements in life other than death & taxes) in return for the taxes I pay (at 50% income no less). IMHO no non-US citizen has a right to one thin dime of my tax dollars. Period no exceptions. Don't like it PISS OFF and go back to whatever stink hole you came from. 

I for one am sick and tired of politions cow-towing to a bunch of special intrest groups who don't even represent US citizens. If they can't support themself when they come to this country then they need to stay where they are. We have plenty of home grown dead beats sucking off the government tit without shipping them in.

Now on the driver licenses. Every state requires some type of ID to get one (ie birth certificate, ss#, prof of resedency, ..ect). Should you have to be a citizen to get one? No, with the exception of those living inside a large metropoliten area (Chicago,NewYork,L.A.) a car is a requirment. Trust me I've lost my license and you would not beleive what a hassel it is just to get back and forth to work or the store without one. IMHO unless you are out killing people with your car the state should
not be allowed to take away your driver license. Especialy for such trivial matters as too many speeding tickets, not to mention all the non-driving related reasons the state can suspend your license for (in Florida non payment of child support is good enough reason).

P.S.: We did kill off all the natives and it IS our country. This county was founded to get away from all the European crap and I see no reason 200 years later we should be working to make this country as F@#$ed up as they are.

Well that's my $0.02 worth. :)


--
-----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
-----------------------------------------------------------
 
MR/2 Tag->Air conditioned environment - Do not open Windows.
 
MR/2 Tag->Dos: Venerable.  Windows: Vulnerable.  OS/2: Viable.






From bdolan at use.usit.net  Wed Aug 21 07:30:34 1996
From: bdolan at use.usit.net (Brad Dolan)
Date: Wed, 21 Aug 1996 22:30:34 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.GUL.3.95.960820174341.11228F-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SOL.3.91.960821065233.19473A-100000@use.usit.net>




On Tue, 20 Aug 1996, Rich Graves wrote:

> On Tue, 20 Aug 1996, Brad Dolan wrote:
> 
> > Goofy guy agrees with Morris about X, therefore Morris' well-documented 
> > claims about X and Y are false? 
> 
> Lots of footnotes to "confidential interview" do not make a valid study. How
> many "well-documented" studies of the Kennedy assassination and UFO
> sightings have you read? 
> 
> I followed this wild goose chase to exhaustion back in 1986-7. I've
> forgotten most of it, but I'm sure I have some notes and maybe some tapes
> lying around. Yes, some contras and some sandinistas and some martistas and
> *lots* of the senderos and M-19 ran drugs. That's what happens when you
> criminalize a political movement -- political figures become criminals in
> order to survive. (When the crime they're involved is simply free trade in
> criminalized agricultural products, it just adds another layer of irony.)
> 

Those products should be legalized of course - but that would deprive the 
CIA etc. of a nice hidden source of income.


> There's a kernel of truth and plausibility to most conspiracy theories,
> including this one. (It's a big mistake to say *all* conspiracy theories.) 
> However, the money involved was rather small, the process was basically skew
> to politics (both sides did it all), and I have never been convinced that
> the CIA -- or even North's coterie in the NSC, which as you know ran a
> number of ops that the CIA would never have gone for -- was in on it. 
> 

If you don't believe the principled left (Morris, etc.), the principled 
right (Tyrell, etc.), the mainstream media (see below), or my personal 
local observations, I think you've made up your mind and are beyond 
convincing.

> (ObConspiracy: H. Ross Perot actually was involved in funneling money to the
> contras. He was rather open and proud of it. Is he mentioned in Morris's
> book?)

Briefly.

bd

> 
> -rich
> 
> 

Wall Street Journal, 5/3/94, Letter to the Editor

STILL A STRONG SCENT ON THE MENA TRAIL

We are glad that Edward Jay Epstein saw the CBS News report on Mena, 
Ark., which he discussed in his April 20 editorial-page piece.  "On the 
Mena Trail."  Our story, like others on Mena, raised questions.  They 
won't be answered until reporters follow the money - millions of dollars 
generated out of the operations at Mena.  That could either put it to 
rest, or lead to a story at least as important as Whitewater.

The original report on Whitewater by Jeff Gerth of the New York Times was 
ignored for many months.  The Mena story probably will suffer the same 
fate unless other journalists pick up the trail.  That might not happen 
if readers conclude, as Mr. Epstein seems to, that the only place Mena 
could lead is to Whitewater. What if Mena has nothing to do with Whitewater?

Our sources agree with Mr. Epstein on a number of things:  There was most 
likely a CIA-sponsored Contra operation run out of Mena, as well as a 
huge parallel cocaine-smuggling operation, money laundering, and a 
Justice Department coverup.  Much of this happened on Mr. Clinton's watch 
as governor.

But Mr. Epstein says that after smuggler Barry Seal was killed there was 
really no one else to go after.  Investigators never targeted Mr. Seal.  
They knew he was working for the federal government and was therefore 
untouchable.  Instead, they targeted Seal's associates - the bankers and 
businessmen who allegedly laundered his drug profits and illegally modified
his planes so he could smuggle tons of cocaine into the U.S. They were 
never prosecuted by either the federal government or the state of Arkansas.

Mr. Epstein says that no one is claiming that Mr. Clinton blocked legal 
proceedings in this matter.  But as the CBS News story revealed, Mr. 
Clinton was asked by a state prosecutor for help to pursue the case 
against Seal's associates.  Help was promised but never arrived.

Arkansas Rep. Bill Alexander tried to save and then re-start an 
investigation of Mena.  Mr. Clinton did not seize on this issue and offer 
support, despite the fact that a Republican administration was apparently 
sponsoring a Contra aid operation in his state and protecting a smuggling 
ring that flew tons of cocaine through Arkansas.

Mr. Epstein suggests there is no reason to believe Mr. Clinton knew 
about Mena.  But the governor's own state police began investigating at 
Mena in 1984.  Isn't it reasonable to assume that he was made aware of 
the investigation?  Mr. Clinton did acknowledge learning about Mena as 
early as April 1988; Ross Perot, who had done his own investigation of 
Mena, was concerned enough about the drugs-for-guns operation to call Mr. 
Clinton.  And former Clinton staff people have told CBS News that the 
governor was aware of what was going on there.

Mena is a perplexing and difficult story.  There is a trail - tens of 
millions of dollars in cocaine profits, and we don't know where it 
leads.  It is a trail that has been blocked by the National Security Council.

The FAA, FBI, Custons, CIA, Justice, DEA and the IRS were all involved in 
Mena.  They won't say how they were involved, but they will tell you 
there is nothing there.

Bill Plante, CBS News Correspondent
Michael Singer, Producer, CBS News
New York





From liberty at gate.net  Wed Aug 21 08:23:37 1996
From: liberty at gate.net (Jim Ray)
Date: Wed, 21 Aug 1996 23:23:37 +0800
Subject: [NOISE]CIA Contra Crack and LA Gangs (fwd)
Message-ID: <199608211235.IAA30204@osceola.gate.net>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Wed Aug 21 08:35:15 1996
Rich Graves wrote:

> On Tue, 20 Aug 1996, Jim Ray wrote:

...

> Oh, I don't think it's impossible or even unlikely that at least
>  some of the
> groups lumped together as "contras" were involved in drug
>  smuggling, and I
> think it's reasonable to have different views regarding how much
>  money was
> involved and who knew what when (my view is very little, and
>  medium). 

Anyone who says "very little" money is involved in any aspect of 
the cocaine importation trade definitely doesn't live in Miami.

>What I
> object to are conspiracy theories along the lines of: 
> 
> 1. The Reagan Administration used the Contras to smuggle crack
>  to the US in
>    a deliberate attempt at genocide against Black people. (I
>  heard this a
>    lot, though seldom in so many words, on KPFK in the mid-80's;
>  the SJ Merc
>    series certainly has this as a subtext.)

I never said that, and I object to calling something a "conspiracy 
theory" just because it's politically inconvenient. People in power 
conspire to get rich and stay in power. Sometimes they use laws 
they write and sometimes they break laws they wrote. This is a fact 
of life, not a conspiracy theory.

> 2. Clinton was a CIA agent involved in the Contra drug-smuggling
>  CaBaL.

He was governor of Arkansas when Reagan was President of the United 
States. Do the search I already gave you, and read the articles.
mena /p cocaine

...

> > It is a major, bipartisan, Watergate-style but bigger 
> > scandal, and the strange bedfellows in the media who were
>  doing a 
> > halfway decent job of covering it [The Wall Street Journal and
> > "High Times" magazine(!)] have fallen strangely silent on the
> > subject as the election approaches. Hmmmmm.
> 
> 4. Anything where vague unsupported asserions are thrown out,
>  followed by
>    a Hmmmmm (sorry).

OK, looks like I have to say it again, and remember this is NOT me, 
it's those conspiracy theorists at CBS News, printed in that 
radical purveyor of vague unsupported asserions...The Wall Street 
Journal:

"The FAA, FBI, Customs, CIA, Justice, DEA and the IRS were
all involved in Mena. They won't say how they were involved,
but they will tell you there is nothing there." -- Bill Plante,
CBS News Correspondent, &  Michael Singer, Producer, CBS News,
New York. [In Tuesday, May 3, 1994's  Wall Street Journal
letters to the editor section.] Look it up.

I am not a journalist, but it sometimes seems I have a better 
institutional memory than they do. This story was covered poorly, 
even though there was/is plenty there, because of politics and 
power masquerading as "national security." The story is there for 
journalists who want to risk covering it, but the trail is getting 
cold, and yes, some loons have latched onto it, due in part to the 
vacuum in "legitimate" media coverage.
[This will be my final word on this subject in this forum.]
<sound of Perry cheering>
JMR

Regards, Jim Ray -- DNRC Minister of Encryption Advocacy

"'Filegate' is starting to make _Ed_ _Meese_ look ethical."
 -- me
 Defeat the Duopoly! Vote "NOTA," not Slick/Dull in November.
 Harry Browne for President. Jo Jorgensen for Vice-president.
 http://www.HarryBrowne96.org/
___________________________________________________________________
PGP id.E9BD6D35 51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8
<mailto:liberty at gate.net> http://www.shopmiami.com/prs/jimray 
Coming
soon, the "Pennies For Perot" page. Keep billionaires off welfare!
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhsCim1lp8bpvW01AQHsYQP+JeN4t0Cd/d+Woy0eyvvVtCHy//RoSWJI
K3gWOAHTMB71xZDKu7qbuUMRBs1nsFv2dlvYlKMIJLxn9Bl2H+13IpOsYTtPntg+
r+YOPazgwVVm8wNICEekdKjki9MaiTj1AFIX2P2LbVp7EZkmQIwxJfkYZituWNIy
LNFZyOGhVaQ=
=b3jZ
-----END PGP SIGNATURE-----






From asgaard at Cor.sos.sll.se  Wed Aug 21 08:30:40 1996
From: asgaard at Cor.sos.sll.se (Asgaard)
Date: Wed, 21 Aug 1996 23:30:40 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.GUL.3.95.960820174341.11228F-100000@Networking.Stanford.EDU>
Message-ID: <Pine.HPP.3.91.960821143553.10644B-100000@cor.sos.sll.se>


On Tue, 20 Aug 1996, Rich Graves wrote:

> lying around. Yes, some contras and some sandinistas and some martistas and
> *lots* of the senderos and M-19 ran drugs. That's what happens when you
> criminalize a political movement -- political figures become criminals in
> order to survive. (When the crime they're involved is simply free trade in
> criminalized agricultural products, it just adds another layer of irony.)

But also many 'legitimate' political movements in South American countries
engage in the cocaine trade (the President of Colombia etc). And why
shouldn't they. Here, the South countries at least have one commodity that
is highly prized in the North countries. It's very bad economy not to profit
from this.

Asgaard





From cmefford at avwashington.com  Wed Aug 21 10:02:46 1996
From: cmefford at avwashington.com (Chip Mefford)
Date: Thu, 22 Aug 1996 01:02:46 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <Pine.GUL.3.95.960820100659.8541A-100000@Networking.Stanford.EDU>
Message-ID: <v03007802ae40bddcb1b1@[207.79.65.35]>


>>snip<<
>It also rained cocaine in Tennessee in the '80s,
>but the authorities never seemed to notice.  Ask the Knoxville
>_News-Sentinel_ how many stories it can find in its archives relating
>to planes loaded with cocaine crash-landing on remote airstrips,
>airdrops being found in citizens' yards, etc.  Then ask the DEA what it did
>about those events.
>

The DEA probably didn't do shit, if you were (are) paying  attention, the
DEA has had its hands tied by the state department and the CIA for years.
As they are now an arm of the FBI, they have been almost totally deballed.

 When Klaus Barbie and his mercenaries from Argentina overthrough the
Government of Bolivia back in '80, it was blessed by the CIA and the State
department, cause the Bolivians were defineatly going "left". Bolivia is
now and was at the time, a coca country, that is their principal export.
Nearly 1/2 of all our cocaine comes from there. It is transported through
the Honduras and Coloumbia, Both CIA "Friendly" countries. The biggest dope
exporters are always up to their necks in CIA and US state department.

 Pay attention. The DEA has attempted to deal with this, and many of their
operatives end up fired or dead, this is why so many of them resigned back
in the late 80's after DEA operative Enrique (Kiki) Camerara was tortured
to death by the Mexican Government. The State department had the white
house (Ronald) get the DEA to back off the investigation after they
implicated top government and military people in Mexico as being involved
in the torture.

 The DEA may not actually be the "Good" Guys, but there are some much worse
out there




>bd
>
>p.s. Donna Rice has lately been running point for a regulate-the-internet
>front group.  I wouldn't put anything past her.








From droelke at rdxsunhost.aud.alcatel.com  Wed Aug 21 10:06:23 1996
From: droelke at rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Thu, 22 Aug 1996 01:06:23 +0800
Subject: PreRFD: comp.org.cypherpunks
Message-ID: <9608211346.AA21049@spirit.aud.alcatel.com>



No and HELL no.

I find that this list gets enough crap as it is, and gatewaying it to
a generally available Usenet group would just add to the noise level.

Now, if you want to gateway it to a local group because you
like your newsreader better than your email reader, 
be my guest.

Dan

> Subject: PreRFD: comp.org.cypherpunks
> 
> The Subject: line says it all.
> 
> My suggestion number #1:
> 
> No moderation.
> 
> 
> --
> Skip, OBC
> 

------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke at aud.alcatel.com                             Richardson, TX






From rah at shipwright.com  Wed Aug 21 10:18:30 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Thu, 22 Aug 1996 01:18:30 +0800
Subject: The grey lady puts on some boots and rides a horseman or two...
Message-ID: <v03007800ae40c206aeb1@[206.119.69.46]>


I'm listening to the BBC's World Service at the moment, and they're doing a
feature on pedophiles on the internet, complete with much knashing of teeth
about encryption and anonymity, along with some lurid stuff about private
holding cells, and sexual tourism, and slavery. And Lions. And Tigers. And
Bears. Oh My.

They even had a quote from someone at Wired (a Brit, didn't catch the
name), who sounded like he was wringing his hands about unbreakable
encryption. Probably spliced out of a larger quote which had more sense in
it.

Be afraid, be very afraid. They're coming for your daughters. The BBC says so.

Cheers,
Bob Hettinga


-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From asgaard at Cor.sos.sll.se  Wed Aug 21 11:34:48 1996
From: asgaard at Cor.sos.sll.se (Asgaard)
Date: Thu, 22 Aug 1996 02:34:48 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <ae3ff85d0b02100490f2@[205.199.118.202]>
Message-ID: <Pine.HPP.3.91.960821144412.10644C-100000@cor.sos.sll.se>


On Tue, 20 Aug 1996, Timothy C. May wrote:

> There are technological fixes which I would favor over attempts to ban
> unwanted messages.

In the meantime, before these technological fixes are easily implemented,
what is the proper way to handle unwanted commercial mail?

1) delete immediately

2) reply with 'Fuck off, morons!'

3) as in 2) plus an attachment of some 1Mb file

4) as in 3) plus a CC to the postmaster of the sending site

What if the spam says: 'Do only reply to this if you want
further contact with us' etc?

Does anybody have good advice, including risks for retaliation
from the vendors/postmasters for such 're-spam'?

Asgaard 





From ichudov at algebra.com  Wed Aug 21 11:53:05 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Thu, 22 Aug 1996 02:53:05 +0800
Subject: PreRFD: comp.org.cypherpunks
In-Reply-To: <v02140b02ae40769e9ebb@[204.179.131.38]>
Message-ID: <199608211517.KAA28365@manifold.algebra.com>


Jim McCoy wrote:
> qut at netcom.com (Skip) writes:
> > My suggestion number #1:
> > No moderation.
> 
> Suggestion 1 on how to diminish the feeble S/N ratio on cypherpunks:
> 
>         make it a newsgroup
> Suggestion 2:
>         make it an unmoderated newsgroup

How about making it a robomoderated newsgroup with only one enforced
rule, forbidding any crossposting?

	- Igor.





From jimbell at pacifier.com  Wed Aug 21 11:54:15 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 22 Aug 1996 02:54:15 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
Message-ID: <199608211539.IAA14733@mail.pacifier.com>


At 09:33 AM 8/21/96 -0400, Chip Mefford wrote:

> The DEA may not actually be the "Good" Guys, but there are some much worse
>out there

Whatever "worse guys" are out there, the vast majority of which would become 
de-fanged almost instantly on the legalization of currently-illegal drugs.

Given a choice between wishing for the death of everyone in the DEA, or 
everyone the DEA claims to object to, I'd off the DEA is a second.  It's an 
organization which guarantees the existence of its own opposition.

Jim Bell
jimbell at pacifier.com





From qut at netcom.com  Wed Aug 21 12:21:56 1996
From: qut at netcom.com (Skip)
Date: Thu, 22 Aug 1996 03:21:56 +0800
Subject: PreRFD: comp.org.cypherpunks
In-Reply-To: <9608211346.AA21049@spirit.aud.alcatel.com>
Message-ID: <199608211550.IAA22958@netcom.netcom.com>


! No and HELL no.
! 
! I find that this list gets enough crap as it is, and gatewaying it to
! a generally available Usenet group would just add to the noise level.
! 
! Now, if you want to gateway it to a local group because you

I've never mentioned gatewaying, I'm only for that with moderated 
mailing lists, unlike cypherpunks .

! like your newsreader better than your email reader, 
! be my guest.

Not personally relevent, my favorite newsreader can be used for e-mail, but 
it's clumsy for that function.

! > Subject: PreRFD: comp.org.cypherpunks
! > 
! > The Subject: line says it all.
! > 
! > My suggestion number one:
! > 
! > No moderation.

My suggestion number two:

No gateway.  The list and newsgroup stays seperated.


--
Skip, OBC





From iang at cs.berkeley.edu  Wed Aug 21 12:22:18 1996
From: iang at cs.berkeley.edu (Ian Goldberg)
Date: Thu, 22 Aug 1996 03:22:18 +0800
Subject: Final release of Navigator (with strong crypto) now available
In-Reply-To: <4vb5ud$skn@abraham.cs.berkeley.edu>
Message-ID: <4vfapu$e48@abraham.cs.berkeley.edu>


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.GSO.3.93.960820100154.11840A-100000 at nebula>,
=?ISO-8859-1?Q?J=FCri_Kaljundi?=  <jk at stallion.ee> wrote:
> 19 Aug 1996, Ian Goldberg wrote:
>
>> >  No, we will only be supplying ELF.  Since linux is not officially
>> >supported, we really don't have the resources to do multiple versions.
>> >
>> Not to mention that plugins are virtually impossible with a.out...
>
>You really think someone will write plug-ins for Unix versions of
>Netscape? I am not so sure.
>
Yes, I'm positive of it, mainly because _I_ will, especially for Linux.

   - Ian

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhsueUZRiTErSPb1AQHsUQP+N52PAk5t6/r4JYyudgIuyLL1+SCGdaMo
6QgHm6GMqiHwfudVgERUJ+aM6no1Soc/KozTHhdVS/Od4qtoBo2B9Pekhw8+O4Cj
EfXEbX2267jOjgMMlKaA6/f9crjCmBd/1z2PwwTZ35E2oNvOAQzRxN9G6gd0jgao
AJK5z8rIvEU=
=8YC6
-----END PGP SIGNATURE-----





From daemon at anon.penet.fi  Wed Aug 21 12:45:44 1996
From: daemon at anon.penet.fi (daemon at anon.penet.fi)
Date: Thu, 22 Aug 1996 03:45:44 +0800
Subject: Anonymous password assignment failure (illegal password)
Message-ID: <9608211343.AA11951@anon.penet.fi>


You have requested the assignment of a new password
However, the password x-control is not legal.
Passwords should only contain letters and numbers.






From perry at piermont.com  Wed Aug 21 14:19:44 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 22 Aug 1996 05:19:44 +0800
Subject: Securing Internet mail at the MTA level
In-Reply-To: <v02140b24ae3fa8d7849e@[17.255.9.110]>
Message-ID: <199608211506.LAA16055@jekyll.piermont.com>



"Erik E. Fair" writes:
> SSH, while a quite useful tool, is not the right long-term solution for
> transport layer security - IP security is.

Agreed. (After all, I'm one of the creators of the spec, so how
couldn't I agree :) However, SSH is a neat hack for today -- I use it
for connecting over the net to machines where I can't hack the
operating system but can drop SSH on. An SSH like interface (actually,
Berkeley r-command like interface) will still be needed into the
future, btw.

> It's also clear to me that for E-mail, you don't want transport level
> security for the system; you want "object" security, that is, digital
> signature and encryption of the mail message.

Yup. This is a frequently missed point. Link security and object
security have different uses at different times -- and people confuse
them way too often.

Perry





From jim at ACM.ORG  Wed Aug 21 14:26:23 1996
From: jim at ACM.ORG (Jim Gillogly)
Date: Thu, 22 Aug 1996 05:26:23 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <Pine.HPP.3.91.960821144412.10644C-100000@cor.sos.sll.se>
Message-ID: <199608211740.KAA22683@mycroft.rand.org>



Asgaard <asgaard at Cor.sos.sll.se> writes:
>In the meantime, before these technological fixes are easily implemented,
>what is the proper way to handle unwanted commercial mail?

>What if the spam says: 'Do only reply to this if you want
>further contact with us' etc?

Then you fix up the "Reply-to:" line to point back to them, helping them
debug their anti-loop procedures.  For extra credit use port 25 to create
the mail so that they can't easily ignore "Reply-to" and use the "From:"
line for their next salvo.

	Jim Gillogly
	Trewesday, 29 Wedmath S.R. 1996, 17:39





From jims at MPGN.COM  Wed Aug 21 14:35:24 1996
From: jims at MPGN.COM (James C. Sewell)
Date: Thu, 22 Aug 1996 05:35:24 +0800
Subject: Spamming
Message-ID: <2.2.32.19960821145232.006fe294@tansoft.com>


At 06:09 PM 8/20/96 -0700, Rich Graves wrote:
>On Wed, 21 Aug 1996, Vipul Ved Prakash wrote:
>
>> I don't know if there has been much discussion on the ethics of spamming
>> here? Is spamming free speech? 
>
>Yes.

No.  I think we can all (most) agree that spam-email is like junk-snailmail.
In that case there are a few things to consider:

  1. Junkmail requires the SENDER to pay for it, not the recipient.
  2. Junkmail is under the full authority of the Postmaster.  If
     they do anything illegal they have an authority to which they
     must answer and may face criminal charges for.
  3. You can't legally stuff mailboxes by driving around the neighborhood.
     It is against the law for me to walk up to your mailbox and put 
     something in it.  Should the same be true of emailboxes?
  4. Junkmail is usually at a lower priority than "real" mail and 
     due to costs is usually easily identifiable.  Email isn't.

  And one relating to only email:

     I don't want to have to spend 10 minutes letting Eudora sort
     through my mailbox because my filter rules are so numerous and
     complex due to me trying to block spam.

  We must remember that the First Amendment does not allow us to say
any thing at any time via any medium we choose.  There are limits
to it, usually in the name of public safety and harassment.  There
should be similar limits in the Internet.
  I'm not saying we shouldn't let you tell others how get rich quick
but that you should not be allowed to mail to *@*.* just to tell the
world how great we are.

 Jim

Jim Sewell - jims at tansoft.com    Tantalus Incorporated - Key West, FL






From jimbell at pacifier.com  Wed Aug 21 14:47:07 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 22 Aug 1996 05:47:07 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <199608211530.IAA14072@mail.pacifier.com>


At 02:12 AM 8/21/96 -0700, Rich Graves wrote:
>On Tue, 20 Aug 1996, Z.B. wrote:
>
>> Published in Washington, D.C.   July 9, 1996
>> Insult to Clinton leads to 2 arrests
>> By Ruth Larson
>> THE WASHINGTON TIMES
>> ------------------------------------------------------
>
>I think you should try a more credible paper. Say, Scientology's Freedom
>Magazine, rather than the Moonies'. You are of course free to believe
>whatever you wish.

At this point, I think the Washington Times has far more credibility than 
the Washington Post.  While I'm, likewise, not particularly happy with the 
Times' ownership, I doubt whether stories like this ever appear in the Post. 
 (You tell me:  Did this story ever appear in the Post?)

The Net public is getting less and less tolerant of obvious bias on the part 
of those who report the news.  The Times has some potential (undisplayed) 
bias that we need to be on the lookout for, but the Post is actively 
engaging in bias in its news stories, NOW.



Jim Bell
jimbell at pacifier.com





From qut at netcom.com  Wed Aug 21 15:12:49 1996
From: qut at netcom.com (Skip, OBC)
Date: Thu, 22 Aug 1996 06:12:49 +0800
Subject: PreRFD: comp.org.cypherpunks
In-Reply-To: <199608211517.KAA28365@manifold.algebra.com>
Message-ID: <199608211645.JAA06426@netcom.netcom.com>


! Jim McCoy wrote:
! > qut at netcom.com (Skip) writes:
! > > My suggestion number #1:
! > > No moderation.
! > 
! > Suggestion 1 on how to diminish the feeble S/N ratio on cypherpunks:
! > 
! >         make it a newsgroup
! > Suggestion 2:
! >         make it an unmoderated newsgroup
! 
! How about making it a robomoderated newsgroup with only one enforced
! rule, forbidding any crossposting?

If moderation, then why not moderator(s) who simply send out cancel 
messages to everthing that is crossposted?  Traditional moderated 
newsgroups are technically inferior because all posts go through netnews 
chokepoints and then depends on the moderator(s) who's inevitable 
position has been the irresponsible one of keeping the position long 
after they lose interest with the high volumes.  Even if their was such
a person, there is still are chokepoint problem which is stupid to  
engage in.

In any case, creation of comp.org.cypherpunks in no way means gatewaying 
or shutting down cypherpunks at toad.com .


--
Love, 
Skip, OBC





From jbugden at smtplink.alis.ca  Wed Aug 21 15:19:41 1996
From: jbugden at smtplink.alis.ca (jbugden at smtplink.alis.ca)
Date: Thu, 22 Aug 1996 06:19:41 +0800
Subject: Canada Imprisons People For Human Rights Activity
Message-ID: <9607218406.AA840654179@smtplink.alis.ca>


qut at netcom.com (Skip)
>... you support imprisoning and deporting people based purely on their 
political ideas, ... Re: Ernst Zndel and his years of imprisonment by a court 
for merely expressing his racist ideas, racist political ideas being 
strictly illegal in Canada...

Actually, he was charged with inciting hatred against a recognizable group but
was eventually freed on appeal. I think the problem was that the prosecution
could not find anyone who listened to Zundel and didn't already hate the same
groups. Hence, no incitement.

He is currently fighting to get his Canadian citizenship, (he is a German
citizen) while many other people are fighting to prevent this. Zundel believes
that returning to Germany would result in imprisonment.

It's nice to know that the people we imprison for their views are still willing
to go to court to become a Canadian citizen.

James

Nota: Quebec recently held a referendum on seperation from Canada. 
Just talk about secession of a state in the U.S., and you'll quickly see which
country makes political ideas illegal.






From talon57 at well.com  Wed Aug 21 15:33:58 1996
From: talon57 at well.com (Brian D Williams)
Date: Thu, 22 Aug 1996 06:33:58 +0800
Subject: Cypherpunks Satelites?
Message-ID: <199608211911.MAA25592@well.com>



There was a review of a book called "Micro Space Craft" by Rick
Fleeter in the Aug issue of WIRED.

My copy arrived an hour ago......

Chapter one:   Why are we here?
Chapter two:   Propulsion-or-how to get there?
Chapter three: Orbit Mechanics-or-What keeps these things up      
               anyway?
Chapter four:  Orbit Mechanics II: The Movie
Chapter five:  You Send Me: Orbit mechanics III
Chapter six:   Magnetic Attractions
Chapter seven: Everything you always wanted to know about radio,
               Part one: Shatter the myth of the digital Miracle?
Chapter eight: Everything you always wanted to know about radio
               Part two: Faster than a speeding bullet.
Chapter nine:  Everything you always wanted to know about radio
               Part three: What's up Doc?
Chapter ten:   Thermal Dynamics: Tough talk about temperature
               (A short virtually painless, and occasionally      
               philosophical look at spacecraft thermostatics and 
               thermodynamics.
Chapter eleven: You got an attitude buddy?: (A primer on small
                satelite stability and control.)
Chapter twelve: Memory systems for spacecraft-or-Memory-What is it 
                good for?
Chapter thirteen: Mechanisms: The nuts and bolts of small         
                  Satelites.
Chapter fourteen: Batteries not included.
Chapter fifteen: Bring'em up clean.
Chapter sixteen: Satelite clusters
Chapter seventeen: Where to look for historical underpinnings,term 
                   definitions, and revolutionary zeal turned up to 
                   11.
Chapter eighteen: Space history and a possible future.
   
"Dr Rick Fleeter is a founder and President of the small Satelite
and space transportation company AeroAstro, and the International
Small Satelite Organization (ISSO). He has been responsible for
development of over 20 miniature satelites ranging from 2.5 to 250
pounds and has been writing and publishing the "NEW SPACE"
(previously ISSO) newsletter bimonthly since 1987."

The Edge City Press
10912 Harpers Sq. Ct.
Reston, VA 22091
703.620.6650
FAX 703.716.5752 9-5 EDT

"I LIKE IT !!!"(****) YMMV

Brian

"Zazen? Well it beats sitting around on your ass all day doing
nothing."






From zachb at netcom.com  Wed Aug 21 15:34:05 1996
From: zachb at netcom.com (Z.B.)
Date: Thu, 22 Aug 1996 06:34:05 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <Pine.GUL.3.95.960821021046.14190C-100000@Networking.Stanford.EDU>
Message-ID: <Pine.3.89.9608210933.A27331-0100000@netcom>


On Wed, 21 Aug 1996, Rich Graves wrote:

> On Tue, 20 Aug 1996, Z.B. wrote:
> 
> > Published in Washington, D.C.   July 9, 1996
> > Insult to Clinton leads to 2 arrests
> > 
> > ------------------------------------------------------
> > By Ruth Larson
> > THE WASHINGTON TIMES
> > ------------------------------------------------------
> 
> I think you should try a more credible paper. Say, Scientology's Freedom
> Magazine, rather than the Moonies'. You are of course free to believe
> whatever you wish.
>
I posted this due to a request from another reader.  My beliefs did not 
have anything to do with the issue.  



---

Zach Babayco
zachb at netcom.com





From bdavis at thepoint.net  Wed Aug 21 15:40:51 1996
From: bdavis at thepoint.net (Brian Davis)
Date: Thu, 22 Aug 1996 06:40:51 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <199608210340.UAA06334@adnetsol.adnetsol.com>
Message-ID: <Pine.BSF.3.91.960821150339.9917H-100000@mercury.thepoint.net>


> ... 
> I pay for my net access.  I pay for my Sunday paper, it's full of ads 
> too!!  Ethics???  Let's rat out on the EVIL spammers!!  Let's turn 

When my ISP tells me that I must accept spammed advertising with my 
monthly fee, as the Sunday paper effectively does with its ads, your 
analogy might have some meaning.   And I have the option of sending the 
ads to the advertiser, telling them that the ads suck. 

Free (commercial)speech for you (perhaps at our expense), but no free 
speech for us?

EBD
  


> them into thier ISP!!!  That's a load of CRAP!!!!
> 
> Ross
> 
> ===========
> Ross Wright
> King Media: Bulk Sales of Software Media and Duplication Services
> http://www.slip.net/~cdr/kingmedia
> Voice: 415-206-9906
> 





From talon57 at well.com  Wed Aug 21 15:42:37 1996
From: talon57 at well.com (Brian D Williams)
Date: Thu, 22 Aug 1996 06:42:37 +0800
Subject: telco's vs x-phones
Message-ID: <199608211619.JAA10587@well.com>




In a reply to Vipul Ved Prakash, Jim Bell wrote:

>Assume 30 cents per meter per fiber for cabled fiber, or about $10
(US) per meter for 36-fiber cable. 

Siecore plain vanilla 36 fiber singlemode list $ 1.82 a foot, $5.46
a yard

>Each fiber pair should be able to handle approximately 1 million
>conversations at current data rates, or a total of 18 million
>conversations for that 18-pair cable, or 9.5 trillion 
>conversation-minutes.

At current data rates (OC-48 Sonet) 32,256 voice channels per
fiber, 580,608 total for the fiber.

Off by a factor of roughly 36 at this point.

>Multiply this cost by 10 for right of way, trenching, repeaters,
>and other auxiliary hardware, or $100 per meter.  This is probably
>just a ballpark estimate, but...

Off by a factor of at least 10 not counting switching equipment.


>I've read that estimates show that it would probably be cheaper to
>provide cellular-telephone service in China to everyone than to
>wire the country up with copper lines.  This isn't particularly
>surprising.  Cell-phones solve the "last few hundred yards/mile or
>two" problem quite well.  Since nearly all of the actual
>connections in a copperline telephone system are 
>switch-to-individual-phone lines, going cellular saves a bundle of
>installation costs.

A good point, in Sri Lanka they were having problems with copper
bandits cutting down all the cable, till they switched to fiber.
The question is can the average citizen of china afford a cell
phone and service for what it can be installed.
 

In a reply to me Jim bell wrote:

>The long distance companies are not "using local networks," your
>customers are...to connect to those long distance companies.  And
>any payments LD companies make to you are, indeed, a subsidy.  
>Tell me, how much is this _subsidy_, exactly?

Who's using who is a matter of perspective. 

Q) if you call a dog's tail a "leg" how many legs does a dog have?

A) four, calling a tail a leg doesn't make it one.

Point? The LD companies pay to use the RBOC's networks, calling it
a subsidy doesn't make it one, except maybe to you. If they don't
like it, they are free (or soon will be) to build their own, or use
someone elses.

>As an alternative, the phone company would presumably be entitled
>to be served by phone lines, at say $30 per month or so, through
>which their customers reach them.  $30 per month is $1 per day or
>4 cents per hour or about 0.07 cents per minute.   3 cents doesn't
>equal 0.07 cents, now does it?!?

"Presumably be entitled?" The RBOC's currently charge what
regulations allow, if the regs go away, they will charge what the
market will pay.

>Tell me again how "the local/long distance subsidy was eliminated
>at breakup."  Tell me another one, daddy...

Enhance your calm Jim......

>How has this remaining SUBSIDY dropped over time, assuming it has? 
>When is it scheduled to drop to zero?

The rate has gone down since the regs are changing and competition
is increasing. I would be interested in hearing why you think it
will ever drop to zero.

>First, you need to figure out how to supply ISDN for a REASONABLE
>charge, like "no extra charge!" to customers.  It's been over 16
>years after I first heard of ISDN.  At the time, it seemed like a
>wonderful idea...against the 300 baud modems then in use.  Against
>modern 31K modems that you only have to pay for...ONCE...ISDN
>seems mighty lame.

>Face it, ISDN used to be a good idea.  But it's just barely shown
>up the moment it's hit the end of its marketing window.  ISDN will
>have a marketing lifetime for maybe a couple of more years, and
>only then because you can't put more bits through a 3.4 khz
>passband.

>Not to mention all the bullshit propaganda that claimed that with
>ISDN, you wouldn't have to buy any modems.  Well, maybe that's
>just because they didn't CALL them modems, but they charged way
>more for an essentially indistinguishable function.  Can you say,
>"Fraud"?  I knew you could!

 <sigh> Jim, first you set up the ISDN "Strawman" and then you
knock it down. I no more believe that ISDN is the future than you
do.

Be well!

Brian

"Zazen? Well it beats sitting around on your ass all day doing
nothing."





From alano at teleport.com  Wed Aug 21 16:34:15 1996
From: alano at teleport.com (Alan Olsen)
Date: Thu, 22 Aug 1996 07:34:15 +0800
Subject: [NOISE] Airport legal question
Message-ID: <2.2.32.19960821203637.00c65588@mail.teleport.com>


At 12:50 PM 8/21/96 -0800, jim bell wrote:

>>7/23:  "I don't have a bomb in the bag."
>>7/24:  "Well no, I left my pipe bomb at home."
>>8/1:  "It's not as if we were Swedish and here to blow up the airport."
>
>
>I wonder how they determined that the lines above were "bomb threats."

They contain the word "bomb".  Bombs are "threatening".  Therefore they are
"bomb threats".

Isn't authoritarian logic fun?
---
|  "Remember: You can't have BSDM without BSD. - alan at ctrl-alt-del.com  "|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From ichudov at algebra.com  Wed Aug 21 16:44:29 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Thu, 22 Aug 1996 07:44:29 +0800
Subject: Canada Imprisons People For Human Rights Activity
In-Reply-To: <9607218406.AA840654179@smtplink.alis.ca>
Message-ID: <199608211933.OAA29688@manifold.algebra.com>


jbugden at smtplink.alis.ca wrote:
> Nota: Quebec recently held a referendum on seperation from Canada.=20
> Just talk about secession of a state in the U.S., and you'll quickly see wh=
> ich
> country makes political ideas illegal.
> 

OK, so what would happen if I organized a party with the proclaimed goal
of secession of Oklahoma from the United States?

	- Igor.





From alano at teleport.com  Wed Aug 21 16:52:24 1996
From: alano at teleport.com (Alan Olsen)
Date: Thu, 22 Aug 1996 07:52:24 +0800
Subject: Canada Imprisons People For Human Rights Activity
Message-ID: <2.2.32.19960821192836.00ecde40@mail.teleport.com>


At 12:02 PM 8/21/96 EST, jbugden at smtplink.alis.ca wrote:

>Nota: Quebec recently held a referendum on seperation from Canada. 
>Just talk about secession of a state in the U.S., and you'll quickly see which
>country makes political ideas illegal.

It did not seem to stop the secessionist movement in Alaska (at least when I
was there).  But then that was before the Feds started taking a more active
role in Alaskan politics...  (Especially with their involvement to get pot
recriminalized  back during the Reagan administration.)

You expect the state to allow challenges to its authority?  And lose its
omnipotent status?

"It takes a Village to raise a child." - Number 2


---
|  "Remember: You can't have BSDM without BSD. - alan at ctrl-alt-del.com  "|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From alexf at iss.net  Wed Aug 21 16:56:51 1996
From: alexf at iss.net (Alex F)
Date: Thu, 22 Aug 1996 07:56:51 +0800
Subject: Spamming
Message-ID: <199608211955.PAA01059@phoenix.iss.net>


> At 06:09 PM 8/20/96 -0700, Rich Graves wrote:
> >On Wed, 21 Aug 1996, Vipul Ved Prakash wrote:
> >
> >> I don't know if there has been much discussion on the ethics of spamming
> >> here? Is spamming free speech? 
> >
> >Yes.
> 
> No. 

[snip]

Freedom of Speech includes freedom FROM speech.  IOW, if it starts 
infringing on your rights, then it stops.  Spam is unsolicited, 
commercial email, and it could possibly be argued that just as the 
spammer has the right to say whatever it is that he wants, we also 
have the right not to get his email.  This can also get very 
convoluted.

Besides that, it's just impolite.

Alex F
=-=-=-=-=-=-=-=-=-=-=-=-=-
Alex F    alexf at iss.net
Marketing Specialist
Internet Security Systems
=-=-=-=-=-=-=-=-=-=-=-=-=-





From jimbell at pacifier.com  Wed Aug 21 16:57:31 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 22 Aug 1996 07:57:31 +0800
Subject: [NOISE] Airport legal question
Message-ID: <199608211952.MAA00934@mail.pacifier.com>


At 10:37 PM 8/20/96 -0700, William Knowles wrote:
>Lucky,
> 
>>I know that it is a violation of federal law to joke about explosives at 
>>the X-ray machine. Would an "I love Explosives" sticker on carry-on 
>>luggage violate any laws?
> 
>Dunno, But you might get a kick out this from The Chicago Reader that 
>published a list of the "bomb threats" made at O'Hare International 
>airport a few weeks back.
  

>7/23:  "I don't have a bomb in the bag."
>7/24:  "Well no, I left my pipe bomb at home."
>8/1:  "It's not as if we were Swedish and here to blow up the airport."


I wonder how they determined that the lines above were "bomb threats."

Jim Bell
jimbell at pacifier.com





From jbugden at smtplink.alis.ca  Wed Aug 21 16:58:25 1996
From: jbugden at smtplink.alis.ca (jbugden at smtplink.alis.ca)
Date: Thu, 22 Aug 1996 07:58:25 +0800
Subject: [Noise] RE: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <9607218406.AA840671790@smtplink.alis.ca>



jim bell <jimbell at pacifier.com> wrote: 
>The Net public is getting less and less tolerant of obvious bias on the part 
>of those who report the news.  The Times has some potential >(undisplayed) bias
that we need to be on the lookout for, but the Post is >actively engaging in
bias in its news stories, NOW.

My God! Could Chomsky be right after all?

James

A favorite story on Bosnia was an interview I saw with Noam Chomsky and Canadian
Major General Lewis Mackenzie who had led the Canadian forces in Bosnia. The
interviewer asked Chomsky some question about the real goals of the West in this
crisis and he gave some biting response about them having no motivation to
resolve the conflict but simply appear to be acting while continuing to follow
various policies that were cynical, amoral and contradictory to their stated
public goals. Lewis Mackenzie is then asked to rebut this view but instead he
agrees with Chomsky's analysis and goes on to give specific examples that he
faced first hand.

More Canadiana: The man who recently snuck into the Canadian Prime Minister's
residence and tried to assassinate him was released from jail last week after
serving three months. Fortunately, he did not call him names.






From eagle at armory.com  Wed Aug 21 17:02:59 1996
From: eagle at armory.com (Jeff Davis)
Date: Thu, 22 Aug 1996 08:02:59 +0800
Subject: RC4 RC2 & MD5???
Message-ID: <9608211258.aa00158@deepthought.armory.com>


I assume then that the Netscape encryption is Symetric Key, so how do
RC4 RC2 and MD5 compare and contast? TIA   
-- 
According to John Perry Barlow:                       *What is EFF?* 
"Jeff Davis is a truly gifted trouble-maker." *email <info at eff.org>*
*** O U T L A W S  On The  E L E C T R O N I C  F R O N T I E R ****
US Out Of Cyberspace!!! Join EFF Today! *email <membership at eff.org>*   





From 0005514706 at mcimail.com  Wed Aug 21 17:05:01 1996
From: 0005514706 at mcimail.com (Michael Wilson)
Date: Thu, 22 Aug 1996 08:05:01 +0800
Subject: Remailer chain design docs?
Message-ID: <04960821191740/0005514706DC1EM@MCIMAIL.COM>


Would somebody be so kind as to point me at the design documentation for
remailers and chain remailers?  I feel a need to code, and want to see
the design on the current systems before I jump in.  Danke, MW






From gary at systemics.com  Wed Aug 21 17:09:39 1996
From: gary at systemics.com (Gary Howland)
Date: Thu, 22 Aug 1996 08:09:39 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <Pine.HPP.3.91.960821144412.10644C-100000@cor.sos.sll.se>
Message-ID: <321B4FB3.1CFBAE39@systemics.com>


Asgaard wrote:
> 
> On Tue, 20 Aug 1996, Timothy C. May wrote:
> 
> > There are technological fixes which I would favor over attempts to ban
> > unwanted messages.
> 
> In the meantime, before these technological fixes are easily implemented,
> what is the proper way to handle unwanted commercial mail?
> 
> 1) delete immediately
> 
> 2) reply with 'Fuck off, morons!'
> 
> 3) as in 2) plus an attachment of some 1Mb file
> 
> 4) as in 3) plus a CC to the postmaster of the sending site
> 
> What if the spam says: 'Do only reply to this if you want
> further contact with us' etc?
> 
> Does anybody have good advice, including risks for retaliation
> from the vendors/postmasters for such 're-spam'?


I always send a quick one liner - "Please send me more information". 
Often I'll ask a stupid question too ("Does your software work in
France?").  If more people did this, then they'd have to choose their
victims a bit more carefully in the future (assuming of course they're
trying to sell something).

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From declan at well.com  Wed Aug 21 17:18:51 1996
From: declan at well.com (Declan McCullagh)
Date: Thu, 22 Aug 1996 08:18:51 +0800
Subject: Republican and Democratic party platforms on technology
Message-ID: <v01510108ae413710a5cd@[204.62.128.229]>



============

Date: Wed, 21 Aug 1996 16:35:49 -0500
To: fight-censorship at vorlon.mit.edu
From: declan at well.com (Declan McCullagh)
Subject: Republican and Democratic party platforms on technology
Sender: owner-fight-censorship at vorlon.mit.edu

Attached is an excerpt from the GOP's 1996 platform, provided by a
Republican Senate staffer. All keystroking errors mine -- this plank
doesn't seem to have been nailed into the rnc.org web site yet.

While the Republicans certainly are no fast friends of online liberties --
recall Dole cosponsored an "anti-cyberporn" bill worse than the CDA --
they've been moving in the right direction on crypto. This plank shows that
as a party, they're starting to take online privacy seriously.

Let's see what the Democrats do at their convention. I've attached relevant
excerpts from the platform committee's report, but the only coherent theme
I found is increased government spending.

(Contrast both parties with the Libertarians, which have a sterling
commitment to online civil liberties, reflected in the platform approved at
their convention last month.)

-Declan

---

[The rest of the platform is at http://www.rnc.org/hq/platform96/]

                     The 1996 Republican Party Platform

     Excerpt: Science, Technology, and Innovation in the 21st Century

Our goal is to empower the American people by using the benefits of
advanced science to improve their quality of life without undue restraint
from government. Our bottom line is more jobs, better jobs, and a higher
standard of living for the families of America.

We believe the marketplace, not bureaucrats, can determine which
technologies best meet the needs of the public.

[...]

The communications revolution empowers individuals, enhances health care,
opens up opportunity for rural areas, and strengthens families and
institutions. A Dole-led Congress passed the Telecommunications Act of 1996
to promote the full and open competition and freedom of choice in the
telecommunications marketplace. In contrast, the Clinton-Gore
Administration repeatedly defended big-government regulation. This
micromanagement of the Information Age is contrary to America's Information
Super Highway.

We support the broadest access to telecommunications networks and services,
based upon marketplace capabilties. ***The Internet today is the most
staggering example of how the Information Age can and will enhance the
lives of Americans everywhere. To further this explosion of new-found
freedoms and opportunities, privacy, through secured communications, has
never been more important. Bob Dole and the Republican Party will promote
policies that ensure that the U.S. remains the world leader in science,
technology, and innovation.***

[Emphasis mine. --Declan]

---

http://www.democrats.org/party/convention/pltdft96-2.html

               The Report of the Platform Committee to the 1996
                        Democratic National Convention

                   Today's Democratic Party: Meeting
                    America's Challenges, Protecting
                              America's Values

                   THE 1996 DEMOCRATIC NATIONAL PLATFORM

[...]

Technology. We know investments in technology drive economic growth,
generate new knowledge, create new high-wage jobs, build new
industries, and improve our quality of life. In the face of Republican
efforts to undermine America's dedication to innovation, President
Clinton and the Democratic Party have fought to maintain vital
investments in science and technology. We remember that government
investment in technology is responsible for the computer, for jet
aircraft, and for the Internet -- no investments have ever paid off
better, in jobs, in opportunity, or in growth.

[...]

Technology in the classroom. We must bring the 21st century into every
classroom in America. There is a vast realm of knowledge waiting for
our children to tap into. Computers are powerful tools to teach
students to read better, write better, and understand math. President
Clinton and Vice President Gore understand that technological literacy
is essential to success in the new economy. The only way to achieve
that for every student is to give them all access to a computer, good
software, trained teachers, and the Internet -- and President Clinton
and Vice President Gore have launched a partnership with high-tech
companies, schools, state, and local governments to wire every
classroom and library to the Information Superhighway by the year 2000.

[...]

The Clinton Administration is working to put wanted lists of parents
who owe child support in the post office and on the Internet. President
Clinton and Democrats in Congress insisted that the toughest possible
child support enforcement be part of the new welfare reform plan --
including the President's plan to deny drivers licenses and
professional licenses to people who do not pay their child support.

###







From shamrock at netcom.com  Wed Aug 21 17:20:17 1996
From: shamrock at netcom.com (Lucky Green)
Date: Thu, 22 Aug 1996 08:20:17 +0800
Subject: HP supporting GAK, export controls
Message-ID: <Pine.3.89.9608211309.A23772-0100000@netcom14>


[Sorry, the last one went out without a subject]

HP is in the process of ramroding a pro-GAK, pro-export control 
resolution through CommerceNet's public policy working group.

Here are the details.

HP is marketing several DES products that currently can not be sold 
abroad. In order to be allowed to sell these products, HP is willing to 
give the USG the following in return:


1.  Support by CommerceNet to have GAK built into the (inevitable) 
domestic PKI. [Their presentation included the word "voluntary". When I 
asked what was meant by that, I got the reply "There are many 
interpretations of the word "voluntary"." Suffice to say there are 
fundamental differences in what I mean by "voluntary" and what their 
proposal would require the definition of "voluntary" to be.]

2.  Support by CommerceNet for export restrictions on stronger forms of 
crypto than DES as well as restrictions on export of crypto for products 
not directly related (in HP's opinion) to ecommerce, such as email.

This ill conceived attempt to use CommerceNet's clout as industry 
organization to liberalize export rules on HP's products, and those of a 
few other companies supporting HP in this effort, at a heavy cost to 
everybody else, must be stopped. Please let HP know how you feel about 
their initiative and encourage CommerceNet to adopt an anti-GAK, 
anti-export control position.

--Lucky








From jim at ACM.ORG  Wed Aug 21 17:24:15 1996
From: jim at ACM.ORG (Jim Gillogly)
Date: Thu, 22 Aug 1996 08:24:15 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <Pine.3.89.9608211152.A29889-0100000@netcom>
Message-ID: <199608212046.NAA23129@mycroft.rand.org>



"Paul S. Penrod" <furballs at netcom.com> writes:
>Practically, it would be better to allow and promote a technological 
>outlet for all of this, as it will never go away, so long as the medium 
>exists.

The technological outlet already exists: polite marketers use Web pages,
so that people who are interested in their offerings can find them using
one of the search engines.  Market droids (get over it, dude) are
unwilling to reach only people who are interested in their products.

	Jim Gillogly
	Trewesday, 29 Wedmath S.R. 1996, 20:45





From shamrock at netcom.com  Wed Aug 21 17:25:04 1996
From: shamrock at netcom.com (Lucky Green)
Date: Thu, 22 Aug 1996 08:25:04 +0800
Subject: No Subject
Message-ID: <Pine.3.89.9608211303.A23772-0100000@netcom14>


HP is in the process of ramroding a pro-GAK, pro-export control 
resolution through CommerceNet
Here are the details.
HP is marketing several DES products that currently can not be sold 
abroad. In order to be allowed to sell these products, HP is willing to 
give the USG the following in return:

1.  Support by CommerceNet to have GAK built into the (inevitable) 
domestic PKI.
2.  Support by CommerceNet for export restrictions on stronger forms of 
crypto than DES as well as restrictions on export of crypto for products 
not directly related (in HP
This ill conceived attempt to use CommerceNet
--Lucky








From furballs at netcom.com  Wed Aug 21 17:28:47 1996
From: furballs at netcom.com (Paul S. Penrod)
Date: Thu, 22 Aug 1996 08:28:47 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <ae3ff85d0b02100490f2@[205.199.118.202]>
Message-ID: <Pine.3.89.9608211152.A29889-0100000@netcom>




On Tue, 20 Aug 1996, Timothy C. May wrote:

> At 5:16 AM 8/21/96, Paul S. Penrod wrote:
> >On Tue, 20 Aug 1996, Ross Wright wrote:
> 
> >> Market Droids????  As a salesman I take offence at this slur.
> 
> Sales droids are subservient to market droids...sort of like R2D2, a sales
> droid, getting his marching orders from C3PO, a market droid.
> 
> 
> >As for spamming, I get enough of it via snail-mail, I don't want to see
> >it in my Inbox too. And, for the record, there are lots of people out
> >there who pay on the bulk charge, not by time. Sending advertising or
> >junk mail to these folks costs them money, maybe not much for the one
> >message you sent, but several thousand over a month of a quarter add up
> >to real money.
> >
> >There is a time and place for legitimate advertising. I am sure that
> >given time and impetus, a number of clear channel venues will open up to
> >allow precision marketing and sales to happen electronicly.
> >
> >At the moment, it's bad nettiquette...
> 
> The basic problem is that, unlike paper mail, it costs a sender essentially
> nothing to send nearly any size file to as many people as he wishes. This
> is the basic economic fact of the Net at this time. Until this eventually
> changes, spamming will be with us.
> 
> (I understand experts in the field of "spamming" have various names for
> various flavors: spam, velveeta, jerky, etc. I'll call them all "unwanted
> messages.")
> 
> The problem is one of economics and allocation of costs. Other industries
> have the same issues:
> 
> * fax machines: costs of paper are borne by receiver, leading to high bills
> when "junk faxes" are received (and hence some laws restricting such faxes)
> 
> * cellular phones: receiver of calls usually is charged air time. Thus,
> "junk calls" cost money.
> 
> (My physical mailbox probably gets about $1 a day of junk mail, in terms of
> postage paid. More, in terms of costs to print catalogs, fliers, freebies,
> etc. It takes me about 20 seconds, tops, to decide what to discard
> immediately and what to save, so at this point "their costs" > "my costs.")
> 
> In my view, attempting to legislate what is "junk" and what is not junk is
> misguided. (And I suspect it rarely works in halting junk mail.) Junk is in
> the eye of the beholder.
> 
> There are technological fixes which I would favor over attempts to ban
> unwanted messages.
> 
> --Tim May
> 

I agree about the technological fixes. When enough people figure out or 
are shown how to block unwanted messages, the economics of scale 
disappear real fast. Unfortunately, there will always be a ready supply 
of the unwitting, and government's reaction is to legislate rather than 
educate.

Practically, it would be better to allow and promote a technological 
outlet for all of this, as it will never go away, so long as the medium 
exists.

...Paul






From droelke at rdxsunhost.aud.alcatel.com  Wed Aug 21 17:43:20 1996
From: droelke at rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Thu, 22 Aug 1996 08:43:20 +0800
Subject: Securing Internet mail at the MTA level
Message-ID: <9608212008.AA21573@spirit.aud.alcatel.com>




> > It's also clear to me that for E-mail, you don't want transport level
> > security for the system; you want "object" security, that is, digital
> > signature and encryption of the mail message.
> 
> Yup. This is a frequently missed point. Link security and object
> security have different uses at different times -- and people confuse
> them way too often.
> 

With the question of "Do you want object security or link security
for email?"  The answer is (as with all security questions) "What
is your threat model?"

For example:  Your company does not have mailreaders capable
of doing encryption (at least not easy enough for average users).
Your supplier has the same situation.  You have accepted 
this fact for the time being, and trust that your employees
won't tinker with the email if they want their job for long.

However, the email you send to your supplier and vice-versa 
should not go over the Internet unencrypted as it potentially 
contains sensitive information. 

So, a link-level encryption that the two co-operating 
sys-admins can set up would be a good solution.  This would
be easier to set up and maintain than a encrypted router tunnel
through the net, and solve your problem.

Of course, I'll submit that object security on email would 
be preferable, but that might not be pratical right now.

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke at aud.alcatel.com                             Richardson, TX






From mthompso at qualcomm.com  Wed Aug 21 17:43:28 1996
From: mthompso at qualcomm.com (Michelle KC5KYO)
Date: Thu, 22 Aug 1996 08:43:28 +0800
Subject: [Noise] RE: Canada Imprisons People For Human Rights Acti...
In-Reply-To: <9607218406.AA840670454@smtplink.alis.ca>
Message-ID: <Pine.GSO.3.94.960821145137.18639C-100000@strange.qualcomm.com>


> I do not believe that freedom of speech in the U.S.A. extends to actively
> agitating for secession or the overthrow of the federal government.

The right to discuss revolt or secession or the overthrow of the federal
government, it seems to me, is given below:

"We hold these Truths to be self-evident, that all Men are created
equal, that they are endowed by their Creator with certain unalienable
Rights, that among these are Life, Liberty, and the Pursuit of 
Happiness - That to secure these Rights, Governments are instituted
among Men, deriving their just Powers from the Consent of the
Governed, that whenever any Form of Government becomes destructive of
these Ends, it is the Right of the People to alter or to abolish it,
and to institute new Government, laying its Foundation on such
Principles, and organizing its Powers in such Form, as to them shall
seem most likely to effect their Safety and Happiness.  ... "

Now this is the Declaration of Independence, and not the Constitution, but
it seems to me that the right to discuss "agitating for secession or the
overthrow of the federal government" is protected.

Michelle






From rich at c2.org  Wed Aug 21 17:44:48 1996
From: rich at c2.org (Rich Graves)
Date: Thu, 22 Aug 1996 08:44:48 +0800
Subject: [NOISE]CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <199608211235.IAA30204@osceola.gate.net>
Message-ID: <Pine.GUL.3.95.960821115130.17847C-100000@Networking.Stanford.EDU>


On Wed, 21 Aug 1996, Jim Ray wrote:
> [I said] 
> > Oh, I don't think it's impossible or even unlikely that at least
> >  some of the
> > groups lumped together as "contras" were involved in drug
> >  smuggling, and I
> > think it's reasonable to have different views regarding how much
> >  money was
> > involved and who knew what when (my view is very little, and
> >  medium). 
> 
> Anyone who says "very little" money is involved in any aspect of 
> the cocaine importation trade definitely doesn't live in Miami.

The aspect of the cocaine trade in Miami that is tied up with a conspiracy
to kidnap the mascot of the Miami Dolphins involves "very little" money.
This is not to suggest that the cocaine importation trade as a whole
involves "very little" money.

The supposed Contra Connection -- which as originally made up was not
supposed to involve Miami, by the way, but primarily CA, LA, and TX --
involves "very little" money relative to the Contra budget, and even less
considering how little was supposed to have been passed on, and "very
little" money relative to the total drug trade.

> >What I
> > object to are conspiracy theories along the lines of: 
> > 
> > 1. The Reagan Administration used the Contras to smuggle crack
> >  to the US in
> >    a deliberate attempt at genocide against Black people. (I
> >  heard this a
> >    lot, though seldom in so many words, on KPFK in the mid-80's;
> >  the SJ Merc
> >    series certainly has this as a subtext.)
> 
> I never said that, and I object to calling something a "conspiracy 
> theory" just because it's politically inconvenient.

Me too. Only wacky conspiracy theories should be called wacky conspiracy
theories. No, you never suggested the above -- as I said, I heard it mostly
on KPFK, a far-left, "Black Nationalist"-friendly radio station in Los
Angeles associated with the Pacifica Foundation, in the mid-80's. It would
be rather difficult to confuse them with you. :-) I include this example to
indicate where the story originated.

> > 2. Clinton was a CIA agent involved in the Contra drug-smuggling
> >  CaBaL.
> 
> He was governor of Arkansas when Reagan was President of the United 
> States. Do the search I already gave you, and read the articles.
> mena /p cocaine

My academic advisor was Terry Karl, a rather sharp critic of the CIA and a
specialist on Central America. I spent a decade on Latin American policy
issues. I personally spoke with Mr. Calero at a (well-picketed) reception at
Stanford in 1989. I had classmates from Nicaragua. Speculative
rumor-mongering by Beltway journalists who can't even read Spanish doesn't
impress me.

> > > It is a major, bipartisan, Watergate-style but bigger 
> > > scandal, and the strange bedfellows in the media who were
> >  doing a 
> > > halfway decent job of covering it [The Wall Street Journal and
> > > "High Times" magazine(!)] have fallen strangely silent on the
> > > subject as the election approaches. Hmmmmm.
> > 
> > 4. Anything where vague unsupported asserions are thrown out,
> >  followed by
> >    a Hmmmmm (sorry).
> 
> OK, looks like I have to say it again, and remember this is NOT me, 
> it's those conspiracy theorists at CBS News, printed in that 
> radical purveyor of vague unsupported asserions...The Wall Street 
> Journal:
> 
> "The FAA, FBI, Customs, CIA, Justice, DEA and the IRS were
> all involved in Mena. They won't say how they were involved,
> but they will tell you there is nothing there." -- Bill Plante,
> CBS News Correspondent, &  Michael Singer, Producer, CBS News,
> New York. [In Tuesday, May 3, 1994's  Wall Street Journal
> letters to the editor section.] Look it up.

In other words, they deny it, so it must be true.

> I am not a journalist, but it sometimes seems I have a better 
> institutional memory than they do. This story was covered poorly, 
> even though there was/is plenty there, because of politics and 
> power masquerading as "national security." The story is there for 
> journalists who want to risk covering it, but the trail is getting 
> cold, and yes, some loons have latched onto it, due in part to the 
> vacuum in "legitimate" media coverage.

This is backwards. The loons on the left started the story. In 1986, the
press and academia investigated the story, and concluded there was really
nothing to it. Even Chomsky, who welcomes any opportunity to "prove"  a
world conspiracy against leftists, rejected it (this is the same guy who
bought the Allende assassination myth until shortly before Barricada and
Mistral retracted it). Ten years later, another set of loons is trying to
interest the press in a laundered story. A couple of CBS reporters were
trolled, briefly. 

> [This will be my final word on this subject in this forum.]
> <sound of Perry cheering>

Likewise.

-rich






From alanh at infi.net  Wed Aug 21 17:50:28 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 22 Aug 1996 08:50:28 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <v0300780cae4008975ab2@[206.119.69.46]>
Message-ID: <Pine.SV4.3.91.960821180017.10434L-100000@larry.infi.net>


My first real job was as a clerk in the New York Merchantile Exchange, 
back in the days when we stood on platforms, writing trade prices on the 
wallboards with chalk.

I should have stayed around, most white males who did eventually moved up 
to being a floor trader.





From alanh at infi.net  Wed Aug 21 17:51:21 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 22 Aug 1996 08:51:21 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <ae3fa332050210048d05@[205.199.118.202]>
Message-ID: <Pine.SV4.3.91.960821173156.10434B-100000@larry.infi.net>


"insulting the Monarch"


It's called lese Majeste, knave.

It's still a VERY serious offense in Thailand.





From bdavis at thepoint.net  Wed Aug 21 17:52:25 1996
From: bdavis at thepoint.net (Brian Davis)
Date: Thu, 22 Aug 1996 08:52:25 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <960820183645_506047852@emout10.mail.aol.com>
Message-ID: <Pine.BSF.3.91.960821144300.9917E-100000@mercury.thepoint.net>


On Tue, 20 Aug 1996 Scottauge at aol.com wrote:

> Rush Limbaugh reports:
> 
> That a husband and wife are being jailed for yelling to Clinton "You Suck".
> 
> The Secret Service states additional words (yet un-uttered to the rest of us)
> were mentioned that they deemed threatening.


"I hope you die."  And the couple was arrestd for disorderly conduct by 
Chicago police.  Any possible federal charges for threatening a president 
in violation of 18 U.S.C. Section 871 await a determination of the 
seriousness of the statement, in context with the wife's conduct, by 
prosecutors.  I predict no action.

EBD 

> 
> Ahhh, good to live in a free country....
> 





From jimbell at pacifier.com  Wed Aug 21 17:57:56 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 22 Aug 1996 08:57:56 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <199608212138.OAA07368@mail.pacifier.com>


At 02:47 PM 8/21/96 -0400, Brian Davis wrote:
>On Tue, 20 Aug 1996 Scottauge at aol.com wrote:
>
>> Rush Limbaugh reports:
>> 
>> That a husband and wife are being jailed for yelling to Clinton "You Suck".
>> 
>> The Secret Service states additional words (yet un-uttered to the rest of 
us)
>> were mentioned that they deemed threatening.
>
>
>"I hope you die." 

Doesn't sound much like a "threat" to me.

> And the couple was arrestd for disorderly conduct by 
>Chicago police. 

It sounds to me like the Chicops were just showing their "loyalty" by 
sitting on somebody, not that they believed any real crime had been committed.

> Any possible federal charges for threatening a president 
>in violation of 18 U.S.C. Section 871 await a determination of the 
>seriousness of the statement, in context with the wife's conduct, by 
>prosecutors.  I predict no action.

But it isn't even a "threat", regardless of how "serious" it was.   The "I 
hope you die"  part is, presumably, a statement of fact:  She did, indeed, 
hope he dies.  But I don't see how hoping this can be considered a threat, 
or even SAYING she's hoping this is, likewise.


Makes me wonder whether visiting one of these appearances with a "Clinton 
Doll" and a bunch of pins, and visibly inserting those pins into the doll 
(while uttering various strange incantations), would constitute a "threat."

Frankly, I'd rather have a president who didn't feel the need to be 
protected by thugs.

Jim Bell
jimbell at pacifier.com





From alanh at infi.net  Wed Aug 21 17:58:03 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 22 Aug 1996 08:58:03 +0800
Subject: [NOISE] Airport legal question
In-Reply-To: <Pine.3.89.9608201919.A23972-0100000@netcom14>
Message-ID: <Pine.SV4.3.91.960821175047.10434G-100000@larry.infi.net>


> the X-ray machine. Would an "I love Explosives" sticker on carry-on 
> luggage violate any laws?


No. You'd be released. Eventually. After your flight had departed, perhaps?





From carolann at censored.org  Wed Aug 21 18:02:41 1996
From: carolann at censored.org (Censored Girls Anonymous)
Date: Thu, 22 Aug 1996 09:02:41 +0800
Subject: Ruritania
Message-ID: <2.2.16.19960821191809.377f6c4c@primenet.com>


                      The Legend of Ruritania

There was once a far away land called Ruritania, and in this land there was
a strange phenomenon  --  all the trees that grew there were transparent. 
In the old days, the people had lived in mud huts.   But now, high-tech wood
technology had been developed,  and in this new age of wood, everyone in
Ruritania found that their homes were all 100% see through. 

Now, until this point, no one ever thought of allowing the police to spy on
someone's home. But the new technology made this tempting. This being a
civilized country, however, warrants were required to use binoculars and
watch someone in their home. The police, taking advantage of this, would
get  warrants  to  use  binoculars  and peer in to see what was going on. 
Occasionally, they would use binoculars without a warrant, but everyone
pretended that this didn't happen. 

One day, a smart man invented paint -- and the people found that if they
painted their houses, suddenly the police couldn't watch all their actions
at will. Things would go back to the way they were in the old age -- 
completely private.

Indignant, the state decided to try to require that all homes have video
cameras installed into every nook and cranny.   "After all", they said,
"with this new 'paint' development, crime could run rampant. Installing
video cameras doesn't mean that the police get any new capability -- 
they are just keeping the old one."

A wise man pointed out that citizens were not obligated to make the
lives of the police easy, that the police had survived all through the mud
hut  age  without  being  able  to  watch  the  citizens at will,  and that 
Ruritania  was  a  civilized  country  where  not  everything  that  was 
expedient was permitted. For instance, in a neighboring country, it had
been discovered that torture was an extremely effective way to solve
crimes.   Ruritania had banned this practice long ago, in spite of its 
expedience.   Indeed, "why have warrants at all", he asked, "if we are 
interested only in expedience?" 

A famous paint technologist, Dorothy Quisling, intervened however.  She 
noted that people might take photographs of children masturbating should
this new paint technology be widely deployed without safeguards, and the 
law was passed.

Soon it was discovered that some citizens were covering their mouths 
while speaking to each other, thus preventing the police from reading 
their lips through the video cameras. This had to be prevented, the police
 said. After all, it was preventing them from conducting their lawful
 surveillance. 

The wise man pointed out that the police had never before been allowed 
to listen in on people's homes, but Dorothy Quisling pointed out that 
people might  use  this  new  invention  of  covering  their mouths 
with veils to discuss the kidnapping and mutilation of children. 

Now, no one in the legislature  wanted  to be accused  of being in favor of 
mutilating children, but then again, no one wanted to interfere in people's
rights to wear what they liked, so a compromise was reached whereby all
homes had to have microphones installed in each room to accompany the 
video cameras. The wise man lamented few if any child mutilations had 
ever been solved by the old lip reading technology, but it was too late --
the new law was passed  and microphones were installed everywhere.

However, soon it was discovered that this was insufficient to prevent
citizens from hiding information from the authorities, because some of
them  would  cleverly  speak  in  languages  that  the police  could  not 
understand. So, another new law was proposed to force all citizens to
speak at all times only in Ruritanian, and, for good measure, to require 
that they speak clearly and distinctly near the microphones. "After all",
Dorothy Quisling pointed out, "they might be using the opportunity to 
speak in private to mask terrorist activities!" Terrorism struck terror
into everyone's hearts, and they rejoiced at the brilliance of this new
law. 

Meanwhile, the wise man talked one evening to his friends on how all of
this was making a sham of the  constitution of  Ruritania, of which all
Ruritanians were proud. "Why", he asked, "are we obligated to sacrifice 
all our freedom and privacy to make the lives of the police easier? 
There isn't any real evidence that this makes any big dent in crime,
 anyway! All it does is make our privacy forfeit to the state!" 

However, the wise man made the mistake of saying this, as the new law
required, in Ruritanian, clearly and distinctly, and near a microphone. 
Soon, the newly formed Ruritanian Secret Police arrived and took him off,
and got him to confess to crimes by torturing him. Torture was, after all,
far more efficient than the old methods, and had been recently instituted
to stop the recent wave of people thinking obscene thoughts about tomatoes,
which Dorothy Quisling noted was one of the major problems of the new age
of plenty and joy.
Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From Scottauge at aol.com  Wed Aug 21 18:03:04 1996
From: Scottauge at aol.com (Scottauge at aol.com)
Date: Thu, 22 Aug 1996 09:03:04 +0800
Subject: Lesson 2 in cracking (cryptoanalysis 001)
Message-ID: <960821175542_184580468@emout07.mail.aol.com>


In a message dated 96-08-21 03:14:57 EDT, you write:

> Okay wise guy.  I'm going to give you a 14300 character string that
>  starts out

Big deal.

>How are you going to tell *what* I was talking about?  I guarantee with
>any message of practical length (i.e. not " ckosuuy") will have multiple
>possibilities, particularly when you take things like mispellings,

Mispelling are an acknowledge means of screwing up the algorithms I gave you.
 However, they are usually close to the original spelling.  In addition, once
most of the cipher has been dealt with, these fall into place quite nicely
anyhow.

>software artifacts ("----- BEGIN PGP --------" "X-Received ..." etc.) and

So tell me what the difference is between a bunch of messages with th, st, ya
da ya da and messages with instances of say 27 27 27 27 27 obviously the
dashes from your pgp insert.  If anything, you've added more ammunition
against your self.  Think expanded pattern matching if you can something like
pa*tern...

>deliberate attempts to throw you off.  That's why it's unbreakable - by
>anyone!

Including the user, after all, you show a transformation by setting all
vowels to the front, then a transformation into numbers, a shuffle by number
order, then a transformation back into letters.

During decryption:

How do you place the vowels into the correct position?

How do you place the numbers into the previous order before ascending sort
them?

You are a , lets see a good name I was once placed with,  a TROLL.

The first pot was not to insult you more so than to inform others of attacks.

This post can be considered a personal attack, you TROLL.





From jimbell at pacifier.com  Wed Aug 21 18:03:37 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 22 Aug 1996 09:03:37 +0800
Subject: telco's vs x-phones
Message-ID: <199608211952.MAA00938@mail.pacifier.com>


At 09:19 AM 8/21/96 -0700, Brian D Williams wrote:
>
>
>In a reply to Vipul Ved Prakash, Jim Bell wrote:
>
>>Assume 30 cents per meter per fiber for cabled fiber, or about $10
>(US) per meter for 36-fiber cable. 
>
>Siecore plain vanilla 36 fiber singlemode list $ 1.82 a foot, $5.46
>a yard

In other words, it's a fact of 5+ cheaper than I thought...


>>Each fiber pair should be able to handle approximately 1 million
>>conversations at current data rates, or a total of 18 million
>>conversations for that 18-pair cable, or 9.5 trillion 
>>conversation-minutes.
>
>At current data rates (OC-48 Sonet) 32,256 voice channels per
>fiber, 580,608 total for the fiber.

Well, I think I blew a decimal point, there.  Even so, semi-leading edge 
systems do about twice as well...

>
>Off by a factor of roughly 36 at this point.

However, the errors partially cancel, so I'm actually off by a factor of 2.

>
>>Multiply this cost by 10 for right of way, trenching, repeaters,
>>and other auxiliary hardware, or $100 per meter.  This is probably
>>just a ballpark estimate, but...
>
>Off by a factor of at least 10 not counting switching equipment.

In which direction? 

BTW, keep in mind I'm considering long-haul LD links between cities and 
states, NOT the kind of trenching that requires digging up city streets most 
of the way.  I don't doubt that some portions of a coast-to-coast link are 
substantially more expensive than $100 per meter, but as a proportion of the 
total length they are very small.


>In a reply to me Jim bell wrote:
>
>>The long distance companies are not "using local networks," your
>>customers are...to connect to those long distance companies.  And
>>any payments LD companies make to you are, indeed, a subsidy.  
>>Tell me, how much is this _subsidy_, exactly?
>
>Who's using who is a matter of perspective. 

Which is why you're unwilling to call it a "subsidy."


>Q) if you call a dog's tail a "leg" how many legs does a dog have?
>
>A) four, calling a tail a leg doesn't make it one.
>
>Point? The LD companies pay to use the RBOC's networks, calling it
>a subsidy doesn't make it one, except maybe to you. If they don't
>like it, they are free (or soon will be) to build their own, or use
>someone elses.
>
>>As an alternative, the phone company would presumably be entitled
>>to be served by phone lines, at say $30 per month or so, through
>>which their customers reach them.  $30 per month is $1 per day or
>>4 cents per hour or about 0.07 cents per minute.   3 cents doesn't
>>equal 0.07 cents, now does it?!?
>
>"Presumably be entitled?" The RBOC's currently charge what
>regulations allow, if the regs go away, they will charge what the
>market will pay.

You're full of inconsistencies.  First, you stated that the local/LD 
subsidies "went away with the breakup" (paraphrased) yet NOW you're saying 
"RBOC's currently charge what regulations allow."    I suggest that if those 
regulations "allow" RBOC's to charge 3 cents per minute to LD companies, 
_that_is_the_subsidy_ that you claimed had "gone away."  It's obvious that 
you don't want to use the dirty word "subsidy," but that's exactly what this 
thing is!

You need to remember that unless a price is defined by negotiation in the 
free market, there remains a possibility that it contains an underlying 
subsidy.  Since the whole purpose of the the payment from the LD company to 
the local co was as a subsidy, unless that payment disappears there is 
always a question of whether the subsidy remains.  Apparently it does.

The most obvious alternative, one that doesn't contain an obvious subsidy is 
a "per line per month" pricing system, where the number of lines counted is 
the maximum number of simultaneous calls that can be made through a given LD 
company at one time.  (NOT the total number of customers that the LD company 
has.)


>>How has this remaining SUBSIDY dropped over time, assuming it has? 
>>When is it scheduled to drop to zero?
>
>The rate has gone down since the regs are changing and competition
>is increasing. I would be interested in hearing why you think it
>will ever drop to zero.

It's because the locals don't NEED a subsidy.


Jim Bell
jimbell at pacifier.com





From alanh at infi.net  Wed Aug 21 18:05:15 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 22 Aug 1996 09:05:15 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
In-Reply-To: <199608210005.KAA12548@suburbia.net>
Message-ID: <Pine.SV4.3.91.960821172902.10434A-100000@larry.infi.net>


On Wed, 21 Aug 1996, Julian Assange wrote:

> Darwinism is working as well as it ever was. You may not like it, but
> shit is being selected for.

    Well that sounds.... internally consistent. Oh my God. I'm a dinosaur.





From dlv at bwalk.dm.com  Wed Aug 21 18:05:31 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Thu, 22 Aug 1996 09:05:31 +0800
Subject: PreRFD: comp.org.cypherpunks
In-Reply-To: <199608211645.JAA06426@netcom.netcom.com>
Message-ID: <sD41sD3w165w@bwalk.dm.com>


qut at netcom.com (Skip, OBC) writes:

> ! Jim McCoy wrote:
> ! > qut at netcom.com (Skip) writes:
> ! > > My suggestion number #1:
> ! > > No moderation.
> ! > 
> ! > Suggestion 1 on how to diminish the feeble S/N ratio on cypherpunks:
> ! > 
> ! >         make it a newsgroup
> ! > Suggestion 2:
> ! >         make it an unmoderated newsgroup
> ! 
> ! How about making it a robomoderated newsgroup with only one enforced
> ! rule, forbidding any crossposting?
> 
> If moderation, then why not moderator(s) who simply send out cancel 
> messages to everthing that is crossposted?  Traditional moderated 
> newsgroups are technically inferior because all posts go through netnews 
> chokepoints and then depends on the moderator(s) who's inevitable 
> position has been the irresponsible one of keeping the position long 
> after they lose interest with the high volumes.  Even if their was such
> a person, there is still are chokepoint problem which is stupid to  
> engage in.
> 
> In any case, creation of comp.org.cypherpunks in no way means gatewaying 
> or shutting down cypherpunks at toad.com .

How about a NoCeM-moderated newsgroup?
I.e., several parties can issue 'hide' NoCeM notices for whatever
material they consider off-topic, including cross-posts. Several
other parties can issue 'highlight' NoCeM's for articles they
consider particularly worthy.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From jbugden at smtplink.alis.ca  Wed Aug 21 18:08:11 1996
From: jbugden at smtplink.alis.ca (jbugden at smtplink.alis.ca)
Date: Thu, 22 Aug 1996 09:08:11 +0800
Subject: [Noise] RE: Canada Imprisons People For Human Rights Acti...
Message-ID: <9607218406.AA840670454@smtplink.alis.ca>


Subject: [Noise] RE: Canada Imprisons People For Human Rights Activity

jbugden at alis.com wrote:
! Nota: Quebec recently held a referendum on seperation from Canada.
! Just talk about secession of a state in the U.S., and you'll quickly see 
! which country makes political ideas illegal.

qut at netcom.com (Skip, OBC)
>Exactly, we have freedom of speech alright, everone in the world does, 
>we're allowed to say "we don't believe you should remain in power," but 
>try to say, and mean, "we're going to try to take your power from you for 
>ourselves," and your group will very quickly find out the length of your 
>chains, the extent of our so called freedom.

Actually, my comment was exactly the opposite. You may not be aware of what goes
on with your neighbour to the north, but the province of Quebec currently has a
government whose stated intention is independence from Canada. 

The recent public referendum for a mandate to seceed was defeated by a very
small margin: 51% to 49% with 95% voter turnout.

"Her majesty's loyal opposition" in the parliament (the Bloq Quebecois) has the
same raison d'etre - Independence of Quebec from Canada.

I do not believe that freedom of speech in the U.S.A. extends to actively
agitating for secession or the overthrow of the federal government.

James






From shamrock at netcom.com  Wed Aug 21 18:10:27 1996
From: shamrock at netcom.com (Lucky Green)
Date: Thu, 22 Aug 1996 09:10:27 +0800
Subject: Any CPs in D.C.?
Message-ID: <Pine.3.89.9608211445.A23772-0100000@netcom14>


I will be in D.C. through Saturday. I'd like to meet some Cypherpunks 
that feel like getting to know what Lucky looks like :-)

If you are in D.C., give me a call at my hotel.
(202) 682-0111 x440

--Lucky








From rich at c2.org  Wed Aug 21 18:24:47 1996
From: rich at c2.org (Rich Graves)
Date: Thu, 22 Aug 1996 09:24:47 +0800
Subject: Canada Imprisons People For Human Rights Activity
In-Reply-To: <9607218406.AA840654179@smtplink.alis.ca>
Message-ID: <Pine.GUL.3.95.960821125328.17847D-100000@Networking.Stanford.EDU>


On Wed, 21 Aug 1996 jbugden at smtplink.alis.ca wrote:

> Nota: Quebec recently held a referendum on seperation from Canada. 
> Just talk about secession of a state in the U.S., and you'll quickly see
> which country makes political ideas illegal.

You mean stuff like this? :-)

 http://www.softdisk.com/comp/dan/politics/parties.html#Seccession

The one about the Provisional Government of the Republic of Texas is a hoot. 
The reason you don't hear people wanting to secede from the US is, well,
they don't want to, not because we can't take it. That little incident in
the 1860's was really an international conflict, not a secession.

Some other entertaining sites that would probably be frowned upon in
lily-livered Canada include: 

 http://www.nationalist.org/platform.html#Social
 http://www.natvan.com/WHAT/na2.html#aryan

Back to Zundel, the full text of the Supreme Court decision is at
http://www.nizkor.org/hweb/people/z/zundel-ernst/supreme-court/ The
reasoning is rather different than what you said, but maybe you were
thinking of the earlier postal decision, which I haven't read. The latest
attempt at a criminal charge never even got to trial. 

I also just received a copy of Judge Heald's ruling on the citizenship
matter. Unfortunately, it's a second-generation Xerox that my OCR software
just looks at and laughs. I'll key it in manually if I ever find the time. 
Essentially, it says the government either has to give him citizenship or
change the law, because the only body that is legally empowered to advise
the Crown whether he's a threat to Canadian society or "of bad charater" has
already concluded that he is, so it can't be objective. Very strange
reasoning, but I agree with the outcome. 

-rich






From alanh at infi.net  Wed Aug 21 18:25:05 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 22 Aug 1996 09:25:05 +0800
Subject: US Taxes on X-Pats (getting off topic)
In-Reply-To: <Pine.LNX.3.93.960820221430.391B-100000@smoke.suba.com>
Message-ID: <Pine.SV4.3.91.960821175502.10434I-100000@larry.infi.net>


> > "we killed the natives so this land is our land and the rest of you f@*k-off"


The current group of "Native Americans" were not the first on the land.





From jfricker at vertexgroup.com  Wed Aug 21 18:25:32 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Thu, 22 Aug 1996 09:25:32 +0800
Subject: www.usdoj.gov http://156.46.199.41/
Message-ID: <2.2.32.19960821224538.00678be8@vertexgroup.com>


a mirror of the hack is at http://156.46.199.41/






From jad at dsddhc.com  Wed Aug 21 18:26:27 1996
From: jad at dsddhc.com (John Deters)
Date: Thu, 22 Aug 1996 09:26:27 +0800
Subject: PreRFD: comp.org.cypherpunks
Message-ID: <2.2.32.19960821211509.006afc7c@labg30>


At 06:10 PM 8/20/96 -0700, Skip wrote:
>The Subject: line says it all.
>
>My suggestion number #1:
>
>No moderation.

I'd vote "no" to converting this list into a newsgroup.  I think universal
access to e-mail is more guaranteed than access to a news-server, especially
for those of us hidden away behind our Gestapo-run firewalls.  The mailing
list flies quite nicely through them.  Plus, we have the added benefit of
only getting crypto-related spam thrown at us occasionally, instead of the
nearly ubiquitous "Call 1-900-HOT-4U" postings that seem to flood every
Usenet group.  ('Course, I seem to recall a www.slut.com letter from someone
a few days ago...)

Plus, sci.crypt exists for those who can't get enough here.

As an aside, if an RFD should be called, to whom should we forward our
discussion?  (It's been many years since I really cared about Usenet.)

John
--
J. Deters  "Captain's log, stardate 25970-point-5.  I am nailed to the hull."
+-------------------------------------------------------+
| NET:   jad at dsddhc.com (work)    jad at pclink.com (home) |
| PSTN:  1 612 375 3116 (work)    1 612 894 8507 (home) |
| ICBM:  44^58'36"N by 93^16'27"W Elev. ~=290m (work)   |
| PGP Key ID:  768 / 15FFA875                           |
+-------------------------------------------------------+






From alano at teleport.com  Wed Aug 21 18:27:26 1996
From: alano at teleport.com (Alan Olsen)
Date: Thu, 22 Aug 1996 09:27:26 +0800
Subject: [rant] Re: Spamming (Good or Bad?)
Message-ID: <2.2.32.19960821203026.00c82314@mail.teleport.com>


At 05:49 PM 8/20/96 +0000, Ross Wright wrote:
>On Or About 20 Aug 96, 16:23, Jim Gillogly wrote:
>> 
>> Vipul Ved Prakash <vipul at pobox.com> writes:
>> >I don't know if there has been much discussion on the ethics of
>> >spamming here? Is spamming free speech? 
>> 
>
>> I oppose spamming because it's rude and inefficient, lowering the
>> S/N everywhere it happens.  Market droids
>
>Market Droids????  As a salesman I take offence at this slur.

It is a mild term compared to some of the things that could be said about sales.

I have dealt with far too many sales people.  Few of them knew anything
about the products that they were selling.  (This is especially true of the
computer field.  "Do you know the difference between a computer salesman and
a car salesman?  The car salesman knows how to drive.")

Many people have a bad view of sales.  

<rant>
Mine is because of the times I have had to create the programs that sales
had promised, but had no clue as to what could and could not be done, or was
even practical.  Getting time lines set by people who have no clue as to how
long it will take or even if what they want is possible.  (More than once I
have received requests based on the pipe dreams of some idiot in sales that
contained contradictory requirements and/or absurd time lines.)

Most sales people do not care about what it takes to do something, all they
care about is making the sale.  What they tell the rube in the course of
selling it does not matter.  (Someone else will take care of it.)

But then, rarely does truth enter into the matter of sales...

Sales people have a bad reputation for a very good reason.  If they actually
had a basic understanding of what they were selling, and were not so
untrustworthy as to not commit to things that are not deliverable, they
would have that reputation.

The only people I have more contempt for than salesmen are salesmen for
multi-level companies.  (Except maybe government officials, but that is on a
case by case basis...)
</rant>

>> favor it because it's
>> cheap, and no matter how many people they piss off bigtime, they
>> make some sales.
>
>Even make sales to people who are pissed off at first...

"Never underestimate the power of human stupidity."

The biggest problem I have had with spammers in the last month or so are the
ones who insist on forging e-mail reply addresses.  Of course, being from a
sales background, they were too incompetent to cover up their tracks.
(Remember:  If you are going to post spam with a forged return address,
DON'T do it from your own uucp address.  The send path makes a great big
arrow pointing back to you.)

Spammers are more like the people who call you at home and try to sell you
things you do not want over the phone with recorded messages.

Sales on the Internet can be done and done without pissing off people.  But
what it takes is a shred of a clue.  By violating netiquite, the spammer has
shown that he lacks vital connection to anything resembling a clueserver.
Furthermore, much of what is spammed is either illegal (variants on the
"make money fast" idea of pyramid scheme) and/or posted to entire
hierarchies of groups.  (Most mail readers will not allow you to mark a
message as read in all of the newsgroups it is posted to.  And most of the
Windows newsreader do not have killfiles or they are buggy to the point of
unusability.)  I certainly do not want to read this crap over and over again.  

It is this repeated abuse that gets spammers mailbombed, feeds killed, etc. 

(And I will not even go into the type of sales promoted by Canter and Siegal
in their book on Internet sales.  Of course, considering their background
(i.e. lawyers for the Church of Scientology) it does not surprise me a whole
lot...)
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From lucifer at dhp.com  Wed Aug 21 18:28:05 1996
From: lucifer at dhp.com (Mixmaster)
Date: Thu, 22 Aug 1996 09:28:05 +0800
Subject: Security Dynamics <-> Microsoft
Message-ID: <199608212202.SAA17249@dhp.com>



http://www.briefing.com/storystk.htm

15:20 ET ******

SECURITY DYNAMICS TECHNOLOGIES (SDTI) 60 +4 1/4. Maker of security products
used to protect and manage access to computer-based information is seeing its
stock get a lift from news that company's RSA unit has reached licensing
agreement with Microsoft (MSFT 122 1/4 -1 1/8). In return for technical
cooperation and additional licensing rights for integration of RSA's
technology with Microsoft's cryptoapi, Microsoft will license cryptoapi to
RSA, including rights to incorporate cryptoapi into RSA's toolkit products.
According to company, RSA will receive an ongoing stream of revenue from
MSFT based on the use of patented RSA technology. Also, company will license
software to MSFT that will enable it to include support for SDTI's hardware
tokens and ace/server authentication products in future versions of Windows
NT and MSFT Internet Information Server.






From jfricker at vertexgroup.com  Wed Aug 21 18:33:23 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Thu, 22 Aug 1996 09:33:23 +0800
Subject: www.usdoj.gov mirror2
Message-ID: <2.2.32.19960821230541.00637930@vertexgroup.com>


http://www.netlite.com/ameritek/usdoj is faster than that other site






From haystack at cow.net  Wed Aug 21 18:35:31 1996
From: haystack at cow.net (Bovine Remailer)
Date: Thu, 22 Aug 1996 09:35:31 +0800
Subject: No Subject
Message-ID: <9608212250.AA14289@cow.net>


The Postal service is working on a new postage method, 2 key signature, which will be unique to each "postal unit" ( stamp ) the signature will be logged when you buy the stamps....No more anon. snail mail......

Just thought you'd like to know !






From anonymous-remailer at shell.portal.com  Wed Aug 21 18:41:21 1996
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Thu, 22 Aug 1996 09:41:21 +0800
Subject: 20 year key ?
Message-ID: <199608212246.PAA09169@jobe.shell.portal.com>


Is there such a thing as a "20 YEAR KEY "  would it be a 2048 bit or larger or what ?






From chris230 at juno.com  Wed Aug 21 18:48:06 1996
From: chris230 at juno.com (Chris J Samuelson)
Date: Thu, 22 Aug 1996 09:48:06 +0800
Subject: Spamming
In-Reply-To: <2.2.32.19960821145232.006fe294@tansoft.com>
Message-ID: <19960821.170816.6486.1.chris230@juno.com>



On Wed, 21 Aug 1996 10:52:32 -0400 "James C. Sewell" <jims at MPGN.COM>
writes:
>At 06:09 PM 8/20/96 -0700, Rich Graves wrote:
>>On Wed, 21 Aug 1996, Vipul Ved Prakash wrote:
>>
>>> I don't know if there has been much discussion on the ethics of 
>spamming
>>> here? Is spamming free speech? 
>>
>>Yes.
>
>No.  I think we can all (most) agree that spam-email is like 
>junk-snailmail.
>In that case there are a few things to consider:
>
>  1. Junkmail requires the SENDER to pay for it, not the recipient.
>  2. Junkmail is under the full authority of the Postmaster.  If
>     they do anything illegal they have an authority to which they
>     must answer and may face criminal charges for.
>  3. You can't legally stuff mailboxes by driving around the 
>neighborhood.
>     It is against the law for me to walk up to your mailbox and put 
>     something in it.  Should the same be true of emailboxes?
>  4. Junkmail is usually at a lower priority than "real" mail and 
>     due to costs is usually easily identifiable.  Email isn't.
>
>  And one relating to only email:
>
>     I don't want to have to spend 10 minutes letting Eudora sort
>     through my mailbox because my filter rules are so numerous and
>     complex due to me trying to block spam.
>
>  We must remember that the First Amendment does not allow us to say
>any thing at any time via any medium we choose.  There are limits
>to it, usually in the name of public safety and harassment.  There
>should be similar limits in the Internet.
>  I'm not saying we shouldn't let you tell others how get rich quick
>but that you should not be allowed to mail to *@*.* just to tell the
>world how great we are.
>
> Jim
>
>Jim Sewell - jims at tansoft.com    Tantalus Incorporated - Key West, FL
>
>
Why should the spammers pay for it, any more than anyone else should. 
They are still 
in some way paying for the E-Mail I assume, by keeping up a server or
paying someone else for the convienince of E-Mail.  If they tried to
force spammers to pay money they would have to have a way to decide if
someone was spamming.A good excuse to read E-Mail?





From tcmay at got.net  Wed Aug 21 19:53:28 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 22 Aug 1996 10:53:28 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <ae40eda80f0210043236@[205.199.118.202]>


At 6:47 PM 8/21/96, Brian Davis wrote:
>On Tue, 20 Aug 1996 Scottauge at aol.com wrote:
>
>> Rush Limbaugh reports:
>>
>> That a husband and wife are being jailed for yelling to Clinton "You Suck".
>>
>> The Secret Service states additional words (yet un-uttered to the rest of us)
>> were mentioned that they deemed threatening.
>
>
>"I hope you die."  And the couple was arrestd for disorderly conduct by
>Chicago police.  Any possible federal charges for threatening a president
>in violation of 18 U.S.C. Section 871 await a determination of the
>seriousness of the statement, in context with the wife's conduct, by
>prosecutors.  I predict no action.

Well, I agree that saying "I hope you die" is a tad bit more serious than
"You suck, and those boys died."

If these additional words were spoken, why didn't the SS reveal them early
on? (Or, if they did, why did the news reports not mention them?)

Personally, I would never utter such words, even to Clinton. Or Dole.
Tacky, even if one dislikes the Prez.

But I agree that "no action" is pretty likely. "I hope you die" has been a
time-honored insult at least since I was a kindergartner, and presumably
for many decades prior to this. Hardly an active threat.

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Wed Aug 21 19:54:19 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 22 Aug 1996 10:54:19 +0800
Subject: Canada Imprisons People For Human Rights Activity
Message-ID: <ae40f6b0130210045167@[205.199.118.202]>


At 7:33 PM 8/21/96, Igor Chudov @ home wrote:
>jbugden at smtplink.alis.ca wrote:
>> Nota: Quebec recently held a referendum on seperation from Canada.=20
>> Just talk about secession of a state in the U.S., and you'll quickly see wh=
>> ich
>> country makes political ideas illegal.
>>
>
>OK, so what would happen if I organized a party with the proclaimed goal
>of secession of Oklahoma from the United States?
>
>        - Igor.

Almost certainly nothing. I believe there is an active secessionist
movement in Alaska, and nothing has happened to them.

(This does not mean they would ever be allowed to succeed in seceeding, of
course.)

--Tim May


We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Wed Aug 21 19:58:06 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 22 Aug 1996 10:58:06 +0800
Subject: Ruritania
Message-ID: <ae40f4f812021004ea2f@[205.199.118.202]>


At 7:18 PM 8/21/96, Censored Girls Anonymous wrote:
>                      The Legend of Ruritania
>
>There was once a far away land called Ruritania, and in this land there was
>a strange phenomenon  --  all the trees that grew there were transparent.
>In the old days, the people had lived in mud huts.   But now, high-tech wood
.......
>to stop the recent wave of people thinking obscene thoughts about tomatoes,
>which Dorothy Quisling noted was one of the major problems of the new age
>of plenty and joy.
>Member Internet Society  - Certified BETSI Programmer  -  Webmistress
>***********************************************************************
>Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96


Carol,

I see no attribution for this. Did you write it?

It looks very familiar, like something that was posted to the Cypherpunks
list a couple of years ago. (I seem to recall Perry Metzger writing a
similar, or even identical, piece.)

If you wrote it, great. But if someone else wrote it, you should definitely
mention this, and give a name if you have it. If you know someone besides
yourself wrote it, but the name was unattached to the copy you got, this
should also be mentioned.

Again, if you wrote it, great. And I apologize for even hinting that you
did not. But it sure looks familiar.

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Wed Aug 21 20:12:15 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 22 Aug 1996 11:12:15 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <ae40f1eb110210043298@[205.199.118.202]>


At 12:55 PM 8/21/96, Asgaard wrote:
>On Tue, 20 Aug 1996, Timothy C. May wrote:
>
>> There are technological fixes which I would favor over attempts to ban
>> unwanted messages.
>
>In the meantime, before these technological fixes are easily implemented,
>what is the proper way to handle unwanted commercial mail?
>
>1) delete immediately
>
>2) reply with 'Fuck off, morons!'
>
>3) as in 2) plus an attachment of some 1Mb file
>
>4) as in 3) plus a CC to the postmaster of the sending site

Well, this actually just happened to me. I got a long message from the
"Computer Currents" folks, for Yet Another Net Newsletter, "Inside
Currents," saying they had added my name to their list and that if I wished
to be removed I should a) paste a certain reply form into a section at the
end of the message, b) readdress the reply to a person handling
unsubscribes, c) blah blah blah.

Instead, I just hit "Reply" and sent the message back to them.

I wasn't sure if the message would go out to the original list or not, nor
did I care. I didn't ask to be subscribed to their list, I wasn't
interested in learning their indiosyncratic procedure for removing one's
name, and they should have set up their distribution list so as not to
allow recipients to post to the entire list (it is, after all, not a
mailing list intended for postings by recipients).

Well, my message and dozens of similar reply messages from others went out
to the "Inside Currents" list, provoking an avalanche of even more replies,
bounces, etc.

"Computer Currents" is now feeling intense heat over this episode.

(My latest message, sent two days ago, was entitled "Fuck "Computer
Currents,"" and included my "How to Make a Pipe Bomb" sig. It hasn't come
back to me, so maybe CC figured out how to turn off their spammish
features.)

(Hey, "spammish" is a nice word. Hackers can say, "Yeah, I took Spammish in
high school.")

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Wed Aug 21 20:23:30 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 22 Aug 1996 11:23:30 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <ae40f7c1140210049197@[205.199.118.202]>


At 6:04 PM 8/21/96, Gary Howland wrote:

>I always send a quick one liner - "Please send me more information".
>Often I'll ask a stupid question too ("Does your software work in
>France?").  If more people did this, then they'd have to choose their
>victims a bit more carefully in the future (assuming of course they're
>trying to sell something).

As I said in my last message, I don't even do this--I just bounce it back
to them.

I see no need to "ask questions" (such as "Does it work in France?") to,
perhaps, "establish legitimacy." If they sent it to me, I can send it back.
Simple.

And if their software is set up in a brain-damaged way, so that my bouncing
it back to them also sends it out to their list, so much the better...at
least in terms of helping to anger their potential customers.

--Tim May

(By the way, some of you younger folks may not remember all the creative
ways people used to have to deal with unwanted junk mail. For "return
postage provided" replies, they would often attach the return forms to
large packages of stuff (sometimes even organic, stinky stuff) and let the
junk mailer eat the postage charges at his end. Or they'd fill out the "get
free stuff" forms with the addresses of local officials.)

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From stevenw at best.com  Wed Aug 21 20:35:05 1996
From: stevenw at best.com (Steven Weller)
Date: Thu, 22 Aug 1996 11:35:05 +0800
Subject: RISKS: Microsoft Explorer security hole
Message-ID: <v01540b00ae41586b4b42@[206.86.1.35]>


----------------------------------------------------------------------

Date: Wed, 21 Aug 1996 13:12:59 -0400
From: felten at CS.Princeton.EDU (Ed Felten)
Subject: Internet Explorer Security Problem

We have discovered a security flaw in the current version (3.0) of
Microsoft's Internet Explorer browser running under Windows 95.  An attacker
could exploit the flaw to run any DOS command on the machine of an Explorer
user who visits the attacker's page.  For example, the attacker could read,
modify, or delete the victim's files, or insert a virus or backdoor entrance
into the victim's machine.  We have verified our discovery by creating a Web
page that deletes a file on the machine of any Explorer user who visits the
page.

The core of the attack is a technique for delivering a document to the
victim's browser while bypassing the security checks that would normally be
applied to the document.  If the document is, for example, a Microsoft Word
template, it could contain a macro that executes any DOS command.

Normally, before Explorer downloads a dangerous file like a Word document,
it displays a dialog box warning that the file might contain a virus or
other dangerous content, and asking the user whether to abort the download
or to proceed with the download anyway.  This gives the user a chance to
avoid the risk of a malicious document.  However, our technique allows an
attacker to deliver a document without triggering the dialog box.

Microsoft has been notified and they are working on fixing the problem.
Until a remedy is widely available, we will not disclose further details
about the flaw.

For more information, contact Ed Felten at felten at cs.princeton.edu or
609-258-5906.

Dirk Balfanz and Ed Felten
Dept. of Computer Science, Princeton University
http://www.cs.princeton.edu/sip/

------------------------------

-------------------------------------------------------------------------
Steven Weller                      |  Technology (n):
                                   |
                                   |     A substitute for adulthood.
stevenw at best.com                   |     Popular with middle-aged men.







From erehwon at c2.net  Wed Aug 21 20:37:52 1996
From: erehwon at c2.net (William Knowles)
Date: Thu, 22 Aug 1996 11:37:52 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <m0utNUA-000rcmC@maki.wwa.com>
Message-ID: <Pine.SUN.3.94.960821174005.27985A-100000@infinity.c2.net>


On Wed, 21 Aug 1996, jim bell wrote:

> Frankly, I'd rather have a president who didn't feel the need to be 
> protected by thugs.

Makes it easier to implement 'Assassination Politics' if you have to. 
:)

William Knowles
erehwon at c2.net


--
William Knowles    <erehwon at c2.net>
PGP mail welcome & prefered / KeyID 1024/2C34BCF9
PGP Fingerprint 55 0C 78 3C C9 C4 44 DE   5A 3C B4 60 9C 00 FB BD
Finger for public key
--
Vote for Harry Browne in November -- http://www.HarryBrowne96.org







From ses at tipper.oit.unc.edu  Wed Aug 21 20:38:16 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Thu, 22 Aug 1996 11:38:16 +0800
Subject: Any CPs in D.C.?
In-Reply-To: <Pine.3.89.9608211445.A23772-0100000@netcom14>
Message-ID: <Pine.SUN.3.91.960821200855.13678D-100000@tipper.oit.unc.edu>


Hey, I'm In DC this month - but already know what you look like ;)

Simon

On Wed, 21 Aug 1996, Lucky Green wrote:

> I will be in D.C. through Saturday. I'd like to meet some Cypherpunks 
> that feel like getting to know what Lucky looks like :-)
> 
> If you are in D.C., give me a call at my hotel.
> (202) 682-0111 x440
> 
> --Lucky
> 
> 
> 
> 

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From tcmay at got.net  Wed Aug 21 20:42:59 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 22 Aug 1996 11:42:59 +0800
Subject: Republican and Democratic party platforms on technology
Message-ID: <ae40fb6d160210046e90@[205.199.118.202]>


At 9:59 PM 8/21/96, Declan McCullagh wrote:

>While the Republicans certainly are no fast friends of online liberties --
>recall Dole cosponsored an "anti-cyberporn" bill worse than the CDA --
>they've been moving in the right direction on crypto. This plank shows that
>as a party, they're starting to take online privacy seriously.

I think we all know just how long such a taking online privacy seriously
committment would last...about two or three briefings from the FBI, CIA,
NSA, and DIA. Maybe Dole would get the infamous "If you only knew what we
know" briefing, maybe he already has had it (and is just cynically
supporting "online privacy" because it's a way to contrast himself with
Clinton).

Sure, the rhetoric might be slightly different under a Dole presidency. The
focus would be on "halting the spread of abortion information on the Net"
and "plotting by Communists using unbreakable cryptography."

>(Contrast both parties with the Libertarians, which have a sterling
>commitment to online civil liberties, reflected in the platform approved at
>their convention last month.)

I certainly plan to vote for Harry Browne, their candidate, even if voting
only encourages the process.

I first read Browne's stuff back in 1973, and, a few years later, his
wonderful and "Zen Calvinist" (my term) book, "How I Found Freedom in an
Unfree World," which I still recommend to people. As far as I'm concerned,
Browne is the strongest candidate ever fielded by the Libertarian Party.

Not that it will matter. Ralph Nader will probably get more votes than Browne.

The answer lies in technology, not the ballot box.

--Tim May


--
[This Bible excerpt awaiting review under the U.S. Communications Decency
Act of 1996]
And then Lot said, "I have some mighty fine young virgin daughters. Why
don't you boys just come on in and fuck them right here in my house - I'll
just watch!"....Later, up in the mountains, the younger daughter said:
"Dad's getting old. I say we should fuck him before he's too old to fuck."
So the two daughters got him drunk and screwed him all that night. Sure
enough, Dad got them pregnant, and had an incestuous bastard son....Onan
really hated the idea of doing his brother's wife and getting her pregnant
while his brother got all the credit, so he pulled out before he
came....Remember, it's not a good idea to have sex with your sister, your
brother, your parents, your pet dog, or the farm animals, unless of course
God tells you to. [excerpts from the Old Testament, Modern Vernacular
Translation, TCM, 1996]







From ichudov at algebra.com  Wed Aug 21 21:01:31 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Thu, 22 Aug 1996 12:01:31 +0800
Subject: www.usdoj.gov http://156.46.199.41/
In-Reply-To: <2.2.32.19960821224538.00678be8@vertexgroup.com>
Message-ID: <199608220111.UAA31683@manifold.algebra.com>


John F. Fricker wrote:
> 
> a mirror of the hack is at http://156.46.199.41/
> 

and http://www.algebra.com/~ichudov

(usdoj.tar.gz is also available for mirroring).

	- Igor.





From rah at shipwright.com  Wed Aug 21 21:07:35 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Thu, 22 Aug 1996 12:07:35 +0800
Subject: Canada Imprisons People For Human Rights Activity
In-Reply-To: <ae40f6b0130210045167@[205.199.118.202]>
Message-ID: <v03007808ae415e2722da@[206.119.69.46]>


At 8:18 PM -0400 8/21/96, Timothy C. May wrote:

> Almost certainly nothing. I believe there is an active secessionist
> movement in Alaska, and nothing has happened to them.

Depends on what you call "active".

Say, five? ten? years ago, the Alaska Independence Party (all of about 12
people at the time) got hijacked by Wally Hickell in his second run for the
Alaska Governor's office. He had to do it that way, because he had pissed
off the Republican party regulars. And it worked. The hijacking, I mean. He
actually got elected. For his one (1) remaining legal term.  (Remember
Wally? Hotel Owner. Former Alaska Governor in the late 1960's. He was
Nixon's Interior Secretary. For a while, anyway. A few bricks shy of a
load, Wally was, and that's from someone who actually met him.)

The liberal jokesters called AIP "Rent-A-Party" after that. Their founder
and patron saint, Joe Vogler, died under mysterious circumstances a couple
of years ago. Turns out he was murdered by a follower. (Other people say it
was Donna Rice operating under orders from George Bush. ;-).) Joe was a
quite few bricks shy, himself.

However, I expect my old man probably would have flown up from retirement
in New Mexico to old Joe's funeral, if Pop was alive to do it, of course.
Alaska attracts people like Joe and Wally and my old man. (No stranger to
bricklessness, himself, Pop was a founder of the El Paso John Birch Society
chapter. He dragged us all up to Anchorage on a whim to build a whole bunch
of 12-plexes after I finished 6th grade. Just before the pipline started.
Then retired on it all. OK, scratch the "bricklessness" bit...)

Old Joe used to tool around on his homestead in an old bulldozer, randomly
plowing under the spruce trees and filling in the muskeg "wetlands", just
to have fun with the press and give the tree-huggers apoplexy. Wanted to
create some kind of libertarian utopia up in in Alaska, where if you wanted
to exterminate all the biomass on your property one sunny summer afternoon,
you were welcome to, as long as you had clear title.

My kind of guy. :-).

AIP got all of 2% in the last election, I think.

Sic Transit Gloria Mundi.


So, they were "active" (past tense) and I guess you could say something
"happened" to them, too...

Cheers,
Bob Hettinga
(Just some more pipline trash...)

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From mpd at netcom.com  Wed Aug 21 21:09:35 1996
From: mpd at netcom.com (Mike Duvos)
Date: Thu, 22 Aug 1996 12:09:35 +0800
Subject: 20 year key ?
In-Reply-To: <199608212246.PAA09169@jobe.shell.portal.com>
Message-ID: <199608220103.SAA09750@netcom19.netcom.com>


Mr. Anonymous writes:

> Is there such a thing as a "20 YEAR KEY "  would it be a 2048 bit 
> or larger or what ?

No.  Because of the nature of mathematical progress, no reputable
cryptographer will make predictions beyond 3-5 years. 

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $






From jcr at idiom.com  Wed Aug 21 21:12:57 1996
From: jcr at idiom.com (John C. Randolph)
Date: Thu, 22 Aug 1996 12:12:57 +0800
Subject: Husband/Wife jailed for saying Clinton SucksHusband/Wife jailed for say
Message-ID: <199608220141.SAA05126@idiom.com>


> Frankly, I'd rather have a president who didn't feel the need to be 
> protected by thugs.

Well, wouldn't that require a president who had a clear conscience?
I don't think we've had one of those since Eisenhower!

-jcr






From skeeve at skeeve.net  Wed Aug 21 21:22:03 1996
From: skeeve at skeeve.net (Skeeve Stevens)
Date: Thu, 22 Aug 1996 12:22:03 +0800
Subject: www.usdoj.gov mirror2
In-Reply-To: <2.2.32.19960821230541.00637930@vertexgroup.com>
Message-ID: <199608220132.LAA24230@zztop.myinternet.net>


You, John F. Fricker, said about something or other:
+
+http://www.netlite.com/ameritek/usdoj is faster than that other site


is your in singapore/australia/new zealand, the fastest would be

http://www.skeeve.net/doj/


--------------------------------------------------------------------
Skeeve Stevens                              Email: skeeve at skeeve.net
CEO/The Big Boss/All round nice guy      URL: http://www.skeeve.net/
MyInternet                               Australian Anglicans Online
http://www.myinternet.net/               http://www.anglican.asn.au/
Phone: (+612) 869-3334        Mobile: (0414) SKEEVE [+61414-753-383]
Key fingerprint  =  D2 7E 91 53 19 FE D0 5C  DE 34 EA AF 7A 5C 4D 3E





From jim at ACM.ORG  Wed Aug 21 21:32:44 1996
From: jim at ACM.ORG (Jim Gillogly)
Date: Thu, 22 Aug 1996 12:32:44 +0800
Subject: Ruritania
In-Reply-To: <ae40f4f812021004ea2f@[205.199.118.202]>
Message-ID: <199608220140.SAA23628@mycroft.rand.org>



tcmay at got.net (Timothy C. May) writes:
>At 7:18 PM 8/21/96, Censored Girls Anonymous wrote:
>>                      The Legend of Ruritania
>>
>>There was once a far away land called Ruritania, and in this land there was
>>a strange phenomenon  --  all the trees that grew there were transparent.
>>In the old days, the people had lived in mud huts.   But now, high-tech wood
>.......
>>to stop the recent wave of people thinking obscene thoughts about tomatoes,
>>which Dorothy Quisling noted was one of the major problems of the new age
>>of plenty and joy.
>>Member Internet Society  - Certified BETSI Programmer  -  Webmistress
>>***********************************************************************
>>Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96


>Carol,

>I see no attribution for this. Did you write it?

>It looks very familiar, like something that was posted to the Cypherpunks
>list a couple of years ago. (I seem to recall Perry Metzger writing a
>similar, or even identical, piece.)

Good eye, Tim -- here's Perry's piece, which I just happened to save.

	Jim Gillogly
	Hevensday, 30 Wedmath S.R. 1996, 01:37

--------------------------------------------------------------------------

To: cypherpunks at toad.com
Subject: The Parable of Ruritania
Date: Tue, 11 Oct 1994 14:21:40 -0400
From: "Perry E. Metzger" <perry at imsi.com>


Someone just wrote me to ask if they could put this (very old) posting
of mine up on their home page. The recent passage of Digital Telephony
makes me feel this is a good time to send it out again. I should
probably edit it and send it out to the net again -- among other
things, I should alter the Dorothy Quisling comments and clean up a
bunch of the paragraphs and expand it. However, I thought I'd send it
out again now anyway.

Perry

------- Forwarded Message

A Parable


by Perry E. Metzger (perry at gnu.ai.mit.edu)



There was once a far away land called Ruritania, and in Ruritania
there was a strange phenomenon -- all the trees that grew in
Ruritainia were transparent. Now, in the days when people had lived in
mud huts, this had not been a problem, but now high-tech wood
technology had been developed, and in the new age of wood, everyone in
Ruritania found that their homes were all 100% see through. Now, until
this point, no one ever thought of allowing the police to spy on
someone's home, but the new technology made this tempting. This being
a civilized country, however, warrants were required to use binoculars
and watch someone in their home.  The police, taking advantage of
this, would get warrants to use binoculars and peer in to see what was
going on. Occasionally, they would use binoculars without a warrant,
but everyone pretended that this didn't happen.

One day, a smart man invented paint -- and if you painted your house,
suddenly the police couldn't watch all your actions at will. Things
would go back to the way they were in the old age -- completely
private.

Indignant, the state decided to try to require that all homes have
video cameras installed in every nook and cranny. "After all", they
said, "with this new development crime could run rampant. Installing
video cameras doesn't mean that the police get any new capability --
they are just keeping the old one."

A wise man pointed out that citizens were not obligated to make the
lives of the police easy, that the police had survived all through the
mud hut age without being able to watch the citizens at will, and that
Ruritania was a civilized country where not everything that was
expedient was permitted. For instance, in a neighboring country, it
had been discovered that torture was an extremely effective way to
solve crimes. Ruritania had banned this practice in spite of its
expedience. Indeed, "why have warrants at all", he asked, "if we are
interested only in expedience?"

A famous paint technologist, Dorothy Quisling, intervened however. She
noted that people might take photographs of children masturbating
should the new paint technology be widely deployed without safeguards,
and the law was passed.

Soon it was discovered that some citizens would cover their mouths
while speaking to each other, thus preventing the police from reading
their lips through the video cameras. This had to be prevented, the
police said. After all, it was preventing them from conducting their
lawful surveillance. The wise man pointed out that the police had
never before been allowed to listen in on people's homes, but Dorothy
Quisling pointed out that people might use this new invention of
covering their mouths with veils to discuss the kidnapping and
mutilation of children. No one in the legislature wanted to be accused
of being in favor of mutilating children, but then again, no one
wanted to interfere in people's rights to wear what they liked, so a
compromise was reached whereby all homes were installed with
microphones in each room to accompany the video cameras. The wise man
lamented few if any child mutilations had ever been solved by the old
lip reading technology, but it was too late -- the microphones were
installed everywhere.

However, it was discovered that this was insufficient to prevent
citizens from hiding information from the authorities, because some of
them would cleverly speak in languages that the police could not
understand. A new law was proposed to force all citizens to speak at
all times only in Ruritanian, and, for good measure, to require that
they speak clearly and distinctly near the microphones. "After all",
Dorothy Quisling pointed out, "they might be using the opportunity to
speak in private to mask terrorist activities!" Terrorism struck
terror into everyone's hearts, and they rejoiced at the brilliance of
this new law.

Meanwhile, the wise man talked one evening to his friends on how all
of this was making a sham of the constitution of Ruritania, of which
all Ruritanians were proud. "Why", he asked, "are we obligated to
sacrifice all our freedom and privacy to make the lives of the police
easier?  There isn't any real evidence that this makes any big dent in
crime anyway! All it does is make our privacy forfeit to the state!"

However, the wise man made the mistake of saying this, as the law
required, in Ruritanian, clearly and distinctly, and near a
microphone. Soon, the newly formed Ruritanian Secret Police arrived
and took him off, and got him to confess by torturing him. Torture
was, after all, far more efficient than the old methods, and had been
recently instituted to stop the recent wave of people thinking obscene
thoughts about tomatoes, which Dorothy Quisling noted was one of the
major problems of the new age of plenty and joy.

------- End of Forwarded Message






From alanh at infi.net  Wed Aug 21 21:46:45 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 22 Aug 1996 12:46:45 +0800
Subject: Canada Imprisons People For Human Rights Activity
In-Reply-To: <199608211933.OAA29688@manifold.algebra.com>
Message-ID: <Pine.SV4.3.91.960821214832.28623D-100000@larry.infi.net>


> OK, so what would happen if I organized a party with the proclaimed goal
> of secession of Oklahoma from the United States?


  ...already bought the T-shirt.;   Check out the Southern League, POB 
40910, Tuscaloosa Alabama 35404   205-553-0155

They have stgate chapters in every southern state are working towards 
devolution.

I don't think it will happen in my lifetime. On the other hand.... the 
bigger they are, the faster they fall.





From qut at netcom.com  Wed Aug 21 21:52:02 1996
From: qut at netcom.com (Skip)
Date: Thu, 22 Aug 1996 12:52:02 +0800
Subject: PreRFD: comp.org.cypherpunks
In-Reply-To: <sD41sD3w165w@bwalk.dm.com>
Message-ID: <199608220147.SAA22328@netcom.netcom.com>


ON
! 
! qut at netcom.com (Skip, OBC) writes:
! 
! > ! Jim McCoy wrote:
! > ! > qut at netcom.com (Skip) writes:
! > ! > > My suggestion number #1:
! > ! > > No moderation.
! > ! > 
! > ! > Suggestion 1 on how to diminish the feeble S/N ratio on cypherpunks:
! > ! > 
! > ! >         make it a newsgroup
! > ! > Suggestion 2:
! > ! >         make it an unmoderated newsgroup
! > ! 
! > ! How about making it a robomoderated newsgroup with only one enforced
! > ! rule, forbidding any crossposting?
! > 
! > If moderation, then why not moderator(s) who simply send out cancel 
! > messages to everthing that is crossposted?  Traditional moderated 
! > newsgroups are technically inferior because all posts go through netnews 
! > chokepoints and then depends on the moderator(s) who's inevitable 
! > position has been the irresponsible one of keeping the position long 
! > after they lose interest with the high volumes.  Even if their was such
! > a person, there is still are chokepoint problem which is stupid to  
! > engage in.
! > 
! > In any case, creation of comp.org.cypherpunks in no way means gatewaying 
! > or shutting down cypherpunks at toad.com .
! 
! How about a NoCeM-moderated newsgroup?
! I.e., several parties can issue 'hide' NoCeM notices for whatever
! material they consider off-topic, including cross-posts. Several
! other parties can issue 'highlight' NoCeM's for articles they
! consider particularly worthy.

With the advent of killfiles and all sorts of filtering capabilities, 
there is no excuse for requiring moderation at all other than for 
purposes of censorship.

! ---
! 
! Dr.Dimitri Vulis KOTM
! Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps
! 






From jgrasty at gate.net  Wed Aug 21 22:07:23 1996
From: jgrasty at gate.net (Joey Grasty)
Date: Thu, 22 Aug 1996 13:07:23 +0800
Subject: WinSock Remailer Available at Obscura
Message-ID: <199608220228.WAA07722@osceola.gate.net>


Y'all:

The WinSock Remailer is now available for download 
from Lance Cottrell's homepage at:

  http://www.obscura.com/~loki/

Go to the export controlled section.  After you
traverse the export control form and get to the 
ftp site, you will find the remailer in the DOS 
directory.  The filename is WSA12.ZIP.  Inside you
will find a README.TXT file (that contains information
on how to setup the remailer), a PGP signature file
WSRMA12.SIG, and the remailer binaries WSRMA12.ZIP.
The signature file is used with PGP to check that the
the WSRMA12.ZIP file has not been altered.

Send me a note if you have any difficulty.  A special
thanks to Lance for his help and his disk space.

Regards,

--
Joey Grasty
jgrasty at gate.net [home -- encryption, privacy, RKBA and other hopeless causes]
jgrasty at pts.mot.com [work -- designing pagers]
"Anyone who considers arithmetical methods of producing random digits is,
of course, in a state of sin." -- John Von Neumann
PGP = A7 CC 31 E4 7E A3 36 13  93 F4 C9 06 89 51 F5 A7





From qut at netcom.com  Wed Aug 21 22:07:34 1996
From: qut at netcom.com (Skip)
Date: Thu, 22 Aug 1996 13:07:34 +0800
Subject: [Noise] RE: Canada Imprisons People For Human Rights Acti...
In-Reply-To: <Pine.GSO.3.94.960821145137.18639C-100000@strange.qualcomm.com>
Message-ID: <199608220131.SAA19868@netcom.netcom.com>


! > I do not believe that freedom of speech in the U.S.A. extends to actively
! > agitating for secession or the overthrow of the federal government.
! 
! The right to discuss revolt or secession or the overthrow of the federal
! government, it seems to me, is given below:
! 
! "We hold these Truths to be self-evident, that all Men are created
! equal, that they are endowed by their Creator with certain unalienable
! Rights, that among these are Life, Liberty, and the Pursuit of 
! Happiness - That to secure these Rights, Governments are instituted
! among Men, deriving their just Powers from the Consent of the
! Governed, that whenever any Form of Government becomes destructive of
! these Ends, it is the Right of the People to alter or to abolish it,
! and to institute new Government, laying its Foundation on such
! Principles, and organizing its Powers in such Form, as to them shall
! seem most likely to effect their Safety and Happiness.  ... "
! 
! Now this is the Declaration of Independence, and not the Constitution, but
! it seems to me that the right to discuss "agitating for secession or the
! overthrow of the federal government" is protected.

Correct, if government is not protecting our rights as a people, we are 
responsible for forcing the government to do so, even if that means 
changing of the guard, ie, successful radicalism.





From qut at netcom.com  Wed Aug 21 22:09:05 1996
From: qut at netcom.com (Skip)
Date: Thu, 22 Aug 1996 13:09:05 +0800
Subject: PreRFD: comp.org.cypherpunks
In-Reply-To: <199608211928.OAA29624@manifold.algebra.com>
Message-ID: <199608220144.SAA21861@netcom.netcom.com>


ON
! 
! if it is _robo_moderated, there would not be timing issues.

Exactly the same problem of one machine that can recieve and make the posts,
one script, one moderator in charge of the whole thing, which experience 
indicates they eventually abuse their resonsibility by keeping it after 
they lose interest in managing the group.

! igor
! 
! Skip, OBC wrote:
! > 
! > ! Jim McCoy wrote:
! > ! > qut at netcom.com (Skip) writes:
! > ! > > My suggestion number #1:
! > ! > > No moderation.
! > ! > 
! > ! > Suggestion 1 on how to diminish the feeble S/N ratio on cypherpunks:
! > ! > 
! > ! >         make it a newsgroup
! > ! > Suggestion 2:
! > ! >         make it an unmoderated newsgroup
! > ! 
! > ! How about making it a robomoderated newsgroup with only one enforced
! > ! rule, forbidding any crossposting?
! > 
! > If moderation, then why not moderator(s) who simply send out cancel 
! > messages to everthing that is crossposted?  Traditional moderated 
! > newsgroups are technically inferior because all posts go through netnews 
! > chokepoints and then depends on the moderator(s) who's inevitable 
! > position has been the irresponsible one of keeping the position long 
! > after they lose interest with the high volumes.  Even if their was such
! > a person, there is still are chokepoint problem which is stupid to  
! > engage in.
! > 
! > In any case, creation of comp.org.cypherpunks in no way means gatewaying 
! > or shutting down cypherpunks at toad.com .
! > 
! > 
! > --
! > Love, 
! > Skip, OBC
! > 
! 
! 
! 
! 	- Igor.
! 






From ichudov at algebra.com  Wed Aug 21 22:20:38 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Thu, 22 Aug 1996 13:20:38 +0800
Subject: your mail
In-Reply-To: <9608212250.AA14289@cow.net>
Message-ID: <199608220245.VAA32285@manifold.algebra.com>


Bovine Remailer wrote:
> 
> The Postal service is working on a new postage method, 2 key
> signature, which will be unique to each "postal unit" ( stamp ) the
> signature will be logged when you buy the stamps....No more anon. snail
> mail......  > > Just thought you'd like to know !  >

So I'd engage in the business of buying stamps and selling them
to anyone for cash, anonymously.

	- Igor.





From johnbr at atl.mindspring.com  Wed Aug 21 22:20:38 1996
From: johnbr at atl.mindspring.com (John Brothers)
Date: Thu, 22 Aug 1996 13:20:38 +0800
Subject: telco's vs x-phones
Message-ID: <1.5.4.32.19960822023217.00729710@pop.atl.mindspring.com>



I think you both have good points here.  I will redo the math.

At 09:19 AM 8/21/96 -0700,  Brian D Williams <talon57 at well.com> wrote:
>In a reply to Vipul Ved Prakash, Jim Bell wrote:
>Siecore plain vanilla 36 fiber singlemode list $ 1.82 a foot, $5.46
>a yard.  

Jim said $10/meter, so about 50% of his estimate.


>
>>Each fiber pair should be able to handle approximately 1 million
>>conversations at current data rates, or a total of 18 million
>>conversations for that 18-pair cable, or 9.5 trillion 
>>conversation-minutes.
>
>At current data rates (OC-48 Sonet) 32,256 voice channels per
>fiber, 580,608 total for the fiber.

Ok.. I think we're talking apples and oranges.  Jim uses the term conversation,
which I assume is a 3 minute duration of time.  Your OC-48 handles almost
precisely 1 million conversations per day.   (32k DS0 x 24 * 60 * 20)

So I can see where he could come up with 18 million conversations.  I
have no idea what a conversation-minute is.  Perhaps another measure
would be the total number of conversations per year.

18 million/day * 365 = 6.5 billion conversations per year.

So I believe he is off by a factor of 1000+ at this point, but then the
fiber is half the cost he thought it was, so its really only 500+.


>>Multiply this cost by 10 for right of way, trenching, repeaters,
>>and other auxiliary hardware, or $100 per meter.  This is probably
>>just a ballpark estimate, but...
>
>Off by a factor of at least 10 not counting switching equipment.

So, assume that he's a long haul carrier, and doesn't have to buy any
switching equipment.   Still, based on  $500/meter, that means 
that this network cost about 2.5 billion to build.

So if the system was running at full capacity, 24/7/365, the LD will have
to charge $0.50/conversation, or $0.15/minute to make 2.5 billion per year.

Even reaching 10% of that capacity is unlikely at $5/conversation.

Which, clearly, isn't happening.  I assume that either I have made a 
mistake in my calculations, or the costs of laying fiber has been 
grossly overestimated... Or, that since no-one is going around and buying
up 5000km right of ways, Sprint, MCI, AT&T and co. can lay fiber
much more cheaply.  If we assume $50/meter, it will cost 250 million, and they
will have to charge $0.015/minute to break even at 100% capacity, or 
$0.15/minute at 10% capacity - and we know Sprint charges less than that,
but if they can get more than 10% of the capacity --- although it is doubtful.

My best assumption at this point is that we don't have to make back the entire
cost of the fiber per year to make a profit.  if we only have to earn 20%
of its value to make a 10% profit, it would bring the price down to
$0.075/minute, and if we were to get OC-768 systems invented, we could reduce
that to $0.005/minute, which is approaching the values that Jim derived.

So, I hate to say it, but it looks like long distance is more expensive
than Jim (or I) thought.  But, in a few years (say, 5) it will approach
ridiculously cheap.  We can expect at that point that either
a) All (or most) long distance will be over the Internet
b) Internet phone will vanish as regular long distance becomes a flat fee
   like local service.

---
John Brothers 
   Do you have a right not to be offended?






From zachb at netcom.com  Wed Aug 21 22:22:36 1996
From: zachb at netcom.com (Z.B.)
Date: Thu, 22 Aug 1996 13:22:36 +0800
Subject: your mail
In-Reply-To: <9608212250.AA14289@cow.net>
Message-ID: <Pine.3.89.9608211936.A5488-0100000@netcom17>


Uh huh.  Sure.  I believe nothing more needs to be said about this.

---

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127


On Wed, 21 Aug 1996, Bovine Remailer wrote:

> The Postal service is working on a new postage method, 2 key signature, 
> which will be unique to each "postal unit" ( stamp ) the signature will 
> be logged when you buy the stamps....No more anon. snail mail......
> 
> Just thought you'd like to know !
> 





From shabbir at vtw.org  Wed Aug 21 22:29:00 1996
From: shabbir at vtw.org (Voters Telecommunications Watch)
Date: Thu, 22 Aug 1996 13:29:00 +0800
Subject: ALERT: Show Congress you want privacy during Crypto Action Week! (8/20/96)
Message-ID: <199608220208.WAA23141@panix3.panix.com>


===========================================================================
  ___ _____   _____ _____ ___  
 / __| _ \ \ / / _ \_   _/ _ \     JOIN THOUSANDS OF OTHER NET.AMERICANS AS
| (__|   /\ V /|  _/ | || (_) |	 THEY WORK FOR BETTER PRIVACY AND ENCRYPTION
 \___|_|_\ |_| |_|   |_| \___/ 	  	     September 3-10, 1996
  ___   ___ _____ ___ ___  _  _  __      _____ ___ _  __
 / _ \ / __|_   _|_ _/ _ \| \| | \ \    / / __| __| |/ /
|  _  | (__  | |  | | (_) | .` |  \ \/\/ /| _|| _|| ' <
|_| |_|\___| |_| |___\___/|_|\_|   \_/\_/ |___|___|_|\_\

     SENATE PRO-CRYPTO PRO-CODE BILL COULD BE VOTED OUT OF COMMITTEE
         YOUR HELP IS NEEDED TO PREPARE CONGRESS FOR THE DEBATE!
		     http://www.crypto.com/caw/

      Reproduce this where appropriate until September 15, 1996
---------------------------------------------------------------------------
Table of Contents
	News from the frontlines
	What you must do
	Concluding the meeting
	Tips on how to conduct your visit
	Angles on encryption
	Questions about encryption you might be asked
	Participating Organizations / More Information

---------------------------------------------------------------------------
NEWS FROM THE FRONTLINES

Congress as a whole is beginning to focus on encryption - bills moving
through both House and Senate would improve availability of privacy and
security for the Net.  With three hearings in the Senate and one
scheduled in House Judiciary Committee for early September -
pro-encryption bills have a chance of passing, or at least helping to
lay the groundwork for the next Congress.

Recently in a live chat from the Republican Convention in San Diego,
Senator Conrad Burns (R-MT) said he believed he had enough votes to
pass Pro-CODE out of the Senate Sub-Committee and Committee.  This
is the farthest encryption activists will have come in the crypto fight
in years.

We need your help to make the case to Congress that encryption is
important to privacy and security online, as well as the future potential
of the Internet to create jobs and promote US competitiveness.  Here's what
you can do:
	-sign the petition at http://www.crypto.com/petition/
	-make an appointment with your legislator's local office

With the directions below, visit your Congressperson - urge them to
support the two bills: Pro-CODE "Promotion of Commerce Online in the
Digital Era" (S.1726) & SAFE "Security and Freedom Through Encryption"
(HR 3011).

Now is the time to tell your member of Congress that government
restrictions on encryption are unacceptable to the future of the
Internet.  In recent months, the FBI and the White House have been
using local sheriffs to lobby members of Congress on this issue.  If
you don't tell your member of Congress our side of the story, they
won't hear it from anyone.

---------------------------------------------------------------------------
WHAT YOU MUST DO

Here's what you need to do:

1. Make an appointment with your Senators'/Representative's local office.
   It's probably best to make an appointment with the local office manager.
   It's great if you can get an appointment with your legislator, but 
   don't worry if your legislator cannot be there.

   If you don't know who your Representative and two Senators are, simply
   call the local League of Women Voters office and ask!  You might also
   try using the Zipper at http://www.voxpop.org:80/zipper/

2. Sign the petition at http://www.crypto.com/petition/
   A petition has been setup to help show Congress that encryption policy
   must be driven by the market's concerns.
   
3. Setting up the meeting
   When making the appointment, you should say that the topic is
   privacy and encryption on the Internet.  Ensure they know you are a
   constituent.  If possible, take a friend who owns a small Internet
   business (web design, ISP, whatever) who also lives in the
   district.

   It's crucial that you do not wait to get someone to go before making the
   appointment.  Make the appointment, then go looking for someone to go
   with you.

4. Carry the following message as a theme through your meeting.

   Encryption is important to privacy - the Internet is vulnerable
   and the future of American competitiveness is at stake.  Encryption
   is NOT a terrorist weapon any more than a hammer is a terrorist
   weapon.  While there are difficult national security issues,
   these should not be the driving force of this debate.

   The future of the Internet should not be held hostage by a cold-war
   era world view.

5. Send us mail at vtw at vtw.org when you've made your appointment.  Check
   back at http://www.crypto.com/caw/ for progress and tips on Crypto Action
   Week!

---------------------------------------------------------------------------
CONCLUDING THE MEETING

There are a few things you should remember as you finish your meeting.

If talking to a member, find out if we can count on his/her support for the
PRO-CODE/SAFE bill.  If talking to a staffer, make it their mission to
find out the answer to this question.

As you leave the meeting, run, don't walk, to the nearest card shop and
buy a thank you card.  Write a thank you and address it immediately.
Stick it in the nearest mailbox.

Send us mail at vtw at vtw.org, letting us know how it went.

----------------------------------------------------------------------------
TIPS ON HOW TO CONDUCT YOUR VISIT

Always be polite.  Never threaten.  Never lose your cool.

Many staffers have no idea what encryption is.  Moreover, they might have
never used the Internet.  You should view this as an opportunity: 
you will get the chance to define the debate and educate them.
You may even want to bring a laptop with a modem and take the member/staff
on a breif Internet tour.  (Be careful about what you show them.)

Remember we're all taxpayers, so the phrase "I'm a taxpayer" is
meaningless.

Be brief.  If you're going in a group, plan out the topics each person
will hit.  Appoint someone to act as a spokesperson for the group, so there
can be a central contact.

Remember the first law of Real Estate: LOCATION LOCATION LOCATION. It's
crucial that everyone at the meeting be a potential vote for the
legislator.

Remind yourself that your legislator probably hasn't yet made a decision
on this issue yet; you're there to educate as much as anything.

Go as *individuals* or *business owners* who have a stake in the debate
on encryption issue.

---------------------------------------------------------------------------
ANGLES ON ENCRYPTION

Internet business angle: When speaking from the point of view of an Internet
Service Provider or Web design firm, you have available several arguments,
such as:

	"The popularity of the Net has created a gold rush which has
	 benefitted my business and the local voters I employ.  Concerns
  	 about security on the net could dampen that excitement, and
	 diminish the potential for industry"

	"Many types of services that I would like to offer online cannot
	 be done without strong security.  The current level of security
   	 is too weak to engender public trust, and will diminish the
	 types of business people will put on the net."

Clipper angle: If someone brings up the issue of Clipper and the idea that
government should be trusted to hold your private encryption key, you have
several options available to you:

	"It's not clear that the Administration can be trusted to hold 
	 any information secret, after incidents like the FBI Filegate
	 scandal." 

	"Handing over one's encryption keys to the gov't is just like giving
	 the local police station a copy of your house key, just in case they
 	 need to search your apartment.  Of course they would promise never
	 to use it unless authorized."

---------------------------------------------------------------------------
QUESTIONS ABOUT ENCRYPTION YOU MIGHT BE ASKED

There are a number of questions you will probably be asked by the staff
or member that you should be prepared to answer.  Here's a few of them
and some answers you should feel comfortable with.

WHAT IS ENCRYPTION?

Encryption is a method of scrambling information with one or more "keys"
so that only the sender and receiver can read it, and an eavesdropper
cannot.  Your bank card PIN, telephone conversations, love letters, health
records, and business correspondence are all things that might need to
be encrypted.


WON'T TERRORISTS AND CRIMINALS USE ENCRYPTION?

Perhaps. But criminals and terrorists already have access to strong
encryption from overseas, and are unlikely to use encryption technologies
which they know are breakable by the US government.  Would you send
sensitive information using a code that you knew your adversaries could
break?

Criminals and terrorists will, for better or worse, have access to strong
encryption regardless of U.S. efforts to restrict its availability.
Meanwhile, current U.S. policy leaves sensative personal and business
communications vulnerable and actually creates opportunities for crimes like
industrial espionage.


WHAT IS 40 BIT ENCRYPTION? 

Quite often the strength of an encryption system is measured by the
size of the key.  Forty bits is about the same as a five or six letter
word, such as "apple".  The US government has stated that American
companies that wish to sell products with encryption can only implement
encryption whose keys are forty bits long.

At one time it was quite difficult to attack and recover messages that
were encrypted with 40 bit encryption.  Because of advances in computer
power and research, it has become much easier to do this.   As recently
as last year, a graduate student in France broke 40-bit encryption using
University resources he had available in his spare time.


DON'T EXPORT RESTRICTIONS PREVENT ENCRYPTION PRODUCTS FROM GOING ABROAD?

No. The idea that export restrictions actually keep encryption out of the
hands of non-U.S. citizens implies that all encryption products come
from the U.S.  This is simply untrue, and the plethora of products 
available from non-U.S. sources now shows how absurd it is to continue
to keep such regulations intact.  


DO EXPORT RESTRICTIONS HURT U.S. COMPANIES IN THE GLOBAL MARKETPLACE?

Yes. American hardware and software companies compete globally with products
from around the world.  For many companies, a majority of their business
comes from international sales.  In the crowded marketplace of this fast-
paced business, developing a product with a single feature that outshines a 
competitor's product can often be deciding factor in a consumer's mind.

Yet, American hardware and software businesses are at a disadvantage, as
many competing non-U.S. products can offer stronger encryption than they
can.  This places American products at a distinct competitive disadvantage.


DO EXPORT RESTRICTIONS LIMIT AMERICANS' CHOICE OF SECURITY PRODUCTS?

Yes. Although it is possible to sell two versions of a product, one with
strong encryption for sale domestically and one with weak encryption
for sale abroad, most companies find this schizophrenic product
development approach to be too burdensome and risky.  The result is that
companies that produce hardware and software products that require security
tend to omit such features entirely, or weaken them so that the same product
can be used for export as for domestic use.

The end result of this is that Americans end up with products that are
becoming increasingly incapable of protecting their privacy, hampered by
regulations that can longer accomplish their goal.

---------------------------------------------------------------------------
PARTICIPATING ORGANIZATIONS / MORE INFORMATION

For more information on the encryption issue, check these important
organizations' WWW sites:

	Center for Democracy and Technology (CDT): http://www.cdt.org
	Electronic Frontier Foundation (EFF): http://www.eff.org
	Electronic Privacy Information Center (EPIC): http://www.epic.org
	Voters Telecommunications Watch (VTW): http://www.vtw.org
	Wired Ventures Ltd.: http://www.hotwired.com

Also check these great educational sites:
	Encryption Policy Resource Page (http://www.crypto.com)
	Internet Privacy Coalition (http://www.privacy.org)

========================================================================





From bdavis at thepoint.net  Wed Aug 21 22:33:28 1996
From: bdavis at thepoint.net (Brian Davis)
Date: Thu, 22 Aug 1996 13:33:28 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <199608212138.OAA07368@mail.pacifier.com>
Message-ID: <Pine.BSF.3.91.960821225141.22767A-100000@mercury.thepoint.net>


On Wed, 21 Aug 1996, jim bell wrote:

> At 02:47 PM 8/21/96 -0400, Brian Davis wrote:
> >On Tue, 20 Aug 1996 Scottauge at aol.com wrote:
> >
> >> Rush Limbaugh reports:
> >> 
> >> That a husband and wife are being jailed for yelling to Clinton "You Suck".
> >> 
> >> The Secret Service states additional words (yet un-uttered to the rest of 
> us)
> >> were mentioned that they deemed threatening.
> >
> >
> >"I hope you die." 
> 
> Doesn't sound much like a "threat" to me.
> 
> > And the couple was arrestd for disorderly conduct by 
> >Chicago police. 
> 
> It sounds to me like the Chicops were just showing their "loyalty" by 
> sitting on somebody, not that they believed any real crime had been committed.

Nope.  When police started to ask the couple questions, they began 
screaming obscenities and generally causing a scene.  Chicago cops, being 
what they are, are likely to arrest someone in that circumstance without 
any prodding.  I'm not saying they should, but they will.
> 
> > Any possible federal charges for threatening a president 
> >in violation of 18 U.S.C. Section 871 await a determination of the 
> >seriousness of the statement, in context with the wife's conduct, by 
> >prosecutors.  I predict no action.
                 ^^^^^^^^^^^^^^^^^^^
> 
> But it isn't even a "threat", regardless of how "serious" it was.   The "I 
> hope you die"  part is, presumably, a statement of fact:  She did, indeed, 
> hope he dies.  But I don't see how hoping this can be considered a threat, 
> or even SAYING she's hoping this is, likewise.
 
The statement must be considered in context with their conduct, but as I 
said before, I predict no action.


> 
> Makes me wonder whether visiting one of these appearances with a "Clinton 
> Doll" and a bunch of pins, and visibly inserting those pins into the doll 
> (while uttering various strange incantations), would constitute a "threat."
> 
> Frankly, I'd rather have a president who didn't feel the need to be 
> protected by thugs.

That's because you like dead Presidents. 



> Jim Bell
> jimbell at pacifier.com
> 

BTW I read an account of the incident in the liberal Louisville Courier 
Journal.  I guess they messed up and reported the news despite their 
political leanings....

EBD





From jgrasty at gate.net  Wed Aug 21 22:36:43 1996
From: jgrasty at gate.net (Joey Grasty)
Date: Thu, 22 Aug 1996 13:36:43 +0800
Subject: WinSock Remailer Update
Message-ID: <199608220239.WAA69392@osceola.gate.net>


Y'all:

I've done some additional testing of the WinSock Remailer
with Windows 95.  In short, the remailer does not decrypt
messages properly in Windows 95.  Therefore, it should 
not be used with that operating system.  If you sent messages
this evening, then some or all of these may have been lost
during testing with Win95.

I suspect that the same problems would be present with
Windows NT, and indeed, one user reports a similar problem.

Don't expect a fix for 95 or NT soon, as I'm a relative
neophyte with these operating systems.  In fact, I just
installed Win95* yesterday.  So, please be patient.

I will have another alpha release of the remailer next
week.  Please stay tuned.

As always, my homepage is:

  http://www.c2.net/~winsock/

* What possessed M$ into turning Windows 95 into a Macintosh 
like interface, I'll never know... (Yes, I have been hiding
under a rock for the past two years, why do you ask?)

Regards,

--
Joey Grasty
jgrasty at gate.net [home -- encryption, privacy, RKBA and other hopeless causes]
jgrasty at pts.mot.com [work -- designing pagers]
"Anyone who considers arithmetical methods of producing random digits is,
of course, in a state of sin." -- John Von Neumann
PGP = A7 CC 31 E4 7E A3 36 13  93 F4 C9 06 89 51 F5 A7





From ravage at einstein.ssz.com  Wed Aug 21 22:36:48 1996
From: ravage at einstein.ssz.com (Jim Choate)
Date: Thu, 22 Aug 1996 13:36:48 +0800
Subject: [Noise] RE: Canada Imprisons People For Human Rights Acti... (fwd)
Message-ID: <199608220315.WAA07169@einstein>



Forwarded message:

> From: qut at netcom.com (Skip)
> Subject: Re: [Noise] RE: Canada Imprisons People For Human Rights Acti...
> Date: Wed, 21 Aug 1996 18:31:38 -0700 (PDT)
> 
> ! > I do not believe that freedom of speech in the U.S.A. extends to actively
> ! > agitating for secession or the overthrow of the federal government.
> ! 
> ! The right to discuss revolt or secession or the overthrow of the federal
> ! government, it seems to me, is given below:
> ! 
> ! "We hold these Truths to be self-evident, that all Men are created
> ! equal, that they are endowed by their Creator with certain unalienable
> ! Rights, that among these are Life, Liberty, and the Pursuit of 
> ! Happiness - That to secure these Rights, Governments are instituted
> ! among Men, deriving their just Powers from the Consent of the
> ! Governed, that whenever any Form of Government becomes destructive of
> ! these Ends, it is the Right of the People to alter or to abolish it,
> ! and to institute new Government, laying its Foundation on such
> ! Principles, and organizing its Powers in such Form, as to them shall
> ! seem most likely to effect their Safety and Happiness.  ... "
> ! 
> ! Now this is the Declaration of Independence, and not the Constitution, but
> ! it seems to me that the right to discuss "agitating for secession or the
> ! overthrow of the federal government" is protected.
> 
> Correct, if government is not protecting our rights as a people, we are 
> responsible for forcing the government to do so, even if that means 
> changing of the guard, ie, successful radicalism.
> 

Might I add:

			AMENDMENTS TO THE CONSTITUTION 
 
	Articles in addition to, and Amendment of the Constitution of the 
United States of America, proposed by Congress, and ratified by the 
Legislatures of the several States, pursuant to the fifth Article of the 
original Constitution. 
 
 
 
				ARTICLE IX. 
 
	The enumeration of the Constitution, of certain rights, shall 
not be construed to deny or disparage others retained by the people. 
 
 
 
				ARTICLE X. 
 
	The powers not delegated to the United States by the Constitution, 
nor prohibited by it to the States, are reserved to the States respectively, 
or to the people. 
 
 





From alano at teleport.com  Wed Aug 21 22:45:56 1996
From: alano at teleport.com (Alan Olsen)
Date: Thu, 22 Aug 1996 13:45:56 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <2.2.32.19960822032019.00e8d6e0@mail.teleport.com>


At 05:28 PM 8/21/96 -0700, Timothy C. May wrote:

>(By the way, some of you younger folks may not remember all the creative
>ways people used to have to deal with unwanted junk mail. For "return
>postage provided" replies, they would often attach the return forms to
>large packages of stuff (sometimes even organic, stinky stuff) and let the
>junk mailer eat the postage charges at his end. Or they'd fill out the "get
>free stuff" forms with the addresses of local officials.)

Return reply envelopes can be alot of fun.  

In "A Handful of Zen" by Camden Benares (a book on Discordian Zen) he
suggests collecting them.  When you have something sufficiently weird for a
mass mailing, you just fill a bunch of them and drop them in the local
public posting bin.

An interesting way to releave the daily stress...
---
|  "Remember: You can't have BSDM without BSD. - alan at ctrl-alt-del.com  "|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From dlv at bwalk.dm.com  Wed Aug 21 22:57:42 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Thu, 22 Aug 1996 13:57:42 +0800
Subject: Canada Imprisons People For Human Rights Activity
In-Reply-To: <ae40f6b0130210045167@[205.199.118.202]>
Message-ID: <1Ri2sD70w165w@bwalk.dm.com>


Senile tcmay at got.net (Timothy C. May) rants:
> I believe there is an active secessionist
> movement in Alaska, and nothing has happened to them.
>
> (This does not mean they would ever be allowed to succeed in seceeding, of
> course.)

Alaska rightfully belongs to Russia, as do California and Hawaii.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From dlv at bwalk.dm.com  Wed Aug 21 22:58:35 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Thu, 22 Aug 1996 13:58:35 +0800
Subject: Canada Imprisons People For Human Rights Activity
In-Reply-To: <199608211933.OAA29688@manifold.algebra.com>
Message-ID: <eaJ2sD72w165w@bwalk.dm.com>


ichudov at algebra.com (Igor Chudov @ home) writes:
> jbugden at smtplink.alis.ca wrote:
> > Nota: Quebec recently held a referendum on seperation from Canada.=20
                                                  ^
> > Just talk about secession of a state in the U.S., and you'll quickly see wh
> > ich
> > country makes political ideas illegal.
>
> OK, so what would happen if I organized a party with the proclaimed goal
> of secession of Oklahoma from the United States?

You'd make The Right Reverend Colin James III very happy because you'd
be deported back to Sovok. :-)

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From jimbell at pacifier.com  Wed Aug 21 23:02:26 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 22 Aug 1996 14:02:26 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <199608220351.UAA01292@mail.pacifier.com>


At 10:55 PM 8/21/96 -0400, Brian Davis wrote:

>> 
>> Makes me wonder whether visiting one of these appearances with a "Clinton 
>> Doll" and a bunch of pins, and visibly inserting those pins into the doll 
>> (while uttering various strange incantations), would constitute a "threat."
>> 
>> Frankly, I'd rather have a president who didn't feel the need to be 
>> protected by thugs.
>
>That's because you like dead Presidents. 
>

$50's and $100's are great!

(I also like old fat dead philosophers, as well.)


Jim Bell
jimbell at pacifier.com





From hal9001 at panix.com  Wed Aug 21 23:22:31 1996
From: hal9001 at panix.com (Robert A. Rosenberg)
Date: Thu, 22 Aug 1996 14:22:31 +0800
Subject: CS First Boston lawsuit
In-Reply-To: <ae3d43f90a021004dcf8@[205.199.118.202]>
Message-ID: <v03007800ae4058b9e5d1@[166.84.220.80]>


At 3:29 AM 8/19/96, Alan Horowitz wrote:
>I suspect they are trying to get a judgement against "John Doe", in the
>hopes of tracking him down later.
>
>Actually, if I had a sizeable judgement against such a John Doe, I could
>probably find a private detective who would find the dude for a
>contingent fee. Wow, a whole new class of factoring (commerce definition)
>opens up. Get me a lawyer....


Since the messages were sent from an AoL account, I would assume that a
simple court order would be all that would be needed to force/require AoL
to release the billing-address records for the account. That would allow CS
First Boston to name the defendant. Refusal by AoL would just force CS
First Boston to add AoL as a co-defendant (until they supply the
name/info).







From rwright at adnetsol.com  Wed Aug 21 23:24:16 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Thu, 22 Aug 1996 14:24:16 +0800
Subject: Canada Imprisons People For Human Rights Activity
Message-ID: <199608220417.VAA06243@adnetsol.adnetsol.com>


On Or About 21 Aug 96, 22:15, Dr.Dimitri Vulis KOTM wrote:

> Alaska rightfully belongs to Russia, as do California and Hawaii.
> 

No way.  We bought that stuff.  Then we spent the USSR into the dark 
ages, winning the Cold War.  Right?  Huh? What?

Ross (Boy do I Hate Those Pesky Spammers) Wright

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From ses at tipper.oit.unc.edu  Wed Aug 21 23:43:00 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Thu, 22 Aug 1996 14:43:00 +0800
Subject: Today's Dilbert
Message-ID: <Pine.SUN.3.91.960822000727.14361A-100000@tipper.oit.unc.edu>


I can't believe nobody mentioned wednesday's dilbert cartoon..

Simon
---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From jimbell at pacifier.com  Wed Aug 21 23:43:28 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 22 Aug 1996 14:43:28 +0800
Subject: usenet not working with Agent now.
Message-ID: <199608220408.VAA02413@mail.pacifier.com>


Agent keeps reporting bad server.

Jim Bell
jimbell at pacifier.com





From nul at void.gov  Thu Aug 22 00:14:37 1996
From: nul at void.gov (The Prisoner)
Date: Thu, 22 Aug 1996 15:14:37 +0800
Subject: [noise]Re: The grey lady puts on some boots and rides a horseman or two...
In-Reply-To: <v03007800ae40c206aeb1@[206.119.69.46]>
Message-ID: <321BF202.3791@void.gov>


Robert Hettinga wrote:
> 
> I'm listening to the BBC's World Service at the moment, and they're doing a
> feature on pedophiles on the internet, complete with much knashing of teeth
> about encryption and anonymity, along with some lurid stuff about private
> holding cells, and sexual tourism, and slavery. And Lions. And Tigers. And
> Bears. Oh My.
> ... etc... 
> Be afraid, be very afraid. They're coming for your daughters. The BBC says so.
> 

What ******I'm******* afraid of is another Richard Davis coming after my daughters.

In case you don't know, he's the fuckhead who killed 12 yr old Polly Klaas 
after abducting her from her bedroom while her mother slept in the other room.

The man had been in and out of custody for years for violent crimes, and always seemed to get out.

Davis did not use encryption, a computer, the Internet, PGPPhone.  He used her panties.

Internet, encryption, anonymity: bullshit.  
Get the fucking child-murderers off the *streets*





From cwalker at erie.net  Thu Aug 22 01:13:41 1996
From: cwalker at erie.net (Elf)
Date: Thu, 22 Aug 1996 16:13:41 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <199608220615.CAA24044@moose.erie.net>




----------
> From: Rich Graves <rich at c2.org>
> To: cypherpunks at toad.com
> Subject: Re: Husband/Wife jailed for saying Clinton Sucks
> Date: Wednesday, August 21, 1996 5:12 AM
> 
> On Tue, 20 Aug 1996, Z.B. wrote:
> 
> > Published in Washington, D.C.   July 9, 1996
> > Insult to Clinton leads to 2 arrests
> > 
> > ------------------------------------------------------
> > By Ruth Larson
> > THE WASHINGTON TIMES
> > ------------------------------------------------------
> 
> I think you should try a more credible paper. Say, Scientology's Freedom
> Magazine, rather than the Moonies'. You are of course free to believe
> whatever you wish.
> 
> -rich

Actually it very well could of happened.  I am ex-Navy and for military
peronell it is made clear that anyone military or not that slanders,
degrades, or in any way threatens or degrades the President (commander in
chief) is subject to arrest, imprissionment and/or fines.  Of course this
usually doesnt happen cause only the real wacked out Clinton rules gov.
employees would enforce this.  But you never know!






From unicorn at schloss.li  Thu Aug 22 01:21:24 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Thu, 22 Aug 1996 16:21:24 +0800
Subject: Any CPs in D.C.?
In-Reply-To: <Pine.3.89.9608211445.A23772-0100000@netcom14>
Message-ID: <Pine.SUN.3.94.960822022123.26991A-100000@polaris>


On Wed, 21 Aug 1996, Lucky Green wrote:

> I will be in D.C. through Saturday. I'd like to meet some Cypherpunks 
> that feel like getting to know what Lucky looks like :-)
> 
> If you are in D.C., give me a call at my hotel.
> (202) 682-0111 x440

Are you in D.C. now?

Perhaps a drink would be in order?

> 
> --Lucky
> 
> 
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From npoznick at Harding.edu  Thu Aug 22 01:22:10 1996
From: npoznick at Harding.edu (nathan poznick)
Date: Thu, 22 Aug 1996 16:22:10 +0800
Subject: Husband/Wife jailed for saying Clinton SucksHusband/Wife jailedfor say
In-Reply-To: <199608220141.SAA05126@idiom.com>
Message-ID: <Pine.SOL.3.94.960822012737.28294B-100000@taz>


On Wed, 21 Aug 1996, John C. Randolph wrote:

> Well, wouldn't that require a president who had a clear conscience?
> I don't think we've had one of those since Eisenhower!

you think Eisenhower had a clear concience???
think of all the nuclear testing that went on during his time in office...

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^		             Nathan Poznick				 ^
^	        	 <npoznick at harding.edu>				 ^
^                    http://www.harding.edu/~npoznick			 ^
^									 ^
^                  "640k should be enough for anybody."			 ^
^									 ^
^		          --Bill Gates, 1981--				 ^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^






From pgut001 at cs.auckland.ac.nz  Thu Aug 22 02:16:37 1996
From: pgut001 at cs.auckland.ac.nz (pgut001 at cs.auckland.ac.nz)
Date: Thu, 22 Aug 1996 17:16:37 +0800
Subject: SSL: The early days
Message-ID: <84069694413671@cs26.cs.auckland.ac.nz>


I've been trying to find information about the early days of SSL for a paper 
I'm writing, but I'm finding that someone's comment about the net having a 
collective memory of about 12 months seems to be true - there doesn't seem to 
be anything available going back more than a year or so.  In particular I'm 
interested in:
 
- Why/how/when did Netscape decide on SSL?
- How long did it take to design the first version?
- I've heard a rumour that when it was first presented at a conference, two 
  people independantly broke it before the speaker sat down.  Is this true, 
  and what conference was it?
 
The later work on SSL (an open design process, contributions from 
cryptographers and security experts, IETF standards-track work, etc etc) is 
well documented, but information on earlier work is hard to find.  Does anyone 
have any pointers to information I could work from?
 
Peter.






From rich at c2.org  Thu Aug 22 02:46:23 1996
From: rich at c2.org (Rich Graves)
Date: Thu, 22 Aug 1996 17:46:23 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <ae40eda80f0210043236@[205.199.118.202]>
Message-ID: <Pine.GUL.3.95.960821222559.21597D-100000@Networking.Stanford.EDU>


On Wed, 21 Aug 1996, Timothy C. May wrote:

> At 6:47 PM 8/21/96, Brian Davis wrote:
> >On Tue, 20 Aug 1996 Scottauge at aol.com wrote:
> >
> >> Rush Limbaugh reports:
     ^^^^^^^^^^^^^^^^^^^^^
[...]
> Well, I agree that saying "I hope you die" is a tad bit more serious than
> "You suck, and those boys died."
> 
> If these additional words were spoken, why didn't the SS reveal them early
> on? (Or, if they did, why did the news reports not mention them?)

"News Reports"? Jesus.

-rich






From mpd at netcom.com  Thu Aug 22 03:10:28 1996
From: mpd at netcom.com (Mike Duvos)
Date: Thu, 22 Aug 1996 18:10:28 +0800
Subject: [noise]Re: The grey lady puts on some boots and rides a horseman or two...
In-Reply-To: <321BF202.3791@void.gov>
Message-ID: <199608220550.WAA17101@netcom13.netcom.com>


Someone wrote:

> What ******I'm******* afraid of is another Richard Davis coming after
> my daughters.

> In case you don't know, he's the fuckhead who killed 12 yr old Polly
> Klaas after abducting her from her bedroom while her mother slept in
> the other room.

Oh, we know about it all right.  We've heard nothing else on the news
for months on end.  A little war of sound bytes to the exclusion of
the hundreds of other children who were killed by their own parents
during the time we were fed this one-in-a-million occurrence as some
sort of prototypical child danger. 

Someone in "another newsgroup" recently commented that by the end of 
the trial, he was ready to vote the death penalty for Polly's father,
if that was the only way to make the man shut up. :)

Despite such press antics, home is still the most dangerous place 
for a child, and the parents are the most likely perps if a child
comes to harm.  

Being kidnapped out of your bedroom by a stranger probably ranks
below random lightning strikes as something kids need to worry about. 

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $







From bdavis at thepoint.net  Thu Aug 22 03:35:03 1996
From: bdavis at thepoint.net (Brian Davis)
Date: Thu, 22 Aug 1996 18:35:03 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <199608220351.UAA01292@mail.pacifier.com>
Message-ID: <Pine.BSF.3.91.960822040344.10490A-100000@mercury.thepoint.net>


On Wed, 21 Aug 1996, jim bell wrote:

> At 10:55 PM 8/21/96 -0400, Brian Davis wrote:
> 
> >> 
> >> Makes me wonder whether visiting one of these appearances with a "Clinton 
> >> Doll" and a bunch of pins, and visibly inserting those pins into the doll 
> >> (while uttering various strange incantations), would constitute a "threat."
> >> 
> >> Frankly, I'd rather have a president who didn't feel the need to be 
> >> protected by thugs.
> >
> >That's because you like dead Presidents. 
> >
> 
> $50's and $100's are great!

You don't get them unless AP works.

EBD


> 
> (I also like old fat dead philosophers, as well.)
> 
> 
> Jim Bell
> jimbell at pacifier.com
> 





From peter.allan at aeat.co.uk  Thu Aug 22 07:06:09 1996
From: peter.allan at aeat.co.uk (Peter M Allan)
Date: Thu, 22 Aug 1996 22:06:09 +0800
Subject: cryptoanalysis 002
Message-ID: <9608221149.AA13676@clare.risley.aeat.co.uk>



> From: Scottauge at aol.com
> Date: Tue, 20 Aug 1996 18:36:45 -0400
> Subject: cryptoanalysis 002

> For example, if the crypto-alphabet for e is 23, 45, 190, 200, etc, one can
> remove some of the frequency for a letter.  This definately makes it harder
> to attack with the frequency analysis method because the "resolution" of the
> distribution for the letter is lessened to a near randomness.  (So it looks,
> there are still clues, eh?)

I think (from memory) this is called "homoalphabetic".

Encyclopaedia Brittanica (Cryptology - article by Gus Simmons)
says that it is still vulnerable to frequencies of digraphs, trigraphs
etc.  But even Gauss was keen on it once.

I guess it might have value as a part of another system, making a known plaintext
into one of many.  Whether it's worth the increased cyphertext size in a system
you'd hope to be immune to known plaintext attacks anyway is another question.

PA






From rah at shipwright.com  Thu Aug 22 07:52:48 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Thu, 22 Aug 1996 22:52:48 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <199608220141.SAA05126@idiom.com>
Message-ID: <v0300780bae41f8c1831d@[206.119.69.46]>


At 2:28 AM -0400 8/22/96, nathan poznick wrote:
> you think Eisenhower had a clear concience???
> think of all the nuclear testing that went on during his time in office...

... Which he did with a clear conscience.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From dlv at bwalk.dm.com  Thu Aug 22 08:48:59 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Thu, 22 Aug 1996 23:48:59 +0800
Subject: Any CPs in D.C.?
In-Reply-To: <Pine.SUN.3.94.960822022123.26991A-100000@polaris>
Message-ID: <s792sD80w165w@bwalk.dm.com>


Black Unicorn <unicorn at schloss.li> writes:
> Are you in D.C. now?
>
> Perhaps a drink would be in order?

I'll be at InfoWarCon in Arlington Sept 4-6.

Any Usenet Cabal affiliates want to be spat on in person? :-)

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From daemon at anon.penet.fi  Thu Aug 22 08:56:49 1996
From: daemon at anon.penet.fi (daemon at anon.penet.fi)
Date: Thu, 22 Aug 1996 23:56:49 +0800
Subject: Anonymous password changed.
Message-ID: <9608221230.AA08592@anon.penet.fi>


You have requested the replacement or assignment of your anonymous password.
Your password is now x4anarchy.






From dlv at bwalk.dm.com  Thu Aug 22 09:03:19 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Fri, 23 Aug 1996 00:03:19 +0800
Subject: usenet not working with Agent now.
In-Reply-To: <199608220408.VAA02413@mail.pacifier.com>
Message-ID: <Ry92sD77w165w@bwalk.dm.com>


jim bell <jimbell at pacifier.com> writes:

> Agent keeps reporting bad server.

What's the cryptorelevance?

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From dlv at bwalk.dm.com  Thu Aug 22 09:06:29 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Fri, 23 Aug 1996 00:06:29 +0800
Subject: Canada Imprisons People For Human Rights Activity
In-Reply-To: <199608220417.VAA06243@adnetsol.adnetsol.com>
Message-ID: <4Z92sD78w165w@bwalk.dm.com>


"Ross Wright" <rwright at adnetsol.com> writes:

> On Or About 21 Aug 96, 22:15, Dr.Dimitri Vulis KOTM wrote:
>
> > Alaska rightfully belongs to Russia, as do California and Hawaii.
> >
>
> No way.  We bought that stuff.  Then we spent the USSR into the dark
> ages, winning the Cold War.  Right?  Huh? What?

Wrong - it was a 99-year lease.

> Ross (Boy do I Hate Those Pesky Spammers) Wright

Protect free speech - support your local pesky spammer.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From blane at aa.net  Thu Aug 22 10:25:06 1996
From: blane at aa.net (Brian C. Lane)
Date: Fri, 23 Aug 1996 01:25:06 +0800
Subject: SpamBot
Message-ID: <321c65db.721494@mail.aa.net>



  Well, with all the other noise in the list lately, I'll add a little of
my own. I woke up today to find my mailbox filled with 20 messages from a
'careernetonline.com' offering to spread my resume across the net for $60.

  It was one of those terrorist spams where they apologize for wasting your
time and tell you that you can stop getting spammed by replying to the
message. Well, I really hate giving in to terrorists, no matter what form
they take. And I'm sick and tired of spam.

  So, I'm starting a project called SpamBot. You feed it a message and a
list of addresses and the bot send the message to those addresses until
they reply with an appropriate message indicating that they are at least
looking into the problem.

  Some people may say that this is sinking to their level. So it is, but I
think its time that system administrators realized that there are people
who don't appreciate being the target for shotgun marketing schemes (none
of which have been of any use to me).

  Watch my webpage for more info on this helpful little bot.

    Brian

------- <blane at aa.net> -------------------- <http://www.aa.net/~blane> -------
       "Extremism in the defense of Liberty is no vice" - B. Goldwater
==============  11 99 3D DB 63 4D 0B 22  15 DC 5A 12 71 DE EE 36  ============





From declan at eff.org  Thu Aug 22 11:25:00 1996
From: declan at eff.org (Declan McCullagh)
Date: Fri, 23 Aug 1996 02:25:00 +0800
Subject: [noise]Re: The grey lady puts on some boots and rides a horseman or two...
In-Reply-To: <199608220550.WAA17101@netcom13.netcom.com>
Message-ID: <Pine.SUN.3.91.960822073457.9687H-100000@eff.org>


On Wed, 21 Aug 1996, Mike Duvos wrote:

> Someone wrote:
> 
> > What ******I'm******* afraid of is another Richard Davis coming after
> > my daughters.
> 
> > In case you don't know, he's the fuckhead who killed 12 yr old Polly
> > Klaas after abducting her from her bedroom while her mother slept in
> > the other room.
> 
> Oh, we know about it all right.  We've heard nothing else on the news
> for months on end.  A little war of sound bytes to the exclusion of
> the hundreds of other children who were killed by their own parents
> during the time we were fed this one-in-a-million occurrence as some
> sort of prototypical child danger. 
> 
> Someone in "another newsgroup" recently commented that by the end of 
> the trial, he was ready to vote the death penalty for Polly's father,
> if that was the only way to make the man shut up. :)

I met Polly's father at the "Kids off Lists" press conference in front of
the Capitol in June. He's an irascable fellow, and there's more to the
story than you might think at first. 

Check out part of Brock's Muckraker column I've attached below.

-Declan





// declan at eff.org // I do not represent the EFF // declan at well.com //

http://www.muckraker.com/muckraker/96/24/index3a.html

Muckraker
By Brock Meeks
June 12 1996


Teach Your Children Well, or Else ...

My kids are info subversives. I should know. I taught them everything I
know about the subject.

My kids know not to give out their telephone number or address to any
yahoo who asks for it on the street or phone. If pressed for such
information, they simply make up a number or address or zip code.

Those lessons have transferred to the online world, too. So when
prompted for personal information while netsurfing, my kids either jet
over to another site or simply fill in the blanks with bogus info.

My question is: What the hell are other parents doing? We live in an
information culture; no amount of bitching about how today's kids are
"smarter than we are" and none of the all-too-tired whining about how
"I have to ask my 10-year-old to program the VCR" will make this fact
any less true. Parents need to take more responsibility. The fight over
the Communications Decency Act raised the same point.

How best to protect kids from unrelenting Internet info scavengers is
now a topic of national debate, and the long arm of Congress and
regulatory agencies is reaching into the sandbox.

The issue ignited with an overheated report from the well-respected
Center for Media Education. These folks have done some great work in
the past, such as hammering the television networks for trying to pass
off Saturday morning cartoons as "educational programming." But when
they released their "Web of Deception" study, the group went over the
edge into Timothy Leary land - rest his soul.

That report overhyped a very real concern: Some companies use Web sites
as bait to entice kids to provide a wealth of information about
themselves, which can then be cranked into a database and crunched
every which way.

The report drove Representative Bob Franks (R-New Jersey) and Senator
Dianne Feinstein (D-California) to introduce the "Children's Privacy
Protection and Parental Empowerment Act." The idea is to keep kids'
names off direct marketing lists. It's a good concept, but it's short
on focus and long on fear - the fear that gathering such information
can lead to child abuse or worse.

A group called "Kids Off Lists" (KOL) was on hand during a PR event to
help juice the introduction of the bill. Heading that group is Marc
Klaas, whose claim to fame is that he's the father of Polly Klaas, the
12-year-old California girl who in 1994 was abducted from a slumber
party and murdered. Klaas's personal tragedy lends a twisted emotional
and impassioned draw to the issue.

During that event, a direct mail company called Metromail, a subsidiary
of the publishing giant R.R. Donnelley & Sons, was singled out as evil
incarnate for its practice of selling information on kids via a 900
telephone number. KOL showed off a flyer that offers US$5,000 for
information leading to the conviction of anyone who has used
information from such a company to "locate and harm a child."

But there's a subplot here. The actual driving force and financial
backer of KOL is John Phillips, who runs Aristotle Publishing, a
political software company in Washington, DC. Phillips, as it turns
out, has been in a kind of run-and-shoot legal battle with Donnelley
for the past five years, according to an article in the Washington City
Paper, an alternative weekly published in DC.

Phillips and Donnelley clashed over a soured deal involving Aristotle
and Metromail. Phillips sued for $5.3 million, and Metromail settled in
1995 for $2.7 million, according to the City Paper article. But
Phillips refused to let up and has funded KOL to keep the pressure on
Donnelley and Metromail. On 7 March, Donnelley said it would sell off
its majority holding in Metromail.

All this emotion spilled over and caught the attention of the Federal
Trade Commission. Jodie Bernstein, director of the agency's Bureau of
Consumer Protection, said that the "focus" of its two-day hearing last
week was "children in cyberspace" with questions aimed at finding out
"what's happening" with information collection on kids in cyberspace.
"We are not looking to prosecute but to educate and report," he said.

[...]






From reagle at rpcp.mit.edu  Thu Aug 22 11:30:35 1996
From: reagle at rpcp.mit.edu (Joseph M. Reagle Jr.)
Date: Fri, 23 Aug 1996 02:30:35 +0800
Subject: Asia seen having appetite for Internet banking
Message-ID: <2.2.32.19960822150701.0074c1b8@206.33.128.129>


		 
>	 NEW DELHI, Aug 21 (Reuter) - Asian nations are eager to make  
>use of the Internet in the field of banking and finance to meet 
>individual country's needs, a senior official of computer group 
>Hewlett-Packard Co said on Wednesday. 
>	 ``The response through the region is quite phenomenal,'' Jeff  
>Ayton, the region's director of marketing in the financial 
>services division of Hewlett-Packard, told Reuters in an 
>interview. 
>	 He said a Hewlett-Packard roadshow he held across the region  
>revealed a keen interest in the use of Internet in banking and 
>insurance. Internet experts say customers can use the network to 
>transact business and banks can improve communications and 
>customer service with its help. 
>	 ``I don't think any Asian country wants to be left behind,''  
>he said, but added that the exact level of sophistication in the 
>demand generated would depend on customer needs and 
>infrastructure facilities in each nation. 
>	 With even rural areas now linked via satellites, there is a  
>big potential for Internet-linked business in huge emerging 
>markets, he said. 
>	 ``Satellite technology is what will help in countries like  
>China and India,'' he said, referring to their own satellite 
>launch programmes. 
>	 Ayton said he had found interest in using the Internet in  
>banking in the Philippines, Hong Kong, Malaysia, Thailand, 
>Singapore, Taiwan and South Korea. 
>	 Hewlett-Packard officials say that countries like India  
>could leapfrog in computer networking technology because they 
>have not yet invested huge amounts in computer infrastructure. 
>	 Ayton said he was scheduled to meet Indian banking officials  
>next week to discuss Internet-related possibilities in the 
>field. 
>	 Kapi Attawar, a senior Hewlett-Packard official dealing with  
>emerging markets, said his company saw particular potential for 
>the ``Intranet''. The latter enables local networks within 
>companies to be linked to the worldwide information highway. 
>	 Many Indian companies already had local computing networks  
>using basic data transmission facilities which may be used to 
>hook on to Internet, Attawar said. 
>  	   	
>
>
_______________________
Regards,            Nothing great was ever achieved without enthusiasm. 
		    -Ralph Waldo Emerson
Joseph  Reagle      http://rpcp.mit.edu/~reagle/home.html
reagle at mit.edu      E0 D5 B2 05 B6 12 DA 65  BE 4D E3 C1 6A 66 25 4E






From declan at well.com  Thu Aug 22 11:58:28 1996
From: declan at well.com (Declan McCullagh)
Date: Fri, 23 Aug 1996 02:58:28 +0800
Subject: Republican and Democratic party platforms on technology
Message-ID: <v01510103ae4232dcce6d@[204.62.128.229]>


Dole's cosponsorship of Pro-CODE was a way to land some California votes
and a way to differentiate himself from Clinton, nothing more.

A statement he released on May 2 bashed the White House: "The
administration apparently thinks very little of the right to privacy -- it
presumes the government is entitled to all the so-called 'keys'  or secret
passwords which protect computer generate [sic] information from prying
yes..."

I predict that if he were to win, we'd see the fastest policy turnaround
ever. The moment he was inaugurated, Dole would pick up where Clinton left
off. Clipper IV, here we come...

But the benefit of having a pro-privacy statement in the platform (which in
fact was watered down significantly from that originally proposed by
advocates on our side) is that the platform covers Republican Party
candidates for any office, not just the presidency.

I'm told that the a Dem convention speaker may talk about privacy issues,
however.

-Declan



Tim writes, quoting me:

>Sure, the rhetoric might be slightly different under a Dole presidency. The
>focus would be on "halting the spread of abortion information on the Net"
>and "plotting by Communists using unbreakable cryptography."
>
>>(Contrast both parties with the Libertarians, which have a sterling
>>commitment to online civil liberties, reflected in the platform approved at
>>their convention last month.)
>
>I certainly plan to vote for Harry Browne, their candidate, even if voting
>only encourages the process.
>
>I first read Browne's stuff back in 1973, and, a few years later, his
>wonderful and "Zen Calvinist" (my term) book, "How I Found Freedom in an
>Unfree World," which I still recommend to people. As far as I'm concerned,
>Browne is the strongest candidate ever fielded by the Libertarian Party.








From reagle at rpcp.mit.edu  Thu Aug 22 12:06:02 1996
From: reagle at rpcp.mit.edu (Joseph M. Reagle Jr.)
Date: Fri, 23 Aug 1996 03:06:02 +0800
Subject: Court rules faxes are not binding
Message-ID: <2.2.32.19960822150702.0072b21c@206.33.128.129>


  	  				 
>	CINCINNATI, Aug. 21 (UPI) -- A federal appellate court in Cincinnati  
>ruled this week that faxes are not necessarily legally binding if the 
>receiving party does not know the communication is coming. 
>	The case stemmed from a 1991-92 strike by 200 Clow Water System Co.  
>workers who were represented by the United Steelworkers. 
>	The court ruled the Coshocton company, a division of McWane Inc., did  
>not violate federal labor law when it hired replacement workers after 
>the union transmitted an unconditional fax offer to return to work in 
>February 1992. 
>	The union sent its offer by fax at 4:35 p.m. on a Friday, 25 minutes  
>before the plant closed for the day. The intended recipient claimed he 
>checked for any communications at 4:30, and when he saw there weren't 
>any, went home. 
>	On Saturday, Clow hired 80 replacement workers.  
>	The National Labor Relations Board later held that actual knowledge  
>of the fax was not required. The board said the parties had communicated 
>by facsimile during their negotiations, and that the facsimile was sent 
>and received. 
>	But the appellate court said the union had sent only four facsimile  
>transmissions during 13 months of negotiations. 
>	``All of these facsimiles contained contract proposals -- a  
>communication intended to be examined and considered, not a 
>communication having legal import in and of itself,'' the court said, 
>ordering the NLRB ruling against Clow must be re-evaluated. 
>	The court said facsimile and electronic mail are becoming  
>increasingly common forms of business communication, however, both 
>parties must agree to the use of such media and must be notified when 
>messages are sent. 
>	``The critical part of this case is that (the fax) was sent only 25  
>minutes before the plant closed,'' David Peck, a lawyer with Taft, 
>Stettinius & Hollister, the law firm that represented Clow, told United 
>Press International Wednesday. ``Normal courtesy is to call first and 
>again after to confirm that a fax has been received.'' 
>	The union claimed Clow committed an unfair labor practice by  
>permanently replacing economic strikers after the union made an 
>unconditional offer, as required by federal law, to return to work. 
>	But the court said the fax transmission itself wasn't the issue.  
>	``The key to this case is simply fair notice,'' the court said in its  
>decision. ``If the parties did not agree to the method of communication 
>utilized, and if there is no pattern of conduct reflecting acquiescence 
>to the method of communication utilized, we will not impute notice of 
>the communication to the recipient. 
>	``Communication by facsimile has simplified and streamlined the way  
>in which business in conducted in this country,'' the court added. 
>``This technological advance provides a valuable service and benefit, 
>and our holding should not be taken as an indication that parties should 
>not use facsimiles to conduct their affairs.'' 
>--	 
>		   C O P Y R I G H T * R E M I N D E R 	
>
>   This article is Copyright 1996 by United Press International.  
>   All articles in the clari.* news hierarchy are Copyrighted and licenced  
>to ClariNet Communications Corp. for distribution.  Except for articles 
>in the biz.clarinet.sample newsgroup, only paid subscribers may access 
>these articles. Any unauthorized access, reproduction or transmission 
>is strictly prohibited. 
>   We offer a reward to the person who first provides us with  
>information that helps stop those who distribute or receive our news 
>feeds without authorization. Please send reports to reward at clari.net. 
>[Use info at clari.net for sales or other inquiries.] 
>
>   Details on use of ClariNet material and other info can be found in  
>the user documentation section of our web page: <http://www.clari.net>. 
>You can also read ClariNet news from your Web browser. 
>  	   	
>
>
_______________________
Regards,            Nothing great was ever achieved without enthusiasm. 
		    -Ralph Waldo Emerson
Joseph  Reagle      http://rpcp.mit.edu/~reagle/home.html
reagle at mit.edu      E0 D5 B2 05 B6 12 DA 65  BE 4D E3 C1 6A 66 25 4E






From wb8foz at nrk.com  Thu Aug 22 13:12:00 1996
From: wb8foz at nrk.com (David Lesher)
Date: Fri, 23 Aug 1996 04:12:00 +0800
Subject: Any CPs in D.C.?
In-Reply-To: <s792sD80w165w@bwalk.dm.com>
Message-ID: <199608221608.MAA01581@nrk.com>


> 
> Black Unicorn <unicorn at schloss.li> writes:
> > Are you in D.C. now?
> >
> > Perhaps a drink would be in order?

There is the dccp at eff.org list. You guys missed our Cryto
Museum talk [w/ employee sponsor!!] by Carl Ellison.

At least two dccp'ers will be at the Linux InstallFest
Sat [http://linux.wauug.org/fest.html]....

-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433






From bkmarsh at feist.com  Thu Aug 22 13:57:18 1996
From: bkmarsh at feist.com (Bruce M.)
Date: Fri, 23 Aug 1996 04:57:18 +0800
Subject: USPS
In-Reply-To: <9608212250.AA14289@cow.net>
Message-ID: <Pine.BSI.3.91.960822120220.8472A-100000@wichita.fn.net>


On Wed, 21 Aug 1996, Bovine Remailer wrote:

> The Postal service is working on a new postage method, 2 key signature, which will be unique to each "postal unit" ( stamp ) the signature will be
> logged when you buy the stamps....No more anon. snail mail......
> 
> Just thought you'd like to know !

   In related news...

Web Week, July 8, 1996, p3
-

    In an effort to do its part to nuture electronic commerce, the U.S. 
Postal Service is launching a pilot project this summer to test the 
electronic postmarking of documents sent over the Web.

    The electronic postmark--a time and dte stamp--will carry the full 
legal weight of the postmark on standard mail, including the Postal 
Service's authority to investigate tampering.

[....]

    The Postal Service's attorneys have told the USPS that the tampering 
part of the current federal law would transfer to the electronic space, 
and that the mail fraud portion might also apply...

    "We're a trusted third party," Saunders said.  "We don't have any 
interest in learning your trade secrets.  Congress oversees our actions.  
Our customers have found that of value."

    Electronic postmarking is one of two services that the USPS intends 
to launch into cyberspace.  The second is a certificate-authority 
service, in which people can take a public encryption key and register it 
with the Postal Service for general use on the Internet.

    There will be three levels of security offered: simple online 
registration; a physical verification of identity; and the highest level, 
which requires electronic THUMBPRINTS.  The certification program will 
pilot-test in the fall and will be available to the public by the end of 
the year.  The price will be $10 to $15, Raines said.  The certificates 
will last one to three years, specified at registration.

    Cylink Corp,...is providing the public-key encryption and certificate-
issuing technology fo the Postal Service, basd on the company's patented 
Diffie-Hellman public-key cryptography scheme.  Neither the Postal 
Service nor Cylink executives would discuss the use of those technologies.

[Information about how their software will be integrated into software by 
Microsoft, Lotus and Netscape]

[....]

    The Postal Service plans to add follow-up services, including an 
electronic return-receipt program and time-specific delivery.

[Talk about how great it would be to mail in your tax return with delayed 
delivery]

[They say that Verisign is the alleged only real competitor in the 
certificate market]

--
                       ________________________________
                      [ Bruce M. - Feist Systems, Inc. ]
                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     "Official estimates show that more than 120 countries have or are 
      developing [information warfare] capabilities." -GAO/AIMD-96-84
                         So, what is your excuse now?







From koontz at netapp.com  Thu Aug 22 14:16:07 1996
From: koontz at netapp.com (Dave Koontz)
Date: Fri, 23 Aug 1996 05:16:07 +0800
Subject: Canada Imprisons People For Human Rights Activity
Message-ID: <9608221725.AA02571@elgreco.netapp.com>


>OK, so what would happen if I organized a party with the proclaimed goal
>of secession of Oklahoma from the United States?

You'd be overwhelmed with contributions?





From m1tca00 at FRB.GOV  Thu Aug 22 14:21:40 1996
From: m1tca00 at FRB.GOV (Thomas C. Allard)
Date: Fri, 23 Aug 1996 05:21:40 +0800
Subject: U.S. Army Private Faces Spying Charges
Message-ID: <9608221711.AA00368@bksmp2.FRB.GOV>



source: http://www.yahoo.com/headlines/960821/news/stories/spy_1.html

U.S. Army Private Faces Spying Charges

WASHINGTON (Reuter) - The U.S. Army said Wednesday it had charged a
20-year-old computer specialist with espionage and computer crimes in a
case that the soldier's parents said involved a Chinese national.

Pfc. Eric Jenott of the 50th Signal Battalion at Fort Bragg, North
Carolina, was formally charged June 28 and is in a Marine Corps jail in
Camp Lejeune, North Carolina, awaiting court-martial, the army said.

``The case involves classified information and matters pertaining to
national security,'' a three-paragraph statement from Fort Bragg, home
of the Army's 18th Airborne Corps, said. It said many of the case's
details were too sensitive to disclose.

Jenott has been charged with giving ``secret computer passwords relating
to the national defense'' to a Mr. Lee, ``a citizen of a foreign
nation,'' his lawyer said, reading from the charge sheet. He also faces
charges of destruction of government property and larceny.

The charge sheet alleged Jenott disclosed the passwords between April
and June ``with the intent or reason to believe it would be used to the
injury of the United States or to the advantage of a foreign nation.''

It said the passwords ``directly concerned communications
intelligence,'' among the most closely guarded U.S. secrets.

Jenott is facing a general court-martial, the most serious kind, and
a possible life sentence if convicted, his lawyer, Timothy Dunn, of
Fayetteville, North Carolina, said in a telephone interview.

He said his client was ``not a criminal'' but had broken into a
supposedly impenetrable system after advising his superiors of defects
in the security system. Dunn declined to discuss the system because
of what he called the case's sensitive nature and national security
implications.

John Jenott said his son, a fluent Chinese speaker whom he described as
a ``computer genius'' with a longstanding interest in China, had given a
young Chinese friend what the son described as an unclassified computer
code.

He said his son knew the person to whom he gave the code from one
of several trips he had made to China. His son, ``not your average
kid-out-on-a-skateboard-type guy,'' could read and write Chinese and
lived with a Chinese family in Vancouver, Canada, for about a year when
he was in high school, the father added.

He said his son told him that before giving away the code, he had
been trying to show his superiors a security flaw in a sensitive
communication system and eventually demonstrated he could get secret
data without authorization.

``He was trying to say we have a weakness,'' John Jenott said in a
telephone interview from his home in Graham, Washington. ``This stuff
about being a spy -- it's ridiculous.'' His stepmother, Kelly Jenott,
said, ``They're blowing this way out of proportion.''

His father said an Army major at Fort Bragg, whom he declined to name,
had urged him to persuade his son to sign a confession, so prosecutors
would not seek the death penalty.

Jenott said his son had told him, ``Dad, I'd rather die than sign
that.''

``He said it's not true. He said, 'I'm not a spy. I didn't commit
espionage. And I'm not going to sign something that says I did,'''
Jenott said.

 -30-

rgds-- TA  (tallard at frb.gov)
I don't speak for the Federal Reserve Board, it doesn't speak for me.
pgp fingerprint: 10 49 F5 24 F1 D9 A7 D6  DE 14 25 C8 C0 E2 57 9D







From declan at well.com  Thu Aug 22 14:26:03 1996
From: declan at well.com (Declan McCullagh)
Date: Fri, 23 Aug 1996 05:26:03 +0800
Subject: "Freedom on Trial," from October 1996 Playboy
Message-ID: <v01510108ae42522427bb@[204.62.128.229]>


[Some excerpts follow. Pick up the October issue for the full article. --Declan]



Playboy, October 1996
"Freedom on Trial: how the communications decency act played in court"

By Declan McCullagh (declan at well.com)


Day 1 (March 21)

In the shadow of the Liberty Bell in downtown Philadelphia, the future of
online liberty is being decided. A panel of federal judges has gathered
to hear a challenge to the Communications Decency Act, which bans
"indecent" or "patently offensive" material from being transmitted or
displayed online where minors might access it. That means just about
anywhere online.

[...]



Day 2 (March 22)

A key witness today is Robert Croneberger of the Carnegie Library of
Pittsburgh. The judges are pleased with his description of the
Internet as a library -- finally, someone who isn't using technobabble.
Croneberger testifies about the difficulties and expense of implementing
the CDA, noting that his library would have to hire 180 people to review
and censor the 2 million listings in its catalog. Russotto, the
government lawyer, is skeptical. During her cross-exam, she tries to make
the case that the job wouldn't be so difficult as Croneberger portrays it.

Q: Can you do a keyword search through your catalog for words related to
sex or for the seven dirty words [to find material to restrict]?
A: It depends.
Q: But a keyword search on sex wouldn't turn up books about physics,
would it?
A: I doubt it.
Q: And a search on sex isn't going to turn up books about gardening?
A: Obviously plants proliferate and flowers grow, but it depends on the
words you're using.
Q: Would a search on sex turn up a biography of Abraham Lincoln?
A: I've read many articles about his supposed sex life, or lack thereof.
Q: Would a search on sex turn up any books about geology?
A: Only if "rock" is put together with "roll."

Croneberger's point is subtle but clear. Sex can't be taken out of a
library any more easily than it can be separated from life.

[...]



Day 4 (April 12)

The government witnesses take the stand. First up is Howard Schmidt,
an Air Force special agent who says he has conducted 30 to 50
investigations of online porn. The judges are growing weary of
demonstrations and sex, so when Schmidt offers to download provocative
images from Usenet groups, the panel asks for G-rated animals instead.
After the second or third waterfowl image, Judge Sloviter rules, "I think
we've seen enough ducks."

[...]

Beyond its sheer stupidity, [Carnegie Mellon University computer scientist
Dan Olsen's -L18 self-labelling scheme] seems to be built with prudery
rather than technology. During cross-examination, the judges didn't appear
to take him seriously:

Q: If you thought about posting a centerfold from Playboy, would you
think the image might be indecent or patently offensive for persons under
18?
A; If we consider the local community that consists of Dan, Dan would be
offended.
Q: And how about the seven dirty words.
A: Dan would be offended.
Judge Buckwalter: Who's Dan?
Judge Sloviter: Yes, who's Dan?
A: That's me. I'm sorry.
Judge Dalzell: Oh, he's the community. He is an expert on what would
offend him.
A: It's a relatively small community, but it's the one I know best.
Buckwalter: I thought Dan was an acronym.

A moment later, our lawyers show Olsen a list of Internet addresses and
ask if they appear to be porn sites deserving of unsuitable-for-children
tags. He hesitates, then says, "I don't know, but I wouldn't go there."

Looking over the list, Judge Dalzell adds the punch line. "Chick of the
Day could be poultry," he suggests.

"You really are in for ducks and poultry," says Judge Sloviter.

"It's a leitmotif."

Bruce Ennis, counsel for the ALA, asks Olsen how content providers would
verify the ages of those who visit their sites. Olsen stammers a bit and
then hits on an idea. Ask the Social Security Administration! It keeps
records of such things.

Big Brother couldn't have said it better.



Day 5 (April 15)

The government has a tough road ahead. It has to convince three skeptical
judges that enforcing the CDA would not become a boondoggle. Olsen, at least,
believes it can be done. When asked if his rating system would slow the
growth of the Net, he quickly responds, "Absolutely not!"

But everyone in the courtroom seems to feel Olsen is being a weasel.
Judge Dalzell, the most Net-savvy judge and the only one with young kids
(I'm guessing the two are related), helps pin the inventor down. "Assume
a chat group -- say, students from 13 to 18 -- is talking about the CDA.
In the course of the chat, an 18-year-old is exasperated and types in
'Fuck the CDA.' Is it your proposal that before he types the message, he
should tag it -L18?"

Dalzell is paraphrasing Cohen v. California, a First Amendment case in
which the Supreme Court overturned the conviction of a teenager who wore
a jacket that read "Fuck The Draft."

Some of Dalzell's other questions were equally astute. "If in one issue of
The Economist the word 'fuck' appears," he asks Olsen, "the library
putting it online would have to go through the entire issue?"

"Somebody would have to make that judgement," Olsen replies. He suggests
that librarians band together to censor material. He insists his plan is
"flexible." To that, Bruce Ennis reponds testily, "Is it flexible if you,
the librarian, risk going to jail for two years if you make the wrong
judgment and put material online that is found to be patently offensive
for a minor?"

[...]

Sloviter isn't finished. After Olsen claims that a voluntary rating
system developed at MIT is unfeasible because it will "slow the flow"
online, she asks how an adult could show -L18 tagged materials to a
mature teenager. Olsen replies that a "teacher or parent could log on."

"Wouldn't that slow the flow?" the judge asks.

Flustered, Olsen suddenly discharges a series of staccato high-pitched
giggles. It's the damnedest thing that I have ever heard -- it sounds
like a rabbit being tortured to death. The galley stares in horror.

Thus ends the testimony of our best witness -- and we didn't even call
him to the stand.



Day 6 (May 10)

During closing arguments, Justice attorney Tony Coppolino dances around
providing a legal definition for indecency. He hints that it would
include only hard-core porn but concedes the government can't guarantee
that an ambitious prosecutor somewhere wouldn't take on an absurd case.

Judge Sloviter is growing impatient: "I've been taking the position for
17 years that people should know what they can be prosecuted for," she
says "I still don't understand" what indecency means under the CDA.

"We've been trying to get at this for 40 minutes," grumbles Judge
Dalzell.

[...]



EPILOGUE

We have won -- for now. The government's appeal will reach the Supreme
Court during the next few months. If the Court upholds the lower court
decision, outraged right-wing groups will demand action. Congress will
spring to attention. Bills will be drawn up, campaign funds raised, and
porn once again waved in the Senate chamber.

Censorship is often championed by adults who want to protect children
from a world the adults do not understand. During the hearing, Judge
Buckwalter raised this issue while discussing the computer gap between
parents and children that helps fuel fears of online dangers. "In another
generation that will fade from the picture, don't you think?" he asked.
Archaic restrictions over what we can share online, however, may not.

###







From frantz at netcom.com  Thu Aug 22 14:37:29 1996
From: frantz at netcom.com (Bill Frantz)
Date: Fri, 23 Aug 1996 05:37:29 +0800
Subject: RC4 RC2 & MD5???
Message-ID: <199608221816.LAA01552@netcom6.netcom.com>


At 12:58 PM 8/21/96 -0700, Jeff Davis wrote:
>I assume then that the Netscape encryption is Symetric Key, so how do
>RC4 RC2 and MD5 compare and contast? TIA   

RC2 and RC4 are both both variable key length cyphers developed by Ron
Rivest for RSA Data Security Inc.  They were both protected by trade
secret, but both have been reverse engineered and posted to the net.  Both
of them have fast-path export approval if their key length is 40 bits or
less.

MD5 (Message Digest 5) is not a cypher but a secure hash.  If takes an
input of variable length and computes a 128 bit hash.  Recently some
weaknesses have been found in MD5 leading to the recomendation that new
applications be coded to use SHA1 instead.

As a note: Any good secure hash can be used as a symetric key cypher. 
Usually doing so involves considerably more computation than a symetric
cypher of equal strength.


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From declan at eff.org  Thu Aug 22 14:39:58 1996
From: declan at eff.org (Declan McCullagh)
Date: Fri, 23 Aug 1996 05:39:58 +0800
Subject: Any CPs in D.C.?
In-Reply-To: <s792sD80w165w@bwalk.dm.com>
Message-ID: <Pine.SUN.3.91.960822110918.9687I-100000@eff.org>


I may stop by. Though I'll probably avoid any airborne spittle.

-Declan


On Thu, 22 Aug 1996, Dr.Dimitri Vulis KOTM wrote:

> Black Unicorn <unicorn at schloss.li> writes:
> > Are you in D.C. now?
> >
> > Perhaps a drink would be in order?
> 
> I'll be at InfoWarCon in Arlington Sept 4-6.
> 
> Any Usenet Cabal affiliates want to be spat on in person? :-)
> 
> ---
> 
> Dr.Dimitri Vulis KOTM
> Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From dlv at bwalk.dm.com  Thu Aug 22 14:44:33 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Fri, 23 Aug 1996 05:44:33 +0800
Subject: Any CPs in D.C.?
In-Reply-To: <199608221608.MAA01581@nrk.com>
Message-ID: <0XP3sD3w165w@bwalk.dm.com>


David Lesher <wb8foz at nrk.com> writes:

> > Black Unicorn <unicorn at schloss.li> writes:
> > > Are you in D.C. now?
> > >
> > > Perhaps a drink would be in order?
> 
> There is the dccp at eff.org list. You guys missed our Cryto
> Museum talk [w/ employee sponsor!!] by Carl Ellison.

We (myself & Dr.M.V.) were there alright and even spoke briefly to David.
We greatly enjoyed the tour and the lecture given by the museum staff member.
Afterwards we felts like talking crypto, so we skipped Hinkel's and went over
to Annapolis, where we talked crypto with knowledgeable folks. :-)

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From vipul at pobox.com  Thu Aug 22 14:45:50 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Fri, 23 Aug 1996 05:45:50 +0800
Subject: DOJ Scam!
Message-ID: <199608221256.MAA00179@fountainhead.net>



Vipul wrote :

> >I think its a DOJ's doing. They prolly want to show the courts how
> >bad hackers can get so they can conjure up some support in forthcomming
> >trials. C'mon the sysadmins aren't fools, they surely see their own site.

Dungeon Master wrote:

> this is a very highly possible conclusion... and I wouldn't go against it.
> I the traditional since.. r00ts know there shit... and if the operator(s) of
> DOJ didn't know how firewall down the country's own Justice web page.. then
> we have some serious measures to be taken on lack of education in there
> part.. and furthermore they would have portrayed it as lack of security
> there and point the theoretical finger at the site admin..  but no, it
> didn't happen.  folks, I think its a scam... not only for these reasons...
> but just look at the material that was altered... I am sorry.. but speaking
> from some exp. here... if I had access to some place like that.. I wouldn't
> have bothered de-facing what the public sees... I would rather have gone to
> a more effective means of sabotage..  to the root of the system.. to data
> storage and records..  the real hackers out there are the ones who don't
> make themselves known.

And particular thing to note is that *indecency*.


- Vipul
vipul at pobox.com







From vipul at pobox.com  Thu Aug 22 14:46:13 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Fri, 23 Aug 1996 05:46:13 +0800
Subject: Spamming
In-Reply-To: <2.2.32.19960821145232.006fe294@tansoft.com>
Message-ID: <199608221455.OAA00207@fountainhead.net>


> 
> At 06:09 PM 8/20/96 -0700, Rich Graves wrote:
<Snip>
> No.  I think we can all (most) agree that spam-email is like junk-snailmail.
> In that case there are a few things to consider:
> 
>   1. Junkmail requires the SENDER to pay for it, not the recipient.
    Internet pricing models are complicated and debatable, but you surely
    end up paying for snail-junk-mail. Not directly, but hidden in the high
    first-class mail costs. More mail, more infrastructure, higher costs.
    This could be quite true for the net also, if we consider bandwidth costs
    money.
  
Vipul

--

Vipul Ved Prakash                       Voice   91 11 2247802
<vipul at pobox.com>                       Fax     91 11 3328849
      198 Madhuban, IP Extension, Delhi 110 092, INDIA







From wendigo at pobox.com  Thu Aug 22 14:47:13 1996
From: wendigo at pobox.com (Mark Rogaski)
Date: Fri, 23 Aug 1996 05:47:13 +0800
Subject: RFC1984 on Cryptographic Technology (fwd)
Message-ID: <199608221804.OAA20272@charon.gti.net>


An entity claiming to be RFC Editor wrote:
>From majordom at ISI.EDU Thu Aug 22 13:27 EDT 1996
Message-Id: <199608201538.AA03394 at zephyr.isi.edu>
To: rfc-dist at ISI.EDU
Subject: RFC1984 on Cryptographic Technology
Cc: rfc-ed at ISI.EDU
Mime-Version: 1.0
Date: Tue, 20 Aug 96 08:40:50 PDT
From: RFC Editor <rfc-ed at ISI.EDU>
Sender: owner-rfc-dist at ISI.EDU
Content-Type: Multipart/Mixed; Boundary=NextPart
Content-Length: 3011


--NextPart


A new Request for Comments is now available in online RFC libraries.


        RFC 1984:

        Title:      IAB and IESG Statement on Cryptographic Technology
                    and the Internet
        Author:     IAB & IESG
        Date:       August 1996
        Mailbox:    brian at dxcoms.cern.ch, fred at cisco.com
        Pages:      5
        Characters: 10,738
        Updates/Obsoletes:  none

        URL:        ftp://ds.internic.net/rfc/rfc1984.txt


The Internet Architecture Board (IAB) and the Internet Engineering
Steering Group (IESG), the bodies which oversee architecture and
standards for the Internet, are concerned by the need for increased
protection of international commercial transactions on the Internet,
and by the need to offer all Internet users an adequate degree of
privacy.  Security mechanisms being developed in the Internet
Engineering Task Force to meet these needs require and depend on the
international use of adequate cryptographic technology.  Ready access
to such technology is therefore a key factor in the future growth of
the Internet as a motor for international commerce and communication.

This memo provides information for the Internet community.  This memo
does not specify an Internet standard of any kind.  Distribution of
this memo is unlimited.

This announcement is sent to the IETF list and the RFC-DIST list.
Requests to be added to or deleted from the IETF distribution list
should be sent to IETF-REQUEST at CNRI.RESTON.VA.US.  Requests to be
added to or deleted from the RFC-DIST distribution list should
be sent to RFC-DIST-REQUEST at ISI.EDU.

Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
an EMAIL message to rfc-info at ISI.EDU with the message body 
help: ways_to_get_rfcs.  For example:

        To: rfc-info at ISI.EDU
        Subject: getting rfcs

        help: ways_to_get_rfcs

Requests for special distribution should be addressed to either the
author of the RFC in question, or to admin at DS.INTERNIC.NET.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.

Submissions for Requests for Comments should be sent to
RFC-EDITOR at ISI.EDU.  Please consult RFC 1543, Instructions to RFC
Authors, for further information.


Joyce K. Reynolds
USC/Information Sciences Institute

...

Below is the data which will enable a MIME compliant Mail Reader 
implementation to automatically retrieve the ASCII version
of the RFCs.

--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"

--OtherAccess
Content-Type:  Message/External-body;
        access-type="mail-server";
        server="mailserv at ds.internic.net"

Content-Type: text/plain
Content-ID: <960820082910.RFC at ISI.EDU>

SEND /rfc/rfc1984.txt

--OtherAccess
Content-Type:   Message/External-body;
        name="rfc1984.txt";
        site="ds.internic.net";
        access-type="anon-ftp";
        directory="rfc"

Content-Type: text/plain
Content-ID: <960820082910.RFC at ISI.EDU>

--OtherAccess--
--NextPart--


-- 
    Mark Rogaski   | Why read when you can just sit and |      Member
  GTI System Admin |         stare at things?           | Programmers Local
  wendigo at gti.net  | Any expressed opinions are my own  |     # 0xfffe
 wendigo at pobox.com | unless they can get me in trouble. |     APL-CPIO






From vipul at pobox.com  Thu Aug 22 14:52:32 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Fri, 23 Aug 1996 05:52:32 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <Pine.HPP.3.91.960821144412.10644C-100000@cor.sos.sll.se>
Message-ID: <199608221447.OAA00185@fountainhead.net>


> 
> On Tue, 20 Aug 1996, Timothy C. May wrote:
> 
> > There are technological fixes which I would favor over attempts to ban
> > unwanted messages.
> 
> In the meantime, before these technological fixes are easily implemented,
> what is the proper way to handle unwanted commercial mail?
> 
> 1) delete immediately
> 
> 2) reply with 'Fuck off, morons!'
> 
> 3) as in 2) plus an attachment of some 1Mb file
> 
> 4) as in 3) plus a CC to the postmaster of the sending site
> 
> What if the spam says: 'Do only reply to this if you want
> further contact with us' etc?
> 
> Does anybody have good advice, including risks for retaliation
> from the vendors/postmasters for such 're-spam'?

Informal law! The first content line could be "This is un-solicited mail". 
Then the MTA will remove it. Sender who doesnot put this line in his spam 
should be mailbombed. Though this kind of arrangement doesn't mean that spam
is nice thing if it has the line in it. 

- Vipul






From pjb at ny.ubs.com  Thu Aug 22 15:13:42 1996
From: pjb at ny.ubs.com (pjb at ny.ubs.com)
Date: Fri, 23 Aug 1996 06:13:42 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <199608221840.OAA03501@sherry.ny.ubs.com>


jimmy carter proved that we anyone could be president, and it looks
like clinton is proving that we don't really need a president.

	-paul

> From cypherpunks-errors at toad.com Thu Aug 22 03:09:20 1996
> X-Sender: jimbell at mail.pacifier.com
> X-Mailer: Windows Eudora Light Version 1.5.2
> Mime-Version: 1.0
> Content-Type> : > text/plain> ; > charset="us-ascii"> 
> Date: Wed, 21 Aug 1996 14:36:23 -0800
> To: Brian Davis <bdavis at thepoint.net>
> From: jim bell <jimbell at pacifier.com>
> Subject: Re: Husband/Wife jailed for saying Clinton Sucks
> Cc: cypherpunks at toad.com
> Sender: owner-cypherpunks at toad.com
> Content-Length: 1492
> 
> At 02:47 PM 8/21/96 -0400, Brian Davis wrote:
> >On Tue, 20 Aug 1996 Scottauge at aol.com wrote:
> >
> >> Rush Limbaugh reports:
> >> 
> >> That a husband and wife are being jailed for yelling to Clinton "You Suck".
> >> 
> >> The Secret Service states additional words (yet un-uttered to the rest of 
> us)
> >> were mentioned that they deemed threatening.
> >
> >
> >"I hope you die." 
> 
> Doesn't sound much like a "threat" to me.
> 
> > And the couple was arrestd for disorderly conduct by 
> >Chicago police. 
> 
> It sounds to me like the Chicops were just showing their "loyalty" by 
> sitting on somebody, not that they believed any real crime had been committed.
> 
> > Any possible federal charges for threatening a president 
> >in violation of 18 U.S.C. Section 871 await a determination of the 
> >seriousness of the statement, in context with the wife's conduct, by 
> >prosecutors.  I predict no action.
> 
> But it isn't even a "threat", regardless of how "serious" it was.   The "I 
> hope you die"  part is, presumably, a statement of fact:  She did, indeed, 
> hope he dies.  But I don't see how hoping this can be considered a threat, 
> or even SAYING she's hoping this is, likewise.
> 
> 
> Makes me wonder whether visiting one of these appearances with a "Clinton 
> Doll" and a bunch of pins, and visibly inserting those pins into the doll 
> (while uttering various strange incantations), would constitute a "threat."
> 
> Frankly, I'd rather have a president who didn't feel the need to be 
> protected by thugs.
> 
> Jim Bell
> jimbell at pacifier.com
> 





From pjb at ny.ubs.com  Thu Aug 22 15:16:24 1996
From: pjb at ny.ubs.com (pjb at ny.ubs.com)
Date: Fri, 23 Aug 1996 06:16:24 +0800
Subject: [Noise] RE: Canada Imprisons People For Human Rights Acti...
Message-ID: <199608221833.OAA03498@sherry.ny.ubs.com>


as i recall, you are free to advocate almost anything, as long as you don't 
advocate it by violent means.

	-paul

> From cypherpunks-errors at toad.com Thu Aug 22 03:09:01 1996
> Date: Wed, 21 Aug 1996 14:58:32 -0700 (PDT)
> From: Michelle KC5KYO <mthompso at qualcomm.com>
> To: cypherpunks at toad.com
> Subject: Re: [Noise] RE: Canada Imprisons People For Human Rights Acti...
> Mime-Version: 1.0
> Content-Type> : > TEXT/PLAIN> ; > charset=US-ASCII> 
> Sender: owner-cypherpunks at toad.com
> Content-Length: 1141
> 
> > I do not believe that freedom of speech in the U.S.A. extends to actively
> > agitating for secession or the overthrow of the federal government.
> 
> The right to discuss revolt or secession or the overthrow of the federal
> government, it seems to me, is given below:
> 
> "We hold these Truths to be self-evident, that all Men are created
> equal, that they are endowed by their Creator with certain unalienable
> Rights, that among these are Life, Liberty, and the Pursuit of 
> Happiness - That to secure these Rights, Governments are instituted
> among Men, deriving their just Powers from the Consent of the
> Governed, that whenever any Form of Government becomes destructive of
> these Ends, it is the Right of the People to alter or to abolish it,
> and to institute new Government, laying its Foundation on such
> Principles, and organizing its Powers in such Form, as to them shall
> seem most likely to effect their Safety and Happiness.  ... "
> 
> Now this is the Declaration of Independence, and not the Constitution, but
> it seems to me that the right to discuss "agitating for secession or the
> overthrow of the federal government" is protected.
> 
> Michelle
> 
> 





From pjb at ny.ubs.com  Thu Aug 22 15:16:43 1996
From: pjb at ny.ubs.com (pjb at ny.ubs.com)
Date: Fri, 23 Aug 1996 06:16:43 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <199608221826.OAA03492@sherry.ny.ubs.com>


perhaps we should all add a line to our sigs to the effect that we hope
he dies, and soon, natural causes, of course. Hmmm, what exactly does 
'natural death' include?

	-paul


> From cypherpunks-errors at toad.com Wed Aug 21 18:31:29 1996
> Date: Wed, 21 Aug 1996 14:47:57 -0400 (EDT)
> From: Brian Davis <bdavis at thepoint.net>
> To: Scottauge at aol.com
> Cc: cypherpunks at toad.com
> Subject: Re: Husband/Wife jailed for saying Clinton Sucks
> Mime-Version: 1.0
> Content-Type> : > TEXT/PLAIN> ; > charset=US-ASCII> 
> Sender: owner-cypherpunks at toad.com
> Content-Length: 661
> 
> On Tue, 20 Aug 1996 Scottauge at aol.com wrote:
> 
> > Rush Limbaugh reports:
> > 
> > That a husband and wife are being jailed for yelling to Clinton "You Suck".
> > 
> > The Secret Service states additional words (yet un-uttered to the rest of us)
> > were mentioned that they deemed threatening.
> 
> 
> "I hope you die."  And the couple was arrestd for disorderly conduct by 
> Chicago police.  Any possible federal charges for threatening a president 
> in violation of 18 U.S.C. Section 871 await a determination of the 
> seriousness of the statement, in context with the wife's conduct, by 
> prosecutors.  I predict no action.
> 
> EBD 
> 
> > 
> > Ahhh, good to live in a free country....
> > 
> 





From pjb at ny.ubs.com  Thu Aug 22 15:19:26 1996
From: pjb at ny.ubs.com (pjb at ny.ubs.com)
Date: Fri, 23 Aug 1996 06:19:26 +0800
Subject: HP supporting GAK, export controls
Message-ID: <199608221831.OAA03495@sherry.ny.ubs.com>


HP seems to have outlived their usefulness. sad, isn't it, when a really
first class operation has to die. and to go out in such a ignoble  way. 
the `ole boys' must not be resting well in their graves.

	-paul

> From cypherpunks-errors at toad.com Wed Aug 21 18:31:33 1996
> Date: Wed, 21 Aug 1996 14:11:34 -0700 (PDT)
> From: Lucky Green <shamrock at netcom.com>
> Subject: HP supporting GAK, export controls
> To: cypherpunks at toad.com
> Mime-Version: 1.0
> Content-Type> : > TEXT/PLAIN> ; > charset=US-ASCII> 
> Sender: owner-cypherpunks at toad.com
> Content-Length: 1394
> 
> [Sorry, the last one went out without a subject]
> 
> HP is in the process of ramroding a pro-GAK, pro-export control 
> resolution through CommerceNet's public policy working group.
> 
> Here are the details.
> 
> HP is marketing several DES products that currently can not be sold 
> abroad. In order to be allowed to sell these products, HP is willing to 
> give the USG the following in return:
> 
> 
> 1.  Support by CommerceNet to have GAK built into the (inevitable) 
> domestic PKI. [Their presentation included the word "voluntary". When I 
> asked what was meant by that, I got the reply "There are many 
> interpretations of the word "voluntary"." Suffice to say there are 
> fundamental differences in what I mean by "voluntary" and what their 
> proposal would require the definition of "voluntary" to be.]
> 
> 2.  Support by CommerceNet for export restrictions on stronger forms of 
> crypto than DES as well as restrictions on export of crypto for products 
> not directly related (in HP's opinion) to ecommerce, such as email.
> 
> This ill conceived attempt to use CommerceNet's clout as industry 
> organization to liberalize export rules on HP's products, and those of a 
> few other companies supporting HP in this effort, at a heavy cost to 
> everybody else, must be stopped. Please let HP know how you feel about 
> their initiative and encourage CommerceNet to adopt an anti-GAK, 
> anti-export control position.
> 
> --Lucky
> 
> 
> 
> 





From maldrich at grci.com  Thu Aug 22 16:05:56 1996
From: maldrich at grci.com (Mark O. Aldrich)
Date: Fri, 23 Aug 1996 07:05:56 +0800
Subject: [NOISE] Mysterious Numbers in Hacked DOJ Pages
Message-ID: <Pine.SCO.3.93.960822144544.19218D-100000@grctechs.va.grci.com>


This should be good for a conspiracy thread or two:

I've noticed that nobody seems to be taking credit for the DOJ hack.  In
studying the hacked page (I thought maybe they'd leave a clue as to who
they were), I noticed that on the top right corner of the page, there are
two sets of numbers.  The first says "1020" and the second says "757." 
The are stored in the same .JPG file, 1020757.jpg.  In poking around the
HTML source, the following appears in the source code, but not on the
actual page when it's in a browser (HTML source comments): 

<! Why did you betray us? Why are you taking our rights? What ever
happened >
<! to the law of the land? 757 1020 >

Note that this time, the numbers are in the reverse order.  (Also note
that 202.757.1020 does not appear to be the DOJ phone number - I tried). 

For all I know, these numbers are relevant to the CDA or some other
legal/legislative source.  Or maybe I'm missing something really
obvious.

Anyone have any insight into what the numbers actually mean?  Could there
be some crypto (key?) relevance here that we're missing? 

------------------------------------------------------------------------- 
|Just as the strength of the Internet is  |Mark Aldrich                 |
|chaos, so the strength of our liberty    |GRCI INFOSEC Engineering     |
|depends upon the chaos and cacophony of  |maldrich at grci.com            |
|the unfettered speech the First Amendment|MAldrich at dockmaster.ncsc.mil |
|protects - District Judge Stewart Dalzell|                             |
|_______________________________________________________________________|
|The author is PGP Empowered.  Public key at:  finger maldrich at grci.com |
|    The opinions expressed herein are strictly those of the author     |
|         and my employer gets no credit for them whatsoever.           |
-------------------------------------------------------------------------






From rich at c2.org  Thu Aug 22 16:41:04 1996
From: rich at c2.org (Rich Graves)
Date: Fri, 23 Aug 1996 07:41:04 +0800
Subject: Republican and Democratic party platforms [NOT!] on technology
In-Reply-To: <v01510103ae4232dcce6d@[204.62.128.229]>
Message-ID: <Pine.GUL.3.95.960822120928.25102B-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 22 Aug 1996, Declan McCullagh wrote:

> But the benefit of having a pro-privacy statement in the platform (which in
> fact was watered down significantly from that originally proposed by
> advocates on our side) is that the platform covers Republican Party
> candidates for any office, not just the presidency.

One Republican staffer sent you an ass-kissing note quoting an ALLEGED piece
of the platform WHICH IS NOT ACTUALLY THERE. The platform was finalized on
August 12th. The text you quoted is not even in the list of rejected
amendments. I assume that either you or the staffer you talked to innocently
mistook some Senator's position paper for the platform; it's hard to believe
that anyone would intentionally lie about something that is so trivial to
check.

Even if the text you passed on were part of the platform, I fail to see the
importance of a feel-good statement in a platform that the party's
presidential candidate CLAIMS NOT TO HAVE EVEN READ.

Also from the Republican Platform (perhaps out of context, but unlike the
text some anonymous alleged Republican staffer sent you, this is actually
in the platform): 

[...]

In a Dole Administration, U. S. Attorneys will prosecute and jail those who
prey upon the innocent. We support upgrading our interdiction effort by
establishing a Deputy Commissioner for Drug Enforcement within the Customs
Service. We will intensify our intelligence efforts against international
drug traffickers and use whatever means necessary to destroy their
operations and seize their personal accounts.

We support strong penalties, including mandatory minimum sentences, for drug
trafficking, distribution and drug-related crimes.  Drug use is closely
related to crime and recidivism. Drug testing should be made a routine
feature of the criminal justice process at every stage, including the
juvenile justice system. Test results should be used in deciding pretrial
release, sentencing, and probation revocation.

[...]

Terrorist states have made a comeback during Bill Clinton's Administration. 
He has treated their rulers with undue respect and failed to curb their
acquisition of weapons of mass destruction.  Although congressional
Republicans passed anti-terrorism legislation earlier this year, the Clinton
Administration has not implemented many key provisions of the law. It has
not been used to freeze terrorists' assets, deny terrorists' visas, cut off
foreign aid to supporters of terrorist states, or halt terrorist fundraising
in the United States. The Clinton Administration has not implemented the
anti-terrorist research program established and funded by Congress in the
1990 Aviation Security Act.

[...]

Our technological edge is at risk not only because of the Clinton
Administration's refusal to sustain an adequate investment in defense
modernization, but also its virtual abandonment of national security-related
export controls.  Acquisition of technology by aspiring proliferators of
weapons of mass destruction has been irresponsibly facilitated. A Republican
Administration will protect the American technological edge. It will do so
by expanding investment in defense modernization, ensuring that the Defense
Department has a key role in approving exports of militarily critical
technology, and restoring the effectiveness of export control regimes.

[...]

The intelligence community should be our first line of defense against
terrorism, drug trafficking, nuclear proliferation, and foreign espionage.
Bill Clinton's neglect of our country's intelligence service is one of his
most serious sins of omission. He has underfunded, misutilized, and
marginalized critical intelligence missions and capabilities. No wonder his
first appointee as Director of Central Intelligence has endorsed Bob Dole.
The nation's security - and the personal safety of our citizens - cannot be
placed at risk.

Effective intelligence can be expensive. But what it costs is measured in
dollars rather than lives - an important lesson of the Gulf War. A
Republican Administration will reverse the decline in funding for
intelligence personnel and operations while better managing the development
of futuristic capabilities. We will not constrain U.S. intelligence
personnel with "politically correct"  standards that impede their ability to
collect and act on intelligence information. We will conduct whatever
intelligence operations are necessary to safeguard American lives against
the terrorists who bomb our airplanes and buildings.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMhy5wpNcNyVVy0jxAQFvgwH9FR9ZQca520mSuqhDO7OKLe6duAJAQ+HO
FP4UPnLWJZtOrI9LvWiX5EHoqG0RtaS2FwwMuwGZQedb8YdkW4QWUw==
=XdnD
-----END PGP SIGNATURE-----






From gary at systemics.com  Thu Aug 22 17:39:10 1996
From: gary at systemics.com (Gary Howland)
Date: Fri, 23 Aug 1996 08:39:10 +0800
Subject: U.S. Army Private Faces Spying Charges
In-Reply-To: <9608221711.AA00368@bksmp2.FRB.GOV>
Message-ID: <321CD0C2.4487EB71@systemics.com>


Thomas C. Allard wrote:
> 
> His father said an Army major at Fort Bragg, whom he declined to name,
> had urged him to persuade his son to sign a confession, so prosecutors
> would not seek the death penalty.

Isn't plea bargaining wonderful?

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06





From jad at dsddhc.com  Thu Aug 22 17:54:39 1996
From: jad at dsddhc.com (John Deters)
Date: Fri, 23 Aug 1996 08:54:39 +0800
Subject: Spamming
Message-ID: <2.2.32.19960822220224.006a0ff0@labg30>


At 02:55 PM 8/22/96 +0000, Vipul Ved Prakash wrote:
>> 
>> At 06:09 PM 8/20/96 -0700, Rich Graves wrote:
[deleted]
>>   1. Junkmail requires the SENDER to pay for it, not the recipient.
>    Internet pricing models are complicated and debatable, but you surely
>    end up paying for snail-junk-mail. Not directly, but hidden in the high
>    first-class mail costs. More mail, more infrastructure, higher costs.
>    This could be quite true for the net also, if we consider bandwidth costs
>    money.

I beg to differ.  The USPS considers "junk" mail their bread-and-butter.
Huge mailings of all manner of bulk mail (especially those that are PostNet
barcoded by the sender) pay the bills around the Post Office.  Your "more
mail, more infrastructure, higher costs" argument is flawed.  The post
office has many fixed costs related to maintaining their huge presence,
delivering to so many rural addresses.  If we had to pay a per-letter basis
*discounting* the value provided by the infrastructure already in place
supporting the bulk-mail handling systems, we'd be paying roughly Federal
Express 2-day letter rates for each piece of mail (around $6.00, if memory
serves correctly.)

I do not say this to begin yet another "Privatize the USPS" rant.  I also am
not interested in whether or not the USPS should be privatized, have its
criminal law protctions stripped, or even if the postmaster general should
report our stamp purchasing habits to Janet Reno.  All I'm saying is that
the above statement ("junk mail = higher costs") is false.

John
--
J. Deters  "Captain's log, stardate 25970-point-5.  I am nailed to the hull."
+-------------------------------------------------------+
| NET:   jad at dsddhc.com (work)    jad at pclink.com (home) |
| PSTN:  1 612 375 3116 (work)    1 612 894 8507 (home) |
| ICBM:  44^58'36"N by 93^16'27"W Elev. ~=290m (work)   |
| PGP Key ID:  768 / 15FFA875                           |
+-------------------------------------------------------+






From mccoy at communities.com  Thu Aug 22 18:04:33 1996
From: mccoy at communities.com (Jim McCoy)
Date: Fri, 23 Aug 1996 09:04:33 +0800
Subject: Spamming
Message-ID: <v02140b03ae427b8a5793@[205.162.51.35]>


vipul at pobox.com wrote:
> > At 06:09 PM 8/20/96 -0700, Rich Graves wrote:
> <Snip>
> > No.  I think we can all (most) agree that spam-email is like junk-snailmail.
> > In that case there are a few things to consider:
> >
> >   1. Junkmail requires the SENDER to pay for it, not the recipient.
>
>     Internet pricing models are complicated and debatable, but you surely
>     end up paying for snail-junk-mail. Not directly, but hidden in the high
>     first-class mail costs. More mail, more infrastructure, higher costs.
>     This could be quite true for the net also, if we consider bandwidth costs
>     money.

Actually I believe that without "junk mail" costs for regular postage would
probably be higher: less mail = fewer packages over which to amortize the
cost of building the infrastructure necessary for ubiquitous messaging.
Direct-mail organizations get a lower rate by doing a lot of the expensive
parts of post office work themselves (pre-sorting the mail by zip code,
barcoding messages, etc) and not necessrily just based upon volume.  For all
the bitching Americans do about the high cost of first-class mail it is still
the least expensive of any western  nation and offers fairly good service
(and the USPS actually made a profit for the last two years so it is unlikely
that the cost will go up for a while...)


jim







From alanh at infi.net  Thu Aug 22 18:05:38 1996
From: alanh at infi.net (Alan Horowitz)
Date: Fri, 23 Aug 1996 09:05:38 +0800
Subject: Canada Imprisons People For Human Rights Activity
In-Reply-To: <1Ri2sD70w165w@bwalk.dm.com>
Message-ID: <Pine.SV4.3.91.960822174814.21784B-100000@larry.infi.net>


> Alaska rightfully belongs to Russia

The Aleuts still study Russian in their schools and use it in Church.

Mr Zhieranovsky (spelling) who recently pointed that out during the 
run-up to the election campaign, also mentioned his prelimiary plan to 
reverse the net population loss of ethnic Russians: He'd father a child 
in every province.

The dude has got my vote.





From alanh at infi.net  Thu Aug 22 18:14:20 1996
From: alanh at infi.net (Alan Horowitz)
Date: Fri, 23 Aug 1996 09:14:20 +0800
Subject: Husband/Wife jailed for saying Clinton SucksHusband/Wife jailed for say
In-Reply-To: <Pine.SOL.3.94.960822012737.28294B-100000@taz>
Message-ID: <Pine.SV4.3.91.960822181521.21784E-100000@larry.infi.net>


> Date: Thu, 22 Aug 1996 01:28:42 -0500 (CDT)
> From: nathan poznick <npoznick at Harding.edu>

> think of all the nuclear testing that went on during his time in office...


Nuclear testing has killed less women than the senior US Senator from 
Massachusetts.





From sunder at dorsai.dorsai.org  Thu Aug 22 18:20:09 1996
From: sunder at dorsai.dorsai.org (Ray Arachelian)
Date: Fri, 23 Aug 1996 09:20:09 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <ae40eda80f0210043236@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.960822182617.15085A-100000@dorsai>



On Wed, 21 Aug 1996, Timothy C. May wrote:

> But I agree that "no action" is pretty likely. "I hope you die" has been a
> time-honored insult at least since I was a kindergartner, and presumably
> for many decades prior to this. Hardly an active threat.

Yeah, well it's pretty lame as far as threats go, two key words there are 
"hope" and "die," what's missing is a time frame and intent of action.  
Everyone after all does day, that hope isn't hopeless, but it's not a 
threat either.

Silly assed our president, but then again what else can he do to prove 
himself a jerk.  As for me, I don't hope he dies, he will after all after 
many years, die of old age.  No, I hope he doesn't get elected.  That's 
what I hope. :^)  Not that I'd want Dole either. :(

How about you Tim, when are you running for prez?  Heheheh!

==========================================================================
 + ^ + |  Ray Arachelian |FL|       KAOS KERAUNOS KYBERNETOS      |==/|\==
  \|/  |sunder at dorsai.org|UL|__Nothing_is_true,_all_is_permitted!_|=/\|/\=
<--+-->| --------------- |CG|What part of 'Congress shall make no |=\/|\/=
  /|\  | Just Say "No" to|KA|law abridging the freedom of speech' |==\|/==
 + v + | Janet Reno & GAK|AK|        do you not understand?       |=======
===================http://www.dorsai.org/~sunder/=========================
 Key Escrow Laws are the mating calls of those who'd abuse your privacy!  






From tcmay at got.net  Thu Aug 22 18:21:13 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 23 Aug 1996 09:21:13 +0800
Subject: Spamming
Message-ID: <ae422c5c00021004e11a@[205.199.118.202]>


At 2:55 PM 8/22/96, Vipul Ved Prakash wrote:
>>
>
>    Internet pricing models are complicated and debatable, but you surely
>    end up paying for snail-junk-mail. Not directly, but hidden in the high
>    first-class mail costs. More mail, more infrastructure, higher costs.

Actually, precisely the opposite is true, according to a number of studies.
"Bulk mail" is a major profit center for the Postal Service, thus
subsidizing non-bulk /first class mail.

-- Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jimbell at pacifier.com  Thu Aug 22 18:22:18 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 23 Aug 1996 09:22:18 +0800
Subject: telco's vs x-phones
Message-ID: <199608222206.PAA24858@mail.pacifier.com>


At 10:32 PM 8/21/96 -0400, John Brothers wrote:
>
>I think you both have good points here.  I will redo the math.
>
>At 09:19 AM 8/21/96 -0700,  Brian D Williams <talon57 at well.com> wrote:
>>In a reply to Vipul Ved Prakash, Jim Bell wrote:
>>Siecore plain vanilla 36 fiber singlemode list $ 1.82 a foot, $5.46
>>a yard.  
>
>Jim said $10/meter, so about 50% of his estimate.
>
>
>>
>>>Each fiber pair should be able to handle approximately 1 million
>>>conversations at current data rates, or a total of 18 million
>>>conversations for that 18-pair cable, or 9.5 trillion 
>>>conversation-minutes.
>>
>>At current data rates (OC-48 Sonet) 32,256 voice channels per
>>fiber, 580,608 total for the fiber.
>
>Ok.. I think we're talking apples and oranges.  Jim uses the term 
conversation,
>which I assume is a 3 minute duration of time.  Your OC-48 handles almost
>precisely 1 million conversations per day.   (32k DS0 x 24 * 60 * 20)

My error was being off a deciminal point.  I was thinking around 6.4 
gigabits per second, which works out to 100,000 channels at 64,000 bits per 
second per channel, not 1 million.  

However, even my selection of 6.4 gigabits per second is arbitrary:  I have 
seen at least two ads for 80 gigabit (8 channels/fiber at 10 gigabits per 
channel) for fiber optic systems.  But my goal is not to make fiber look 
unrealistically good, but to generate a ballpark figure.


>>>Multiply this cost by 10 for right of way, trenching, repeaters,
>>>and other auxiliary hardware, or $100 per meter.  This is probably
>>>just a ballpark estimate, but...
>>
>>Off by a factor of at least 10 not counting switching equipment.
>
>So, assume that he's a long haul carrier, and doesn't have to buy any
>switching equipment.   Still, based on  $500/meter, that means 
>that this network cost about 2.5 billion to build.

Even long-haul carriers must have SOME switching equipment.  But as you 
note, my point is that the difference between local and LD costs is simply 
the fact of the insertion of some arbitrarily large amount of fiber trunk 
between the local switches.  LD companies still deserve to be paid, but the 
AMOUNT that they are paid maybe should drop to an arbitrarily low level as 
their costs drop.


>So if the system was running at full capacity, 24/7/365, the LD will have
>to charge $0.50/conversation, or $0.15/minute to make 2.5 billion per year.
>
>Even reaching 10% of that capacity is unlikely at $5/conversation.
>
>Which, clearly, isn't happening.  I assume that either I have made a 
>mistake in my calculations, or the costs of laying fiber has been 
>grossly overestimated...


Yes, I think the costs laying fiber are still a bit opaque.  The main reason 
one of the first alternative telephone LD services (Sprint) was that it was 
the creature of Southern Pacific Railways, who (obviously) owned a large 
amount of (ta da!) RIGHT-OF-WAY. And, more particularly, right of way that 
was well-connected, easily accessible, and easily diggable to install the 
fiber.  They decided they were going to put in a fiber communications system 
for the railroad, and at some (early?) point realized that since the cost of 
the trenching and fiber is basically fixed, so turning it into an LD service 
was going to be relatively straightforward.


>Or, that since no-one is going around and buying
>up 5000km right of ways, Sprint, MCI, AT&T and co. can lay fiber
>much more cheaply.  If we assume $50/meter, it will cost 250 million, and they
>will have to charge $0.015/minute to break even at 100% capacity, or 
>$0.15/minute at 10% capacity - and we know Sprint charges less than that,
>but if they can get more than 10% of the capacity --- although it is doubtful.

(I think you still need to go back and re-check some of your figures.  Yes, 
I did make that decimal point error, but I think you've added a few 
(different) errors of your own.) 

Now, keep in mind that a little perusing of these numbers (even if they are 
not exact) reveals an few interesting facts:

The cost of doing the right-of-way/trenching is essentially independant of 
the number of fibers that you intend to lay.  Moreover, the cost of the 
fiber itself is very low.  In other words, everything being equal, you want 
to pack as many fibers into a trench as you can.  Add to this, the fact that 
you can provide a way for fiber in a buried conduit, and later (years?) blow 
in new fiber.  The line I saw installed, "up close and personal," had three 
separate ways for cable, and the one cable being installed immediately was 
36 fibers.  Had two similar fibers been installed in the other ways, that's 
108 fibers, and at 2.4 gigabits per second, that's about 54x40,000 
simultaneous bidirectional conversations, or 2.16 million.  There are 
probably very few communications corridors that need more capacity than this.

 The obvious limit of this is that there is only a fairly limited demand for 
bit transmission (at least, compared with the capacities possible with 
fiber).  In addition is the fact that once you have modern-quality fiber 
installed, you can increase capacity by changing the optics/electronics.  It 
wasn't too many years ago that 400 (?) megabits/second or so was a fairly 
standard rate.  2.4 gigabits/sec supplanted it a few years ago, and speeds 
substantially greater than this are straightforward today.  AT+T claims to 
supply fiber now, and electronics/optics within a few months, to allow 80 
gigabits per fiber, or about 32 times more than 2.4.  

This should immediately explain why you aren't seeing a lot of trenching:  
Except for the natural desire among engineers to duplicate trenches along 
major routes to protect against "trencher fade" (accidental cuts), it won't 
really pay to put in more than a couple trenched routes between most major 
cities, if they're separated by "boonies."  It's far more economical for 
multiple companies to share a single route, or a pair of routes.  (there is 
an obvious exception if the whole area is developed, such as extended 
corridors like Washington/New York/Boston.)


>My best assumption at this point is that we don't have to make back the entire
>cost of the fiber per year to make a profit.  if we only have to earn 20%
>of its value to make a 10% profit, it would bring the price down to
>$0.075/minute, and if we were to get OC-768 systems invented, we could reduce
>that to $0.005/minute, which is approaching the values that Jim derived.

The value of an investment is compared to the average interest rate paid.  
However, that's probably too conservative with a fast-changing market like 
telecom today.  Even so, if a system paid back profit at 10% of the 
investment per year, it would probably be considered a very profitable 
investment, and I agree with your figure of 20% before fixed costs.

>So, I hate to say it, but it looks like long distance is more expensive
>than Jim (or I) thought.  But, in a few years (say, 5) it will approach
>ridiculously cheap.  We can expect at that point that either
>a) All (or most) long distance will be over the Internet
>b) Internet phone will vanish as regular long distance becomes a flat fee
>   like local service.

Probably closer to the latter.

The main lesson from these calculations is that fiber's costs are almost 
entirely based on their one-time installation cost, not a continuing 
maintenance cost.  True, the installation must be paid for, but that 
translates into an interest charge that is very low.

In view of the fact that the billing for telephone is supposedly half of  
the phoneco's cost, it will make sense that all telephone service will turn 
into a flat monthly fee, "enforced" by the possibility of Internet telephone 
for the few recalcitrant companies/countries who resist the transition.



Jim Bell
jimbell at pacifier.com





From tcmay at got.net  Thu Aug 22 18:54:34 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 23 Aug 1996 09:54:34 +0800
Subject: USPS
Message-ID: <ae422fd400021004704e@[205.199.118.202]>


You didn't quote the full thing:

At 5:14 PM 8/22/96, Bruce M. wrote:

>Web Week, July 8, 1996, p3

>    The Postal Service's attorneys have told the USPS that the tampering
>part of the current federal law would transfer to the electronic space,
>and that the mail fraud portion might also apply...
>
>    "We're a trusted third party," Saunders said.  "We don't have any
>interest in learning your trade secrets. However, we do have an interest
>in your reading habits, and we sometimes send, unsolicited, samples of
>child pornography to our customers, and then notify the proper authorities
>that one of our customers has taken the bait."

(Though I made up this last part, it represents reality. Postal inspectors
frequently collaborate with various national and international authorities
on matters involving pornography, fraud, pyramid schemes, and the sending
of various sorts of contraband. While FedEx, UPS, Airborne, etc., may
occasionally cooperate when a crime is called to their attention, I know of
no cases where Federal Express, for example, has become a willing and
leading partner in setting up stings. This is why the "Postal Service,"
despite nominal status as a a quasi-independent corporation, is actually
yet another enforcement arm of the government.)

The Postal Service probably has zero chance of getting into the e-mail
business in any fashion, much as they might want to. Businesses see too
many advantages in direct transmission, and are unlikely to hand the USPS
some money for the dubious benefit of slowing down the mail and (maybe)
adding some kind of signature. This is a case where businesses are fully
able to understand the role of independent encryption, signatures,
credentialling agencies, etc.

"Postal anarchy" is already the accepted norm for e-mail.

--Tim May



We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From snow at smoke.suba.com  Thu Aug 22 19:15:33 1996
From: snow at smoke.suba.com (snow)
Date: Fri, 23 Aug 1996 10:15:33 +0800
Subject: [rant] Re: Spamming (Good or Bad?)
In-Reply-To: <2.2.32.19960821203026.00c82314@mail.teleport.com>
Message-ID: <Pine.LNX.3.93.960822172809.170A-100000@smoke.suba.com>


On Wed, 21 Aug 1996, Alan Olsen wrote:
> At 05:49 PM 8/20/96 +0000, Ross Wright wrote:
> >On Or About 20 Aug 96, 16:23, Jim Gillogly wrote:
> >> Vipul Ved Prakash <vipul at pobox.com> writes:
> >> >I don't know if there has been much discussion on the ethics of
> >> >spamming here? Is spamming free speech? 
> >> I oppose spamming because it's rude and inefficient, lowering the
> >> S/N everywhere it happens.  Market droids
> >Market Droids????  As a salesman I take offence at this slur.
> It is a mild term compared to some of the things that could be said about sales.
> I have dealt with far too many sales people.  Few of them knew anything
> about the products that they were selling.  (This is especially true of the
> computer field.  "Do you know the difference between a computer salesman and
> a car salesman?  The car salesman knows how to drive.")

     The way I heard it was that the Car Salesman knew he was lying. 

> But then, rarely does truth enter into the matter of sales...
> Sales people have a bad reputation for a very good reason.  If they actually
> had a basic understanding of what they were selling, and were not so
> untrustworthy as to not commit to things that are not deliverable, they
> would have that reputation.

     Then they would not be sales people. Good salesmen are like good 
governments. Very Very Rare. 


o.b. Crypto: Uh...Uh...Uh... Testing one way hashes on SalesDroids. 


Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From zachb at netcom.com  Thu Aug 22 19:18:41 1996
From: zachb at netcom.com (Z.B.)
Date: Fri, 23 Aug 1996 10:18:41 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <199608221826.OAA03492@sherry.ny.ubs.com>
Message-ID: <Pine.3.89.9608221607.A24089-0100000@netcom>


On Thu, 22 Aug 1996 pjb at ny.ubs.com wrote:

> perhaps we should all add a line to our sigs to the effect that we hope
> he dies, and soon, natural causes, of course. Hmmm, what exactly does 
> 'natural death' include?
> 
> 	-paul

When I read this, a quote from a certain famous sci-fi writer came to mind:
"All forms of death are ultimately due to heart failure."


---

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127







From dlv at bwalk.dm.com  Thu Aug 22 19:26:36 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Fri, 23 Aug 1996 10:26:36 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <199608221826.OAA03492@sherry.ny.ubs.com>
Message-ID: <Rc23sD2w165w@bwalk.dm.com>


pjb at ny.ubs.com writes:

> perhaps we should all add a line to our sigs to the effect that we hope
> he dies, and soon, natural causes, of course. Hmmm, what exactly does 
> 'natural death' include?

AIDS.

And don't forget to mention that he sucks.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From frogfarm at yakko.cs.wmich.edu  Thu Aug 22 19:36:50 1996
From: frogfarm at yakko.cs.wmich.edu (Damaged Justice)
Date: Fri, 23 Aug 1996 10:36:50 +0800
Subject: (fwd) ANNOUNCE: Free Little PGP Credit Card App
Message-ID: <199608222354.TAA21158@yakko.cs.wmich.edu>


>From: "David j. Sopuch" <djs at iwinpak.com>
Newsgroups: comp.infosystems.www.misc
Subject: ANNOUNCE: Free Little PGP Credit Card App
Date: Thu, 22 Aug 1996 12:00:24 -0400
Organization: Datamax Research corp.
Lines: 10
Message-ID: <321C8418.2647 at iwinpak.com>

v2.08 of the iWinpak Internet Payment System is now available in
both freeware and shareware versions at http://www.iwinpak.com

Dave
-- 
http://www.iwinpak.com
Try the iWinpak Internet Payment System - the Free little PGP Credit Card 
app
***      PageCommerce (tm) - the $99 No Server PGP Commerce Solution     
 ***

-- 
http://yakko.cs.wmich.edu/~frogfarm ...for the best in unapproved information
 EmmaGoldmanCamillePagliaMarieCurieAynRandSapphoDianaToriAmosPJHarvey&Demona
Living in dread with your fragile brain and the executioner's got your number
 I feel a groove comin' on            -:-             Freedom...yeah, right.






From snow at smoke.suba.com  Thu Aug 22 19:44:55 1996
From: snow at smoke.suba.com (snow)
Date: Fri, 23 Aug 1996 10:44:55 +0800
Subject: Husband/Wife jailed for saying Clinton SucksHusband/Wife jailed for say
In-Reply-To: <199608220141.SAA05126@idiom.com>
Message-ID: <Pine.LNX.3.93.960822182245.170D-100000@smoke.suba.com>


On Wed, 21 Aug 1996, John C. Randolph wrote:
> > Frankly, I'd rather have a president who didn't feel the need to be 
> > protected by thugs.
> Well, wouldn't that require a president who had a clear conscience?
> I don't think we've had one of those since Eisenhower!

     Eisenhower? That recent huh?

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From snow at smoke.suba.com  Thu Aug 22 19:51:08 1996
From: snow at smoke.suba.com (snow)
Date: Fri, 23 Aug 1996 10:51:08 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <ae40f7c1140210049197@[205.199.118.202]>
Message-ID: <Pine.LNX.3.93.960822181440.170B-100000@smoke.suba.com>


On Wed, 21 Aug 1996, Timothy C. May wrote:
> At 6:04 PM 8/21/96, Gary Howland wrote:
> >Often I'll ask a stupid question too ("Does your software work in
> >France?").  If more people did this, then they'd have to choose their
> >victims a bit more carefully in the future (assuming of course they're
> >trying to sell something).
> 
> As I said in my last message, I don't even do this--I just bounce it back
> to them.
> I see no need to "ask questions" (such as "Does it work in France?") to,
> perhaps, "establish legitimacy." If they sent it to me, I can send it back.
> Simple.

     I think that the purpose of asking a question is to consume _more_ of their 
time. If they read it, they have to decide if and how to respond. Cousme more 
of their resources. It might even be interesting to write a script that automatically
inserts a silly question (like "does it work in france") and mails it back with the
single stroke of a key. 

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From rich at c2.org  Thu Aug 22 19:58:13 1996
From: rich at c2.org (Rich Graves)
Date: Fri, 23 Aug 1996 10:58:13 +0800
Subject: [NOISE] Mysterious Numbers in Hacked DOJ Pages
In-Reply-To: <Pine.SCO.3.93.960822144544.19218D-100000@grctechs.va.grci.com>
Message-ID: <Pine.GUL.3.95.960822171259.26464D-100000@Networking.Stanford.EDU>


On Thu, 22 Aug 1996, Mark O. Aldrich wrote:

> This should be good for a conspiracy thread or two:

I'm game.
 
> I've noticed that nobody seems to be taking credit for the DOJ hack.  In
> studying the hacked page (I thought maybe they'd leave a clue as to who
> they were), I noticed that on the top right corner of the page, there are
> two sets of numbers.  The first says "1020" and the second says "757." 
> The are stored in the same .JPG file, 1020757.jpg.  In poking around the

Try the 908 area code, from which the initial report to alt.2600 came. I
haven't tried the number, because I don't want to incriminate myself, but
757 appears to be a valid exchange. 

The Cisco 1020 has a default password that some people forget to change.

A Boeing 757 went down under mysterious circumstances recently. The time was
approximately 10:20 AM. Why hasn't the press reported whether a close
Clinton associate involved in the Mena affair was aboard that plane? Hmmmmm.

Add the numbers up and you get 1777, "the shot heard 'round the world."

What was going on in Area 51 last week?

1-888-757-1020 is mysteriously "unreachable" now.

-rich






From snow at smoke.suba.com  Thu Aug 22 20:12:15 1996
From: snow at smoke.suba.com (snow)
Date: Fri, 23 Aug 1996 11:12:15 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <Pine.BSF.3.91.960821225141.22767A-100000@mercury.thepoint.net>
Message-ID: <Pine.LNX.3.93.960822183458.170F-100000@smoke.suba.com>


On Wed, 21 Aug 1996, Brian Davis wrote:
> On Wed, 21 Aug 1996, jim bell wrote:
> > At 02:47 PM 8/21/96 -0400, Brian Davis wrote:
> > >On Tue, 20 Aug 1996 Scottauge at aol.com wrote:
> > >> Rush Limbaugh reports:
> > >> That a husband and wife are being jailed for yelling to Clinton "You Suck".
> > Doesn't sound much like a "threat" to me.
> > > And the couple was arrestd for disorderly conduct by 
> > >Chicago police. 
> > It sounds to me like the Chicops were just showing their "loyalty" by 
> > sitting on somebody, not that they believed any real crime had been committed.
> Nope.  When police started to ask the couple questions, they began 
> screaming obscenities and generally causing a scene.  Chicago cops, being 
> what they are, are likely to arrest someone in that circumstance without 
> any prodding.  I'm not saying they should, but they will.

     1) Not that I have noticed. I get people around here screaming and carrying 
on 24/7, and the cops just drive by looking for teenage black kids that look 
suspicious.

     2) Funny that isn't what I got out of listening to eye witnesses on the radio.

     The woman started screaming at Herr Klinton, then the goons moved in and she 
got more agaited. Her husband told her to shut up and not say anything else until 
he got an attorney, so the SS arrested him as well. 

> > > Any possible federal charges for threatening a president 
> > >in violation of 18 U.S.C. Section 871 await a determination of the 
> > >seriousness of the statement, in context with the wife's conduct, by 
> > >prosecutors.  I predict no action.
> > But it isn't even a "threat", regardless of how "serious" it was.   The "I 
> > hope you die"  part is, presumably, a statement of fact:  She did, indeed, 
> > hope he dies.  But I don't see how hoping this can be considered a threat, 
> > or even SAYING she's hoping this is, likewise.
> The statement must be considered in context with their conduct, but as I 
> said before, I predict no action.

     Bullshit. Herr Klinton & goons desend into a crowd that _doesn't_ know they
are coming, and he starts to "press the flesh" with startled people, and one of them
starts to scream at him, that is not a death threat (especially given the political 
nature of what she was screaming. If she had said something like "I am going to kick
your ass", that would be a threat.). 

> > Frankly, I'd rather have a president who didn't feel the need to be 
> > protected by thugs.
> That's because you like dead Presidents. 

     Funny, Miterand (sp?) used to wander around the streets of Paris with just one
or two body guards. 

     Besides, I like dead presidents. The more of them I have, the better.
 
     <cue Ice-T "All I love is Dope & Dead presidents...">

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From rwright at adnetsol.com  Thu Aug 22 20:36:19 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Fri, 23 Aug 1996 11:36:19 +0800
Subject: USPS
Message-ID: <199608230100.SAA29412@adnetsol.adnetsol.com>


On Or About 22 Aug 96, 8:37, Timothy C. May wrote:

> (Though I made up this last part, it represents reality. Postal
> inspectors frequently collaborate with various national and
> international authorities on matters involving pornography, fraud,
> pyramid schemes, and the sending of various sorts of contraband.
> While FedEx, UPS, Airborne, etc., may occasionally cooperate when a

I'm afraid that Fed-X would drop their drawers if presented with a 
federal warrant.  I guess you could call that co-operation.

> crime is called to their attention, I know of no cases where Federal
> Express, for example, has become a willing and leading partner in
> setting up stings.

No, I don't think they would do something like that.  
The Post Office IS just like an arm of the 
federal government, even though you would need a federal warrant in 
order to search packages.

> 
> "Postal anarchy" is already the accepted norm for e-mail.
> 
> --Tim May
> 

Can I quote you on that?

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From furballs at netcom.com  Thu Aug 22 20:38:28 1996
From: furballs at netcom.com (Paul S. Penrod)
Date: Fri, 23 Aug 1996 11:38:28 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <199608212046.NAA23129@mycroft.rand.org>
Message-ID: <Pine.3.89.9608221833.A8421-0100000@netcom>




On Wed, 21 Aug 1996, Jim Gillogly wrote:

> 
> "Paul S. Penrod" <furballs at netcom.com> writes:
> >Practically, it would be better to allow and promote a technological 
> >outlet for all of this, as it will never go away, so long as the medium 
> >exists.
> 
> The technological outlet already exists: polite marketers use Web pages,
> so that people who are interested in their offerings can find them using
> one of the search engines.  Market droids (get over it, dude) are
                                            ^^^^^^^^^^^^^^^^^^^
Nothing to get over. That's Ross who has the problem with the term.

> unwilling to reach only people who are interested in their products.
> 
> 	Jim Gillogly
> 	Trewesday, 29 Wedmath S.R. 1996, 20:45
> 

Web pages are only the *basis* for the outlet. By themselves, yes, they 
do provide a forum for advertisers, but the page by itself is not very 
efficient in terms of targeted demographics. That's why people get a wild 
hair and take matters into their own hands and launch spam in the hopes 
of finding the customers they thought would come flocking to them in droves.

As the number of Web pages increase dramatically, the chances of getting 
a "first hit" diminish accordingly. Most people I know have neither the 
time or patience to wade through up to two hours of web surfing to find 
something that a few well placed phone calls and 10 minutes turns up said 
product or service.

The issue is convenience, not technology. The majority of US consumers 
couldn't give a rat's ass about the Internet or the Web. They want their 
product or service and they want it now. When the Web becomes more 
convenient to use than the telephone, then you will see nirvana for 
Cybershopping. Right now that isn't happening.

...Paul






From declan at eff.org  Thu Aug 22 20:39:57 1996
From: declan at eff.org (Declan McCullagh)
Date: Fri, 23 Aug 1996 11:39:57 +0800
Subject: Republican and Democratic party platforms [NOT!] on technology
In-Reply-To: <Pine.GUL.3.95.960822120928.25102B-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SUN.3.91.960822175518.29018L-100000@eff.org>


I never really liked having my ass kissed much, so I'll find out the 
truth tomorrow.

I got a fax sent from a Senate office yesterday saying that it was in the
platform, even though it doesn't appear (yet) on the rnc.org web site --
a fact you'll note I mentioned in my original message. 

It was a good rant, though, Rich. Nicely done.

-Declan




On Thu, 22 Aug 1996, Rich Graves wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> On Thu, 22 Aug 1996, Declan McCullagh wrote:
> 
> > But the benefit of having a pro-privacy statement in the platform (which in
> > fact was watered down significantly from that originally proposed by
> > advocates on our side) is that the platform covers Republican Party
> > candidates for any office, not just the presidency.
> 
> One Republican staffer sent you an ass-kissing note quoting an ALLEGED piece
> of the platform WHICH IS NOT ACTUALLY THERE. The platform was finalized on
> August 12th. The text you quoted is not even in the list of rejected
> amendments. I assume that either you or the staffer you talked to innocently
> mistook some Senator's position paper for the platform; it's hard to believe
> that anyone would intentionally lie about something that is so trivial to
> check.
> 
> Even if the text you passed on were part of the platform, I fail to see the
> importance of a feel-good statement in a platform that the party's
> presidential candidate CLAIMS NOT TO HAVE EVEN READ.
> 
> Also from the Republican Platform (perhaps out of context, but unlike the
> text some anonymous alleged Republican staffer sent you, this is actually
> in the platform): 
> 
> [...]
> 
> In a Dole Administration, U. S. Attorneys will prosecute and jail those who
> prey upon the innocent. We support upgrading our interdiction effort by
> establishing a Deputy Commissioner for Drug Enforcement within the Customs
> Service. We will intensify our intelligence efforts against international
> drug traffickers and use whatever means necessary to destroy their
> operations and seize their personal accounts.
> 
> We support strong penalties, including mandatory minimum sentences, for drug
> trafficking, distribution and drug-related crimes.  Drug use is closely
> related to crime and recidivism. Drug testing should be made a routine
> feature of the criminal justice process at every stage, including the
> juvenile justice system. Test results should be used in deciding pretrial
> release, sentencing, and probation revocation.
> 
> [...]
> 
> Terrorist states have made a comeback during Bill Clinton's Administration. 
> He has treated their rulers with undue respect and failed to curb their
> acquisition of weapons of mass destruction.  Although congressional
> Republicans passed anti-terrorism legislation earlier this year, the Clinton
> Administration has not implemented many key provisions of the law. It has
> not been used to freeze terrorists' assets, deny terrorists' visas, cut off
> foreign aid to supporters of terrorist states, or halt terrorist fundraising
> in the United States. The Clinton Administration has not implemented the
> anti-terrorist research program established and funded by Congress in the
> 1990 Aviation Security Act.
> 
> [...]
> 
> Our technological edge is at risk not only because of the Clinton
> Administration's refusal to sustain an adequate investment in defense
> modernization, but also its virtual abandonment of national security-related
> export controls.  Acquisition of technology by aspiring proliferators of
> weapons of mass destruction has been irresponsibly facilitated. A Republican
> Administration will protect the American technological edge. It will do so
> by expanding investment in defense modernization, ensuring that the Defense
> Department has a key role in approving exports of militarily critical
> technology, and restoring the effectiveness of export control regimes.
> 
> [...]
> 
> The intelligence community should be our first line of defense against
> terrorism, drug trafficking, nuclear proliferation, and foreign espionage.
> Bill Clinton's neglect of our country's intelligence service is one of his
> most serious sins of omission. He has underfunded, misutilized, and
> marginalized critical intelligence missions and capabilities. No wonder his
> first appointee as Director of Central Intelligence has endorsed Bob Dole.
> The nation's security - and the personal safety of our citizens - cannot be
> placed at risk.
> 
> Effective intelligence can be expensive. But what it costs is measured in
> dollars rather than lives - an important lesson of the Gulf War. A
> Republican Administration will reverse the decline in funding for
> intelligence personnel and operations while better managing the development
> of futuristic capabilities. We will not constrain U.S. intelligence
> personnel with "politically correct"  standards that impede their ability to
> collect and act on intelligence information. We will conduct whatever
> intelligence operations are necessary to safeguard American lives against
> the terrorists who bomb our airplanes and buildings.
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQBVAwUBMhy5wpNcNyVVy0jxAQFvgwH9FR9ZQca520mSuqhDO7OKLe6duAJAQ+HO
> FP4UPnLWJZtOrI9LvWiX5EHoqG0RtaS2FwwMuwGZQedb8YdkW4QWUw==
> =XdnD
> -----END PGP SIGNATURE-----
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From rich at c2.org  Thu Aug 22 20:45:13 1996
From: rich at c2.org (Rich Graves)
Date: Fri, 23 Aug 1996 11:45:13 +0800
Subject: Spamming
In-Reply-To: <2.2.32.19960822220224.006a0ff0@labg30>
Message-ID: <Pine.GUL.3.95.960822180904.29100C-100000@Networking.Stanford.EDU>


On Thu, 22 Aug 1996, John Deters wrote:
> At 02:55 PM 8/22/96 +0000, Vipul Ved Prakash wrote:
> >>   1. Junkmail requires the SENDER to pay for it, not the recipient.
> >    Internet pricing models are complicated and debatable, but you surely
> >    end up paying for snail-junk-mail. Not directly, but hidden in the high
> >    first-class mail costs. More mail, more infrastructure, higher costs.
> >    This could be quite true for the net also, if we consider bandwidth
> >    costs money.
> 
> I beg to differ.  The USPS considers "junk" mail their bread-and-butter.
> Huge mailings of all manner of bulk mail (especially those that are PostNet
> barcoded by the sender) pay the bills around the Post Office.  Your "more
> mail, more infrastructure, higher costs" argument is flawed.  The post
> office has many fixed costs related to maintaining their huge presence,
> delivering to so many rural addresses.  If we had to pay a per-letter basis
> *discounting* the value provided by the infrastructure already in place
> supporting the bulk-mail handling systems, we'd be paying roughly Federal
> Express 2-day letter rates for each piece of mail (around $6.00, if memory
> serves correctly.)

True in broad outlines, but I think this $6 is exaggerated just a tad. 
Depends whether you mean the marginal cost of an unsubsidized piece of 1st
class mail given the current infrastructure, or the share of a hypothetical
1st class-only mail system, I suppose.

> I do not say this to begin yet another "Privatize the USPS" rant.

Actually, if you're a consumer-scale mailer, it's a good argument for
keeping the USPS heavily regulated. It certainly helps lubricate the flow of
free speech among individuals and small groups. 

-rich






From sryan at reading.com  Thu Aug 22 21:48:09 1996
From: sryan at reading.com (steven ryan)
Date: Fri, 23 Aug 1996 12:48:09 +0800
Subject: Cypherpunks the video
Message-ID: <2.2.32.19960823023300.0071c9f0@reading.com>


There was talk earlier about someone putting together a Cypherpunks video.
What ever came of that? I now have access to an Avid nonlinear digital
editor and would be interested in pursueing this.

Steven
------------------------------------
Steven Ryan - Reading Access - sryan at reading.com
PGP Fingerprint: E8 A2 C5 A2  7A C4 77 93  0A 1B 1D C6  B9 2F 36 9B
Finger me for my PGP public key






From ses at tipper.oit.unc.edu  Thu Aug 22 22:02:47 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Fri, 23 Aug 1996 13:02:47 +0800
Subject: USPS
In-Reply-To: <ae422fd400021004704e@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.960822221126.16732B-100000@tipper.oit.unc.edu>



The USPS does have a role in the world of e-commerce, but I think it's 
likely to be much less than they think. Bilateral agreements are often 
more efficient for long-term work, but for general one-off transactions, 
it's cheaper to have a _small_ number of commonly trusted third parties.

For this reason, I think it would make a lot of sense to have DMVs serve 
as certification agencies (a role they fill today).

You don't necessarily have to trust them any more than you trust a 
drivers licence for applications where 100% certaintiy is what you need, 
but for your typical commercial situation it'll do fine. 

Simon.

p.s. 
 has anyone done any studies on the cost of making different kind of 
trust decisions (both of the 'trust a CA' and various orders of the web 
of trust model? (i.e. trust as introducer^n) 



---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From rwright at adnetsol.com  Thu Aug 22 22:06:33 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Fri, 23 Aug 1996 13:06:33 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <199608230233.TAA01338@adnetsol.adnetsol.com>


On Or About 22 Aug 96, 18:27, Paul S. Penrod wrote:
On Wed, 21 Aug 1996, Jim Gillogly wrote:
> "Paul S. Penrod" <furballs at netcom.com> writes:

> > find them using one of the search engines.  Market droids (get
> > over it, dude) are
>> > Nothing to get over. That's Ross who has the problem with the term.

I'm over it.  Hell, I can't even remember which side of this issue I'm 
on. ;-)   Oh, yeah...  I'm a sales-droid, looking for customers like 
a shark...  Never stop moving.....   Feed on the weak....   Yeah, 
that's where I'm at, yeah...

Anyway, the consensus is that what I'm doing (that I thought WAS 
spam) is about as harmless as a cold call, so I'm personally 
vindicated.

I like this next part:

> The issue is convenience, not technology. The majority of US
> consumers couldn't give a rat's ass about the Internet or the Web.
> They want their product or service and they want it now. When the
> Web becomes more convenient to use than the telephone, then you will
> see nirvana for Cybershopping. Right now that isn't happening.

I'm doing O.K., but I've go a product everyone still needs...  And 
the consumers I want have been on the Internet for a long, long time.
So all you geeky programmers (I mean that in the nicest way) buy your
stuff from ME!!!!  
Hey!!!  Was that SPAM!!!!  HEY!!!!!

Ross (Sales Droid) Wright

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From hal9001 at panix.com  Thu Aug 22 22:58:14 1996
From: hal9001 at panix.com (Robert A. Rosenberg)
Date: Fri, 23 Aug 1996 13:58:14 +0800
Subject: forget photographing license plates!
In-Reply-To: <19960818051206140.AAC174@IO-ONLINE.COM>
Message-ID: <v03007800ae42dab21a3e@[166.84.220.80]>


On 15 Aug 96 01:31:08 -0800, null at void.com wrote:

>"In the 22 Jul 1996 issue of Fortune was an interesting look into the future
>of automobile electronics, "Soon Your Dashboard Will Do Everything (Except
>Steer)".  "
>From the control center, they can "electronically reach into the car" to
>unlock the doors, or honk the horn and flash its lights."

>It is extremely comforting to me -- I don't know about you -- to think
>that GM will maintain a control center able to communicate with my auto
>>electronics.  Shit, why not TRW?

Why, when I read this, do I keep getting flashes of Kirk&Co hacking into
Kahn's Shipboard Computers to get it to drop the Ship's shields <g>?







From hal9001 at panix.com  Thu Aug 22 23:02:53 1996
From: hal9001 at panix.com (Robert A. Rosenberg)
Date: Fri, 23 Aug 1996 14:02:53 +0800
Subject: [Noise] RE: Canada Imprisons People For Human Rights Acti...
In-Reply-To: <9607218406.AA840670454@smtplink.alis.ca>
Message-ID: <v03007802ae42df422cb3@[166.84.220.80]>


At 14:58 -0700 8/21/96, Michelle KC5KYO wrote:


>> I do not believe that freedom of speech in the U.S.A. extends to actively
>> agitating for secession or the overthrow of the federal government.
>
>The right to discuss revolt or secession or the overthrow of the federal
>government, it seems to me, is given below:
>
>"We hold these Truths to be self-evident, that all Men are created
>equal, that they are endowed by their Creator with certain unalienable
>Rights, that among these are Life, Liberty, and the Pursuit of
>Happiness - That to secure these Rights, Governments are instituted
>among Men, deriving their just Powers from the Consent of the
>Governed, that whenever any Form of Government becomes destructive of
>these Ends, it is the Right of the People to alter or to abolish it,
>and to institute new Government, laying its Foundation on such
>Principles, and organizing its Powers in such Form, as to them shall
>seem most likely to effect their Safety and Happiness.  ... "
>
>Now this is the Declaration of Independence, and not the Constitution, but
>it seems to me that the right to discuss "agitating for secession or the
>overthrow of the federal government" is protected.
>
>Michelle

Unfortunately, this went out the window about 130-135 years ago during the
5 year period sometimes called "The Late Unpleasantness" <g>.







From hal9001 at panix.com  Thu Aug 22 23:06:15 1996
From: hal9001 at panix.com (Robert A. Rosenberg)
Date: Fri, 23 Aug 1996 14:06:15 +0800
Subject: forget photographing license plates!
In-Reply-To: <19960818051206140.AAC174@IO-ONLINE.COM>
Message-ID: <v03007801ae42dbed6452@[166.84.220.80]>


At 3:19 -0500 8/18/96, Douglas R. Floyd wrote:


>>
>> I'm just waiting for them to integrate with TRW. Then, with people
>> they've determined can afford a new one, they can trigger the car to have
>> mysterious engine failures...
>
>Or the minute one falls behind on their bill, the engine doesn't start.
>
>This is legal, IIRC (I am not sure of the exact court case, but one
>company had a software vendor disable their sales software by remote for
>not paying their bill, and the court upheld the software vendor.  I don't
>remember the specifics on this.)

Neither do I (exactly) but it was one of those cases where the program was
leased for a period of time and was not to be used after this unless the
new lease was paid. Normally, these types of programs start printing
Count-Down warnings as the expiration date nears and the customer is
supposed to enter a code (supplied by the vendor after paying for the
extension of the lease) into the program to keep it running. I do not
remember if the program was issuing this type of warning or not. I think
that the court case was due to the way that the vendor crippled it for
non-payment not the fact that it was done (since the Time Bomb code was
standard industry practice and they just logged into the program to cripple
it instead of just having it refuse to run after the trigger date).







From qut at netcom.com  Thu Aug 22 23:19:05 1996
From: qut at netcom.com (Skip)
Date: Fri, 23 Aug 1996 14:19:05 +0800
Subject: Racists Speak Up For Crypto
Message-ID: <199608230353.UAA23980@netcom13.netcom.com>


Date: Thu, 22 Aug 1996 15:28:48 -0700
From: ezundel at cts.com (E. Z�ndel)

Good Morning from the Zundelsite:

I have a sweet friend in Santa Barbara, California who grew up with me in
the rain forests of South America.  Elvira and I share many things,
including an "encryption language" of sorts.  We used it with relish as
teenagers when the Mennonite Elders were spying on us, trying to ferret out
secrets.

The key was really very simple, but our "government" just never  managed to
catch on.  It used to drive them wild.  Yet it was so ridiculously simple -
". . . repeat a vowel with a 'b'".

Prebesibidebent Clibintobon?

Kapish?

Just practice it a bit - no one will understands it!  It is hilarious.  It
gave us a tremendous edge on wickedness - mostly romantic wickedness but
now and then legitimate revolt against authority peddling a dogma we didn't
always like.

This story often comes to mind as I peruse the arguments regarding
censorship, particularly as I was reading a recent Phyllis Schlafly's essay
on "Clinton Is Trying to be Big Brother":

". . . We hope the appropriate government agencies will soon solve the
recent terrorist crimes and punish the criminals. But all Americans who
care about civil liberties should vigorously resist President Clinton's
attempt to use the terrorist attacks as an excuse to carry on his all-out
war against the personal privacy of law-abiding Americans.

Now the Clinton Administration is trying to make it illegal for individual
Americans to have private conversations with one another. That's the real
meaning of its effort to control encryption technology, and it's a direct
assault on the First Amendment.

It would be downright ridiculous to assert that the First Amendment
guarantees our right to speak in public but not in private. It would be
just as ridiculous to say that we have freedom to speak in words that the
government can understand, but not in words the government can't decipher.

Americans have the right to speak to one another in private, behind closed
doors, and we should likewise have the right to speak to one another in
code and to put our coded messages on computer in a process called
encryption. Americans would not tolerate the government opening and reading
the letters we send through the mails, and we should not tolerate the
government opening and reading our encrypted, or coded, messages sent via
computer.

Yet, Attorney General Janet Reno, FBI Director Louis Freeh, and Vice
President Al Gore are all demanding the authority to read our encrypted
messages. In a speech to the Commonwealth Club of California, Reno bluntly
stated her demand for "ensuring law enforcement access to encrypted data.''

Reno boasted that there is "a consensus'' that the government should create
a system known as "Key Escrow'' (i.e., a supposedly "neutral third
party''), to which all Americans should be forced to "entrust'' the keys to
their encrypted messages, and to which the government would have access. On
the contrary, there is no such consensus.

Do you trust Janet Reno with access to your private messages? Do you trust
the FBI to keep your files confidential?

On July 12, Al Gore announced that the Administration will continue to push
for the adoption of a massive public key infrastructure to give the
government access to all encrypted communications. In a blatant bid for a
police-state surveillance society, Gore warned about "the dangers of
unregulated encryption technology."

A neutral panel of the National Research Council was set up to make policy
recommendations about encryption. The panel called on the government to
abandon its efforts to restrict encryption.

The NSC panel concluded that increased use of encryption would enhance our
national security, not diminish it. Thirteen out of its 16 members had
security clearances with access to secret information, and they saw no
national security reason to justify the Clinton policy.

The Clinton Administration bases its campaign to control private encryption
on the alleged need to fight crime through wiretapping. However, the NSC
panel concluded that the ability of the private sector to transfer
confidential financial and other data over the information highway without
interception is far more important.

Encryption is a First Amendment issue, not a crime issue. If the Clinton
Administration is allowed to control encryption, it would be the biggest
expansion of federal power since the passage of the Income Tax Amendment in
1913 . . ."

And come to think of it, still after all these years: the Elders had no
business whatsoever spying on some teenagers.  They made the laws, and they
enforced the laws, and it was pretty much authoritarian business, but even
as young teenagers we knew that what they did was Trespass!

They had their reasons - but we had ours!  It was called privacy.
Nebeveber lebet aba foobool kibiss youbou obor aba kibiss foobool youbou!

Advice to the wise in these perilous times.

Ingrid

Thought for the Day:

"All the fun's in how you say a thing."

(Robert Frost)





From jimbell at pacifier.com  Thu Aug 22 23:46:26 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 23 Aug 1996 14:46:26 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <199608230440.VAA17008@mail.pacifier.com>


At 02:26 PM 8/22/96 -0400, pjb at ny.ubs.com wrote:
>perhaps we should all add a line to our sigs to the effect that we hope
>he dies, and soon, natural causes, of course. Hmmm, what exactly does 
>'natural death' include?
>	-paul

A friend of mine who's an occasional hunter, and I were watching one of 
those nature-shows, and as I recall they showed a deer escaping from some 
sort of predator.  The show's voice-over said that with the coming winter, 
the deer escaped "and would die a natural death."  My friend indignantly 
pointed out that in NATURE, getting eaten by a predator IS A NATURAL DEATH!

In a sense, for example, being in an airplane crash is "a natural death," 
because gravity is entirely natural!

Jim Bell
jimbell at pacifier.com





From marc at mtjeff.com  Fri Aug 23 00:20:41 1996
From: marc at mtjeff.com (Marc Barnett)
Date: Fri, 23 Aug 1996 15:20:41 +0800
Subject: Antiautomobile devices
Message-ID: <199608230512.WAA06081@beowulf.got.net>


This was recently posted to ba.motorcycle (WHY, I dunno), and since there
has already been the topic regarding EMP disabling of cars....


From: keethie at iguanabbs.com (Keith P. Keber)
Subject: Wussy EMP Devices...
Date: 21 Aug 1996 14:27:14 GMT

So, LEOs in the US of A will disable fleeing autos with electricity, eh? They
ought to get a clue from those icons of enforcement in Finland.

Finnish police agencies have been beta-testing a new device that fits on the
front of their police cars. It's a harpoon. That's right, a harpoon. During a
high-speed chase, the cops ram the sharpened, front-mounted device through
the body, into the trunk of the car they are chasing. Barbs spring out,
preventing dislodgement. The police car then uses its own brakes to bring
both cars to a halt. The kicker is that the harpoon is really a giant
hypodermic needle; tear gas can be injected through it into the vehicle
ahead. 

(I can just hear some lawn order types now: "Whoa! Cool, man!")

This story comes from the 8/20/96 broadcast of Public Radio International's
program, "The World", which claimed the device was being demonstrated at some
airport in Finland.

They didn't say what would happen if the suspects decided to lock up their
brakes just as the pursuing vehicle rammed them, but they *did* advise
listeners to obey all speed limits while visiting the country....:-)

----------------

This is why I like my new bike...

-- 
Marc                                     I'M A FREAK, TOUCH ME
marc at mtjeff.com           A mind is a wonderful thing to taste








From bart at netcom.com  Fri Aug 23 01:11:52 1996
From: bart at netcom.com (Harry Bartholomew)
Date: Fri, 23 Aug 1996 16:11:52 +0800
Subject: 128 bit MS Internet Explorer
Message-ID: <199608230442.VAA20423@netcom21.netcom.com>



    MS got their site, www.microsoft.com, straightened out. I was able
    to download with about the same form filling as required for
    Netscape 3.0.

    b





From nobody at replay.com  Fri Aug 23 01:36:01 1996
From: nobody at replay.com (Anonymous)
Date: Fri, 23 Aug 1996 16:36:01 +0800
Subject: Cypherpunks the movie
Message-ID: <199608230621.IAA23398@basement.replay.com>


why stop at a video why not a musical.... "Cypherpunk The Musical"  Broadway here we come...

Featuring Songs:

"PGP why is it so hard to break"

"We write code"

"Why were we called shitopunks?"






From snow at smoke.suba.com  Fri Aug 23 02:03:18 1996
From: snow at smoke.suba.com (snow)
Date: Fri, 23 Aug 1996 17:03:18 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <Pine.SUN.3.91.960822182617.15085A-100000@dorsai>
Message-ID: <Pine.LNX.3.93.960823011032.492C-100000@smoke.suba.com>


On Thu, 22 Aug 1996, Ray Arachelian wrote:
> On Wed, 21 Aug 1996, Timothy C. May wrote:
> > But I agree that "no action" is pretty likely. "I hope you die" has been a
> > time-honored insult at least since I was a kindergartner, and presumably
> > for many decades prior to this. Hardly an active threat.
> many years, die of old age.  No, I hope he doesn't get elected.  That's 
> what I hope. :^)  Not that I'd want Dole either. :(
> 
> How about you Tim, when are you running for prez?  Heheheh!

     I think it's a good idea. Tim May for President, Jim Bell for Vice. 
That'll keep Tim in line...

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From vipul at pobox.com  Fri Aug 23 03:48:42 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Fri, 23 Aug 1996 18:48:42 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <Pine.BSF.3.91.960821150339.9917H-100000@mercury.thepoint.net>
Message-ID: <199608230336.DAA00609@fountainhead.net>


> Free (commercial)speech for you (perhaps at our expense), but no free 
> speech for us?

This is peculiar. Nobody seems to mind ads in Newspapers, printed magazines, TV, and for that matter
web sites. That is unwanted stuff too, but now someone is paying for it. Though one can argue it out, on
many grounds :

1. If the guy has to pay for it, he'll do it in limits.
2. He must have selected the context carefully, so the ad is most prolly of 
   some use to its audience
3. He'll tend to talk sense.

 
- Vipul







From qut at netcom.com  Fri Aug 23 19:25:31 1996
From: qut at netcom.com (Skipp OBC)
Date: Fri, 23 Aug 1996 19:25:31 -0700 (PDT)
Subject: "----- Message body suppressed -----"
In-Reply-To: <ae43a99302021004167e@[205.199.118.202]>
Message-ID: <199608240225.TAA11856@netcom16.netcom.com>


! At 1:10 AM 8/21/96, llurch at stanford.edu (Rich Graves) wrote:
! >   ----- Message body suppressed -----
! >
! 
! 
! Sounds good to me. Keep it up.
! 
! 
! --Tim May
! 
! 
! --
! [This Bible excerpt awaiting review under the U.S. Communications Decency
! Act of 1996]
! And then Lot said, "I have some mighty fine young virgin daughters. Why
! don't you boys just come on in and fuck them right here in my house - I'll
! just watch!"....Later, up in the mountains, the younger daughter said:
! "Dad's getting old. I say we should fuck him before he's too old to fuck."
! So the two daughters got him drunk and screwed him all that night. Sure
! enough, Dad got them pregnant, and had an incestuous bastard son....Onan
! really hated the idea of doing his brother's wife and getting her pregnant
! while his brother got all the credit, so he pulled out before he
! came....Remember, it's not a good idea to have sex with your sister, your
! brother, your parents, your pet dog, or the farm animals, unless of course
! God tells you to. [excerpts from the Old Testament, Modern Vernacular
! Translation, TCM, 1996]

Your sigs are better looking than his body.





From vipul at pobox.com  Fri Aug 23 04:39:45 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Fri, 23 Aug 1996 19:39:45 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <Pine.HPP.3.91.960821144412.10644C-100000@cor.sos.sll.se>
Message-ID: <199608230341.DAA00616@fountainhead.net>


> 
> On Tue, 20 Aug 1996, Timothy C. May wrote:
> 
> > There are technological fixes which I would favor over attempts to ban
> > unwanted messages.
> 
> In the meantime, before these technological fixes are easily implemented,
> what is the proper way to handle unwanted commercial mail?
> 
> 1) delete immediately
> 
> 2) reply with 'Fuck off, morons!'
> 
> 3) as in 2) plus an attachment of some 1Mb file
> 
> 4) as in 3) plus a CC to the postmaster of the sending site
> 
> What if the spam says: 'Do only reply to this if you want
> further contact with us' etc?
> 
> Does anybody have good advice, including risks for retaliation
> from the vendors/postmasters for such 're-spam'?

Subscribe them to cypherpunks, lots of times (if that is possible) and don't tell em hot to get off :)

Alternatively have a moderated "spam.die.die" mailing list and subscribe the culprit too this list.
Generate lot of data (like Octal dumps of entire hard disks) and keep sending out mails to these guys
on regular basis.

- Vipul






From dlv at bwalk.dm.com  Fri Aug 23 05:03:14 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Fri, 23 Aug 1996 20:03:14 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <199608230336.DAA00609@fountainhead.net>
Message-ID: <eRX4sD10w165w@bwalk.dm.com>


Vipul Ved Prakash <vipul at pobox.com> writes:

> > Free (commercial)speech for you (perhaps at our expense), but no free
> > speech for us?
>
> This is peculiar. Nobody seems to mind ads in Newspapers, printed magazines,
> web sites. That is unwanted stuff too, but now someone is paying for it. Thou
> many grounds :
>
> 1. If the guy has to pay for it, he'll do it in limits.
> 2. He must have selected the context carefully, so the ad is most prolly of
>    some use to its audience
> 3. He'll tend to talk sense.

The advertizers in printed & broadcast media exercise a great deal of control
over the content. E.g., a magazine that gets revenues from tobacco ads isn't
likely to run a story about tobacco companies trying to addict kids. That's
why you see more anti-tobacco content in broadcast media (who can't run
tobacco ads) than in printed media. (And there are cross-ownership
restrictions.)

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From rich at c2.org  Fri Aug 23 06:21:55 1996
From: rich at c2.org (Rich Graves)
Date: Fri, 23 Aug 1996 21:21:55 +0800
Subject: Racists Speak Up For Crypto
In-Reply-To: <199608230353.UAA23980@netcom13.netcom.com>
Message-ID: <Pine.GUL.3.95.960823034955.852E-100000@Networking.Stanford.EDU>


Come on, Skippy, you know Ingrid doesn't like to be called "racist."

But seriously, any time she forwards something from Declan that actually
advances freedom, I think that's great.

-rich






From gary at systemics.com  Fri Aug 23 07:05:15 1996
From: gary at systemics.com (Gary Howland)
Date: Fri, 23 Aug 1996 22:05:15 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <Pine.LNX.3.93.960822181440.170B-100000@smoke.suba.com>
Message-ID: <321D9635.2C67412E@systemics.com>


snow wrote:
> 
> On Wed, 21 Aug 1996, Timothy C. May wrote:
> > At 6:04 PM 8/21/96, Gary Howland wrote:
> > >Often I'll ask a stupid question too ("Does your software work in
> > >France?").  If more people did this, then they'd have to choose their
> > >victims a bit more carefully in the future (assuming of course they're
> > >trying to sell something).
> >
> > As I said in my last message, I don't even do this--I just bounce it back
> > to them.
> > I see no need to "ask questions" (such as "Does it work in France?") to,
> > perhaps, "establish legitimacy." If they sent it to me, I can send it back.
> > Simple.
> 
>      I think that the purpose of asking a question is to consume _more_ of their
> time. If they read it, they have to decide if and how to respond. Cousme more
> of their resources. It might even be interesting to write a script that automatically
> inserts a silly question (like "does it work in france") and mails it back with the
> single stroke of a key.

Sure, I bounce it back to them too, by quoting the whole post - but like
snow says, I try to consume their time by asking stupid questions.  I
feel it is important to show a little interest in their product or
service in order that they can't tell the genuine replies from the
anti-spam replies, which should (hopefully) mean they'll target their
spam a little more carefully in future.

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From pjb at ny.ubs.com  Fri Aug 23 07:13:14 1996
From: pjb at ny.ubs.com (pjb at ny.ubs.com)
Date: Fri, 23 Aug 1996 22:13:14 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <199608231151.HAA04754@sherry.ny.ubs.com>


true, then there are those who are brain dead, and continue to participate,
notice that i did not say serve, in public office for years.

	-paul

> From zachb at netcom.com Thu Aug 22 19:18:40 1996
> Date: Thu, 22 Aug 1996 16:18:23 -0700 (PDT)
> From: "Z.B." <zachb at netcom.com>
> Subject: Re: Husband/Wife jailed for saying Clinton Sucks
> To: pjb at ny.ubs.com
> Cc: cypherpunks at toad.com
> Mime-Version: 1.0
> Content-Type> : > TEXT/PLAIN> ; > charset=US-ASCII> 
> Content-Length: 487
> 
> On Thu, 22 Aug 1996 pjb at ny.ubs.com wrote:
> 
> > perhaps we should all add a line to our sigs to the effect that we hope
> > he dies, and soon, natural causes, of course. Hmmm, what exactly does 
> > 'natural death' include?
> > 
> > 	-paul
> 
> When I read this, a quote from a certain famous sci-fi writer came to mind:
> "All forms of death are ultimately due to heart failure."
> 
> 
> ---
> 
> Zach Babayco
> 
> zachb at netcom.com  <----- finger for PGP public key
> http://www.geocities.com/SiliconValley/Park/4127
> 
> 
> 





From trei at process.com  Fri Aug 23 08:57:26 1996
From: trei at process.com (Peter Trei)
Date: Fri, 23 Aug 1996 23:57:26 +0800
Subject: U.S. Army Private Faces Spying Charges
Message-ID: <199608231317.GAA09793@toad.com>



> 
> Thomas C. Allard wrote:
> > 
> > His father said an Army major at Fort Bragg, whom he declined to name,
> > had urged him to persuade his son to sign a confession, so prosecutors
> > would not seek the death penalty.
> 
> Isn't plea bargaining wonderful?
> 
> Gary

Iff this guy is guilty (and I have no particular reason to doubt it), I was still under
the impression that treason carried the death penalty only in wartime.

Peter Trei
trei at process.com





From perry at alpha.jpunix.com  Fri Aug 23 09:50:41 1996
From: perry at alpha.jpunix.com (John A. Perry)
Date: Sat, 24 Aug 1996 00:50:41 +0800
Subject: Middleman has a new name!
Message-ID: <Pine.NEB.3.93.960823083120.19321A-100000@alpha.jpunix.com>


	It has been brought to my attention that the name "middleman" is
too long for the DOS-based remailer programs. In lieu of this I'm changing
the listed name middleman at jpunix.com to middle at jpunix.com. The change will
be effective for both the type-I and type-II remailers. I will also make
this change to the type2.list/pubring.mix files shortly. The remailers
will continue to also answer to middleman at jpunix.com.

 John Perry - perry at alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry at jpunix.com is on the keyservers.






From ptrei at ACM.ORG  Fri Aug 23 10:21:51 1996
From: ptrei at ACM.ORG (Peter Trei)
Date: Sat, 24 Aug 1996 01:21:51 +0800
Subject: USPS
Message-ID: <199608231401.HAA10139@toad.com>



> At 5:14 PM 8/22/96, Bruce M. wrote:
> 
> >Web Week, July 8, 1996, p3
> 
> >    The Postal Service's attorneys have told the USPS that the tampering
> >part of the current federal law would transfer to the electronic space,
> >and that the mail fraud portion might also apply...
> >
> >    "We're a trusted third party," Saunders said.  "We don't have any
> >interest in learning your trade secrets...

Back in June I attended a presentation on this from Paul Raines, who
is running the program. As I recall, there were three services they were
planning to offer. 

1. A time-stamping service. This is basically a remailer - you would
send email to the USPS site, which would add a digital timestamp
and signature, then forward the message to it's ultimate recipient.
Customers wishing to use the service would deposit a sum of money
with the USPS, which would be debited for each use of the service
(suggested cost was on the order of 25 cents/message)

2. A CA service. Keys would be signed at various levels of assurance.
At least at the start, business strength keys would be issued only at
Postal Business centers, which are in about 100 cities in the US.

3. An archival service. For a fee, the USPS would store copies of all of
  the email you send though it's remailer. Only the sender could
  retrieve it, short of a court order. In answer to a direct question, Raines
  said that user-encrypted data was OK.

Raines claimed the following advantages:

* The contents would be subject to the postal fraud statutes. 
* People would trust a message received through the remailer more
  than one which was not.
* IRS tax filings sent through the Postal system can arrive after April
  15, provided they are postmarked before that time. Tax filings sent by
  other methods must be received at the IRS before midnight on the
  15th.
* Approximate quote: "When business negotiate a deal, they do it
  over the phone, in person, etc. But when the deal is closed, what do
  they do? They write a letter, and send it via registered mail through
  the USPS."
* As a CA, the USPS was a known and trusted entity overseas, unlike
  commercial CA services.

Some specific counter arguments:

Fraud protection:  If a person was intending to commit fraud, why 
would he or she send the message through the USPS remailer?
Since the service is costly, most email will never be sent through
it, and there will not develop a tendency to regard non-USPS email
as untrustworthy.

IRS filings: If I send a tax filing to the USPS remailer at 23:45 on
April 15th, it gets a pre-midnight timestamp and is accepted by the
IRS as being on time. If I send an email tax filing directly to the IRS
at 23:45, it is also accepted (and if I was that desparate, I could also
bounce the message through Hawaii, or US Samoa, and get several
more hours of grace) Also, I was under the impression that the IRS
now accepted FedEx timestamps for tax filings. Finally, the amount
of business which this represents is miniscule.

Closing deals: Ever hear of faxes or FedEx?

My personal impression was that Raines had been listening to his 
own propaganda for too long, and was rather out of touch with the 
way things are done outside of the Beltway. I got the feeling that 
the USPS was desperately trying to find a role in a time where it
was becoming merely the cheapest and slowest player in the 
package delivery business. 
 


Peter Trei
ptrei at acm.org
[Disclaimer: I am not representing my employer.]     





From root at HellSpawn  Fri Aug 23 10:27:42 1996
From: root at HellSpawn (Damien Lucifer)
Date: Sat, 24 Aug 1996 01:27:42 +0800
Subject: ctcp.0.9
Message-ID: <Pine.LNX.3.91.960823093958.882A-100000@HellSpawn>


-----BEGIN PGP SIGNED MESSAGE-----

This is a program i found on unimi that offers secure socket connections, 
utilitizing a simple server/client. It can be installed without root 
priveledges and uses d/h for key transfers. Anyone looked this package 
over, and if so what is your oppinion about it? 

Included below is the THEORY file that describes the key exchange:



The encryption negotiation is performed using a protocol similar to
FTP/SMTP/NNTP.  The client sends commands to the server and the server
returns a four-digit response code.  Unless stated otherwise, all numbers
in this document are hexadecimal with the most significant byte first.

When a connection is initiated, the server should send a 2000 response
indicating that it is ready to accept commands.

Commands:

DH3DES - Diffie-Hellman Key exchange followed by Triple-DES encryption
      If supported, 3001 is returned.
      The following commands are then expected:

MOD - If an argument is supplied, it is the number, in hexadecimal, to use
      as the modulus.
      Responses:
       2210 - okay
       4031 - invalid number
       4032 - too small
       4033 - too large
      If no argument is given, the server should supply the modulus, sending
      2211 followed by the modulus.  If the server is unable to supply a
      modulus, 4034 should be returned.

GEN - this should follow MOD.  The generator to use.  The format is the same
      as that of the MOD command. The response codes are 2210, 2211, 4031
      or 4034

EXCH - Key exchange
      Client sends exch followed by gen raised to hir secret exponent.
      Server sends 4030 if a gen/mod has not been agreed upon.
      otherwise 2212 followed by gen raised to its exponent

ENCR - Begin encrypted Session
       
       4020 - No key selected for encryption
       2300 - Encrypted session begin

LPORT xxxx - this command takes a 16-bit hexadecimal port number argument,
      and connects to the specified TCP port on the local host.
      Responses:
       2400 - connected
       4010 - Unable to connect
       4011 - Access denied

RPORT xxxxxxxxxxxx - Connect to remote port
      The argument to this command is a 48-bit hexadecimal number representing
      the IP address and port number to connect to.  The response should be
      first 2500, then when the connection has been attempted:
       2400 - connected
       4010 - Unable to connect
       4011 - Access denied

QUIT - quit
      Response: 2100 - Goodbye


Summary of error codes:

1xxx - informational messages
10xx - server is supplying additional information that the client may
       ignore.
11xx - server is responding to a client's request for information
2xxx - okay
20xx - Server is ready
21xx - Disconnect, goodbye
22xx - Command okay
23xx - Encrypted session begins now
24xx - Session with another service begins now
25xx - Command ok, operation in progress, please wait
3xxx - ok so far, send the rest
4xxx - command was okay but could not be processed
5xxx - command not understood or not implemented


Triple-DES 

The triple DES encryption uses output feedback exclusive-ored with a
non-sequential counter.  There are three counters, each of which is
exclusive-ored with the data block before encryption with the
corresponding key.  The counters are incremented in each round by a
shared, secret value which is part of the total key.  The result of
each round of encryption is exclusive-ored with the data stream.

I0 ------          -----
         |        |     |
I1 ----- | ---A1------- | --->
     \   |        | \   |
      --XOR       |  --XOR
         |        |     |
         E1       |     E1
         |        |     |
I2 ----- | ---A2------- | --->
     \   |        | \   |
      --XOR       |  --XOR
         |        |     |
         E2       |     E2
         |        |     |
I3 ----- | ---A3------- | --->
     \   |        | \   |
      --XOR       |  --XOR       
         |        |     |        
         E3-------^     E3-------^
         |              |
         v              v
       XOR with data stream

I0 - Initialization Vector
I1 - Initialization of counter 1
I2 - Initialization of counter 2
I3 - Initialization of counter 3
E1 - Encryption with Key 1
E2 - Encryption with Key 2
E3 - Encryption with Key 3
A1 - Add increment value 1
A2 - Add increment value 2
A3 - Add increment value 3


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMh219rGlo8DEMb2JAQEzWgP/VpcWiL8+UN+7l7wCtUr6N5Bk4iqG5fYq
Jb9ImvVA3h2k8cGz/ETBQW/3H9GA9jCsqzLrgcUewAa8CgdmhPoVE04e2scAxp4l
y2peJlQmakCl2RCKHJZPTTaOLnsBU4NCZxwW8Q4xeUb0KBYfiW9XeULleyhhfsO2
n7XYpc4XhaY=
=vGhK
-----END PGP SIGNATURE-----





From jya at pipeline.com  Fri Aug 23 10:32:21 1996
From: jya at pipeline.com (John Young)
Date: Sat, 24 Aug 1996 01:32:21 +0800
Subject: IE Security Flaw
Message-ID: <199608231406.OAA29640@pipe2.t1.usa.pipeline.com>


Markoff reports today on the MS IE security flaw discovered by the
Princeton team and posted here recently. 
 
 
See: 
 
 
http://www.nytimes.com/yr/mo/day/news/financial/web-browser-flaw.html





From Scottauge at aol.com  Fri Aug 23 10:34:05 1996
From: Scottauge at aol.com (Scottauge at aol.com)
Date: Sat, 24 Aug 1996 01:34:05 +0800
Subject: Lesson 2 in cracking (cryptoanalysis 001)
Message-ID: <960823082541_185921635@emout17.mail.aol.com>


In a message dated 96-08-21 20:43:50 EDT, you write:

>The point is that if you took two novels by the same author and
>completely sorted them alphabetically they'd be almost the same.

The examples cited did this by word, not by message as your stating.

>So a block of PGP encrypted ascii-armored (i.e. 8=>7-bit encoding)
>wouldn't affect the frequency counts?  Tell me, how long have you been on
>your current medications?

I was talking about the algorithm as given, not PGP.

> That's the point!! IT'S A JOKE!!! You know, "hahaha - very funny"? Not a
>  serious proposal?

I know! But at least it is relevent to the group!  How many points of attack
have you seen on here?  How many techniques have shown up here?

P.S.

My apologies to the fella I called a troll.  It was uncalled for - lacking in
social skills.





From combee at sso-austin.sps.mot.com  Fri Aug 23 11:18:30 1996
From: combee at sso-austin.sps.mot.com (Ben Combee)
Date: Sat, 24 Aug 1996 02:18:30 +0800
Subject: Cypherpunks the video
In-Reply-To: <2.2.32.19960823023300.0071c9f0@reading.com>
Message-ID: <9608231455.AA28948@sso-austin.sps.mot.com>


* There was talk earlier about someone putting together a Cypherpunks video.
* What ever came of that? I now have access to an Avid nonlinear digital
* editor and would be interested in pursueing this.

Hi, Steven.  The Austin Cypherpunks are the ones working on this,
although the effort level has been low lately.  We were planning on
leveraging Austin's excellent public access facilities to produce the
video cheaply, but time constraints of the group's members got in the
way.

Right now, we're mostly dependent on good scripts.  We have a few scenes
down, but we need more material to finish the work.  Editing will come,
but we need the basic script and footage now.

You can see some notes on this at my crypto page at

	http://www.yak.net/combee/crypto/

-- 
Ben Combee, Software Developer (Will write assembly code for food)
Motorola > MIMS > MSPG > CTSD > Advanced ICs > Austin Design Center
E-mail: combee at sso-austin.sps.mot.com   Phone: (512) 891-7141





From mpd at netcom.com  Fri Aug 23 11:36:39 1996
From: mpd at netcom.com (Mike Duvos)
Date: Sat, 24 Aug 1996 02:36:39 +0800
Subject: U.S. Army Private Faces Spying Charges
In-Reply-To: <199608231317.GAA09793@toad.com>
Message-ID: <199608231556.IAA08825@netcom19.netcom.com>


Peter Trei writes:

> If this guy is guilty (and I have no particular reason to doubt it), 
> I was still under the impression that treason carried the death penalty 
> only in wartime.

The death penalty for spying on the part of members of the military
was part of the new and improved federal death penalty passed a number
of years back.  It added some 35 new federal death penalty offenses.
I don't recall whether saying "Clinton sucks" was included amongst them.

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $







From jims at MPGN.COM  Fri Aug 23 11:55:11 1996
From: jims at MPGN.COM (James C. Sewell)
Date: Sat, 24 Aug 1996 02:55:11 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <3.0b11.32.19960823114947.006d7d7c@central.tansoft.com>


At 03:35 AM 8/23/96 +0000, Vipul Ved Prakash wrote:
>
>This is peculiar. Nobody seems to mind ads in Newspapers, printed 
>magazines, TV, and for that matter web sites. That is unwanted stuff

I'd suggest that most/all of us 'mind' ads in papers, tv, etc.  The 
difference is that while we can do nothing about commercials on
TV (short of breaking federal law and jamming the signal) we can
do something about spam.  If there is enough concensus we can
develop/distribute/encourage the use of  new mailers that will help
defeat spam.  

 For example:  If mail comes into a server that has more than 25
recipients then it is only forwarded to those who have "signed up"
for that sender.  When we subscribe to Cypherpunks we also have
to register that with our network of mail servers.  Then if Mr. Spam
sends stuff out it's not been "signed up" for so it gets trashed.

I don't really like mail servers redirecting my mail, but perhaps we
could arrive at a reasonable criteria for filtering if we tried real hard.

 Jim
Jim Sewell - jims at tansoft.com    Tantalus Incorporated - Key West, FL






From tcmay at got.net  Fri Aug 23 13:13:32 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 24 Aug 1996 04:13:32 +0800
Subject: Verdict in "MTV" Case
Message-ID: <ae43349d010210042760@[205.199.118.202]>



Indiannapolis, IN (A.P.) -- A jury has awarded the State of Indiana $25
million in damages in the case of "Indiana v. Music Television." Music
Television, also known as MTV, was accused of costing the state of Indiana
more than $100 million in additional educational expenses due to students
watching MTV when they should have been doing their homework. The jury
foreman in the case was quoted as saying, "Like, like the kids are, like,
goofin' off. Besides, MTV doesn't like play enough old stuff, like Zeppelin
and Floyd."

Following the various court decisions to award damages to states for
medical costs associated with smoking by state residents, a barrage of
similar lawsuits is happening across the country. School systems are suing
book publishers, movie makers, television broadcasters, shopping malls, and
miniature golf arcades. Makers of sports equipment are facing crippling
lawsuits by insurers. The last remaining American bicycle maker, Trek,
announced that it is withdrawing from the U.S. market, following the $37
million judgement against it in "Oregon v. Trek."

--Klaus! von Future Prime







From jya at pipeline.com  Fri Aug 23 13:18:04 1996
From: jya at pipeline.com (John Young)
Date: Sat, 24 Aug 1996 04:18:04 +0800
Subject: BOD_ies
Message-ID: <199608231647.QAA17381@pipe3.t2.usa.pipeline.com>


   8-23-96. FiTi: "The race is on for global groups to develop 
   'electronic purses' using smart cards." 
 
      "We are moving into the electronic age where money will 
      just be information about the wealth you have," says 
      Visa. Some companies believe that parts of the body, 
      rather than paper or coins, can be used to establish the 
      amount of money somebody has available to spend. 
 
   WaPo: "Group Plans Challenge To Net Address Monopoly." 
 
      The end may be at hand for the virtual monopoly that 
      Network Solutions holds over the registration of 
      Internet addresses. The Internet Assigned Numbers 
      Authority, the Internet Society and IETF will organize 
      a competition for the right to operate new registries. 
      The group's aim is to create alternatives to the 
      established categories of Internet addresses. 
 
   NYP: "Flaw Said to Be Found in Microsoft's Browser." 
    
      Markoff's report on the Princeton group's discovery. 
 
   ----- 
 
   http://jya.com/bodies.txt  (17 kb for 3) 
 
   BOD_ies 
 
 
 
 
 
 





From tcmay at got.net  Fri Aug 23 13:18:31 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 24 Aug 1996 04:18:31 +0800
Subject: "Regulation of Commerce" and the Crypto Issue
Message-ID: <ae432be9000210041c17@[205.199.118.202]>



It seems to me that in recent years nearly any type of sweeping legislation
is justifed, constitutionally, by the clause in the U.S. Constitution which
says Congress shall have the power to regulate commerce. (More precisely,
the clause says: "To regulate commerce with foreign nations, and among the
several states, and with the Indian tribes;" This is usually interpreted to
mean _interstate_ commerce, and not sales/commerce/etc. that do not
centrally involved more than one state....obviously nearly all things sold
in one state are sold in other states, so there is lattitude for applying
the commerce clause, albeit wrongly.)

Today's news is the sweeping new restrictions on tobacco and cigarettes,
including restriction on advertising and even on the placement of tobacco
and cigarette logos and names on sports jerseys and shirts. (The
much-publicized press event is not for another hour, as I write, so I don't
know all the details. I'll be watching.)

Note that similar restrictions on alchohol advertising were recently struck
down by the Supreme Court as being unconstitutional infringements on free
speech. Many expect the same outcome with these latest proposed
restrictions. (The issue of advertisements of hard liquor, cigarettes,
condoms, and other "unhealthful" [sic] products on television and radio is
of course complicated by the role of the Federal Communications Commission
and by "gentlemen's agreements" not to carry advertisements for some
products.)

Personally, I have never smoked, nor chewed, nor mainlined nicotine.
Personally, I dislike cigarette smoke. But this is all _personally_.

If a restaurant, bookstore, airline, bar, antique store, gym, or whatever
wishes to allow smoking (or not), this is there choice. As many of us see
things, it is not for the government to take a kind of "poll" of what
people like and dislike and then to impose rules on property owners as to
what smoking or nonsmoking policies they may set.

Likewise, if I want to silk-screen a "Joe Camel" image, or a "Bud Frogs"
image, on a t-shirt, this is between me and the putative owner of these
images. Free speech and all. Or, to remove any confusion with the issue of
owned logos, to silk-screen a fictitious cigarette brand on a shirt and
then wear it, or sell it. It seems likely that individual wearers of such
shirts will not be busted (think of how many already exist, and there is no
plan for confiscating them), but that the burden will be placed, as it is
so often conveniently placed, on the shirt makers.

The catch-all for these laws seems to be the "regulate commerce" language
in the Constitution. Cigarettes are sold in multiple states, the logic
goes, so the commerce clause gives the government the power/authority to
regulate it.

(Well, Steven King novels are sold in all 50 states, too. Does this
"regulate commerce" clause give the government the power/authority to
regulate what King puts in his novels? Or to ban advertising for Steven
King novels? Or to require that stores only sell such novels to adults?)

This language is already being cited for some as a justification for
regulating encryption (hey, some businesses use it!), digital signatures
(ditto), and other forms of crypto.

In fact, since nearly everything involves "commerce" in some way, whether
interstate or not, the "regulate commerce" clause can presumably be used as
a jusitification for interfering in all sorts of areas.

The several legal experts out there on this list can clarify any errors of
interpretation I have made. I certainly know that the commerce clause
cannot be used to suppress certain kinds of speech, though the boundaries
of where it may be applied seem unclear.

I do expect it to be used for crypto, though, and this might even be upheld
by the Supremes, especially in any areas directly involving "digital
commerce."

We should watch for this, and think about ways to deflect or derail such
interpretations.

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From reagle at rpcp.mit.edu  Fri Aug 23 13:18:50 1996
From: reagle at rpcp.mit.edu (Joseph M. Reagle Jr.)
Date: Sat, 24 Aug 1996 04:18:50 +0800
Subject: The Future Of Cyber Terrorism
Message-ID: <2.2.32.19960823171738.0073c5c4@206.33.128.129>


The Future Of Cyber Terrorism

The proceedings or a recent conference on the subject of Cyber
Terrorism are now available online. The conference looked at terrorism
carried out with the tools of today's information age and against the
computer and information systems that the world increasingly depends
upon.
World Wide Web: http://www.acsp.uic.edu/OICJ/CONFS/terror02.htm
_______________________
Regards,            I hate quotations. -Ralph Waldo Emerson
Joseph  Reagle      http://rpcp.mit.edu/~reagle/home.html
reagle at mit.edu      E0 D5 B2 05 B6 12 DA 65  BE 4D E3 C1 6A 66 25 4E






From 76473.1732 at compuserve.com  Fri Aug 23 13:50:13 1996
From: 76473.1732 at compuserve.com (JOHN E. HOLT)
Date: Sat, 24 Aug 1996 04:50:13 +0800
Subject: secret message
Message-ID: <960823180037_76473.1732_BHT157-4@CompuServe.COM>


Date:  01-Aug-96 14:50 EDT
From:  JOHN E. HOLT [76473,1732]
Subj:  puzzle

	^%}{{
ZZ
VVPAGMIGJEKMCCHIAKKPEHJDDDLOABGAMMJOCDFNOLNOKKKNIADPBGPPOEPIDCEMPGWW
VVFCMOPKLKPJOHCNCJBDGOOJKFANCJJBDBMDIFIEKEDPLKDDGMPLHMIIPIJFMKOLENWW
VVCAKJGJCKPAEOOMLJPNFJEKEINIHFKHNOLPCAHLEKHHLMHJFCOEKAFAGPHJBCPBHBWW
VVOKLAENICAFDHEOEODMHMFGIONMAACAOHEOHDAJDNENGAHABNHGOCCPJNFDMAMKADWW
VVMGDHKGPKBEIDBNLOCMLFMEIOKBFBFKJIMIIIFKJDFENCBPAPFBAOFMHEDODBFFPDWW
VVOMFFJBNGEJPLGHJLFOBLFOGCBKAACEICLBIKHGILKCLMHPFIAHPDEOOODPPMLGDNWW
VVGLDNEBDINMILDJDOJOJNKCLIBBKBCBEJPBJCFHGKMFLLEPGLGOOIIGAKJEGNPFHDWW
VVIJBMFLALHPEHHGEGPCLGILBDBMEGMOGOIFBPPONGEDJPNFNMPCJFJPAEMIDOEMBLWW
ZZ
ZZ



Distribution:

To: ME > [76473,1732]






From alano at teleport.com  Fri Aug 23 14:03:18 1996
From: alano at teleport.com (Alan Olsen)
Date: Sat, 24 Aug 1996 05:03:18 +0800
Subject: (fwd) ANNOUNCE: Free Little PGP Credit Card App
Message-ID: <2.2.32.19960823180311.00fbab94@mail.teleport.com>


At 07:54 PM 8/22/96 -0400, Damaged Justice wrote:
>>From: "David j. Sopuch" <djs at iwinpak.com>
>Newsgroups: comp.infosystems.www.misc
>Subject: ANNOUNCE: Free Little PGP Credit Card App
>Date: Thu, 22 Aug 1996 12:00:24 -0400
>Organization: Datamax Research corp.
>Lines: 10
>Message-ID: <321C8418.2647 at iwinpak.com>
>
>v2.08 of the iWinpak Internet Payment System is now available in
>both freeware and shareware versions at http://www.iwinpak.com

An interesting little piece of CGI code, but the demo leaves a bit to be
desired.  The demo is for bank checks.  The order form has you sending your
bank information (including bank number and check info) in the clear. So the
hooks into your credit card are not sent in the clear, but the ones to your
bank are...  Double plus ungood.

It is a start...  How good of one, I am not certain though...
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From gary at systemics.com  Fri Aug 23 14:05:23 1996
From: gary at systemics.com (Gary Howland)
Date: Sat, 24 Aug 1996 05:05:23 +0800
Subject: ctcp.0.9
In-Reply-To: <Pine.LNX.3.91.960823093958.882A-100000@HellSpawn>
Message-ID: <321DF0AA.64880EEB@systemics.com>


Damien Lucifer wrote:
> 
> This is a program i found on unimi that offers secure socket connections,
> utilitizing a simple server/client. It can be installed without root
> priveledges and uses d/h for key transfers. Anyone looked this package
> over, and if so what is your oppinion about it?
> 

It doesn't appear to have any host authentication, so is susceptible to
a man in the middle attack.

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From peter.allan at aeat.co.uk  Fri Aug 23 14:11:12 1996
From: peter.allan at aeat.co.uk (Peter M Allan)
Date: Sat, 24 Aug 1996 05:11:12 +0800
Subject: strengthening remailer protocols
Message-ID: <9608231805.AA01523@clare.risley.aeat.co.uk>




This is long enough.  I've been brutal and cut sections less
likely to promote discussion.

(I've also contacted OUP about Ganley's book, and may 
 buy it if I can kid myself I don't need the money.)


============================================================
August 1996
Peter M Allan
peter.allan at aeat.co.uk


                   Strengthening Remailer Protocols

STATUS OF THIS MEMO

This memo proposes improvements for the Mixmaster protocol and
requests discussion and further suggestions.
Distribution of this memo is unlimited.

INTRODUCTION

Lance Cottrell's documents [1] and [2] describe the current Mixmaster
protocol and attacks against it.  This memo began as a response to
those thoughts, but has developed in discussion with Cottrell.


SPAMMING ATTACK

[2] describes an active attack where many messages are sent to an
honest remailer to separate a message of interest from other
traffic.  The aim is to clear other messages out of the message pool,
wait for the target and finally eject that from the pool.  The target
message is identified because the attacker can recognise  his own
messages.

Attempts to defeat this attack could well be based on preventing the
attacker from recognising his own messages.  That is the approach
taken here.

     RE-ENCRYPTION AS A SPAM DEFENCE
     
     In this diagram remailer 'A' has received a message addressed to
     himself.  Inside that is one to 'B' - unreadable to A.  Further
     layers are hidden of course.

                AB?????  decrypts to B?????

     This means that our remailer can only disguise the message by
     re-encrypting it on the outside.  But the message has got to
     make some net progress toward delivery.  The trick is that a
     remailer can find the outer two headers addressed to him and
     process both of them.  Two headers processed and one rewound is net
     progress.  When the header rewound is addressed to the same
     recipient as was next on the list anyway the diagram looks like
     this.

     Actions at 'A':            AB????? decrypts to  B?????
                                 B????? encrypts to BB?????

     Actions at 'B':            BB?????  decrypts to B?????
                                         decrypts to  C????
                                         encrypts to CC????

     The beauty of this is that it is compatible with the existing
     protocol.  If a remailer only knows about removing layers of
     encryption it still fits into a network where some can do both
     actions.  Whether it sends or receives the message it still
     works.


     RE-ENCRYPTION IN THE MIXMASTER ROTATING QUEUE MODEL
     
     Instead of layers like an onion, Mixmaster has a queue of
     headers that get rotated.  A used header goes to the back of the
     queue where it can never again be read.  At some point the
     header at the front of the queue is found to be the last one,
     and the message is sent on its final hop.

     For a header queue the above actions look like this:

     Actions at 'A':        AAAB???  -> AAB???a
                                     -> AB???aa
                                     -> BB???aa

     In general when the first H headers are addressed to the
     remailer reading them, (H-1) rotations will be performed, and
     the top header will be overwritten with another one with a
     random key and IV to encrypt the rest of the message.  The
     number of headers present remains 20, however many or few of
     these are still to be read.  No valid header block is ever
     overwritten, only used header blocks that are good for nothing.
     This is always possible because after a remailer receives a
     message at least the one header it has just read must be of no
     further use.

     This will hide the message content from eavesdroppers, but not
     from the next remailer in line - 'B'.  Assume that remailer B
     is operated by an attacker, and that he directs spam messages
     there after host A (which is holding your message in the pool at
     the time of the attack).  B can read all messages sent by the
     attacker (who knows B's private key).  This is also why I think
     link encryption offers incomplete protection.

     RE-ENCRYPTION WITH CHEATERS

     Mixmaster assumes that no particular remailer in the network can
     be trusted and that the user does not know which remailers
     cheat.  The message passes through a chain of remailers, who aim
     to hide information from each other so that the compromise of
     some of them will not disclose the original sender and final
     destination.

     Central to the spamming attack is the idea that the attacker can
     recognise the messages he is trying to trace.  This is done by
     eliminating  his own messages.   The whole set - not just
     some of them.  It can be arranged that the attacker does not
     obtain the whole set until it is too late to trace the target
     message (i.e. after a few hops, when it is likely to have met other
     legitimate traffic).  The partial information the attacker obtains
     before all the spams are identified will be of some use, but
     following each of several leads with a new spam attack is unappealing
     as the number of suspect messages will just grow.

     The remailer needs the freedom to divert packets to another
     remailer.  This is shown below; where remailer C was chosen at
     random.

     Actions at 'A':        AAAB???  -> AAB???a
                                     -> AB???aa
                                     -> CB???aa

     Each remailer could have three options when sending a packet to
     its next host.

        1) rotate all possible headers, and send the result  (current protocol)
        2) re-encrypt message with new 3DES key and IV.  Do not divert.
        3) re-encrypt message with new 3DES key and IV.  Divert at random.
     
     Good probabilities for these options might be:

        1) 20%   P(1) = P(3)  The number of headers the next host can read
                 should not reveal whether a diversion has just been made.
                 (We care about this because it discourages cheaters
                  deliberately refusing to pass on your mail.)
        2) 60%   Other outgoing packets are not distinguishable from spams.
        3) 20%   Should not approach 100%.
                 (To arrive is better than to travel in hope.)
     
     A spam attack as described in [2] would use many more packets
     than those in the message pool (N) on the host under attack.  The
     number of spam packets diverted to honest remailers (a
     proportion R of the whole) would be about

		 MANY  . N  . P(3) . R

     and those diverted twice in succession to honest remailers would
     be about

		 MANY  . N  . P(3) . P(3) . R . R

     and I'd expect a figure above 5 here to thwart the spammer, because
     of the time taken to collect the 5 spams.

     This diversion (adding steps to the middle of a chain) seems different
     from a Middleman scheme [3] where extra hops are added at the end.

     This scheme does NOT allow a remailer to choose the rest of the
     chain to be followed.  A dishonest remailer cannot bypass any
     remailer chosen by the original sender (in the hope of following
     the message to its destination) using only cooperating dishonest
     remailers) because the message has been encrypted in the public
     key of each remailer the sender chose before it entered the
     network.



REFERENCES

1      Frequently Asked Questions about Mixmaster Remailers
       FAQ Version 1.8 July 4 1996
       by Lance Cottrell <loki at obscura.com.>


2      http://www.obscura.com/~loki/remailer/remailer-essay.html
       by Lance Cottrell <loki at obscura.com.>

3      email  "Re: middleman - what is it ?"
       "John A. Perry" <perry at alpha.jpunix.com>





From jya at pipeline.com  Fri Aug 23 14:18:01 1996
From: jya at pipeline.com (John Young)
Date: Sat, 24 Aug 1996 05:18:01 +0800
Subject: The Future Of Cyber Terrorism
Message-ID: <199608231811.SAA21789@pipe3.t2.usa.pipeline.com>


http://www.acsp.uic.edu/OICJ/CONFS/terror02.htm 
 
 
This quackery-puffery is truely hilarious. 
 
 
Worth reading for brave attempt to distinguish between
our-adorable-intelligent-children qua hackers and terrifying
next-door-neighbors so differently-abled-from-us cyber-terrorists. 
 
 
Unsubtly shaded white, off-white, black and blacknet movie-plotting. 
 
 
Thus Sprachen Zarathrustran Klaus: Commerce in
ignorant-inner-fear-panderings regulation time.





From chris230 at juno.com  Fri Aug 23 14:42:16 1996
From: chris230 at juno.com (Chris J Samuelson)
Date: Sat, 24 Aug 1996 05:42:16 +0800
Subject: Anonymous Remailers
Message-ID: <19960823.145710.3030.2.chris230@juno.com>


When you mail an item through more than one anonymous remailer, how does
that make it anymore anonymous, or doesn't it?





From paul at fairgate.com  Fri Aug 23 16:04:12 1996
From: paul at fairgate.com (Paul Robichaux)
Date: Sat, 24 Aug 1996 07:04:12 +0800
Subject: FW: Cryptography Revisited
Message-ID: <9608231522.aa16054@hq.ljl.COM.>


Anybody want to give this guy The Business? Earlier attempts didn't seem
to sink in.

-Paul

>Path:
HiWAAY.net!imci2!imci3!newsfeed.internetmci.com!news.mathworks.com!nntp.primenet.com!news.primenet.com!btcarey
>From: btcarey at primenet.com (Brent A. Carey)
>Newsgroups: comp.sys.mac.programmer.help
>Subject: Cryptography Revisited
>Date: 23 Aug 1996 01:15:01 -0700
>Organization: Primenet Services for the Internet
>Lines: 67
>Message-ID: <btcarey-2308960115290001 at news.primenet.com>
>X-Posted-By: @198.68.41.180 (btcarey)
>Mime-Version: 1.0
>Content-Type: text/plain; charset=ISO-8859-1
>Content-transfer-encoding: 8bit
>X-Newsreader: Yet Another NewsWatcher 2.2.0
>
>I am posting again to hopefully clear up my last post on this topic.  I
>have received a dozen e-mail replies since I posted less than a day ago. 
>I believe I poorly represented my request earlier.
>
>I am retired professional with several years of training and experience in
>intelligence analysis and cryptanalysis.  The encryption scheme I
>developed was employed for 3 years for passing sensitive data over
>unsecure channels.  Working for the government, the original program was
>written for DOS and enjoyed the benefit of physical security.  That is to
>say, access to the encryption program itself was carefully restricted.
>
>Where I feel I was unclear is on the key to the scheme's security.  Any
>encryption scheme can be cracked provided the cryptanalyst has enough of a
>sample to work with, enough time, and/or enough processing power.  My
>encryption scheme relies on data bursts of time-sensitive packets.  Each
>machine running the program has its own time and packet signature.  The
>unique signatures make it impossible (nothing is impossible) to decrypt a
>complete file without access to both the sender's and receiver's
>signatures.  Even then it would take an enormous amount of processing
>power to crack (more than big business can justify, but not much for major
>governments).  The only way to obtain a computer's signature (which is
>easily changed on a regular basis), is to have physical access to the
>computer's encryption application and support files.
>
>With the help of a more experienced DOS programmer, an application was
>built that provided adequate protection that would increase the time
>required to extract a computer's signature (even if one knew exactly how
>to do it), that it was impractical to attempt.
>
>I am now porting the application to the Mac with the intent to sell it to
>a private contractor that is developing RISC-based computers for
>specialized use in the government.  I have been assured that a PPC native
>application will run on the computers, and was encouraged to develop the
>application.  Mostly what I need to know is how long it would take a
>super-human cracker to obtain a signature and how she would do it.  If I
>can increase the expected time to 96+ hours, I'm in business (I always
>assume half of my best guess - 48 hours is the required specification).
>
>I am developing the code with the help of an excellent Mac programmer. 
>The problem is, that neither of us can crack it at all, although we know
>that is theoretically possible.  He lacks sufficient crypto understanding,
>and I lack sufficient computer knowledge.  Working together we make little
>progress, and truthfully don't have enough time to develop and crack at
>the same time.  I will not be comfortable with the final product until
>someone cracks it and I have a sound understanding of the weaknesses that
>I have not considered.
>
>Finally, MacPGP is a GREAT program.  I didn't mean to belittle any of the
>PGP programs.  PGP carries much more protection than necessary for it's
>intended and practical uses.  Granted, it could use a new interface, but
>it is certainly functional and not lacking in features.  Initially, I
>considered releasing a public version of my application in response to the
>need for a more Mac-like encryption program.  There is no reason for the
>average Mac user to switch from PGP to my program.  It lacks (and will
>always lack) the features of MacPGP, and although it is more secure than
>PGP the user must accept some increased inconvenience to realize the bulk
>of the added security.  For most users, this is adding overkill to
>overkill.
>
>I extend my apologies for posting this huge message off topic, but I felt
>I had grossly misrepresented my request.  I feared the influx of e-mail
>tomorrow morning if I didn't clarify.  I appreciate all those that
>extended advice.  I will follow up on much of it, and I thank those who
>replied.
>
>
>Brent A. Carey

--
Paul Robichaux       LJL Enterprises, Inc.
paul at ljl.com         Be a cryptography user. Ask me how.





From adam at homeport.org  Fri Aug 23 17:00:41 1996
From: adam at homeport.org (Adam Shostack)
Date: Sat, 24 Aug 1996 08:00:41 +0800
Subject: Securing Internet mail at the MTA level
In-Reply-To: <Pine.LNX.3.95.960820170631.8463B-100000@dilbert.redhat.com>
Message-ID: <199608232230.RAA12411@homeport.org>


Elliot Lee wrote:
| On Tue, 20 Aug 1996, C Matthew Curtin wrote:

| > Two types of approaches are possible:
| >     1. Adding to the SMTP protocol itself, allowing for MTAs to
| >        identify crypto-capable peers, and then performing
| >        authentication and session encryption where possible.

like pgpsendmail?

| >     2. Waiting for a cryptographic transport layer network protocol
| >        (such as what is being proposed in draft-ietf-tls-ssh-00),
| >        allowing SMTP to remain untouched, and only requiring MTAs to
| >        add support for the new network protocol.

| >     2. Is there another approach that could work better?
| >     3. Is there interest in adding SSH functionality to sendmail in
| >        the near future (either by the draft spec, or once the RFC has
| >        been published)?
| 
| Have you looked at SSL? It allows different algorithms to be used, etc.
| etc. (although the certificate & key distribution method uses x509, which
| may be a pain...?). The SSLeay library is a freely available
| implementation of SSLv2.

	The big problem with adding SSL or ssh to mail transport is
that both assume that mail goes from host A to host B, with none in
between.  This is useful, but its more useful (IMHO) to integrate something
that doesn't use online key exchange to ensure end to end security.

	Take for example, Alice sends mail to Dave via Brian and
Charlie.  A point to point protocol, while useful against Eve and
Mallet, doesn't address the fact that Brian works for the NSA.  While
if Alice's sendmail encrypts the message to Dave, then Brian and
Charlie are reduced to traffic analysis instead of reading the mail.

	The case of mail being carried by an intermediary is still
pretty large.

	In any event, I don't see an advantage other than buzzwords to
using SSL/SSH over PGP, while I do see advantages to pgp.

Adam



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From EALLENSMITH at ocelot.Rutgers.EDU  Fri Aug 23 17:03:40 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Sat, 24 Aug 1996 08:03:40 +0800
Subject: phoneco vs X-phone
Message-ID: <01I8MFWC2BFK9JDD4G@mbcl.rutgers.edu>


	Don't forget opportunity costs. With the money it spent to put in
the fiber optics, the phone company could have made some loans and gotten
interest back.
	-Allen





From bkmarsh at feist.com  Fri Aug 23 17:05:50 1996
From: bkmarsh at feist.com (Bruce M.)
Date: Sat, 24 Aug 1996 08:05:50 +0800
Subject: Intel to rule the basic crypto engine market?
Message-ID: <Pine.BSI.3.91.960823160256.19295A-100000@wichita.fn.net>



InfoWorld, August 19, 1996, p1
By Luc Hatlestad & Tom Quinlan

------------------------------

    Looking to bring a standard infrastructure to hardware- and 
software-based encryption offerings, Intel Corp. has started developing a 
Common Data Security Architecture (CDSA) designed to integrate security 
software, operating systems, and third party applications.

[...]
------------------------------

http://www.infoworld.com/cgi-bin/displayArchives.pl?960816.encryption.htm
   

                       ________________________________
                      [ Bruce M. - Feist Systems, Inc. ]
                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     "Official estimates show that more than 120 countries have or are 
      developing [information warfare] capabilities." -GAO/AIMD-96-84
                         So, what is your excuse now?






From rich at c2.org  Fri Aug 23 18:21:42 1996
From: rich at c2.org (Rich Graves)
Date: Sat, 24 Aug 1996 09:21:42 +0800
Subject: The Future Of Cyber Terrorism
In-Reply-To: <199608231811.SAA21789@pipe3.t2.usa.pipeline.com>
Message-ID: <Pine.GUL.3.95.960823154531.4729I-100000@Networking.Stanford.EDU>


On Fri, 23 Aug 1996, John Young wrote:

> http://www.acsp.uic.edu/OICJ/CONFS/terror02.htm 
>  
> This quackery-puffery is truely hilarious. 

Comes with the territory (excuse me, as they say, *CyberTerritory*).

> Worth reading for brave attempt to distinguish between
> our-adorable-intelligent-children qua hackers and terrifying
> next-door-neighbors so differently-abled-from-us cyber-terrorists. 

Speak for yourself :-)

> Unsubtly shaded white, off-white, black and blacknet movie-plotting. 

IOW, perfect for cypherpunks. :-)

> Thus Sprachen Zarathrustran Klaus: Commerce in
> ignorant-inner-fear-panderings regulation time.

I was *almost* willing to give them the benefit of the doubt until I saw the
PO box and this:

  "Now is the time to take action. Unfortunately, due to this open nature of
  this document, specific counter-CyberTerrorism measures cannot be
  discussed. Those discussions must be reserved for secured facilities."






From jwilk at iglou.com  Fri Aug 23 19:58:41 1996
From: jwilk at iglou.com (Daemon)
Date: Sat, 24 Aug 1996 10:58:41 +0800
Subject: [off-topic] Re: Verdict in "MTV" Case
Message-ID: <m0uu6VZ-000bD7C@relay.iglou.com>


At 10:15 AM 8/23/96 -0700, Timothy C. May wrote:
 
As the youngest Cypherpunk in the world (or at least i am aware of) I think
a little reply is in order from my self. 

> "Like, like the kids are, like,
>goofin' off. Besides, MTV doesn't like play enough old stuff, like Zeppelin
>and Floyd."
 
Thats what those old records are for. (no offense)

        If they are sueing MTV why not other TV stations....

        If I was going to sue someone for not doing my homework i would sue
Jarkko Oikarinen, the creator of IRC. I just think that this is really
        pathetic.... but then again I am famous for my flame replys in the past.
        
        Why not make the school pay MTV for keeping kids away from there station
        while they are doing homework (hehehe)

        FYI i thought this reply out.

        Blake Wehlage
        
==========================================
   Blake Wehlage <jwilk at iglou.com>
   ��� R�V�L����� B�+ ��mP@� � ���
 Goto: http://members.iglou.com/jwilk






From EALLENSMITH at ocelot.Rutgers.EDU  Fri Aug 23 20:17:43 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Sat, 24 Aug 1996 11:17:43 +0800
Subject: Some cypherpunks-relevant Risks articles
Message-ID: <01I8MN2K25089JDD4G@mbcl.rutgers.edu>


	In regards to the first part (the 911 transcript), I was considering
the idea (common in cyberpunk RPGs) of a privately-set-up ambulance and
emergency room service, with monitors (possibly with action capabilities) on
registered clients. You'd want the data flow from and to the monitors
encrypted, of course.
	-Allen

From:	IN%"rre at weber.ucsd.edu" 20-AUG-1996 22:41:21.74
To:	IN%"rre at weber.ucsd.edu"
CC:	
Subj:	Risks: Atlanta 911 transcript, SSN's, web plagiarism

[If you've never seen the famous Olympic Park 911 transcript, it's worth
reading closely.  I'm embarrassed to say this, but it always reminds me
of the time I couldn't get a taxi in Chicago because I could tell the
dispatcher what intersection I was standing on but I could not see any
of the street addresses anywhere around me, and her dispatch computer
needed an address to dispatch a cab.  Dispatch systems requiring addresses
are one of those absolutely classic cases of system being driven by the
database designer rather than by the people who know how the system will
actually be used.  Database designers are fine people, but they shouldn't
be doing requirements analysis unless they're trained for it.  Also in
this issue of Risks is an interesting message from Robert Ellis Smith
about managing social security numbers and other identifiers for privacy,
and a funny/scary piece about web plagiarism.]

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message was forwarded through the Red Rock Eater News Service (RRE).
Send any replies to the original author, listed in the From: field below.
You are welcome to send the message along to others but please do not use
the "redirect" command.  For information on RRE, including instructions
for (un)subscribing, send an empty message to  rre-help at weber.ucsd.edu
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Date: Mon, 19 Aug 1996 18:11:10 -0700 (PDT)
From: risks at csl.sri.com

RISKS-LIST: Risks-Forum Digest  Monday 19 August 1996  Volume 18 : Issue 35

----------------------------------------------------------------------

Date: Fri, 16 Aug 96 10:45:34 PDT
From: "Peter G. Neumann" <neumann at csl.sri.com>
Subject: The Atlanta 911 transcript

  [The following transcript of the Olympic 911 bomb call and the ensuing
  conversation suggests that many of our nontechnological risks are not
  being adequately addressed.  PGN]

http://www.cnn.com/US/9608/09/olympics.bomb.911/911.transcript.wir/transcript.html

Excerpts from a transcript released Thursday by the Atlanta Police
Department regarding the bomb threat telephoned to 911 on July 27. Times
have been converted from military time to standard notation, and punctuation
and spelling have been edited.  Parenthetical notes are part of the police
transcript except where labeled as an editor's note.

The transcript refers to these police terms: Code 73, bomb threat; and
Zone 5, a police precinct near Centennial Olympic Park.

The transcript did not explain the Zone 5 dispatcher's references to Code
17 and Code 8, which apparently were unrelated to the bomb call.

12:58:28 a.m.:  [Call to 911]

12:58:32 a.m.:  Atlanta Police Department 911 Operator: "Atlanta 911."
Caller:         "There is a bomb in Centennial Park, you have 30 minutes."
12:58:45 a.m.:  Caller hangs up.

1:01:20 a.m.:   911 operator calls APD Agency Command Center (all lines busy).
....

1:01:30 a.m.:   911 operator calls Zone 5 and notifies Zone 5 of Signal 73 and
                requests address of Centennial Park -- unable to get street
		address.

Dispatcher:     "Zone 5."
911 Operator:   "You know the address to Centennial Olympic Park?"
Dispatcher:     "Girl, don't ask me to lie to you."
911 Operator:   "I tried to call ACC but ain't nobody answering the phone ...
                but I just got this man called talking about there's a
                bomb set to go off in 30 minutes in Centennial Park."
Dispatcher:     "Oh Lord, child. One minute, one minute. I copy Code 17. OK,
                all DUI units are Code 8 and will not be able to
                assist on the freeway.
                Oh Lord, child. Uh, OK, wait a minute, Centennial
                Park, you put it in and it won't go in?"
911 Operator:   "No, unless I'm spelling Centennial wrong. How are we spelling
                Centennial?"
Dispatcher:     "C-E-N-T-E-N-N-I -- how do you spell Centennial?"
911 Operator:   "I'm spelling it right, it ain't taking."
Dispatcher:     "Yeah."
911 Operator:   "Centennial Park is not going. Maybe if I take 'park' out,
		maybe that will take. Let me try that."
Dispatcher:     "Wait a minute, that's the regular Olympic Stadium right?"
911 Operator:   "Olympic Stadium is like Zone 3, though. Centennial Park."
Dispatcher:     "That's the Centennial Park?"
911 Operator:   "It's near the Coca Cola Plaza, I think."
Dispatcher:     "In 5?"
911 Operator:   "Uh huh."
Dispatcher:     "Uh, hold on. Sonya, you don't know the address to the
		Centennial Park?"
2nd Dispatcher (in background): "Downtown."
911 Operator:   "Male, about 30."
Dispatcher:     "1546, Code 17, 23."
911 Operator:   "White."
Dispatcher:     "Uh, you know what? Ask one of the supervisors."
911 Operator:   "No, Lord help me, you know they don't know."
Dispatcher:     "I know, but it gets it off you."
911 Operator:   "Alrighty then, bye."
Dispatcher:     "Bye."

1:02:40 a.m.:   911 operator calls APD ACC for address (telephone line problem;
                operators cannot hear each other.) ...

1:02:50 a.m.:   911 operator calls APD ACC again and requests address for
                Centennial Park and is given the telephone number.

ACC:            "Atlanta Police, Agency Command Center."
911 Operator:   "Hey, can you hear me now?"
ACC:            "Uh huh."
911 Operator:   "OK, can you give me the address of the Centennial Park?"
ACC:            "I ain't got no address to Centennial Park, what y'all
		think I am?"
911 Operator:   "Can you help me find the address to Centennial Park?"
ACC:            "I can give you the telephone number of Centennial Park."
911 Operator:   "I need to get this bomb threat over there to y'all."
ACC:            "Well."
911 Operator:   "But I need the address of Centennial Park. It's not taking,
                the system is not taking Centennial Park, that's not
                where it came from, but you know the system is not
                taking Centennial Park, that's where he said the bomb was."
ACC:            "No particular street or what?"
911 Operator:   "He just said there's a bomb set to go off in 30 minutes in
                Centennial Park."
ACC:            "Ooh, it's going to be gone off by the time we find the
		address."
911 Operator:   "Are you kiddin'? Give me that, give me that."
ACC:            "I mean I don't have an address, I just have phone
                numbers."
911 Operator:   "Give me the phone number."
   ...

1:05:10 a.m.:   911 operator calls Centennial Park for street address and
		is placed on hold. Receives address at 1:07:10 a.m.

Centennial Park: "Centennial Park, this is Operator Morgan."
911 Operator:   "Hi, can you give me the address to Centennial Park?"
Cen Park:       "The address?"
911 Operator:   "Uh huh."
Cen Park:       "Uh, hold on a second."

1:06:30 a.m.:   911 operator notifies Communications Supervisor, Sgt.
		Montgomery.

911 Operator:   "Does anybody -- Sgt. Montgomery, do you know the address of
                Centennial Park? Do you know the address to Centennial Park.
                Well, I need to get the address of Centennial Park 'cause, I
                mean I don't mean to upset nobody, but we got a bomb threat
                over there."

(Editor's note: The transcript does not further indicate whether this
comment about a bomb threat was directed only to Sgt. Montgomery in the
911 center or to Centennial Park's Operator Morgan, who is shown to come
back on the line just after the comment.)

Cen Park:       "Ma'am."
911 Operator:   "Yes."
Cen Park:       "OK, it's 145 International Boulevard."
911 Operator:   "145 International Boulevard."
Cen Park:       "Uh huh."
911 Operator:   "OK."
Cen Park:       "All right, uh huh."
911 Operator:   "Thank you. Bye bye."

1:08:35 a.m.:   911 operator sent call to dispatch.

1:11:10 a.m.:
Dispatcher:     "1591. Radio raising 1594."
Unit 1594:      "1594. You call?"

1:11:20 a.m.:
Dispatcher:     "1594, that's affirmative, got a Signal 73 at 145
		International Boulevard. It came from the pay phone at
		the Days Inn.  The caller is advising that he has one set
		to go off in 30 minutes at Centennial Park. Sounded like
		a white male."

(Editor's note: The same information is then given to Unit 1593 and the
dispatcher calls Unit1546.)

1:12:30 a.m.:
Dispatcher:     "Did you copy?"

1:12:40 a.m.:
Unit 1546:      "1546. I copy. Advise the state police, they police that park.
                I'll go the Days Inn and see if I can locate the caller."
Dispatcher:     "OK, that's affirmative."


(Editor's note: There are sporadic entries over the next seven minutes.
Another officer,  designated Unit 1593, also instructs the dispatcher at
1:18:50 a.m. to "contact the state police supervisor." The transcript
contains no indication, however, that state police were notified.)

1:20:00 a.m.:
Unit 2924:      "2924 to Radio, be advised that something just blew up at
                Olympic Park."

------------------------------

Date: Fri, 16 Aug 96 15:24 EST
From: Robert Ellis Smith <0005101719 at mcimail.com>
Subject: Alternatives to Social Security Numbers

Last spring, I asked readers of RISKS for suggestions on alternatives to
Social Security numbers in organizations with large data bases of
information about individuals.  Many such organizations find they do not
need to use SSNs, and avoid privacy problems associated with using them.
For a copy of all of the responses, send a request to us and specify whether
you want hard copy or electronic edition of our August issue, and provide
postal address or e-mail address.

Robert Ellis Smith, Publisher, Privacy Journal newsletter,
Providence, RI, 401/274-7861, e-mail 5101719 at mcimail.com.

Excerpts from the suggestions follow:

* FROM WASHINGTON, D.C.: Maryland uses Soundex (of name and birth date
concatenated [linked in a chain]) both for driver and vehicle registrations.

* FROM CAMBRIDGE, MASS.: "Against Universal Health-Care Identifiers" in the
JOURNAL OF THE AMERICAN MEDICAL INFORMATICS ASSOCIATION 1:316-319, 1994, by
Dr. Peter Szolovits of MIT and Dr. Isaac Kohane of Children's Hospital in
Boston, discusses a number of ways in which cryptography- based health care
identifiers can be used to preserve privacy while remaining manageable for
typical medical purposes.  This is publication #49 (in Postscript format) at
http://medg.lcs.mit.edu/people/psz/publications.html.

* FROM YARDLEY, PA.: One way is to use a simple scheme like three letters
from last name, the first initial, and some digits; another is just to use
sequential numbers.  Another is an MD5 hash of the full-name string [a
one-way mathematical function as a stand-in for the name that makes
translation back to the original name impossible].  This is always unique
for a unique string, so you might need to add some numbers.

* FROM MADISON, WISC.: When I was working on the development of the
Wisconsin Student Data Handbook - we tried to develop
 what we called an "SSN surrogate," also of nine bytes per
individual.  It involved an algorithm which combined year,
month, and date of birth with sex and two consonants each
 extracted from the first and middle names.

* FROM CYBERSPACE: I worked with a banking software company that set up
employee records simply by exact hire date and time.  Since they never hired
anyone at exactly the same time, it gave each person a unique number.  You
could do the same for any data base in which records are added gradually one
at a time - just number them based on exact date and time added.

* FROM PALO ALTO, CAL.: At Stanford University we made a decision long ago
not to use SSN for identification except where required by law (payroll
taxes, for example).  We use a unique Stanford University ID (SUID), which
is a lifetime number and applies to all students, alumni, faculty, staff,
and patients.  It serves all the same purposes that the SSN would do if it
were used.  

------------------------------

Date: Wed, 14 Aug 1996 00:03:42 +0200
From: "Roy Dictus, NET" <roy at net.be>
Subject: The risk of plagiarism with Websites

My company recently got ripped off by a competitor.  We build Websites and
thus had constructed a site detailing our products and services.

A rival Website constructor (!) copied practically the entire site,
changing the background color, changing our name into theirs, and making
other slight changes like alignment, add and delete a word or phrase
here and there...

I complained about it, not only to them directly, but also on a local
USENET newsgroup (we're both located in Belgium, so the newsgroup was
be.providers).

On the phone they just laughed at me and admitted to copying, but on
USENET they claimed I had copied their site!

There's nothing I can do to prove them wrong, even though we both know
what happened.

The risk: if you put your materials on the Internet, where they can be
freely copied, make sure you have some way to prove you made them yourself,
and when you did it.

Roy Dictus, NET bvba, Internet Projects & Consulting  
roy at net.be  http://www.net.be

  [Interdictus becomes Enter Dictus.  PGN]

------------------------------

End of RISKS-FORUM Digest 18.35 
************************






From jya at pipeline.com  Sat Aug 24 11:29:49 1996
From: jya at pipeline.com (John Young)
Date: Sat, 24 Aug 1996 11:29:49 -0700 (PDT)
Subject: CyberTerrorism
Message-ID: <199608241141.LAA08906@pipe4.t2.usa.pipeline.com>


On Aug 23, 1996 18:34:42, '"Institute for Security and Intelligence"
<isi at hooked.net>' wrote: 
 
 
>John: 
> 
>Your message regarding my comments on CyberTerrorism was forwarded to me. 
 
>Rather than waxing poetic beration, how about some actually useful  
>perspective? 
> 
>If you have experience in this area, let's talk.  If you have something to
 
>contribute, let's get it out where it can be useful.   
> 
>It's time to put up, or shut up John. 
> 
>Regards, 
>Barry C. Collin 
 
--------- 
 
   Dear Mr. Collin, 
 
   Thank you for writing. And for the cyber-terrorism hoot, 
   which helps purge ignorant fears with insightful 
   laughter. 
 
   The best way I know for citizens to ease their induced- 
   panic of terrorism in all forms -- gov, com, edu, org -- 
   is to become more informed. And to be wary of "terrorist 
   threats" in all their burgeoning guises -- "national 
   security" being one of the most deceitful. 
 
   To counter Nat Sec snake oil in the rising commerce in 
   "cyber-terrorism" (a residue of the natsec oil tank) 
   citizens should participate in the wit and wisdom of 
   wide-open Internet mail-lists dealing with computer 
   privacy and security. 
 
   The best of these is the list Cypherpunks. (E-mail "info" 
   to majordomo at toad.com.) 
 
   Cypherpunks, far more tolerant and less treacherously 
   commercially self-serving than all others, explores an 
   amazing range of CompSec issues, technologies, policies, 
   strategies and fantasies. Its archive of several years 
   offers a historical treasure on the transformation of 
   state control of comp tech to its service of the 
   citizenry. 
 
   This is exemplified by Cypherpunks primary focus, 
   cryptography, and the diverse ways it has moved from 
   narrow use to conceal privileged power to widespread 
   application to protect individual privacy (especially 
   those dissenting to heirarchical authority -- gov, com, 
   edu, org). 
 
   Your agent provocateurist comedy on cyber-terrorist 
   inebriation could be enriched by hanging on Cypherpunks, 
   say, your buffoonery for secret briefing. "If you knew 
   what I knew" is a natsec-butt joke there, as it is 
   becoming globally to liberated citizen-units bellowing 
   "FA." 
 
   Congrats on exposing TLA-dementia of cyber-terrorism and 
   defanging its counter-agents by encouraging belly- 
   laughing at the all-too-blatant hype-artistry. Only Jim 
   Kallstrom does it better. 
 
   Best regards, 
 
   jya 
 
 
 
 
 





From edgar at Garg.Campbell.CA.US  Sat Aug 24 11:30:11 1996
From: edgar at Garg.Campbell.CA.US (Edgar Swank)
Date: Sat, 24 Aug 1996 11:30:11 -0700 (PDT)
Subject: SecureDrive News 8/24/96
Message-ID: <VqV6sD17w165w@Garg.Campbell.CA.US>


-----BEGIN PGP SIGNED MESSAGE-----

SecureDrive Users:

It's been brought to my attention that users who attempt to compile
SecureDrive 1.4b using Turbo C++ 3.00 are haveing a problem in that
the MD5 routine does not produce a correct result, so that the key
generated from a given passphrase will not be the same as the
pre-compiled version.  This is a bug in Turbo C++, not SecureDrive!

However, a bypass for the problem is possible by modifying SD source
as follows

- ------------------------------cut here-----------------------
*** C:\SECDR14B\UNC\MD5.C       Sun May 09 19:38:36 1993
- --- MD5.C       Wed Aug 14 00:58:46 1996
***************
*** 12,17 ****
- --- 12,20 ----
   * of the MD5 routines in RSAREF.  Due to this alteration, this
   * code is "derived from the RSA Data Security, Inc. MD5 Message-
   * Digest Algorithm".  (See below.)
+  *
+  * Simplified some expressions to avoid incorrect compiles with
+  * some compilers, e.g. Turbo C 3.0  EWS  8/96
   */

  /*
***************
*** 135,145 ****
- --- 138,158 ----

      /* transform if necessary */
      if (mdi == 0x40) {
+ #if defined (__TURBOC__)
        for (i = 0, ii = 0; i < 16; i++, ii += 4)
+        {
+         in[i] =   (((UINT4)mdContext->in[ii+3]) << 24);
+         in[i] |=  (((UINT4)mdContext->in[ii+2]) << 16);
+         in[i] |=  (((UINT4)mdContext->in[ii+1]) << 8);
+         in[i] |=   ((UINT4)mdContext->in[ii]);
+        }
+ #else
+       for (i = 0, ii = 0; i < 16; i++, ii += 4)
          in[i] = (((UINT4)mdContext->in[ii+3]) << 24) |
                  (((UINT4)mdContext->in[ii+2]) << 16) |
                  (((UINT4)mdContext->in[ii+1]) << 8) |
                  ((UINT4)mdContext->in[ii]);
+ #endif
        Transform (mdContext->buf, in);
        mdi = 0;
      }
***************
*** 167,178 ****
    padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi);
    MD5Update (mdContext, PADDING, padLen);

!   /* append length in bits and transform */
    for (i = 0, ii = 0; i < 14; i++, ii += 4)
      in[i] = (((UINT4)mdContext->in[ii+3]) << 24) |
              (((UINT4)mdContext->in[ii+2]) << 16) |
              (((UINT4)mdContext->in[ii+1]) << 8) |
              ((UINT4)mdContext->in[ii]);
    Transform (mdContext->buf, in);

    /* store buffer in digest */
- --- 180,201 ----
    padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi);
    MD5Update (mdContext, PADDING, padLen);

!   /* append length in bits and transform 1.4c*/
! #if defined (__TURBOC__)
!   for (i = 0, ii = 0; i < 14; i++, ii += 4)
!    {
!     in[i] =   (((UINT4)mdContext->in[ii+3]) << 24);
!     in[i] |=  (((UINT4)mdContext->in[ii+2]) << 16);
!     in[i] |=  (((UINT4)mdContext->in[ii+1]) << 8);
!     in[i] |=   ((UINT4)mdContext->in[ii]);
!    }
! #else
    for (i = 0, ii = 0; i < 14; i++, ii += 4)
      in[i] = (((UINT4)mdContext->in[ii+3]) << 24) |
              (((UINT4)mdContext->in[ii+2]) << 16) |
              (((UINT4)mdContext->in[ii+1]) << 8) |
              ((UINT4)mdContext->in[ii]);
+ #endif
    Transform (mdContext->buf, in);

    /* store buffer in digest */
- ------------------------------cut here-----------------------

This code will be inserted into any future version of SecureDrive,
but no new release is planned at this time.

For those users of Win95 and SecureDrive who are concerned about loss
of 32-bit disk access, I've recently learned that use of Secure Device

  ftp.demon.co.uk:/pub/ibmpc/secdev/secdev14.arj

instead avoids this requirement. Although the Secure Device virtual
drive is listed as in compatibility mode, the real drives are not so
affected.  And since the virtual drive is mapped to a dos file on one
of the real drives, I believe you get 32-bit phyical drive access
there as well, although access is still slowed by CPU time necessary
to encrypt and decrypt.

Edgar W. Swank   <edgar at Garg.Campbell.CA.US>
Edgar W. Swank   <EdgarSwank at Juno.com>
Edgar W. Swank   <Edgar_W._Swank at ilanet.org>
Home Page: http://members.tripod.com/~EdgarS/index.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCUAwUBMh7d4t4nNf3ah8DHAQHNdAP3RKd07B55fkW5CazT8mMaGUoTtjxSvUBv
3ykPvBhHvu7egb4EB1/XcBTM3K/6QeE8Dt10XJVX15Fd9nHY+XI0c0VB8Trlb/NB
0ymq+/SchedtUNmCgDeycbF104bfirpuXKy0OChDfpgMe0d/ifCXny6Co0BqIbRi
fQyKtXzOxQ==
=h1RT
-----END PGP SIGNATURE-----

-- 
edgar at Garg.Campbell.CA.US (Edgar Swank)
The Land of Garg BBS -- +1 408 378-5108





From whgiii at amaranth.com  Sat Aug 24 11:31:22 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Sat, 24 Aug 1996 11:31:22 -0700 (PDT)
Subject: Spamming (Good or Bad?)
In-Reply-To: <3.0b11.32.19960823114947.006d7d7c@central.tansoft.com>
Message-ID: <199608240907.EAA13180@mailhub.amaranth.com>


-----BEGIN PGP SIGNED MESSAGE-----

In <3.0b11.32.19960823114947.006d7d7c at central.tansoft.com>, on 08/23/96 at 11:49 AM,
   "James C. Sewell" <jims at MPGN.COM> said:

>At 03:35 AM 8/23/96 +0000, Vipul Ved Prakash wrote:
>>
>>This is peculiar. Nobody seems to mind ads in Newspapers, printed 
>>magazines, TV, and for that matter web sites. That is unwanted stuff

>I'd suggest that most/all of us 'mind' ads in papers, tv, etc.  The 
>difference is that while we can do nothing about commercials on
>TV (short of breaking federal law and jamming the signal) we can
>do something about spam.  If there is enough concensus we can
>develop/distribute/encourage the use of  new mailers that will help
>defeat spam.  

> For example:  If mail comes into a server that has more than 25
>recipients then it is only forwarded to those who have "signed up"
>for that sender.  When we subscribe to Cypherpunks we also have
>to register that with our network of mail servers.  Then if Mr. Spam
>sends stuff out it's not been "signed up" for so it gets trashed.

>I don't really like mail servers redirecting my mail, but perhaps we
>could arrive at a reasonable criteria for filtering if we tried real hard.


No I have to dissagree. Who I send mail to or whom I receive mail from is no-ones business. I for one have no intention of "signing up" or "regestering" with any mail server. I most certainally want to be the one to decide what mail I receive or do not receive, not someone elses idea of what I should receive.

Sorry but I will not be made a sheep for the "protection" from spam. baah baah


- --
- -----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
- -----------------------------------------------------------
 
MR/2 Tag->Program call to load Windows- "Here_piggy_piggy_piggy"

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMh7PDY9Co1n+aLhhAQGmnwP/fb6JTcVj3sP4WiqwDYgW5lzHEjNulgaZ
kvLbSlWde598YnEiDVXKSWZ6kYe4C0MEaFmdVpDq6i/Kg97YOYkmvnblYlEF9J7o
BZf7SEL9paNd2UE/DO2jO4VS2VMTfvYIeEM1TOjN2nWLhjC/zvY/WdoO+rBRQ/vk
RIx1FwKPu64=
=Gt8i
-----END PGP SIGNATURE-----
 
MR/2 Tag->My best view from a Window was through OS/2.






From whgiii at amaranth.com  Sat Aug 24 11:31:22 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Sat, 24 Aug 1996 11:31:22 -0700 (PDT)
Subject: USPS
In-Reply-To: <199608231401.HAA10139@toad.com>
Message-ID: <199608240915.EAA13224@mailhub.amaranth.com>


-----BEGIN PGP SIGNED MESSAGE-----

In <199608231401.HAA10139 at toad.com>, on 08/23/96 at 10:01 AM,
   "Peter Trei" <ptrei at ACM.ORG> said:

>Closing deals: Ever hear of faxes or FedEx?

>My personal impression was that Raines had been listening to his 
>own propaganda for too long, and was rather out of touch with the 
>way things are done outside of the Beltway. I got the feeling that 
>the USPS was desperately trying to find a role in a time where it
>was becoming merely the cheapest and slowest player in the 
>package delivery business. 

Ahhh... But you truly miss the buety of this system.

Once in place all the goverment needs to do is ban all e-mail not sent through their system. Add this to the outlawing of all non-keyescrowed encryption, and the ability to archive all messages sent through their system. Now the goverment would have total access to everything you wright.

Eventually they could get rid of all snail-mail. Put in place scaners with OCR, handwrighting reconition & voice dictation in local post offices for those without Inet access.

The even BIGGER PICTURE:

Eventually we will not have dial-up internet access the way it is today. Mater of fact we will not have phone systems the way we have today. Instead we will have 1 huge network, a SuperIneternet, inwhich all homes & business are connected. For those without computers in their homes will be small dumb terminals that will let them connect & provide basic services (such devices are being developed right now).

In such a system anyone could be monitored, at any time.

Sound far fetched? The technology is here now to do this. Just remember that the "powers to be" don't think in terms of months or years but decades. It may take 20-30yrs for such a system to be fully implimented. "They" are very patient.

1984? no, 2084 without a doubt!


- --
- -----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
- -----------------------------------------------------------
 
MR/2 Tag->Windows: Just another pane in the glass.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMh6EZI9Co1n+aLhhAQGh9QQAht8JS5rNOLyk3m8XlcXyjEFr5meerldB
9wDqhnaHJbgLmgC2NNcvAcYgGpAQfMRDHwzBXPX0PBCndXk87BfppFtnvexGOhgh
gD/170jrgbGbH1CDAvOCxtv4Hp0kM6qk1yO2IJcfPjhPZqD/mPyeUwV/MEpw4blE
iFUfY4Uvvsg=
=pho2
-----END PGP SIGNATURE-----
 
MR/2 Tag->Windows NT?  New Technology?  I don't think so...






From whgiii at amaranth.com  Sat Aug 24 11:31:30 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Sat, 24 Aug 1996 11:31:30 -0700 (PDT)
Subject: Intel to rule the basic crypto engine market?
In-Reply-To: <Pine.BSI.3.91.960823160256.19295A-100000@wichita.fn.net>
Message-ID: <199608240916.EAA13229@mailhub.amaranth.com>


-----BEGIN PGP SIGNED MESSAGE-----

In <Pine.BSI.3.91.960823160256.19295A-100000 at wichita.fn.net>, on 08/23/96 at 04:12 PM,
   "Bruce M." <bkmarsh at feist.com> said:


>InfoWorld, August 19, 1996, p1
>By Luc Hatlestad & Tom Quinlan

>------------------------------

>    Looking to bring a standard infrastructure to hardware- and 
>software-based encryption offerings, Intel Corp. has started developing a 
>Common Data Security Architecture (CDSA) designed to integrate security 
>software, operating systems, and third party applications.

Hmmmm.....

Intresting but..., In the era of ITAR, GAK, Key Escrows,Clipper,& FileGate do we really want to put all our eggs in one basket? And that basket being based on hardware? IMHO I don't see Intell standing up to the government any more than Netscape, Mircosoft, IBM, or Lotus has. I have serious doubts that our "beloved" goverment will alow any standard to be adopted that does not allow them access whenever they please. I personally do not run any security code on my machines that I do not have the
source for & have instpected.


No source=No trust.


>[...]
>------------------------------

>http://www.infoworld.com/cgi-bin/displayArchives.pl?960816.encryption.htm
>   

>                       ________________________________
>                      [ Bruce M. - Feist Systems, Inc. ]
>                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>     "Official estimates show that more than 120 countries have or are 
>      developing [information warfare] capabilities." -GAO/AIMD-96-84
>                         So, what is your excuse now?


Including NSA, CIA, SS, FBI, Justice Department, .... I am more concern of the activities of our own government against its own citicens than any foreign government. Who is watching the watchers and what is YOUR execuse?


- --
- -----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
- -----------------------------------------------------------
 
MR/2 Tag->Have you crashed your Windows today?

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMh5+d49Co1n+aLhhAQFP+QP/au8Ov58AFTNRzLI+Sxz8Mjf9G1ZKCVvV
EeoxWqKTdl0Sum5ygHEEc9oibK8vBllEP5pONyhhi/8hQGd5T82AQQAzbxZLcLK+
If8Em2wjnZz1aRiC8La2myXXvpdzzzDIE7UQ5WcjZ8BB06h3qhVSA8hveNsFhaAC
jW9OMDN2ky8=
=boLv
-----END PGP SIGNATURE-----
 
MR/2 Tag->The sad thing about Windows bashing is it's all true.






From whgiii at amaranth.com  Sat Aug 24 11:31:33 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Sat, 24 Aug 1996 11:31:33 -0700 (PDT)
Subject: "Regulation of Commerce" and the Crypto Issue
In-Reply-To: <ae432be9000210041c17@[205.199.118.202]>
Message-ID: <199608240915.EAA13219@mailhub.amaranth.com>


-----BEGIN PGP SIGNED MESSAGE-----

In <ae432be9000210041c17@[205.199.118.202]>, on 08/23/96 at 02:51 AM,
   tcmay at got.net (Timothy C. May) said:

>In fact, since nearly everything involves "commerce" in some way, whether
>interstate or not, the "regulate commerce" clause can presumably be used as
>a jusitification for interfering in all sorts of areas.

>The several legal experts out there on this list can clarify any errors of
>interpretation I have made. I certainly know that the commerce clause
>cannot be used to suppress certain kinds of speech, though the boundaries
>of where it may be applied seem unclear.

>I do expect it to be used for crypto, though, and this might even be upheld
>by the Supremes, especially in any areas directly involving "digital
>commerce."

>We should watch for this, and think about ways to deflect or derail such
>interpretations.

This clause has been one of the "weak links" of the Constitution used by our government to regulate business in the 20th century. Rosevelt used it as justification for many of his unconstitutional projects in the 30's. Nixion used it for his "price freezes" in the 70's.

This clause had good purposes when it was put into the Constitution. What it was for was the following:

    -Give the government the power to establish tariffs & regulate trade with foriegn governmnets.(this had previously been handled by the individual states)

    -Prevent the states from imposing tariffs on products coming into or leaving their state or otherwise hamper commerice between the states.

This clause was never intended to give the federal government unlimited power to "regulate commerce" inside of the country.

Remember that our founding fathers were fearfull of a powerfull centralized govewrnment. They established checks and balances, and only gave the federal goverment the minimum amount of power needed to keep the country together. All other powers were to be regulated to the states and the people.

We have no-one to blame but ourselfs. Our founding fathers new that we needed an inteligent, well informed, population for a democracy to survive. Unfortunatly we have truned into a country of sheep who beleive everything the "boob tube" tells them. At the drop of a hat they are willing to give up hard earned fredoms paid for with the blood of our ancestors for small promises of security.

I remember the oath I took years ago when I joined the Marine Corps:

"To Defend the Constitution from ALL threats foreign AND DOMESTIC"


- --
- -----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
- -----------------------------------------------------------
 
MR/2 Tag->It's OS/2, Jim, but not OS/2 as we know it.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMh6KsI9Co1n+aLhhAQEO4QP8CQA84feezlGHB6XMui6Pj8fVzkmnYat/
jnYHGT7nEpCpTZRXE40NMbMyv7rDTeQtolvxc9pdKf1bT+Vew5ulRhqyoQNiLnSW
P2MQJOFm2HNstGwNFg3+lZ5oTUwGjDJhiloL/PP69bRCKVTtWCb9FX1PPyZKMwAN
vI+GiF7YLI8=
=pUAI
-----END PGP SIGNATURE-----
 
MR/2 Tag->If at first you don't succeed, work for Microsoft.






From tcmay at got.net  Fri Aug 23 20:52:41 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 24 Aug 1996 11:52:41 +0800
Subject: "----- Message body suppressed -----"
Message-ID: <ae43a99302021004167e@[205.199.118.202]>


At 1:10 AM 8/21/96, Skip wrote:
>   ----- Message body suppressed -----
>


Sounds good to me. Keep it up.


--Tim May


--
[This Bible excerpt awaiting review under the U.S. Communications Decency
Act of 1996]
And then Lot said, "I have some mighty fine young virgin daughters. Why
don't you boys just come on in and fuck them right here in my house - I'll
just watch!"....Later, up in the mountains, the younger daughter said:
"Dad's getting old. I say we should fuck him before he's too old to fuck."
So the two daughters got him drunk and screwed him all that night. Sure
enough, Dad got them pregnant, and had an incestuous bastard son....Onan
really hated the idea of doing his brother's wife and getting her pregnant
while his brother got all the credit, so he pulled out before he
came....Remember, it's not a good idea to have sex with your sister, your
brother, your parents, your pet dog, or the farm animals, unless of course
God tells you to. [excerpts from the Old Testament, Modern Vernacular
Translation, TCM, 1996]







From tcmay at got.net  Fri Aug 23 20:59:43 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 24 Aug 1996 11:59:43 +0800
Subject: Anonymous Remailers
Message-ID: <ae43a86a01021004d0a8@[205.199.118.202]>


At 7:52 PM 8/23/96, Chris J Samuelson wrote:
>When you mail an item through more than one anonymous remailer, how does
>that make it anymore anonymous, or doesn't it?

When only a single remailer is used, the remailer can see the mapping
between the sender and the receiver.

When two remailers are used, the first remailer can see the sender, but not
the final recipient. The second remailer can see the final recipient, but
not the original sender. Of course, the two remailers can get together and
"collude," thus deducing the mapping between sender and recipient.

With N remailers, the likelihood of collusion amongst the N remailers is
less likely, possibly extremely unlikely. This is the core theory of mixes,
or remailers.

(And of course one can include one's self as a remailer, to further
increase one's confidence that collusion has not occurred.)

--Tim May


We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From tcmay at got.net  Fri Aug 23 21:04:03 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 24 Aug 1996 12:04:03 +0800
Subject: FW: Cryptography Revisited
Message-ID: <ae43aad50302100461fd@[205.199.118.202]>


At 8:21 PM 8/23/96, Paul Robichaux wrote:
>Anybody want to give this guy The Business? Earlier attempts didn't seem
>to sink in.

>>From: btcarey at primenet.com (Brent A. Carey)
>>Newsgroups: comp.sys.mac.programmer.help
>>Subject: Cryptography Revisited
>>Date: 23 Aug 1996 01:15:01 -0700
....
>>I am now porting the application to the Mac with the intent to sell it to
>>a private contractor that is developing RISC-based computers for
>>specialized use in the government.  I have been assured that a PPC native

I think it better that we not discourage him. If he can sell his "Snake Oil
Cypher System" to the government, this will be a Good Thing. It will slow
them down, lull them into false security, and distract them as they are
cleaning up the mess.

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From declan at eff.org  Fri Aug 23 21:37:30 1996
From: declan at eff.org (Declan McCullagh)
Date: Sat, 24 Aug 1996 12:37:30 +0800
Subject: Any CPs in D.C.?
In-Reply-To: <s792sD80w165w@bwalk.dm.com>
Message-ID: <Pine.SUN.3.91.960823184142.7589A-100000@eff.org>


Some of us DC-area cypherpunks are planning to get together with Lucky
this Saturday afternoon. Interested? Send me mail... 

-Declan



> Black Unicorn <unicorn at schloss.li> writes:
> > Are you in D.C. now?
> >
> > Perhaps a drink would be in order?




// declan at eff.org // I do not represent the EFF // declan at well.com //







From alano at teleport.com  Fri Aug 23 22:05:40 1996
From: alano at teleport.com (Alan Olsen)
Date: Sat, 24 Aug 1996 13:05:40 +0800
Subject: "----- Message body suppressed -----"
Message-ID: <3.0b11.32.19960823191752.00bae67c@mail.teleport.com>


At 06:25 PM 8/23/96 -0700, Timothy C. May wrote:
>At 1:10 AM 8/21/96, Skip wrote:
>>   ----- Message body suppressed -----
>>
>
>
>Sounds good to me. Keep it up.

It looks like an internal mailing list version of Cypherpunks at Netscape is
feeding back into the regular list with weird results.

---
|  "Remember: You can't have BSDM without BSD. - alan at ctrl-alt-del.com  "|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From rah at shipwright.com  Fri Aug 23 23:54:26 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Sat, 24 Aug 1996 14:54:26 +0800
Subject: Electronic Money Conference
Message-ID: <v03007803ae44160dc44f@[206.119.69.46]>



--- begin forwarded text


Date: Fri, 23 Aug 1996 20:44 EDT
From: Somebody
Subject: Electronic Money Conference
To: rah at shipwright.com


http://www.occ.treas.gov/emoney.htm

How to Register . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . .. . . . . . . Speakers' Photos

          Toward Electronic Money & Banking: The Role of Government
   A Conference Sponsored by the United States Department of the Treasury
   A Conference Sponsored by the United States Department of the Treasury
   A Conference Sponsored by the United States Department of the Treasury
                                                                     [Image]
[Image]                   Sheraton Washington Hotel
                               Washington, DC
                            September 19-20, 1996

                        Thursday, September 19, 1996
----------------------------------------------------------------------------
             7:00 a.m. - Registration and Continental Breakfast
----------------------------------------------------------------------------
                         8:15 a.m. - Opening Address

                               KEYNOTE ADDRESS
          The Honorable Robert E. Rubin, Secretary of the Treasury
----------------------------------------------------------------------------
                          9:45 a.m. - Panel Session

                          International Cooperation
     A discussion of the major issues facing the international financial
 regulatory and law enforcement communities as electronic money systems and
                 banking on the Internet become a reality.
----------------------------------------------------------------------------
                            10:45 a.m. - Address

                               SPEAKER ADDRESS
      The Honorable Robert Pitofsky, Chairman, Federal Trade Commission
----------------------------------------------------------------------------
                         11:15 a.m. - Panel Session

                               Consumer Issues
    An exploration of the impact of emerging electronic money and banking
   technologies on consumers, including consumer disclosure requirements,
   assignment of liability, and challenges and opportunities for consumer
                           access and acceptance.
----------------------------------------------------------------------------
                            12:30 p.m. -Luncheon

                              LUNCHEON ADDRESS
             The Honorable John Reed, Chairman and CEO, Citicorp
----------------------------------------------------------------------------
                          2:15 p.m. - Panel Session

                         Security and Authentication
     A discussion of industry's interest in the commercial use of strong
  cryptographic techniques and the government's national security concerns,
    and a look at the role industry and government standards play in the
       implementation of encryption and authentication technologies.
----------------------------------------------------------------------------
                        4:00 p.m. - Concurrent Panels

                            Payment System Issues
 A discussion of domestic and international payment system issues raised by
  electronic money and banking systems, including consideration of new and
            future operational, settlement, and systemic risks.

                        E-Money Systems: Case Studies
   A look at actual experiences with operational E-money systems and pilot
 tests in Europe and the United States, impediments to consumer and merchant
          acceptance, and perspectives on the role of government.

                               Privacy Issues
   An examination of consumer privacy issues raised by the use of personal
information generated by electronic commercial and banking transactions, and
                a look at industry and government responses.
----------------------------------------------------------------------------
                           6:00 p.m. - Reception
----------------------------------------------------------------------------
                             7:00 p.m. - Dinner

                               DINNER ADDRESS
       The Honorable Alan Greenspan, Chairman, Federal Reserve Board

----------------------------------------------------------------------------
----------------------------------------------------------------------------

                         Friday, September 20, 1996
----------------------------------------------------------------------------
                     7:30 a.m. - Continental Breakfast
----------------------------------------------------------------------------
                         8:30 a.m. - Opening Address

                               KEYNOTE ADDRESS
   The Honorable Michael N. Castle, Chairman Subcommittee on Domestic and
   International Monetary Policy House Committee on Banking and Financial
                                  Services
----------------------------------------------------------------------------
                          9:00 a.m. - Panel Session

                        Law Enforcement Perspectives
    A look at law enforcement issues raised by the emerging technologies,
  including the effectiveness of the current regulatory scheme, traditional
   investigative techniques and analysis, and international jurisdictional
                             responsibilities.
----------------------------------------------------------------------------
                         10:45 a.m. - Panel Session

                  Electronic Money: Perspectives on Issuers
 A discussion of the institutional, financial, and operational criteria for
  successful issuers, including an exploration of the roles government and
          market forces play in establishing minimum requirements.
----------------------------------------------------------------------------
                            12:00 p.m. - Luncheon

                              LUNCHEON ADDRESS
                Eugene A. Ludwig, Comptroller of the Currency
----------------------------------------------------------------------------
                        2:00 p.m. - Conference Closes

----------------------------------------------------------------------------
                                 Questions:
                                   E-mail
                    Fax: E-Money Conference 202-874-5436

--- end forwarded text



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From stend at grendel.austin.texas.net  Sat Aug 24 15:56:16 1996
From: stend at grendel.austin.texas.net (Firebeard)
Date: Sat, 24 Aug 1996 15:56:16 -0700 (PDT)
Subject: Spamming (Good or Bad?)
In-Reply-To: <Pine.BSF.3.91.960821150339.9917H-100000@mercury.thepoint.net>
Message-ID: <199608242252.RAA05122@grendel.austin.texas.net>


>>>>> Vipul Ved Prakash writes:

>> Free (commercial)speech for you (perhaps at our expense), but no
>> free speech for us?

VVP> This is peculiar. Nobody seems to mind ads in Newspapers, printed
VVP> magazines, TV, and for that matter web sites. That is unwanted
VVP> stuff too, but now someone is paying for it.

	In the first three cases, the advertising subsidises the cost
of the media - ever notice that the advertiser-free[1] channels are more
expensive?  In the last case, I decide to request the advertising,
increasing my time on-line, potentially increasing my cost of access.
In the case of email spam, the advertiser decides to force me to
receive the advertising, increasing my time on-line, potentially
increasing my cost of access.

-- 
#include <disclaimer.h>                               /* Sten Drescher */
ObCDABait:      For she doted upon their paramours, whose flesh is as the
flesh of asses, and whose issue is like the issue of horses.  [Eze 23:20]
Unsolicited solicitations will be proofread for a US$500/KB fee.





From 81764205 at cshore.com  Sat Aug 24 16:17:33 1996
From: 81764205 at cshore.com (81764205 at cshore.com)
Date: Sat, 24 Aug 1996 16:17:33 -0700 (PDT)
Subject: Remailer
Message-ID: <321F0ED6.F8C@cshore.com>


Help!!!! I need a good Anonymous remailer, can somebody send me a program 
that does just that. Thanks





From richieb at teleport.com  Sat Aug 24 01:30:46 1996
From: richieb at teleport.com (Rich Burroughs)
Date: Sat, 24 Aug 1996 16:30:46 +0800
Subject: FWD: Julf Forced to Reval Names
Message-ID: <321e6466.389454@mail.teleport.com>


The article below was posted to the newsgroup alt.religion.scientology.
I cannot as of yet verify the contents.


Rich

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

-----BEGIN PGP SIGNED MESSAGE-----

Today on 22nd of August the local court of first instance in
Helsinki decided that Johan Helsingius has to reveal the email
adress asked for by the Police Department of Helsinki. This has to
be done within 30 days when summoned for interrogation.

Since this is merely a part of a case, this decision can't be
appealed. If Helsingius still refuses to reveal the info he will be
repeatedly fined and ultimately jailed for up to six months. The
decisions about fines and jail can be appealed, but an appeal won't
stay the execution of the ordered fine/jail, only a judgement of the
appeals court will. The questions about different appeals in this
case are somewhat complex and regarding the possibility to appeal it
was a split decision (4-1).

The court ruled against Helsingius in this matter. During the
hearing Helsingius argued against this view in many ways: he
objected on constitutional grounds and on grounds relating to
statutes regarding criminal investigation.

This information is based mainly on message <4vi0tt$geq at idefix.eunet.fi>
in the local Finnish newsgroup sfnet.keskustelu.laki, by Kaj Malmberg,
the police officer in charge of the investigation of the matter where
Scientology scriptures were posted through anon.penet.fi.

More reports from this case will probably follow soon.

[posted & mailed to a few individuals]

==========================================================================
 pjs at uwasa.fi, Student of Theology & Law Student at the U of Helsinki
 Disclaimer: Speaking for myself only. Always using PGP to sign articles.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQCVAgUBMhymBB1yhFX7KT+RAQHWEgQAw45nMBmJGKl1KXS/WkHL2rC4nGsZ8D97
AssSzKoMbB0Bw7M0tzZub9RzQY4Z9hVRXDxkvyxVoZtL1vZ7DqnIq8Xv/icy81Z5
g2BDy+r7fGqaEewKW3xuoKXSt1EuE765uRiweNqHpNIxBBDQGeEy+9qy/rs1KcwW
dioGxAsAyHo=
=TihY
-----END PGP SIGNATURE-----

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

______________________________________________________________________
Rich Burroughs  richieb at teleport.com  http://www.teleport.com/~richieb
See my Blue Ribbon Page at http://www.teleport.com/~richieb/blueribbon
U.S. State Censorship Page at - http://www.teleport.com/~richieb/state
New EF zine "cause for alarm" - http://www.teleport.com/~richieb/cause





From lzirko at c2.net  Sat Aug 24 17:06:36 1996
From: lzirko at c2.net (Lou Zirko)
Date: Sat, 24 Aug 1996 17:06:36 -0700 (PDT)
Subject: Weird "Suppression" messages
Message-ID: <199608250005.RAA10538@infinity.c2.org>


-----BEGIN PGP SIGNED MESSAGE-----

To: alano at teleport.com, zachb at netcom.com, rich at c2.org,
 cypherpunks at toad.com
Date: Sat Aug 24 20:05:46 1996
I have seen delivery receipts for messages use a similar format and since 
these are duplicates of full messages received earlier there is a 
probability that sendmail is misconfigured on littlefoot ( or whatever the 
box at mcom is ).

Lou Zirko

> At 10:36 PM 8/23/96 -0700, Z.B. wrote:
> >On Fri, 23 Aug 1996, Alan Olsen wrote:
> >
> >> At 10:54 PM 8/20/96 -0700, Rich Graves wrote:
> >> >   ----- Message body suppressed -----
> >> >
> >> >--SAA08114.840765294/tera.mcom.com--
> >> 
> >> This is bizzare.  I have gotten three messages with this message.
> >> 
> >> Is someone at Netscape canceling messages?  (mcom.com is the old
>  domain name
> >> of Netscape.)
> >> 
> >> Anyone have any ideas on this?
> >
> >I don't have a clue what it is, but it's sure pissing me off.  I've 
> >gotten about 15 or so of these messages in the past two hours.  If it's
> >an honest error, then someone better fix it real fast; if some loser is
> >jerking us around, ......
> 
> Some list redirector of somesort has gone wonky at Netscape.  (Take a
>  look
> at the headers if you do not believe me.  They are originating off of
>  some
> internal lists at mcom.com, the original Netscape domain.)
> 
> Cypherpunks is not the only list effected by this.  I am getting these
>  weird
> messages on wwwsecurity as well.
> 
> Since it is Friday, I expect that this will be with us until someone
>  gets in
> the office on Monday.
> ---
> |  "Remember: You can't have BSDM without BSD. - alan at ctrl-alt-del.com 
>  "|
> |"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:        
>  |
> | mankind free in one-key-steganography-privacy!"  | Ignore the man     
>  |
> |`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the
>  keyboard.|
> |         http://www.teleport.com/~alano/          | alano at teleport.com 
>  |
> 
> 
> 



Lou Zirko                                (502)383-2175
Zystems                                  lzirko at c2.org
"We're all bozos on this bus" - Nick Danger, Third Eye

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: latin1

iQEVAwUBMh+m98tPRTNbb5z9AQFtaQf/d1cfjPtP/ShlLBq1FiMmw28A2PaRpTmP
WOecpRisL6zouGYGGLzlUQk1oSMB2bz82Zk+K6LWAQj1b4jIuT6++UI0RXSwPE72
5+c1S3IIUzZNNTbZnVlKoGky06JV8xZWsbPwnDSuqJ/i5QHs7U8DUi1KrKztxYv+
i1raWmAK6Ib9q9YJ1Ub6591FEpROkfUHtbuPZ7EvvvVOwaEVNlxGOqQt6DHPeGb4
UAApKB5sbj1mGuThj3ijVoulwnaKaxvo3Ke3iN9+F8C+uNQmGwZnyVxmlrDz9Fjn
pjfrpOd2oGUZ1pPkDgd5tEg2vJX0aNREj544szHJD3caqCmt0S6adw==
=WAdH
-----END PGP SIGNATURE-----






From snow at smoke.suba.com  Sat Aug 24 18:21:37 1996
From: snow at smoke.suba.com (snow)
Date: Sat, 24 Aug 1996 18:21:37 -0700 (PDT)
Subject: your mail
In-Reply-To: <UPMAIL01.199608241925150568@msn.com>
Message-ID: <Pine.LNX.3.93.960824193104.144A-100000@smoke.suba.com>


On Sat, 24 Aug 1996, Mike Howell wrote:

> Does anybody know what I can get for generating the credit card numbers?

     3 to 5 if you get caught using them for the wrong thing.

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From alano at teleport.com  Sat Aug 24 03:52:47 1996
From: alano at teleport.com (Alan Olsen)
Date: Sat, 24 Aug 1996 18:52:47 +0800
Subject: Weird "Suppression" messages
Message-ID: <3.0b11.32.19960823190618.00ba29dc@mail.teleport.com>


At 10:54 PM 8/20/96 -0700, Rich Graves wrote:
>   ----- Message body suppressed -----
>
>--SAA08114.840765294/tera.mcom.com--

This is bizzare.  I have gotten three messages with this message.

Is someone at Netscape canceling messages?  (mcom.com is the old domain name
of Netscape.)

Anyone have any ideas on this?
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From 72124.3234 at compuserve.com  Sat Aug 24 04:36:58 1996
From: 72124.3234 at compuserve.com (Kent Briggs)
Date: Sat, 24 Aug 1996 19:36:58 +0800
Subject: Announce: Puffer 2.0 for Win 95
Message-ID: <199608240217.WAA09419@spirit.hks.net>


-----BEGIN PGP SIGNED MESSAGE-----

I have released a 32-bit version of Puffer 2.0 for Windows 95 and NT
systems.
It has the same features as the 16-bit version except it now supports
long
file names.  The exportable shareware version is available from my web
site at:

http://execpc.com/~kbriggs

An upgrade patch for registered users is also available there.  A brief
description of Puffer is provided below.

Kent Briggs

===========================================================================
Puffer is a general purpose encryption tool for Windows that protects
your
personal and business data as well as your e-mail correspondence.  Use
Puffer to securely exchange data over insecure channels.  Puffer uses
state-of-the-art encryption algorithms for maximum security.  The
shareware
version has been approved for export from the U.S. by the State
Department
through a commodity jurisdiction determination.

Features:

* 40-bit PC1 (RC4 clone) stream cipher
* 160-bit Blowfish block cipher (U.S./Canada registered version)
* Secure, multi-pass file wiping
* LZ77 compression
* Binary and ASCII archives
* Self-extracting executables
* Built-in editor
* Available in 16-bit and 32-bit editions
===========================================================================
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMh5mTCoZzwIn1bdtAQHEPAF/Qk62u4AF0n6lAYoTBzA7/R4yGtTaDfrT
1RK5QxMgjfWjmhq0coI2eVaI2Nm3si8Q
=rjn9
-----END PGP SIGNATURE-----





From ichudov at algebra.com  Sat Aug 24 19:50:43 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Sat, 24 Aug 1996 19:50:43 -0700 (PDT)
Subject: Degaussing a pile of 5.25" media
In-Reply-To: <0ig7sD1w165w@bwalk.dm.com>
Message-ID: <199608250248.VAA24644@manifold.algebra.com>


Dr.Dimitri Vulis KOTM wrote:
> 
> I have 3 bags full of 5.25" diskettes (in NYC). Can someone please let me use
> their degausser before I get rid of them? (Anyone who wants them after they're
> degaussed is welcome to them :-)
> 

I can degauss your diskettes, for free.

	- Igor.





From ichudov at algebra.com  Sat Aug 24 20:22:27 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Sat, 24 Aug 1996 20:22:27 -0700 (PDT)
Subject: Encrypted tape archive  solution?
Message-ID: <199608250320.WAA24760@manifold.algebra.com>


Hi,

I have a linux system and create tape archives every night. Most 
sensitive data files are encrypted, but I want the whole tape archive
to be encrypted just for the peace of mind. 

Is there any simple solution for linux 2.0 that allows to create
encrypted archives?

Another question: suppose I use Matt  Blase's CFS. Is it safe to backup 
the _encrypted_ files, and not the mounted directory that looks decrypted?
(i.e., not the "attached" filesystem).

Thanks,

	- Igor.





From rwright at adnetsol.com  Sat Aug 24 06:48:29 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Sat, 24 Aug 1996 21:48:29 +0800
Subject: Suppressed Messages
Message-ID: <199608240251.TAA03475@adnetsol.adnetsol.com>


What could be more fun on a Friday Night?  I think it's a great 
trick, however some may find it more than annoying.

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From mcortes at earthlink.net  Sat Aug 24 22:05:01 1996
From: mcortes at earthlink.net (Michael Cortes)
Date: Sat, 24 Aug 1996 22:05:01 -0700 (PDT)
Subject: please take me of this list
Message-ID: <321FB791.1CAB@earthlink.net>


PLEASE, PLEASE get me off this cypherpunk mailing list.  my brother signed me 
up (on my account) as some idea of a joke...but it is flooding my email....if 
someone would take the time to take me off, i would be ever so greatful

*sarah*





From vince at offshore.com.ai  Sat Aug 24 22:20:59 1996
From: vince at offshore.com.ai (Vincent Cate)
Date: Sat, 24 Aug 1996 22:20:59 -0700 (PDT)
Subject: Cypherpunk voting - ITAR or CDA
Message-ID: <Pine.LNX.3.91.960825012703.9463A@offshore>



Dole says he would fix the ITAR problem, but try to keep something like
CDA. 

Clinton is keeping ITAR and signed CDA.  But not having the religious
right he might soften on CDA.

The courts seem to be throwing out CDA much faster than ITAR (some fast
track to the supreme court built into the law).  It also seems like ITAR
is the more important thing to fix (it is easier to move pornography etc
out of the US than major software companies). 

So it seems Dole is the better vote.  Is this important enough to many
cypherpunks to actually determine their vote?

  --  Vince

-----------------------------------------------------------------------
Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
Offshore Information Services         http://www.offshore.com.ai/






From Adamsc at io-online.com  Sat Aug 24 22:50:40 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sat, 24 Aug 1996 22:50:40 -0700 (PDT)
Subject: Interesting
Message-ID: <19960825055044046.AAA85@IO-ONLINE.COM>


The body-suppressed problem seems to be continuing.  I'm getting almost no
normal list traffic.  Does anyone think that someone might be trying to halt
the list?

/ If you think education is expensive, try ignorance.
/ Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
/ Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
/ Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
/ Member in good standing of the GNU whirled hors d'oeuvre






From rwright at adnetsol.com  Sat Aug 24 23:29:38 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Sat, 24 Aug 1996 23:29:38 -0700 (PDT)
Subject: Fishy stuff
Message-ID: <199608250629.XAA29349@adnetsol.adnetsol.com>


I just read a supressed message from me about a topic I never wrote 
about.  This IS PISSING me off.

Ross

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From DMiskell at envirolink.org  Sat Aug 24 23:30:09 1996
From: DMiskell at envirolink.org (Daniel Miskell)
Date: Sat, 24 Aug 1996 23:30:09 -0700 (PDT)
Subject: Weird "Suppression" messages
Message-ID: <199608250622.CAA18195@envirolink.org>


Vipul Ved Prakash writes:
>> 
>> I don't have a clue what it is, but it's sure pissing me off.  I've 
>> gotten about 15 or so of these messages in the past two hours.  If it's 
>> an honest error, then someone better fix it real fast; if some loser is 
>> jerking us around, ......
>> 
>
>Is this all becuz of those bad nameserver records floating around the net?
>Tons of ISP's have gone down!
>

I hope that's all this is.  Because 90% of the notes I am getting, at BEST,
contain supressed message bodies.  This is really starting to frighten me.

Daniel.






From zachb at netcom.com  Sat Aug 24 11:21:32 1996
From: zachb at netcom.com (Z.B.)
Date: Sun, 25 Aug 1996 02:21:32 +0800
Subject: Wtf?????
In-Reply-To: <199608230341.DAA00616@fountainhead.net>
Message-ID: <Pine.3.89.9608232040.A14578-0100000@netcom22>


On Fri, 23 Aug 1996, Vipul Ved Prakash wrote:

>    ----- Message body suppressed -----
> 
> --CAA28180.840792057/tera.mcom.com--
> 
> 
What's with all these messages like this???  Who's doing this and WHY???


---

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127







From llurch at networking.stanford.edu  Sat Aug 24 11:40:08 1996
From: llurch at networking.stanford.edu (Rich Graves)
Date: Sun, 25 Aug 1996 02:40:08 +0800
Subject: Weird "Suppression" messages
In-Reply-To: <3.0b11.32.19960823190618.00ba29dc@mail.teleport.com>
Message-ID: <Pine.GUL.3.95.960823193109.7805A-100000@Networking.Stanford.EDU>


After Klemensrud settled the Scientology suit, they were emboldened to show
the flag at Netscape.

It is no coincidence that Tom Cruise used Netscape in Mission: Impossible.

Be afraid. Be very afraid.

(It's also possible that there's a mail routing flap at Netscape, but I
would not discount the Scientology angle. Every conspiracy theory contains
a grain of truth, after all.)

-rich

On Fri, 23 Aug 1996, Alan Olsen wrote:

> At 10:54 PM 8/20/96 -0700, Rich Graves wrote:
> >   ----- Message body suppressed -----
> >
> >--SAA08114.840765294/tera.mcom.com--
> 
> This is bizzare.  I have gotten three messages with this message.
> 
> Is someone at Netscape canceling messages?  (mcom.com is the old domain name
> of Netscape.)
> 
> Anyone have any ideas on this?
> ---
> Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
>         `finger -l alano at teleport.com` for PGP 2.6.2 key 
>                 http://www.teleport.com/~alano/ 
>   "We had to destroy the Internet in order to save it." - Sen. Exon
>                 "Microsoft -- Nothing but NT promises."






From qut at netcom.com  Sat Aug 24 12:54:05 1996
From: qut at netcom.com (Skipp OBC)
Date: Sun, 25 Aug 1996 03:54:05 +0800
Subject: Abuse by llurch of ISP
Message-ID: <199608240240.TAA13822@netcom16.netcom.com>


>From qut Fri Aug 23 19:21:25 1996
Subject: Re: Abusive mail from qut at netcom.com refused
To: abuse at netcom.com, rcgraves at ix.netcom.com, llurch at stanford.edu
Date: Fri, 23 Aug 1996 19:21:25 -0700 (PDT)
In-Reply-To: <199608240106.SAA07144 at Networking.Stanford.EDU> from "Rich Graves" at Aug 23, 96 06:06:04 pm
X-Mailer: ELM [version 2.4 PL23]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 1564      

! Dear Netcom:
! 
! You suspended the account of this cross between Boursy and Dan Gannon (but

Absurd!  Boursy is non-political and objectively a true net abuser.  
So is Gannon who spammed thousands of newsgroups with identical political 
posts, such groups as sci.physics and sci.math .

! not as sincere) for two weeks in March for net abuse including mailbombing
! and forging cancels. Please restore what little faith I once had in Netcom
! by considering doing so again. 

Netcom has considerably higher standards than Stanford, an account there 
is apparantly considered an actual right rather than a service.
llurch at stanford.edu is his address he abuses the net from, you won't find 
his abuses from rcgraves at ix.netcom.com which he very rarely uses, this 
e-mail, for example, was forged from networking.stanford.edu .

! All mail from qut at netcom.com to any of my email addresses is now being
! bounced to you as well as to him. Until he stops, you will usually receive
! multiple copies, because he usually sends multiple copies. 

This is absurd, we both subscribe to the same mailing list, cypherpunks, 
thereby anything I post to the list will be abusively e-mailed to 
abuse at netcom.com .  Also, It is inherent that posting to usenet invites 
e-mailed responses, which would make what he is doing even more abusive.

Rich Graves is a prominant net abuser, false complaints are part of his 
repertoire.  He has never before complained about recieving courtesy 
copies of responses to his posts, this is the first I've heard of it.


--
qut at netcom.com





From declan at eff.org  Sat Aug 24 13:24:50 1996
From: declan at eff.org (Declan McCullagh)
Date: Sun, 25 Aug 1996 04:24:50 +0800
Subject: Republican and Democratic party platforms [NOT!] on technology
In-Reply-To: <Pine.GUL.3.95.960822120928.25102B-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SUN.3.91.960823193909.8657A-100000@eff.org>


On Thu, 22 Aug 1996, Rich Graves wrote, quoting me:

> > But the benefit of having a pro-privacy statement in the platform (which in
> > fact was watered down significantly from that originally proposed by
> > advocates on our side) is that the platform covers Republican Party
> > candidates for any office, not just the presidency.
> 
> One Republican staffer sent you an ass-kissing note quoting an ALLEGED piece
> of the platform WHICH IS NOT ACTUALLY THERE. The platform was finalized on
> August 12th. The text you quoted is not even in the list of rejected
> amendments.

Wrong. Check out what I've attached below.

Happily, I don't waste time listening to Rich's rants. I take this as a
lesson that his posts are, in fact, not worth the time it takes to delete
them. Rich, I suggest you stick to whining about MS Windows unless you
enjoy the embarrassment of being proved wrong, once again. 

-Declan

---

Muckraker
By Brock Meeks
http://www.hotwired.com/muckraker/

[...]

                The word "Internet" appears only once in the platform
                language. It's a small victory, but not an insignificant
                one. Two paragraphs are of particular interest - the last
                two in the "Creating Jobs for Americans" section. Here
                they are:
                
                "The communications revolution empowers individuals,
                enhances health care, opens up opportunity for rural
                areas, and strengthens families and institutions. A
                Dole-led Congress passed the Telecommunications Act of
                1996 to promote full and open competition and freedom of
                choice in the telecommunications marketplace. In
                contrast, the Clinton-Gore administration repeatedly
                defended big-government regulation. The micromanagement
                of the Information Age is an impediment to the
                development of America's information superhighway.
                
                "We support the broadest access to telecommunications
                networks and services, based upon marketplace
                capabilities. The Internet today is the most staggering
                example of how the Information Age can and will enhance
                the lives of Americans everywhere. To further this
                explosion of new-found freedoms and opportunities,
                privacy, through secured communications, has never been
                more important. Bob Dole and the Republican Party will
                promote policies that ensure that the US remains the
                world leader in science, technology, and innovation."
                
                First off, it's amazing to see the Republicans taking
                credit for the Telecommunications Reform Act because, in
                doing so, they also are taking credit for one of the most
                egregious attacks on the First Amendment in recent
                history: the passage of the Communications Decency Act,
                which was embedded in the telecom bill like a virus.

[...]

                The really interesting stuff comes after you decode the
                phrase "privacy, through secured communications." This
                really means: "the right to use private encryption
                technology." This brilliant gem was wedged into the
                platform, so I'm told, through the efforts of Senator
                Conrad Burns' staff. Burns, of course, is the author of
                the pro-crypto technology bill known as "Pro-CODE," which
                flies in the face of the administration's nearly paranoid
                anti-crypto policies.
                
[...]





// declan at eff.org // I do not represent the EFF // declan at well.com //








From whgiii at amaranth.com  Sat Aug 24 14:16:12 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Sun, 25 Aug 1996 05:16:12 +0800
Subject: USPS
In-Reply-To: <199608231401.HAA10139@toad.com>
Message-ID: <199608240345.WAA10974@mailhub.amaranth.com>


-----BEGIN PGP SIGNED MESSAGE-----

In <199608231401.HAA10139 at toad.com>, on 08/23/96 at 10:01 AM,
   "Peter Trei" <ptrei at ACM.ORG> said:

>Closing deals: Ever hear of faxes or FedEx?

>My personal impression was that Raines had been listening to his 
>own propaganda for too long, and was rather out of touch with the 
>way things are done outside of the Beltway. I got the feeling that 
>the USPS was desperately trying to find a role in a time where it
>was becoming merely the cheapest and slowest player in the 
>package delivery business. 

Ahhh... But you truly miss the buety of this system.

Once in place all the goverment needs to do is ban all e-mail not sent through their system. Add this to the outlawing of all non-keyescrowed encryption, and the ability to archive all messages sent through their system. Now the goverment would have total access to everything you wright.

Eventually they could get rid of all snail-mail. Put in place scaners with OCR, handwrighting reconition & voice dictation in local post offices for those without Inet access.

The even BIGGER PICTURE:

Eventually we will not have dial-up internet access the way it is today. Mater of fact we will not have phone systems the way we have today. Instead we will have 1 huge network, a SuperIneternet, inwhich all homes & business are connected. For those without computers in their homes will be small dumb terminals that will let them connect & provide basic services (such devices are being developed right now).

In such a system anyone could be monitored, at any time.

Sound far fetched? The technology is here now to do this. Just remember that the "powers to be" don't think in terms of months or years but decades. It may take 20-30yrs for such a system to be fully implimented. "They" are very patient.

1984? no, 2084 without a doubt!


- --
- -----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
- -----------------------------------------------------------
 
MR/2 Tag->Windows: Just another pane in the glass.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMh6EZI9Co1n+aLhhAQGh9QQAht8JS5rNOLyk3m8XlcXyjEFr5meerldB
9wDqhnaHJbgLmgC2NNcvAcYgGpAQfMRDHwzBXPX0PBCndXk87BfppFtnvexGOhgh
gD/170jrgbGbH1CDAvOCxtv4Hp0kM6qk1yO2IJcfPjhPZqD/mPyeUwV/MEpw4blE
iFUfY4Uvvsg=
=pho2
-----END PGP SIGNATURE-----






From bdurham at metronet.com  Sat Aug 24 14:21:00 1996
From: bdurham at metronet.com (Brian Durham)
Date: Sun, 25 Aug 1996 05:21:00 +0800
Subject: Weird "Suppression" messages
In-Reply-To: <3.0b11.32.19960823190618.00ba29dc@mail.teleport.com>
Message-ID: <321F0BDF.3DA0@metronet.com>


Yeah.  The headers on the 'SSL: The early days' mail from 
pgut001 at cs.auckland.ac.nz look _pretty_ strange.

Brian Durham





From zachb at netcom.com  Sat Aug 24 14:26:29 1996
From: zachb at netcom.com (Z.B.)
Date: Sun, 25 Aug 1996 05:26:29 +0800
Subject: Weird "Suppression" messages
In-Reply-To: <3.0b11.32.19960823190618.00ba29dc@mail.teleport.com>
Message-ID: <Pine.3.89.9608232204.A26805-0100000@netcom19>


On Fri, 23 Aug 1996, Alan Olsen wrote:

> At 10:54 PM 8/20/96 -0700, Rich Graves wrote:
> >   ----- Message body suppressed -----
> >
> >--SAA08114.840765294/tera.mcom.com--
> 
> This is bizzare.  I have gotten three messages with this message.
> 
> Is someone at Netscape canceling messages?  (mcom.com is the old domain name
> of Netscape.)
> 
> Anyone have any ideas on this?

I don't have a clue what it is, but it's sure pissing me off.  I've 
gotten about 15 or so of these messages in the past two hours.  If it's 
an honest error, then someone better fix it real fast; if some loser is 
jerking us around, ......


> ---
> Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
>

---

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127







From sparks at bah.com  Sat Aug 24 14:27:46 1996
From: sparks at bah.com (Charley Sparks)
Date: Sun, 25 Aug 1996 05:27:46 +0800
Subject: FW: "Freedom on Trial," from October 1996 Playboy
Message-ID: <01BB91A1.3FEBC9C0@crypto-1.bah.com>


>>Forwarded Message<<
why is this happening ?? Is it my system or a remailer ?

   ----- Message body suppressed -----

--GAA11758.840807801/tera.mcom.com--


>>End of forwarded message<<






From daemon at anon.penet.fi  Sat Aug 24 14:32:16 1996
From: daemon at anon.penet.fi (daemon at anon.penet.fi)
Date: Sun, 25 Aug 1996 05:32:16 +0800
Subject: Anonymous nickname changed.
Message-ID: <9608241335.AA15080@anon.penet.fi>


You have requested the replacement or assignment of a nickname
Your nickname is now Crypto Anarchist.






From nick at multipro.com  Sat Aug 24 14:32:24 1996
From: nick at multipro.com (Nick West)
Date: Sun, 25 Aug 1996 05:32:24 +0800
Subject: CIA Contra Crack and LA Gangs (fwd)
Message-ID: <199608241608.LAA04066@server.multipro.com>


-----BEGIN PGP SIGNED MESSAGE-----

At 05:13 PM 8/20/96 -0400, you wrote:

>
>It also rained cocaine in Tennessee in the '80s, 
>but the authorities never seemed to notice.  Ask the Knoxville 
>_News-Sentinel_ how many stories it can find in its archives relating 
>to planes loaded with cocaine crash-landing on remote airstrips, 
>airdrops being found in citizens' yards, etc.  Then ask the DEA what it did 
>about those events.
>
>bd
>
One of our former mayors in my town, was brought to trial for this. He 
had allegedly paid off a police officer and/or the airport to let the plane 
land. From what I have heard it was pretty cut and dry that he did it. But 
all he had to do was get a lawyer that caught the government prosecution 
with their pants down and he's running for city council this year. Its a 
shame. I haven't heard the DEA mentioned by anybody. 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMh8MFMF7aWKjtgVVAQFeHwQAvZDBWOEl4CuWY+A8oMe4F5zs6B7LU1Su
j/KZ3h0Z1P6P/Oxqut98NQO48Wzz5O3EpivjOGEvChsR2e+Au/rfXwt9PxQ8DeMd
26UwFy/3yYJWQtckcPmNhxtE13FflkyGBi/QgRLX7spFFhD0a4Ooyaekq+D0UZ5c
kYLUiFasrjA=
=Xxf7
-----END PGP SIGNATURE-----

Nick West
nick at multipro.com
Member of the National Wild Turkey Federation and 
The Libertarian Party of Tennessee

http://members.tripod.com/~NWest/index.html

PGP Fingerprint= F9 F7 92 D9 D3 0B 56 3E  FA 2A 78 59 27 32 7D 6F

Public key available on request.






From bdurham at metronet.com  Sat Aug 24 14:33:42 1996
From: bdurham at metronet.com (Brian Durham)
Date: Sun, 25 Aug 1996 05:33:42 +0800
Subject: [Fwd: SSL: The early days]
Message-ID: <321F0C26.102@metronet.com>

An embedded message was scrubbed...
From: unknown sender
Subject: no subject
Date: no date
Size: 320
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/19960825/2d897c22/attachment.mht>

From jimbell at pacifier.com  Sat Aug 24 14:33:52 1996
From: jimbell at pacifier.com (jim bell)
Date: Sun, 25 Aug 1996 05:33:52 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
Message-ID: <199608240535.WAA28490@mail.pacifier.com>


At 09:34 PM 8/23/96 -0500, Robert A. Rosenberg wrote:
>At 20:49 -0800 8/21/96, jim bell wrote:
>
>>At 10:55 PM 8/21/96 -0400, Brian Davis wrote:
>
>>>That's because you like dead Presidents.
>>>
>>
>>$50's and $100's are great!
>
>Was Ben Franklin ($100) a President? I must have my list wrong or I did a
>sideways time jump without knowing <g>.


Remember, I added the part about the old dead fat philosophers, too!


Jim Bell
jimbell at pacifier.com





From nick at multipro.com  Sat Aug 24 14:34:48 1996
From: nick at multipro.com (Nick West)
Date: Sun, 25 Aug 1996 05:34:48 +0800
Subject: Richard Jewell case
Message-ID: <199608241608.LAA04081@server.multipro.com>


Timothy C. May wrote:


>By the way, the case against Richard Jewell, "THE ATLANTA BOMBER!!!!,"
>continues to crumble...the voice on the 911 call doesn't match his, he
>couldn't have gotten to the phone at the time the call was made, and the
>hordes of investigators who tore his apartment apart (and his cabin, and so
>on) found no real evidence (just the "profile" evidence: some gun
>magazines, a photo of him cradling an AR-15, his weight, and probably a
>subscription to The Playboy Channel).
>
>Further, experts point out that if Jewell was working with an accomplice
>(to make the phone call), this blows all conventional theories of a
>"would-be hero" out of the water: the last thing such a would-be hero wants
>is an accomplice, who shares in the risk but gets none of the credit, and
>who could turn him in.

Don't expect his name to be cleared until they find another "suspect". The 
only reason he's being kept under investigation is to keep the FBI from 
coming under attack by the public for not having a suspect. In other words 
he's being kept as a poster boy for the case until they can find another one. 

Nick West
nick at multipro.com
Member of the National Wild Turkey Federation and 
The Libertarian Party of Tennessee

http://members.tripod.com/~NWest/index.html

PGP Fingerprint= F9 F7 92 D9 D3 0B 56 3E  FA 2A 78 59 27 32 7D 6F

Public key available on request.






From jya at pipeline.com  Sat Aug 24 14:35:15 1996
From: jya at pipeline.com (John Young)
Date: Sun, 25 Aug 1996 05:35:15 +0800
Subject: HYS_ter
Message-ID: <199608241449.OAA21593@pipe6.t1.usa.pipeline.com>


   8-24-96. NYP: 
 
   "Investigators Look at History of Terrorism to Compile a 
   List of Suspects in Crash." 
 
      Over the years, terrorists have demonstrated frightening 
      expertise in making bombs and concealing them. "The fact 
      of the matter is that we found out terrorists could 
      create bombs that were very, very difficult to detect," 
      says the FBI. 
 
      "A fairly small amount, well placed, can do the job," 
      said Dr. Jimmie Oxley, of the NRC's airline security 
      committee. "A colleague once said he could do it with a 
      gram, in the right place." 
 
      Bomb-making technology continually advances, as Israeli 
      authorities discovered in 1986 when they intercepted a 
      suitcase being smuggled in from the Gaza Strip. The 
      terrorists appeared to have spun the suitcase on a 
      centrifuge that allowed the plastic explosive to flow 
      into its corners and virtually disappear. 
 
      Ariel Merari, who has studied hundreds of terrorist 
      incidents, says bombers are limited only by their own 
      imaginations when it comes to building bombs and finding 
      ways to get them aboard airliners. "However," he said, 
      "the use of sophisticated bombs are more likely to be 
      the work of state-sponsored terrorism than anything 
      else." 
 
   ----- 
 
   http://jya.com/hyster.txt  (11 kb) Via: www.anonymizer.com 
 
   HYS_ter 
 
 
 
 
 
 





From perry at piermont.com  Sat Aug 24 14:36:09 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Sun, 25 Aug 1996 05:36:09 +0800
Subject: Ruritania
In-Reply-To: <2.2.16.19960821191809.377f6c4c@primenet.com>
Message-ID: <199608241732.NAA22285@jekyll.piermont.com>



Censored Girls Anonymous writes:
>                       The Legend of Ruritania
> 
> There was once a far away land called Ruritania, and in this land there was
> a strange phenomenon  --  all the trees that grew there were transparent. 
> In the old days, the people had lived in mud huts.   But now, high-tech wood
> technology had been developed,  and in this new age of wood, everyone in
> Ruritania found that their homes were all 100% see through. 

When people repost my writing, I prefer that they leave some
indication on that I wrote it.

Perry





From jya at pipeline.com  Sat Aug 24 14:36:28 1996
From: jya at pipeline.com (John Young)
Date: Sun, 25 Aug 1996 05:36:28 +0800
Subject: SLE_uth
Message-ID: <199608241459.OAA22389@pipe6.t1.usa.pipeline.com>


   8-25-96. NYP: 
 
   "When Buildings Fall, an Engineer Becomes a Sleuth." 
 
   A zero-crypto report on forensic engineering firms which 
   investigate blimp-market buildings rigged-to-blow by  
   cardinal conspiracy of the realestate.pumpery. 
 
   ----- 
 
   http://jya.com/sleuth.txt  (9 kb) 
 
   SLE_uth 
 
 
 
 
 
 
 





From rwright at adnetsol.com  Sat Aug 24 14:38:12 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Sun, 25 Aug 1996 05:38:12 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <199608240439.VAA05529@adnetsol.adnetsol.com>


On Or About 21 Aug 96, 15:08, Brian Davis wrote:

>    ----- Message body suppressed -----
> 
> --WAA10812.840778802/tera.mcom.com--
> 
> 
> 

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From whgiii at amaranth.com  Sat Aug 24 14:49:53 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Sun, 25 Aug 1996 05:49:53 +0800
Subject: Spamming
In-Reply-To: <199608211955.PAA01059@phoenix.iss.net>
Message-ID: <199608241413.JAA14437@mailhub.amaranth.com>


-----BEGIN PGP SIGNED MESSAGE-----

In <199608211955.PAA01059 at phoenix.iss.net>, on 08/21/96 at 04:00 PM,
   "Alex F" <alexf at iss.net> said:

>   ----- Message body suppressed -----

O.K.

I have seen this on several messages.

What's up??



- --
- -----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
- -----------------------------------------------------------
 
MR/2 Tag->Windows: Just another pane in the glass.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMh8Xi49Co1n+aLhhAQGv9wP9EyvGQXX8g2sIoEvnjqAzTEL5P7FoBZQt
ZfhYCv+RY+SKgosn3ElVqJaAy3U3UpwQOwxKmaFB51vBHVtEjoi+yndL5wg+hfiX
tjloHoV8jcbrvGOGIjfj6YVcwASKXQAv3ydQOX24CRzX5vElnRn96mbRpqJkPomy
rzPQD7VsljE=
=yXl6
-----END PGP SIGNATURE-----






From 451degree at msn.com  Sat Aug 24 14:59:37 1996
From: 451degree at msn.com (Mike Howell)
Date: Sun, 25 Aug 1996 05:59:37 +0800
Subject: No Subject
Message-ID: <UPMAIL01.199608241926350212@msn.com>


Does anyone know how to connect to the internet thru MSN mail?





From 451degree at msn.com  Sat Aug 24 15:20:06 1996
From: 451degree at msn.com (Mike Howell)
Date: Sun, 25 Aug 1996 06:20:06 +0800
Subject: No Subject
Message-ID: <UPMAIL01.199608241925150568@msn.com>


Does anybody know what I can get for generating the credit card numbers?





From 451degree at msn.com  Sat Aug 24 15:23:33 1996
From: 451degree at msn.com (Mike Howell)
Date: Sun, 25 Aug 1996 06:23:33 +0800
Subject: No Subject
Message-ID: <UPMAIL01.199608241923190150@msn.com>


Does anybody know where I can get good scanning program. Thanks a lot, 451 
degree :-)





From lzirko at c2.net  Sat Aug 24 15:31:51 1996
From: lzirko at c2.net (Lou Zirko)
Date: Sun, 25 Aug 1996 06:31:51 +0800
Subject: "----- Message body suppressed -----"
Message-ID: <199608240242.TAA29010@infinity.c2.org>


-----BEGIN PGP SIGNED MESSAGE-----

To: alano at teleport.com, cypherpunks at toad.com
Date: Fri Aug 23 22:43:00 1996
I just got 17 more in the last 30 minutes.  They appear to match messages 
delivered already as per sender, subject and time.  The only common issue I 
see it toad.  I have copied a set below.

- ------------ FULL Message

Return-Path: cypherpunks-errors at toad.com
Received: from toad.com (toad.com [140.174.2.1]) by infinity.c2.org 
(8.7.4/8.6.9) with ESMTP
Received: (from majordom at localhost) by toad.com (8.7.5/8.7.3) id GAA15937 
for cypherpunks-outgoing; Thu, 22 Aug 1996 06:57:25 -0700 (PDT)
Received: from big.aa.net (root at big.aa.net [204.157.220.2]) by toad.com 
(8.7.5/8.7.3) with ESMTP id GAA15932 for <cypherpunks at toad.com>; Thu, 22 
Aug 1996 06:57:18 -0700 (PDT)
Received: from fozzy.aa.net (moon-c24.aa.net [204.157.220.124]) by 
big.aa.net (8.7/8.7.5) with SMTP id GAA06741 for <cypherpunks at toad.com>; 
Thu, 22 Aug 1996 06:57:16 -0700
X-UIDL: 840751255.041
X-Intended-For: <cypherpunks at toad.com>
 From: blane at aa.net (Brian C. Lane)
To: cypherpunks at toad.com
Subject: SpamBot
Date: Thu, 22 Aug 1996 13:56:22 GMT
Organization: Nexus Computing
Reply-To: blane at aa.net
Message-ID: <321c65db.721494 at mail.aa.net>
X-Mailer: Forte Agent .99e/16.227
Sender: owner-cypherpunks at toad.com
Precedence: bulk


  Well, with all the other noise in the list lately, I'll add a little of
my own. I woke up today to find my mailbox filled with 20 messages from a
'careernetonline.com' offering to spread my resume across the net for $60.

  It was one of those terrorist spams where they apologize for wasting your
time and tell you that you can stop getting spammed by replying to the
message. Well, I really hate giving in to terrorists, no matter what form
they take. And I'm sick and tired of spam.

  So, I'm starting a project called SpamBot. You feed it a message and a
list of addresses and the bot send the message to those addresses until
they reply with an appropriate message indicating that they are at least
looking into the problem.

  Some people may say that this is sinking to their level. So it is, but I
think its time that system administrators realized that there are people
who don't appreciate being the target for shotgun marketing schemes (none
of which have been of any use to me).

  Watch my webpage for more info on this helpful little bot.

    Brian

- ------- <blane at aa.net> -------------------- <http://www.aa.net/~blane> 
- -------
       "Extremism in the defense of Liberty is no vice" - B. Goldwater
==============  11 99 3D DB 63 4D 0B 22  15 DC 5A 12 71 DE EE 36  
============

- --------- SUPPRESED Message

Return-Path: cypherpunks-errors at toad.com
Received: from toad.com (toad.com [140.174.2.1]) by infinity.c2.org 
(8.7.4/8.6.9) with ESMTP
Received: (from majordom at localhost) by toad.com (8.7.5/8.7.3) id TAA20706 
for cypherpunks-outgoing; Fri, 23 Aug 1996 19:20:59 -0700 (PDT)
Received: from littlewing.mcom.com (h-205-217-255-33.netscape.com 
[205.217.255.33]) by toad.com (8.7.5/8.7.3) with ESMTP id TAA20700 for 
<cypherpunks at toad.com>; Fri, 23 Aug 1996 19:20:55 -0700 (PDT)
Received: (from root at localhost) by littlewing.mcom.com (8.7.3/8.7.3) id 
TAA08776; Fri, 23 Aug 1996 19:23:25 -0700 (PDT)
Received: from maleman.mcom.com (maleman.mcom.com [198.93.92.3]) by 
tera.mcom.com (8.6.12/8.6.9) with ESMTP id GAA13912 for 
<mcom.list.cypherpunks at tera.mcom.com>; Fri, 23 Aug 1996 06:51:48 -0700
Received: from ns.netscape.com (ns.netscape.com.mcom.com [198.95.251.10]) 
by maleman.mcom.com (8.6.9/8.6.9) with ESMTP id HAA11324; Thu, 22 Aug 1996 
07:24:22 -0700
Received: from toad.com (toad.com [140.174.2.1]) by ns.netscape.com 
(8.7.3/8.7.3) with ESMTP id HAA08688; Thu, 22 Aug 1996 07:23:23 -0700 (PDT)
Received: (from majordom at localhost) by toad.com (8.7.5/8.7.3) id GAA15937 
for cypherpunks-outgoing; Thu, 22 Aug 1996 06:57:25 -0700 (PDT)
Received: from big.aa.net (root at big.aa.net [204.157.220.2]) by toad.com 
(8.7.5/8.7.3) with ESMTP id GAA15932 for <cypherpunks at toad.com>; Thu, 22 
Aug 1996 06:57:18 -0700 (PDT)
Received: from fozzy.aa.net (moon-c24.aa.net [204.157.220.124]) by 
big.aa.net (8.7/8.7.5) with SMTP id GAA06741 for <cypherpunks at toad.com>; 
Thu, 22 Aug 1996 06:57:16 -0700
X-UIDL: 840854011.002
X-Intended-For: <cypherpunks at toad.com>
 From: blane at aa.net (Brian C. Lane)
To: cypherpunks at toad.com
Subject: SpamBot
Date: Thu, 22 Aug 1996 13:56:22 GMT
Organization: Nexus Computing
Reply-To: blane at aa.net
Message-ID: <321c65db.721494 at mail.aa.net>
X-Mailer: Forte Agent .99e/16.227
Sender: owner-cypherpunks at toad.com
Precedence: bulk

   ----- Message body suppressed -----

- --GAA13919.840808533/tera.mcom.com--





> At 06:25 PM 8/23/96 -0700, Timothy C. May wrote:
> >At 1:10 AM 8/21/96, Skip wrote:
> >>   ----- Message body suppressed -----
> >>
> >
> >
> >Sounds good to me. Keep it up.
> 
> It looks like an internal mailing list version of Cypherpunks at
>  Netscape is
> feeding back into the regular list with weird results.
> 
> ---
> |  "Remember: You can't have BSDM without BSD. - alan at ctrl-alt-del.com 
>  "|
> |"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:        
>  |
> | mankind free in one-key-steganography-privacy!"  | Ignore the man     
>  |
> |`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the
>  keyboard.|
> |         http://www.teleport.com/~alano/          | alano at teleport.com 
>  |
> 
> 
> 

Lou Zirko                                (502)383-2175
Zystems                                  lzirko at c2.org
"We're all bozos on this bus" - Nick Danger, Third Eye

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: latin1

iQEVAwUBMh56UctPRTNbb5z9AQFi4Qf9HKkx+OBM4CdgkIsZvWRsiJ8PDR/TCzai
5vjLUFuDG2462VRHV5onGQ4KZo7XwnyGsjdAgUrx3XzXcXAbKyA3luDOkM5C/8Vk
YRBO3pLnCCBUB+54QVt65QgjMZ6JtuCuUZO3ntwwUL9Wde/Y1v0nmHXmuZZE++v3
tyrWrfDRh1aEuwGNjNcEEFQ9ZUEsM/y5RCvVlD/4VyvWSUvDejGItMnIbMWICs2j
jt48NNiMK3uU4A5bLDbonzgn4f6n21wF62AJwkAf3UB0DMwJ9DLz2isfOUe50B3h
FPw1FZqPvdOz5BV61bKcx2ABU5GZDEe+ZBZ5zdFZ7Xl7JaQbg46CYg==
=uBW8
-----END PGP SIGNATURE-----






From rwright at adnetsol.com  Sat Aug 24 15:47:36 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Sun, 25 Aug 1996 06:47:36 +0800
Subject: Who Is Littlewing? or Supressed Message.
Message-ID: <199608242035.NAA19816@adnetsol.adnetsol.com>


Message header:

Received: from toad.com (toad.com [140.174.2.1]) by
adnetsol.adnetsol.com (8.6.12/8.6.6) with ESMTP id MAA19273; Sat, 24
Aug 1996 12:59:47 -0700 Received: (from majordom at localhost) by
toad.com (8.7.5/8.7.3) id VAA22074 for cypherpunks-outgoing; Fri, 23
Aug 1996 21:17:39 -0700 (PDT) Received: from littlewing.mcom.com
(h-205-217-255-33.netscape.com [205.217.255.33]) by toad.com
(8.7.5/8.7.3) with ESMTP id VAA21979 for <cypherpunks at toad.com>; Fri,
23 Aug 1996 21:13:56 -0700 (PDT) Received: (from root at localhost) by
littlewing.mcom.com (8.7.3/8.7.3) id TAA09395; Fri, 23 Aug 1996
19:27:56 -0700 (PDT) Received: from maleman.mcom.com (maleman.mcom.com
[198.93.92.3]) by tera.mcom.com (8.6.12/8.6.9) with ESMTP id GAA14308
for <mcom.list.cypherpunks at tera.mcom.com>; Fri, 23 Aug 1996 06:54:09
-0700 Received: from ns.netscape.com (ns.netscape.com.mcom.com
[198.95.251.10]) by maleman.mcom.com (8.6.9/8.6.9) with ESMTP id
FAA06409; Thu, 22 Aug 1996 05:08:50 -0700 Received: from toad.com
(toad.com [140.174.2.1]) by ns.netscape.com (8.7.3/8.7.3) with ESMTP
id FAA01875; Thu, 22 Aug 1996 05:07:52 -0700 (PDT) Received: (from
majordom at localhost) by toad.com (8.7.5/8.7.3) id EAA13213 for
cypherpunks-outgoing; Thu, 22 Aug 1996 04:49:00 -0700 (PDT) Received:
from aeat.co.uk (gw.aeat.co.uk [151.182.136.1]) by toad.com
(8.7.5/8.7.3) with ESMTP id EAA13206 for <cypherpunks at toad.com>; Thu,
22 Aug 1996 04:48:53 -0700 (PDT) Received: from
clare.risley.aeat.co.uk by aeat.co.uk (8.7.1/AEAT-GW-1.3)
 id MAA20980; Thu, 22 Aug 1996 12:48:47 +0100 (BST)
Received: by clare.risley.aeat.co.uk (4.1/SMI-4.1)
 id AA13676; Thu, 22 Aug 96 12:49:06 BST
Date: Thu, 22 Aug 96 12:49:06 BST
From: peter.allan at aeat.co.uk (Peter M Allan)
Message-Id: <9608221149.AA13676 at clare.risley.aeat.co.uk>
To: cypherpunks at toad.com
Subject: Re: cryptoanalysis 002
Sender: owner-cypherpunks at toad.com
Precedence: bulk
X-PMFLAGS: 33554560 0

   ----- Message body suppressed -----

--GAA14322.840808677/tera.mcom.com--



===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From maintains at nemesis.meaning.com  Sat Aug 24 16:08:02 1996
From: maintains at nemesis.meaning.com (maintains)
Date: Sun, 25 Aug 1996 07:08:02 +0800
Subject: EVIL GUVMINT suppresses our mailing list. message bodies are truncated. we can circumvent the looming censorship if we compose our messages such that all the text goes into the Subject: lines. Please use only subjects to transmit your views. Thank you.
Message-ID: <199608242012.NAA16720@black.colossus.net>


 - - - MESAGE BODY SUPPRESED _ _ _ - - - 






From llurch at networking.stanford.edu  Sat Aug 24 16:12:59 1996
From: llurch at networking.stanford.edu (Rich Graves)
Date: Sun, 25 Aug 1996 07:12:59 +0800
Subject: Weird "Suppression" messages
In-Reply-To: <3.0b11.32.19960823232429.00d969ec@mail.teleport.com>
Message-ID: <Pine.GUL.3.95.960823232719.8278B-100000@Networking.Stanford.EDU>


For your global killfile:

 /mcom\.list\./ in a Received: header.

-rich






From npoznick at Harding.edu  Sat Aug 24 16:25:39 1996
From: npoznick at Harding.edu (nathan poznick)
Date: Sun, 25 Aug 1996 07:25:39 +0800
Subject: Husband/Wife jailed for saying Clinton SucksHusband/Wife jailedfor say
In-Reply-To: <Pine.SOL.3.94.960822012737.28294B-100000@harding.edu>
Message-ID: <Pine.SOL.3.94.960824140004.25737A-100000@taz>


On Thu, 22 Aug 1996, nathan poznick wrote:

>    ----- Message body suppressed -----
> 
> --CAA28506.840792176/tera.mcom.com--

what is the deal with this??? i never sent anything relating to this
thread?
nate.


^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^		             Nathan Poznick				 ^
^	        	 <npoznick at harding.edu>				 ^
^                    http://www.harding.edu/~npoznick			 ^
^									 ^
^                  "640k should be enough for anybody."			 ^
^									 ^
^		          --Bill Gates, 1981--				 ^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^






From hal9001 at panix.com  Sat Aug 24 16:31:52 1996
From: hal9001 at panix.com (Robert A. Rosenberg)
Date: Sun, 25 Aug 1996 07:31:52 +0800
Subject: Husband/Wife jailed for saying Clinton Sucks
In-Reply-To: <199608220351.UAA01292@mail.pacifier.com>
Message-ID: <v03007800ae44185e27d5@[166.84.220.80]>


At 20:49 -0800 8/21/96, jim bell wrote:

>At 10:55 PM 8/21/96 -0400, Brian Davis wrote:

>>That's because you like dead Presidents.
>>
>
>$50's and $100's are great!

Was Ben Franklin ($100) a President? I must have my list wrong or I did a
sideways time jump without knowing <g>.







From zachb at netcom.com  Sat Aug 24 17:09:51 1996
From: zachb at netcom.com (Z.B.)
Date: Sun, 25 Aug 1996 08:09:51 +0800
Subject: your mail
In-Reply-To: <UPMAIL01.199608241925150568@msn.com>
Message-ID: <Pine.3.89.9608241425.A9386-0100000@netcom16>


On Sat, 24 Aug 1996, Mike Howell wrote:

> Does anybody know what I can get for generating the credit card numbers?
> 
At least 5 years in prison...

---

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127







From vipul at pobox.com  Sat Aug 24 17:09:54 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Sun, 25 Aug 1996 08:09:54 +0800
Subject: Spamming
Message-ID: <199605140416.EAA00577@fountainhead.net>


>  The advertizers in printed & broadcast media exercise a great deal of control
>  over the content. E.g., a magazine that gets revenues from tobacco ads isn't
>  likely to run a story about tobacco companies trying to addict kids. That's
>  why you see more anti-tobacco content in broadcast media (who can't run
>  tobacco ads) than in printed media. (And there are cross-ownership
>  restrictions.)
 
This can be true to certain extent. But if the mag doesn't maintain 
objectivity, it will kill itself slowly. Same is true of broadcast media.

Vipul






From erehwon at c2.net  Sat Aug 24 17:10:48 1996
From: erehwon at c2.net (William Knowles)
Date: Sun, 25 Aug 1996 08:10:48 +0800
Subject: Generating credit card numbers
In-Reply-To: <Pine.BSD.3.92.960824164920.19156A-100000@miso.wwa.com>
Message-ID: <Pine.SUN.3.94.960824144917.3347A-100000@infinity.c2.net>


On Sat, 24 Aug 1996, Mike Howell wrote:
 
> Does anybody know what I can get for generating the credit card 
> numbers?

Since this is a federal offense, I would think 5-10 years in the 
federal pen.

William Knowles
erehwon at c2.net
 

--
William Knowles    <erehwon at c2.net>
PGP mail welcome & prefered / KeyID 1024/2C34BCF9
PGP Fingerprint 55 0C 78 3C C9 C4 44 DE   5A 3C B4 60 9C 00 FB BD
Finger for public key
--
Vote for Harry Browne in November -- http://www.HarryBrowne96.org







From 451degree at msn.com  Sat Aug 24 17:17:37 1996
From: 451degree at msn.com (Mike Howell)
Date: Sun, 25 Aug 1996 08:17:37 +0800
Subject: No Subject
Message-ID: <UPMAIL01.199608242213390536@msn.com>


How can I sign off the MSN forewer? Please tell me how can I quit this MSN 
thing for ever, I don`t want to pay for this anymore...





From vipul at pobox.com  Sat Aug 24 17:54:27 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Sun, 25 Aug 1996 08:54:27 +0800
Subject: Web Resource on Netspam
Message-ID: <319812D5.604D8509@pobox.com>

http://www.metareality.com/~nathan/visit.cgi/html.Spam

Title: Spam (Not the Hormel product)






<a href="http://www.metareality.com/~nathan/visit.cgi/html.Spam"
>[Fighting Spam]
 :

[Graffiti]
 :

[Home]
 :

[Limericks]
 :

[Linkage]





An honest
politician
is one who
takes your
bribe AND
votes as
you ask.




Spam (Not the Hormel product)

Anyone familiar with the usenet has seen it.  It's the vile stuff that
brain-dead get-rick-quick scheme promoters and professionsal advertisers
foist upon us all with increasing regularity.  There are (to date) two 
species of spam, differentiated by the mechanism by which they are 
delivered.  Each has its own defining charateristics, each has its own 
sub-species, but both have two things in common: they're made possible by 
the workings of the internet, and they're both examples of the same type 
of 'cost-shifting' that made junk faxes illegal.  Contrary to postal junk 
mail, where the sender bears the full cost of delivery, the spammer bears 
only a fraction of the cost of delivery; the remainder of the costs are 
borne by us, the recipients.  It's a waste of your bandwidth, your disk 
space, and your time.


email spam
Messages delivered by electronic mail to large numbers of recipients 
who did not ask for or otherwise solicit the messages.  It's the 
junk mail of the 21st century, only worse.

usenet spam
Messages delivered by usenet to large numbers of newsgroups whose 
chartered topics are unrelated to (and may even explicitly forbid) the 
topic of the message.



Not enough people seem to
realize that there are constructive ways to deal with it, and to reduce
the chance that you'll have to deal with it again in the future. 



  What to do

  What NOT to do



  The most effective is to write some 
  polite email to the administrator of the site from which the spam 
  originated.

  You'll soon learn that most system administrators are very unhappy 
  about users who spam the net.  It's 
  always gratifying when they write back to tell you that the offending 
  account has been terminated.

  Start reading <a 
  href="usenet://news.admin.net-abuse.misc">news.admin.net-abuse.misc 
  to learn more about how to deal with spammers.

  If there's a 1-800 number, call it to express your displeasure.  
  It might please you to note that 1-800 numbers typically cost them a 
  small amount of money with each call.  How much do you pay for your disk 
  space and bandwidth with each unsolicited bit of email?  It's only fair, 
  right?

  Grab your telephone, or even pay them a visit in person.  You 
  generally have to have access to a unix command line to find the phone 
  numbers and addresses, unless you're dealing with the same <a 
  href="http://www.metareality.com/~nathan/visit.cgi/spam/html.Offenders">spammers that have been 
  bothering me.  Why stick to email?  If they're in your area, tell 
  them face-to-face that you object to their tactics.



  Don't post a follow-up message in the same newsgroup.  Do you 
  really think that the spammer is going to re-visit thousands of 
  newsgroups to see what people had to say?

  The same goes for mailing lists.  If you get spammed via a mailing 
  list, never reply to the list.  Your words will just get 
  re-broadcast to everyone else on the list, thus doubling the nuisance 
  created by the spammer.





Fun stuff that doesn't get results, but might be good for a laugh


RecyclingIf they enjoy sending spam, then it only makes sense that
they wouldn't mind getting their own, right?  Just for kicks, forward each
new spam to the spammers who have pestered you in the past.  While I can't
vouch for its effectiveness, it does reek of
poetic justice, and it makes me feel a little better. 
It usually makes people laugh out loud when I explain it, too. <img src =
"http://www.metareality.com/~nathan/images/SMILE.GIF">

A Pre-emptive Anti-Spam TacticWhy wait to get spammed, when you
can see them coming in <a
href="news:news.admin.net-abuse.misc">news.admin.net-abuse.misc?  <a
href="http://www.metareality.com/~nathan/visit.cgi/spam/html.p.Pre-empt">Let the spammers know in advance that they
will be charged (insert dollar amount here) if they send you any junk
mail.  



Additional references


Spam and Anonymous Remailing Services

Damien Lucifer (<a 
href="mailto:ncognito at gate.net">ncognito at gate.net) operates an
anonymous remailing service.  He's put together a page covering spam and
remailers, including how to get a remailer to stop spamming you, and 
it is my pleasure to host this page for him. 

mail bombing
For advanced spam-fighters only.  Can concerted emailbombing be 
employed as a legitimate spam-fighting tactic?  Pros, cons, and related 
issues.

About Junk 
Email
Some of the hows and whys of junk email, and tactics you can use to 
help rid yourself of it.

A press release from MCI
...with information about their 
anti-spam policies.  See also their <a 
href="http://www.mci.com/aboutmci/news/nfr/spam.shtml">online policy 
statement.  Note that MCI's seriousness about these statements has 
been severely questioned in light of their (mis)handling of the 
Moneyworld/CHAG spammer.  30 days between announcing that the situation 
is being dealt with and finally cutting off a spammer with 
message-per-week spamming speed?  This is pretty disgusting in light of 
the good press MCI got when they announced their spam policies.  It's 
starting to look more like a PR stunt than a policy statement.  I 
can only take comfort knowing that at least their sysadmins are aware of 
(and frustrated with) the situation.

I must disclaim that civil legal issues may be involved in the
MCI/Moneyworld dispute, so there may be things going on that the public
isn't aware of.  Still, for MCI not to have covered its corporate ass does
not speak well of MCI's sincerity or the competence of MCI's lawyers.  

Outlaw 
Junk EMail Now!
Write your legislators, ask them to expand the 

TCPA to include junk email!  Note that as the law is currently 
written, it is 

unlikely to be applicable to email.

Fighting Junk 
Email"
More information about junk email and related issues.  Includes 
pointers to mechanical tactics for dealing with junk email.

Spam FAQ
Everything you never wanted to know about net spamming.

Get that 
spammer!Webified TCP/IP tools to aid in the fight against spam.

<a 
href="http://techweb.cmp.com/net/issues/036issue/036law.htm">Litigation 
to the rescue?
Use of the Telephone Consumer Protection Act of 1991 (47 U.S.C. sec 227) 
to nail junk emails.  The case described was settled out of court, but 
the ideas is intriguing.  This commentary, written by a lawyer, does not 
seem optistic about applying the TCPA directly to junk email, but 
doesn't rule out the possibility, either.

Litigation to the 
rescue!
$500 fines for junk mail via the courts.  Sounds like promising 
tactic for dealing with intra-USA spammings.  <a 
href="http://www.metareality.com/~nathan/visit.cgi/spam/html.FaxLaw">Some commentary on this law was posted to 
usenet a while back.

<a 
href="http://www.usps.gov/websites/depart/inspect/chainlet.htm">The U.S. 
Postal Service on Chain Letters
Contrary to what the make.money.fast crowd would have you believe, 
these scams are illegal.  See the aforelinked page for details, 
and and consider talking to the appropriate <a 
href="http://www.usps.gov/ncsc/locators/find-is.html">postal 
inspector as well.

<a 
href="http://www.bbb.org/council/complaints/consumerform.html">The Better 
Business Bureau
These folks will be happy to be notified of 'improper selling 
practices' via the aforelinked form.

Anti-Spam lists
This is a relatively new phenomenon.  People are starting to offer 
the 'service' of collecting lists of addresses of folks who do not want 
to get spam.  

I think this is a bad idea, since it attempts to legitimize 
junk email, by implying that if an email address is not on the list, it's 
prefectly OK to send junk email.  The other problem with this idea is 
that there are going to be several of them, and no junkmailer is going to 
filter their list using each "service."  Thus, it will be up to the 
recipients to track down all of the "services."

Currently there are at least three running.  One is at 
http://dm1.com/Epreference/epref.html, one is at 
http://www.kenjen.com/nospam,
and I don't have an URL for the last - it was sent to me via unsolicited 
email, naturally.

Terms of Service and Acceptable usage policies
Most Internet service providers require that their customers agree to 
a set of terms of service (TOS) or an acceptable usage policy (AUP).  A 
random sampling: <a 
href="http://www.mindspring.com/aboutms/policy.html">Mindspring's 
policy, Primenet's 
AUP, MCI's
spamming policy, and the terms and conditions for my own ISP, <a 
href="http://webfaq.halcyon.com/faq/nwn/nwntac.txt">Northwest Nexus 
(a.k.a. halcyon.com).

I should note that while Northwest Nexus doesn't describe spamming in 
their terms of service, they have booted more than one spammer in the 
past.  It surprises me greatly that they aren't explicit about this in 
their published terms and conditions.

A spamhandling robot
This is very "under construction," but worth mentioning anyhow.  I'm 
putting together some perl code to automate 
the spam-handling process.  




Common flavors of net.spam


 The MAKE.MONEY.FAST scheme 

A direct descendant of the chain letters of old, this is the pyramid scam 
of the information age...  A quick look at the mathematics behind the 
idea will expose the scam.


 Phone-sex cretins 


They post a couple of lines of text-mode heavy breathing, and usually a 
1-800 number that you're invited to call.  Call the 1-800 number.  
Really.  It costs them money every time you do!  They make their money 
via the 1-900 number that they ask you to call next.  So just call the 
1-800 number again.  And again.  And again.








<a href="http://www.metareality.com/~nathan/visit.cgi/html.Spam"
>[Fighting Spam]
 :

[Graffiti]
 :

[Home]
 :

[Limericks]
 :

[Linkage]





Don't just browse here, say something!
Speak your mind in this space here:

<input type=submit 
	value="Press here to have your words added to the page.">



 The true beauty of Usenet is the way it allows free communication.
You can be rich/poor/ugly/
 religious/atheist or a member of any
race/religion or be young/old... That's the wonder - everyone can talk to
one another and share ideas.
 Then spam comes along. It fills up
newsgroups with so much noise that no one reads it any more. That

wondrous method of communication has been lost. That's why I hate spam. 



 You just don't get it, do you?

 No, deleting one piece of email doesn't take much.  Then again,
neither does appealing to a system administrator to have the
spammer shut down.  Two or three bits of junk a day really is something 
I can live with, but I don't want to.  So why should I?  

Two or three bits of trash by the roadside won't mean the end of
the world.  Tossing empty cans out the window costs less than having your
trash hauled away - what a great opportunity to save money!  If litter
were acceptable, a public beach would be no place to spend an afternoon. 

 Postal mail costs the sender with each mailing.  This keeps junk
postal mail to tolerable levels. EMail costs the sender maybe
$20/month, period.  Are you so fucking stupid that you don't
realize what a cesspool the net would be if this were allowed to grow
unchecked? 

-NW


 People complain about spam and mass E-mailers.  But my question is:

what's the big deal?  Does it REALLY take THAT much PRECIOUS time out

of your day to click and delete a piece of E-mail? I think that the

people complaining about others taking advantage of an excellent

business opportunity ought to just relax a bit.  And just HOW does it 

COST you to deal with SPAM?  With ISP's dropping access prices and

providing unlimited access to the internet, how could it possibly

COST someone to get an E-mail message?  I think you people really need

to just kick back and relax already.  Geeze, if it wasn't SPAM what

else would you find to complain about?




 Spam isn't about content, spam is about quantity and cost shifting.  

TV spam would be the same ad on every channel at the same time.

Print spam would be junk mail sent postage due or charge-on-delivery.

With the ads on TV and in newspapers, the advertisers pay the expenses 
associated with publishing their ads.  With net spam, the recipients pay the 
expenses associated with carrying the ads.  That is the key difference.  

The costs of ads in traditional media help to support the very media that
deliver the ads.  With net.spam, there are no costs, and the ads just
serve to sap the medium.  All you need is a free trial account (AOL,
interramp, or earthlink, etc are famous for this), and you can broadcast a
huge amount of spam before anyone notices.  Or, you can pay for an account
with MCI, and broadcast huge amounts of spam for 30 days after the
sysadmins realize what's going on. 

-NW 


 Net-based spam is not the only form of spam. There is spam in print

and spam in TV advertising. Wouldn't you say every Calvin Klein ad

on TV, magazines or billboards is spam? How about Budweiser,

Lite beer, and McDonalds commercials.



If you see any type of advertising that offends your senses, you

should feel free to boycott the products, ask your friends to

boycott the products, etc. If the company has an 800 number or

web site, let them know that you find their advertising offensive.




 I am really, really, REALLY tired of being solicited to buy things 

whenever I log on to my computer. I mean, I pay for the phone line, 

the software, the hardware, the accounts and my time is worth money 

as well. I get a LOT of e-mail and a SIZEABLE portion of it is junk 

e-mail. When I read news, about 10% of it is junk e-mail; more if it

is a small newsgroup. I want to know what uninformed idiot is selling

my address, or where these people are GETTING it. I have never bought

anything over the computer. I have bounced unsolicited junk back to

the people who send it. (I love how righteously indignant these people

are: they send you mail and expect you to buy something from them and

when you fail to perform as expected with joy and gratitude...if you 

should, in fact, protest them wasting your time and resources...they

get downright rude and abusive. The presumptuousness of it just really

annoys me.) The capper is that I did some artwork for the anti-Canter-

and-Siegel "Green Card Lawyers" tees Joel Furr was offering a while ago.

The ultimate clue that I am not interested in spam of any sort, but how

could they know? It's just amusing. Let it be known that I am not a

test market, nor will I buy any of your crap, be it face cream, thigh

cream, green cards, stock options, modems, books, herbs, or the golden

goose itself. Not interested. I don't know you, I have no reason to trust

you, and you are spamming MY mailbox and expecting ME to reward this with

money. No, thank you. I've been online for more than 5 years, and I 

really long for the "good old days" before the Net was "cool".



There ya go. My tuppence. Now...where do I go to put my name on the

"Don't Send This Person Crap Mail" list? (Laugh)






 SPAM is only going to go away if we make sure companies learn that SPAMming doesn't get costumers to buy thier products and it does more to stop potential costumers from buying thier products.


 I've heard a couple of different conflicting stories about the origins of the use of the word spam in this context.  




The most popular version suggests that is was inspired by the
Monty Python skit in which virtually every item on some restaurant's menu
includes spam in some form or other.  The waiter's recitation of the menu
becomes unintelligible except for '...and spam, spam with..., spam salad,
...with spam, spam mixed with..." and so on.  It really picks up when the
Vikings start chanting "spam-spam spam, spam, spam-spam spam, spam...." ad
nauseum.  This is what the net would be like if this stuff was allowed to 
continue unchecked.  If that's not a horrifying thought, maybe you should 
see the skit in question.

My personal belief is that geeks (who make up much of the 'net
community (myself included), much of Monty Python's audience, and probably
most of Monty Python's cast) just tend to use the word spam when more
appropriate words don't come to mind readily.  For no particularly good
reason, it really stuck this time.


-NW


 Due to popular demand, I've expanded the first couple of paragraphs to 
better explain what spam is and why it's such a pain in the ass.  

Personally, I'm getting two to five unsolicited email messages every week.  This is up from approximately zero unsolicited messages per week a few years ago when I first started using the Internet and Usenet.  It's a trend that has been steadily increa





sing, especially for the last year or two.  It's a trend that really really worries me.  It's a trend that is, worst of all, wasting my time!

-NW


 I an working on a Usenet news server designed to filter spam from

a news feed and quietly drop it.  Announcements in due course (next

few months) but if anyone wants to help with other platforms and

live feed debugging please 
mail me.


 Wow! Thanks for the help. I'll certainly become an anti-spam activist

and use your information to good effect.


 I don't get it! What is SPAM?


 Pardon my ignorance but what does "SPAM"ming mean?

"SICK PEOPLE AGAINST MAIL"???


 For the Spammers that have a web page I visit it with a macro every time that

I leave my system idle while connected for more then 5 min. This way at least

I'm sucking down their site and causing their site to slow down so those that 

are interest get bored waiting for an over taxed server to show them just what

They get for "ONLY $9.99 A MONTH!!!!" and leave with out buying. 

The only reason they have the site is to make money. No Money, No Site, No Spam.




 Very nice -- I like the idea of dialing the 800 number in the ad.  One

might wish to be sure to mention (if there's a message taker or, even

better, a human at the other end) that you saw their ad in (insert

newsgroup here) -- and no, you're not interested in buying anything,

you just wanted to see what they had.



Unfortunately, every time you call the 800 number, chances are you're

also adding your own phone number to a database that will result in

your receiving "junk phone calls" on a variety of useless subjects.



Solution?  Make the calls from a pay phone, ideally one that doesn't

accept incoming calls.




 Isn't spam remarkably like the countless hours of television (including but not limited to advertisements) that most of us watched in our childhoods?  And to think, whoever controls the information going to the youth of the nation controls the future






 of the nation.  Greedy, stupid corporations played a central role in molding us and shaping our opinions, attitudes, and perspectives.  Something to think about, perhaps... 








<a href="http://www.metareality.com/~nathan/visit.cgi/html.Spam"
>[Fighting Spam]
 :

[Graffiti]
 :

[Home]
 :

[Limericks]
 :

[Linkage]



n a t e s c a p e </a
>@<a
href="http://www.metareality.com/"> m e t a r e a l i t y . c o m



This page last updated Aug 21
Comments last updated Aug 22



From Adamsc at io-online.com  Sat Aug 24 18:38:20 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sun, 25 Aug 1996 09:38:20 +0800
Subject: Lesson 2 in cracking (cryptoanalysis 001)
Message-ID: <19960824053648140.AAA171@IO-ONLINE.COM>


On Fri, 23 Aug 1996 08:25:42 -0400, Scottauge at aol.com wrote:

>>The point is that if you took two novels by the same author and
>>completely sorted them alphabetically they'd be almost the same.
>
>The examples cited did this by word, not by message as your stating.
>
>>So a block of PGP encrypted ascii-armored (i.e. 8=>7-bit encoding)
>>wouldn't affect the frequency counts?  Tell me, how long have you been on
>>your current medications?

>I was talking about the algorithm as given, not PGP.

I was just trying to point out that almost any email over a given size is going
to not only have nearly-infinite decode possibilities but also have somewhat
altered letter-frequency tables owing to all the software-added garbage.

>> That's the point!! IT'S A JOKE!!! You know, "hahaha - very funny"? Not a
>>  serious proposal?

>I know! But at least it is relevent to the group!  How many points of attack
>have you seen on here?  How many techniques have shown up here?

So far, 1.  And true, it is probably the most "on-topic" we've been in weeks...
<g>

>My apologies to the fella I called a troll.  It was uncalled for - lacking in
>social skills.

(That would have been me) No offence taken!

/ If you think education is expensive, try ignorance.
/ The government's reaction is to legislate, not educate. - Paul S. Penrod
/ Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
/ Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
/ Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
/ Member in good standing of the GNU whirled hors d'oeuvre






From 451degree at msn.com  Sat Aug 24 18:43:23 1996
From: 451degree at msn.com (Mike Howell)
Date: Sun, 25 Aug 1996 09:43:23 +0800
Subject: No Subject
Message-ID: <UPMAIL01.199608242225250181@msn.com>


How can I sign off the MSN forewer? Please tell me how can I quit this MSN 
thing for ever, I don`t want to pay for this anymore...





From tcmay at got.net  Sat Aug 24 18:44:40 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 25 Aug 1996 09:44:40 +0800
Subject: Netscape appears to be bouncing our stuff around within
Message-ID: <ae43e746000210046fee@[205.199.118.202]>



I've gotten dozens of these "Message  body suppressed" things, including
copies of my _own_ messages sent out a couple of days ago (and received OK
the first time around).

It looks like " ns.netscape.com " got a copy from toad.com (see bottom of
block below), bounced it around within Netscape, and then resubmitted it to
toad.com (see top of block below), minus the message body.

--Tim


(most recent)

Received: (from majordom at localhost) by toad.com (8.7.5/8.7.3) id TAA20948
for cypherpunks-outgoing; Fri, 23 Aug 1996 19:37:42 -0700 (PDT)

Received: from littlewing.mcom.com (h-205-217-255-33.netscape.com
[205.217.255.33]) by toad.com (8.7.5/8.7.3) with ESMTP id TAA20940 for
<cypherpunks at toad.com>; Fri, 23 Aug 1996 19:37:37 -0700 (PDT)

Received: (from root at localhost) by littlewing.mcom.com (8.7.3/8.7.3) id
TAA11550; Fri, 23 Aug 1996 19:40:07 -0700 (PDT)

Received: from maleman.mcom.com (maleman.mcom.com [198.93.92.3]) by
tera.mcom.com (8.6.12/8.6.9) with ESMTP id HAA16047 for
<mcom.list.cypherpunks at tera.mcom.com>; Fri, 23 Aug 1996 07:02:15 -0700

Received: from ns.netscape.com (ns.netscape.com.mcom.com [198.95.251.10])
by maleman.mcom.com (8.6.9/8.6.9) with ESMTP id SAA12104; Wed, 21 Aug 1996
18:17:30 -0700

Received: from toad.com (toad.com [140.174.2.1]) by ns.netscape.com
(8.7.3/8.7.3) with ESMTP id SAA00591; Wed, 21 Aug 1996 18:16:33 -0700 (PDT)

(oldest)

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From vipul at pobox.com  Sat Aug 24 18:47:49 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Sun, 25 Aug 1996 09:47:49 +0800
Subject: Spamming
In-Reply-To: <2.2.32.19960822220224.006a0ff0@labg30>
Message-ID: <199605140403.EAA00545@fountainhead.net>


> 
> At 02:55 PM 8/22/96 +0000, Vipul Ved Prakash wrote:
> >> 
> >> At 06:09 PM 8/20/96 -0700, Rich Graves wrote:
> [deleted]
> >>   1. Junkmail requires the SENDER to pay for it, not the recipient.
> >    Internet pricing models are complicated and debatable, but you surely
> >    end up paying for snail-junk-mail. Not directly, but hidden in the high
> >    first-class mail costs. More mail, more infrastructure, higher costs.
> >    This could be quite true for the net also, if we consider bandwidth costs
> >    money.
> 
> I beg to differ.  The USPS considers "junk" mail their bread-and-butter.
> Huge mailings of all manner of bulk mail (especially those that are PostNet
> barcoded by the sender) pay the bills around the Post Office.  Your "more
> mail, more infrastructure, higher costs" argument is flawed.  The post
> office has many fixed costs related to maintaining their huge presence,
> delivering to so many rural addresses.  If we had to pay a per-letter basis
> *discounting* the value provided by the infrastructure already in place
> supporting the bulk-mail handling systems, we'd be paying roughly Federal
> Express 2-day letter rates for each piece of mail (around $6.00, if memory
> serves correctly.)

Alright, I agree. Though this could very easily differ with size and reach 
of a PS.  But on the net it means more bandwidth right? 
Which means more bandwidth, and more money. Hang on. This might not be 
a problem in US (as jim bell points out there is tons of untapped bandwith), 
but it is in other not so well connected countries. 
For example, if somebody spams an Indian Network from india, the
spam goes to US and comes back to india (since our govt sayz you cant connect
2 local networks!) and eats up most of the 20 MBps bandwidth.
Gov't will buy more bandwidth and will make us pay for it!

- Vipul






From alano at teleport.com  Sat Aug 24 18:56:36 1996
From: alano at teleport.com (Alan Olsen)
Date: Sun, 25 Aug 1996 09:56:36 +0800
Subject: Weird "Suppression" messages
Message-ID: <3.0b11.32.19960823232429.00d969ec@mail.teleport.com>


At 10:36 PM 8/23/96 -0700, Z.B. wrote:
>On Fri, 23 Aug 1996, Alan Olsen wrote:
>
>> At 10:54 PM 8/20/96 -0700, Rich Graves wrote:
>> >   ----- Message body suppressed -----
>> >
>> >--SAA08114.840765294/tera.mcom.com--
>> 
>> This is bizzare.  I have gotten three messages with this message.
>> 
>> Is someone at Netscape canceling messages?  (mcom.com is the old domain name
>> of Netscape.)
>> 
>> Anyone have any ideas on this?
>
>I don't have a clue what it is, but it's sure pissing me off.  I've 
>gotten about 15 or so of these messages in the past two hours.  If it's 
>an honest error, then someone better fix it real fast; if some loser is 
>jerking us around, ......

Some list redirector of somesort has gone wonky at Netscape.  (Take a look
at the headers if you do not believe me.  They are originating off of some
internal lists at mcom.com, the original Netscape domain.)

Cypherpunks is not the only list effected by this.  I am getting these weird
messages on wwwsecurity as well.

Since it is Friday, I expect that this will be with us until someone gets in
the office on Monday.
---
|  "Remember: You can't have BSDM without BSD. - alan at ctrl-alt-del.com  "|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From maverick at thepentagon.com  Sat Aug 24 18:59:01 1996
From: maverick at thepentagon.com (Sean Sutherland)
Date: Sun, 25 Aug 1996 09:59:01 +0800
Subject: 
Message-ID: <19960825000344312.AAA199@maverick>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Sat Aug 24 19:00:18 1996
> Does anybody know what I can get for generating the credit card
>  numbers?
> 

And they say there's hope for the youth of America.
- ---
Sean Sutherland       | GCS/C d- s+:+ a--- C+++ V--- P L E- W++ N++ K w o 
PGP Key ID: E43E6489  | O-(++) M-- V PS+ PE++ Y PGP++ t--- 5+++ X++ R b++ 
Vote Harry Browne '96 | DI+ D+ G e- h! !r y
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Key: finger or email w/ 'send key' in subj.  http://www2.interconnect.net/maverick

iQEVAwUBMh+Xk1ZoKRrkPmSJAQGj+Af8C2P7D+3ZZ4f8h76+6UfdgqEubOO0mkWj
2DazxBMuY1b1sx1G6gaIGR9Tc11vIcoCY3pmBzhBW7Nc6do8gfOK8Bkkon6Pck1g
61tCFH6qPb2bSH0HnbzjrXJhRD6dFv9ondTtyZgiFIeMuVDDIx4+ZKvelL6BHk8x
o6sLdY4Y/Nmnvz9HXrBj0DaYR8pcY96+dexwj5luvcgVkdsDjghWXZy/mHkeDXMI
bvOuUOMLQyExS0Ts4D5K4/XfIhP0HUiPfdeL9oxONcLUYznywxAUevBMfHceqvsS
qFnxcDcyHa8ynHLRH9Qg0t5QuKVUvTpZh3YjPXCF9QKwvIFbZukHKw==
=e03n
-----END PGP SIGNATURE-----






From dlv at bwalk.dm.com  Sat Aug 24 19:17:49 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Sun, 25 Aug 1996 10:17:49 +0800
Subject: Degaussing a pile of 5.25" media
Message-ID: <0ig7sD1w165w@bwalk.dm.com>


I have 3 bags full of 5.25" diskettes (in NYC). Can someone please let me use
their degausser before I get rid of them? (Anyone who wants them after they're
degaussed is welcome to them :-)

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From nobody at cypherpunks.ca  Sat Aug 24 19:19:14 1996
From: nobody at cypherpunks.ca (John Anonymous MacDonald)
Date: Sun, 25 Aug 1996 10:19:14 +0800
Subject: blahPGP/Remailers in the News!
Message-ID: <199608240525.WAA15838@abraham.cs.berkeley.edu>



Here's an EXCELLENT column on PGP and remailers:

Roadside Attractions Along the Information Highway
	by Dave Farrell [roadside at branch.com]

Your e-mail doesn't have to be for everyone's eyes

	Sending e-mail over the Internet can be a very convenient and 
efficient way to communicate. If things are working right, you can dash 
off a memo to a friend or colleague halfway across the world and they'll 
receive it within minutes. (On the other hand, I've sent off important 
e-mail messages into cyberspace never to hear from them again, but 
that's another column.)
	A big drawback of the e-mail, however, is that it is not 
private. In fact, it's a lot like mailing a postcard to a friend. Just 
as a lot of people handle your postcard before it gets to its final 
destination, your e-email mesages pass through a lot of computers before 
they land in the recipient's in-box. In both cases, there are plenty of 
opportunites for people to read your messages before they get where 
they're going.
	You may not care if someone reads the bean dip recipe you're 
sending to your Aunt Clara, but sensitive monthly sales reports you're 
emailing to your boss might be another story. While there's no way to 
absolutely guarantee e-mail privacy on the Net, there is a fairly simple 
way to make it extremely hard for prying eyes to read your messages. 
It's called encryption, and there's a couple of good programs available 
that can teach you how to encode your messages.
	Encryption basically involves scrambling your outgoing messages 
to make them unintelligible. The recipient then unscrambles them on the 
receiving end, converting them back into plain English. There are 
several encryption programs available on the Internet. I recommend you 
try PGP, which stands for Pretty Good Privacy. You can download a free 
copy of PGP from the Massachusetts Institute of Technology Web site: 
http://web.mit.edu/network/pgp.html.
	Of course, PGP works only if you take the time to use it. To 
make that process easier, you should download a copy of Private Idaho, a 
free program that will make using PGP a point-and-click process. Private 
Idaho also will enable you to post anonymously to Usenet Newsgroups and 
do other neat tricks, such as anonymously access Web sites with your 
browser (you did know that you leave electronic "mouse tracks" when you 
visit Web sites, didn't you?)
	You can download a copy of Private Idaho from 
http://www.eskimo.com/(tilde)joelm. [retypist's note: yes, the article 
had "(tilde)" in place of "~"] Unfortunately for Mac users, Private 
Idaho is available only for Windows.
	If you really want to increase your Internet privacy, you might 
want to consider using anonymous remailers to send and receive your 
messages. These remailers strip your messages of your reutrn address and 
allow you to send e-mail that can't be easily traced back to you.
	There are many reamilers on the Net. Some are free, some charge. 
For a nice list to choose from, surf over to: 
http://www.cs.berkeley.edu/(tilde)raph/remailer-list.html. If you're 
REALLY paranoid about hiding your electronic tracks, you can send your 
message through several anonymous remailers, which will obscure your 
identity over and over again. To learn more about this process, check 
out http://www.replay.com/staff/usura/chain.html.
	To save some time typing in the addresses of all the remailers 
you want to use, try the Community ConneXion at: 
http://www.c2.org/remail/by-www.html. This site will allow you to 
point-and-click your way through the process of selecting remailers and 
sending your messages.
	Finally, for more information about on-line privacy, visit the 
Electronic Privacy Information Center: http://www.epic.org.






From dbell at maths.tcd.ie  Sat Aug 24 19:20:01 1996
From: dbell at maths.tcd.ie (Derek Bell)
Date: Sun, 25 Aug 1996 10:20:01 +0800
Subject: [NOISE]Mangled messages
Message-ID: <9608242156.aa19985@salmon.maths.tcd.ie>


	I did a quick count and found 35 messages that have been
mangled today. Fortunately, the last message I got wasn't
mangled. Hopefully this is the end of the problem.

	Derek






From abostick at netcom.com  Sat Aug 24 19:31:06 1996
From: abostick at netcom.com (Alan Bostick)
Date: Sun, 25 Aug 1996 10:31:06 +0800
Subject: your mail
In-Reply-To: <UPMAIL01.199608241925150568@msn.com>
Message-ID: <Pine.3.89.9608241545.A26620-0100000@netcom19>



On Sat, 24 Aug 1996, Mike Howell wrote:

> Does anybody know what I can get for generating the credit card numbers?
> 

One to five years in a Federal prison.

Alan Bostick               | If you can't say anything good about someone,
mailto:abostick at netcom.com | sit right here by me.
news:alt.grelb             |      Alice Roosevelt Longworth
http://www.alumni.caltech.edu/~abostick





From vipul at pobox.com  Sat Aug 24 20:10:03 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Sun, 25 Aug 1996 11:10:03 +0800
Subject: Weird "Suppression" messages
In-Reply-To: <Pine.3.89.9608232204.A26805-0100000@netcom19>
Message-ID: <199605140438.EAA00686@fountainhead.net>


> 
> I don't have a clue what it is, but it's sure pissing me off.  I've 
> gotten about 15 or so of these messages in the past two hours.  If it's 
> an honest error, then someone better fix it real fast; if some loser is 
> jerking us around, ......
> 

Is this all becuz of those bad nameserver records floating around the net?
Tons of ISP's have gone down!

- Vipul






From snow at smoke.suba.com  Sat Aug 24 20:12:58 1996
From: snow at smoke.suba.com (snow)
Date: Sun, 25 Aug 1996 11:12:58 +0800
Subject: your mail
In-Reply-To: <UPMAIL01.199608241926350212@msn.com>
Message-ID: <Pine.LNX.3.93.960824193143.144B-100000@smoke.suba.com>


On Sat, 24 Aug 1996, Mike Howell wrote:

> Does anyone know how to connect to the internet thru MSN mail?

      There is no way. You have to purchase the MicroSoft Internet Upgrade,
and have the internet installed on your compter. 

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From cibir at netcom.com  Sat Aug 24 21:21:05 1996
From: cibir at netcom.com (Joseph Seanor)
Date: Sun, 25 Aug 1996 12:21:05 +0800
Subject: Web Resource on Netspam
In-Reply-To: <319812D5.604D8509@pobox.com>
Message-ID: <Pine.3.89.9608241811.A1520-f200000@netcom14>


Another source for help in "spammers" is:
	
	http://www.netcheck.com

They have helped to get some spammers accounts cancelled.

Joseph Seanor
CIBIR Corporation
Title: Spam (Not the Hormel product)






<a href="http://www.metareality.com/~nathan/visit.cgi/html.Spam"
>[Fighting Spam]
 :

[Graffiti]
 :

[Home]
 :

[Limericks]
 :

[Linkage]





An honest
politician
is one who
takes your
bribe AND
votes as
you ask.




Spam (Not the Hormel product)

Anyone familiar with the usenet has seen it.  It's the vile stuff that
brain-dead get-rick-quick scheme promoters and professionsal advertisers
foist upon us all with increasing regularity.  There are (to date) two 
species of spam, differentiated by the mechanism by which they are 
delivered.  Each has its own defining charateristics, each has its own 
sub-species, but both have two things in common: they're made possible by 
the workings of the internet, and they're both examples of the same type 
of 'cost-shifting' that made junk faxes illegal.  Contrary to postal junk 
mail, where the sender bears the full cost of delivery, the spammer bears 
only a fraction of the cost of delivery; the remainder of the costs are 
borne by us, the recipients.  It's a waste of your bandwidth, your disk 
space, and your time.


email spam
Messages delivered by electronic mail to large numbers of recipients 
who did not ask for or otherwise solicit the messages.  It's the 
junk mail of the 21st century, only worse.

usenet spam
Messages delivered by usenet to large numbers of newsgroups whose 
chartered topics are unrelated to (and may even explicitly forbid) the 
topic of the message.



Not enough people seem to
realize that there are constructive ways to deal with it, and to reduce
the chance that you'll have to deal with it again in the future. 



  What to do

  What NOT to do



  The most effective is to write some 
  polite email to the administrator of the site from which the spam 
  originated.

  You'll soon learn that most system administrators are very unhappy 
  about users who spam the net.  It's 
  always gratifying when they write back to tell you that the offending 
  account has been terminated.

  Start reading <a 
  href="usenet://news.admin.net-abuse.misc">news.admin.net-abuse.misc 
  to learn more about how to deal with spammers.

  If there's a 1-800 number, call it to express your displeasure.  
  It might please you to note that 1-800 numbers typically cost them a 
  small amount of money with each call.  How much do you pay for your disk 
  space and bandwidth with each unsolicited bit of email?  It's only fair, 
  right?

  Grab your telephone, or even pay them a visit in person.  You 
  generally have to have access to a unix command line to find the phone 
  numbers and addresses, unless you're dealing with the same <a 
  href="http://www.metareality.com/~nathan/visit.cgi/spam/html.Offenders">spammers that have been 
  bothering me.  Why stick to email?  If they're in your area, tell 
  them face-to-face that you object to their tactics.



  Don't post a follow-up message in the same newsgroup.  Do you 
  really think that the spammer is going to re-visit thousands of 
  newsgroups to see what people had to say?

  The same goes for mailing lists.  If you get spammed via a mailing 
  list, never reply to the list.  Your words will just get 
  re-broadcast to everyone else on the list, thus doubling the nuisance 
  created by the spammer.





Fun stuff that doesn't get results, but might be good for a laugh


RecyclingIf they enjoy sending spam, then it only makes sense that
they wouldn't mind getting their own, right?  Just for kicks, forward each
new spam to the spammers who have pestered you in the past.  While I can't
vouch for its effectiveness, it does reek of
poetic justice, and it makes me feel a little better. 
It usually makes people laugh out loud when I explain it, too. <img src =
"http://www.metareality.com/~nathan/images/SMILE.GIF">

A Pre-emptive Anti-Spam TacticWhy wait to get spammed, when you
can see them coming in <a
href="news:news.admin.net-abuse.misc">news.admin.net-abuse.misc?  <a
href="http://www.metareality.com/~nathan/visit.cgi/spam/html.p.Pre-empt">Let the spammers know in advance that they
will be charged (insert dollar amount here) if they send you any junk
mail.  



Additional references


Spam and Anonymous Remailing Services

Damien Lucifer (<a 
href="mailto:ncognito at gate.net">ncognito at gate.net) operates an
anonymous remailing service.  He's put together a page covering spam and
remailers, including how to get a remailer to stop spamming you, and 
it is my pleasure to host this page for him. 

mail bombing
For advanced spam-fighters only.  Can concerted emailbombing be 
employed as a legitimate spam-fighting tactic?  Pros, cons, and related 
issues.

About Junk 
Email
Some of the hows and whys of junk email, and tactics you can use to 
help rid yourself of it.

A press release from MCI
...with information about their 
anti-spam policies.  See also their <a 
href="http://www.mci.com/aboutmci/news/nfr/spam.shtml">online policy 
statement.  Note that MCI's seriousness about these statements has 
been severely questioned in light of their (mis)handling of the 
Moneyworld/CHAG spammer.  30 days between announcing that the situation 
is being dealt with and finally cutting off a spammer with 
message-per-week spamming speed?  This is pretty disgusting in light of 
the good press MCI got when they announced their spam policies.  It's 
starting to look more like a PR stunt than a policy statement.  I 
can only take comfort knowing that at least their sysadmins are aware of 
(and frustrated with) the situation.

I must disclaim that civil legal issues may be involved in the
MCI/Moneyworld dispute, so there may be things going on that the public
isn't aware of.  Still, for MCI not to have covered its corporate ass does
not speak well of MCI's sincerity or the competence of MCI's lawyers.  

Outlaw 
Junk EMail Now!
Write your legislators, ask them to expand the 

TCPA to include junk email!  Note that as the law is currently 
written, it is 

unlikely to be applicable to email.

Fighting Junk 
Email"
More information about junk email and related issues.  Includes 
pointers to mechanical tactics for dealing with junk email.

Spam FAQ
Everything you never wanted to know about net spamming.

Get that 
spammer!Webified TCP/IP tools to aid in the fight against spam.

<a 
href="http://techweb.cmp.com/net/issues/036issue/036law.htm">Litigation 
to the rescue?
Use of the Telephone Consumer Protection Act of 1991 (47 U.S.C. sec 227) 
to nail junk emails.  The case described was settled out of court, but 
the ideas is intriguing.  This commentary, written by a lawyer, does not 
seem optistic about applying the TCPA directly to junk email, but 
doesn't rule out the possibility, either.

Litigation to the 
rescue!
$500 fines for junk mail via the courts.  Sounds like promising 
tactic for dealing with intra-USA spammings.  <a 
href="http://www.metareality.com/~nathan/visit.cgi/spam/html.FaxLaw">Some commentary on this law was posted to 
usenet a while back.

<a 
href="http://www.usps.gov/websites/depart/inspect/chainlet.htm">The U.S. 
Postal Service on Chain Letters
Contrary to what the make.money.fast crowd would have you believe, 
these scams are illegal.  See the aforelinked page for details, 
and and consider talking to the appropriate <a 
href="http://www.usps.gov/ncsc/locators/find-is.html">postal 
inspector as well.

<a 
href="http://www.bbb.org/council/complaints/consumerform.html">The Better 
Business Bureau
These folks will be happy to be notified of 'improper selling 
practices' via the aforelinked form.

Anti-Spam lists
This is a relatively new phenomenon.  People are starting to offer 
the 'service' of collecting lists of addresses of folks who do not want 
to get spam.  

I think this is a bad idea, since it attempts to legitimize 
junk email, by implying that if an email address is not on the list, it's 
prefectly OK to send junk email.  The other problem with this idea is 
that there are going to be several of them, and no junkmailer is going to 
filter their list using each "service."  Thus, it will be up to the 
recipients to track down all of the "services."

Currently there are at least three running.  One is at 
http://dm1.com/Epreference/epref.html, one is at 
http://www.kenjen.com/nospam,
and I don't have an URL for the last - it was sent to me via unsolicited 
email, naturally.

Terms of Service and Acceptable usage policies
Most Internet service providers require that their customers agree to 
a set of terms of service (TOS) or an acceptable usage policy (AUP).  A 
random sampling: <a 
href="http://www.mindspring.com/aboutms/policy.html">Mindspring's 
policy, Primenet's 
AUP, MCI's
spamming policy, and the terms and conditions for my own ISP, <a 
href="http://webfaq.halcyon.com/faq/nwn/nwntac.txt">Northwest Nexus 
(a.k.a. halcyon.com).

I should note that while Northwest Nexus doesn't describe spamming in 
their terms of service, they have booted more than one spammer in the 
past.  It surprises me greatly that they aren't explicit about this in 
their published terms and conditions.

A spamhandling robot
This is very "under construction," but worth mentioning anyhow.  I'm 
putting together some perl code to automate 
the spam-handling process.  




Common flavors of net.spam


 The MAKE.MONEY.FAST scheme 

A direct descendant of the chain letters of old, this is the pyramid scam 
of the information age...  A quick look at the mathematics behind the 
idea will expose the scam.


 Phone-sex cretins 


They post a couple of lines of text-mode heavy breathing, and usually a 
1-800 number that you're invited to call.  Call the 1-800 number.  
Really.  It costs them money every time you do!  They make their money 
via the 1-900 number that they ask you to call next.  So just call the 
1-800 number again.  And again.  And again.








<a href="http://www.metareality.com/~nathan/visit.cgi/html.Spam"
>[Fighting Spam]
 :

[Graffiti]
 :

[Home]
 :

[Limericks]
 :

[Linkage]





Don't just browse here, say something!
Speak your mind in this space here:

<input type=submit 
	value="Press here to have your words added to the page.">



 The true beauty of Usenet is the way it allows free communication.
You can be rich/poor/ugly/
 religious/atheist or a member of any
race/religion or be young/old... That's the wonder - everyone can talk to
one another and share ideas.
 Then spam comes along. It fills up
newsgroups with so much noise that no one reads it any more. That

wondrous method of communication has been lost. That's why I hate spam. 



 You just don't get it, do you?

 No, deleting one piece of email doesn't take much.  Then again,
neither does appealing to a system administrator to have the
spammer shut down.  Two or three bits of junk a day really is something 
I can live with, but I don't want to.  So why should I?  

Two or three bits of trash by the roadside won't mean the end of
the world.  Tossing empty cans out the window costs less than having your
trash hauled away - what a great opportunity to save money!  If litter
were acceptable, a public beach would be no place to spend an afternoon. 

 Postal mail costs the sender with each mailing.  This keeps junk
postal mail to tolerable levels. EMail costs the sender maybe
$20/month, period.  Are you so fucking stupid that you don't
realize what a cesspool the net would be if this were allowed to grow
unchecked? 

-NW


 People complain about spam and mass E-mailers.  But my question is:

what's the big deal?  Does it REALLY take THAT much PRECIOUS time out

of your day to click and delete a piece of E-mail? I think that the

people complaining about others taking advantage of an excellent

business opportunity ought to just relax a bit.  And just HOW does it 

COST you to deal with SPAM?  With ISP's dropping access prices and

providing unlimited access to the internet, how could it possibly

COST someone to get an E-mail message?  I think you people really need

to just kick back and relax already.  Geeze, if it wasn't SPAM what

else would you find to complain about?




 Spam isn't about content, spam is about quantity and cost shifting.  

TV spam would be the same ad on every channel at the same time.

Print spam would be junk mail sent postage due or charge-on-delivery.

With the ads on TV and in newspapers, the advertisers pay the expenses 
associated with publishing their ads.  With net spam, the recipients pay the 
expenses associated with carrying the ads.  That is the key difference.  

The costs of ads in traditional media help to support the very media that
deliver the ads.  With net.spam, there are no costs, and the ads just
serve to sap the medium.  All you need is a free trial account (AOL,
interramp, or earthlink, etc are famous for this), and you can broadcast a
huge amount of spam before anyone notices.  Or, you can pay for an account
with MCI, and broadcast huge amounts of spam for 30 days after the
sysadmins realize what's going on. 

-NW 


 Net-based spam is not the only form of spam. There is spam in print

and spam in TV advertising. Wouldn't you say every Calvin Klein ad

on TV, magazines or billboards is spam? How about Budweiser,

Lite beer, and McDonalds commercials.



If you see any type of advertising that offends your senses, you

should feel free to boycott the products, ask your friends to

boycott the products, etc. If the company has an 800 number or

web site, let them know that you find their advertising offensive.




 I am really, really, REALLY tired of being solicited to buy things 

whenever I log on to my computer. I mean, I pay for the phone line, 

the software, the hardware, the accounts and my time is worth money 

as well. I get a LOT of e-mail and a SIZEABLE portion of it is junk 

e-mail. When I read news, about 10% of it is junk e-mail; more if it

is a small newsgroup. I want to know what uninformed idiot is selling

my address, or where these people are GETTING it. I have never bought

anything over the computer. I have bounced unsolicited junk back to

the people who send it. (I love how righteously indignant these people

are: they send you mail and expect you to buy something from them and

when you fail to perform as expected with joy and gratitude...if you 

should, in fact, protest them wasting your time and resources...they

get downright rude and abusive. The presumptuousness of it just really

annoys me.) The capper is that I did some artwork for the anti-Canter-

and-Siegel "Green Card Lawyers" tees Joel Furr was offering a while ago.

The ultimate clue that I am not interested in spam of any sort, but how

could they know? It's just amusing. Let it be known that I am not a

test market, nor will I buy any of your crap, be it face cream, thigh

cream, green cards, stock options, modems, books, herbs, or the golden

goose itself. Not interested. I don't know you, I have no reason to trust

you, and you are spamming MY mailbox and expecting ME to reward this with

money. No, thank you. I've been online for more than 5 years, and I 

really long for the "good old days" before the Net was "cool".



There ya go. My tuppence. Now...where do I go to put my name on the

"Don't Send This Person Crap Mail" list? (Laugh)






 SPAM is only going to go away if we make sure companies learn that SPAMming doesn't get costumers to buy thier products and it does more to stop potential costumers from buying thier products.


 I've heard a couple of different conflicting stories about the origins of the use of the word spam in this context.  




The most popular version suggests that is was inspired by the
Monty Python skit in which virtually every item on some restaurant's menu
includes spam in some form or other.  The waiter's recitation of the menu
becomes unintelligible except for '...and spam, spam with..., spam salad,
...with spam, spam mixed with..." and so on.  It really picks up when the
Vikings start chanting "spam-spam spam, spam, spam-spam spam, spam...." ad
nauseum.  This is what the net would be like if this stuff was allowed to 
continue unchecked.  If that's not a horrifying thought, maybe you should 
see the skit in question.

My personal belief is that geeks (who make up much of the 'net
community (myself included), much of Monty Python's audience, and probably
most of Monty Python's cast) just tend to use the word spam when more
appropriate words don't come to mind readily.  For no particularly good
reason, it really stuck this time.


-NW


 Due to popular demand, I've expanded the first couple of paragraphs to 
better explain what spam is and why it's such a pain in the ass.  

Personally, I'm getting two to five unsolicited email messages every week.  This is up from approximately zero unsolicited messages per week a few years ago when I first started using the Internet and Usenet.  It's a trend that has been steadily increa





sing, especially for the last year or two.  It's a trend that really really worries me.  It's a trend that is, worst of all, wasting my time!

-NW


 I an working on a Usenet news server designed to filter spam from

a news feed and quietly drop it.  Announcements in due course (next

few months) but if anyone wants to help with other platforms and

live feed debugging please 
mail me.


 Wow! Thanks for the help. I'll certainly become an anti-spam activist

and use your information to good effect.


 I don't get it! What is SPAM?


 Pardon my ignorance but what does "SPAM"ming mean?

"SICK PEOPLE AGAINST MAIL"???


 For the Spammers that have a web page I visit it with a macro every time that

I leave my system idle while connected for more then 5 min. This way at least

I'm sucking down their site and causing their site to slow down so those that 

are interest get bored waiting for an over taxed server to show them just what

They get for "ONLY $9.99 A MONTH!!!!" and leave with out buying. 

The only reason they have the site is to make money. No Money, No Site, No Spam.




 Very nice -- I like the idea of dialing the 800 number in the ad.  One

might wish to be sure to mention (if there's a message taker or, even

better, a human at the other end) that you saw their ad in (insert

newsgroup here) -- and no, you're not interested in buying anything,

you just wanted to see what they had.



Unfortunately, every time you call the 800 number, chances are you're

also adding your own phone number to a database that will result in

your receiving "junk phone calls" on a variety of useless subjects.



Solution?  Make the calls from a pay phone, ideally one that doesn't

accept incoming calls.




 Isn't spam remarkably like the countless hours of television (including but not limited to advertisements) that most of us watched in our childhoods?  And to think, whoever controls the information going to the youth of the nation controls the future






 of the nation.  Greedy, stupid corporations played a central role in molding us and shaping our opinions, attitudes, and perspectives.  Something to think about, perhaps... 








<a href="http://www.metareality.com/~nathan/visit.cgi/html.Spam"
>[Fighting Spam]
 :

[Graffiti]
 :

[Home]
 :

[Limericks]
 :

[Linkage]



n a t e s c a p e </a
>@<a
href="http://www.metareality.com/"> m e t a r e a l i t y . c o m



This page last updated Aug 21
Comments last updated Aug 22



From dsmith at prairienet.org  Sat Aug 24 22:43:28 1996
From: dsmith at prairienet.org (David E. Smith)
Date: Sun, 25 Aug 1996 13:43:28 +0800
Subject: Message Body Suppressed...
Message-ID: <199608250312.WAA05286@bluestem.prairienet.org>


-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: cypherpunks at toad.com
Date: Sat Aug 24 22:16:12 1996
>    ----- Message body suppressed -----
> 
> --TAA17492.840768149/tera.mcom.com--
> 
> 
> 
> 

This is getting annoying.  Could one of our
resident Netscape employees take a look into
this one and see what's happening?

dave


- ----- David E. Smith, P O Box 324, Cape Girardeau MO USA 63702
dsmith at prairienet.org        http://www.prairienet.org/~dsmith
send mail with subject of "send pgp-key" for my PGP public key
"The only reason you're still alive is because someone has
 decided to let you live." - Nicole Blackman/KMFDM, "Apathy"
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMh/FfzVTwUKWHSsJAQFLSwf/QVlIDuTj8Q3hC+hqyl0mLPbYkO82+1f5
FoVukNpdsc/2OQ0+jAD3MjcHJO/yEIVW45+4P6wAutWdsvU5t61gCz3HUblCLC2t
tO84wNBNGVRI6d3HpEE7aKRAUAfmqOcv6YcUx5eXfjRJrXdXE0k5EzuUzyQgIBbI
B4a4P6WHloq5WtCIlmbt/J3voMIE4b/y/8kbDl1l9RziwRGX6SkYRK3i9v9YTcgl
eWHT8uMoI6/GDjxzuEvn1ZUcvkIofh7mLXvP+H5DrSzNpv3knkfKBa5ce9TOkX3o
RFa2bHgWXWMtkiTVD2HLpEZ0SaxWahxABavllg1lzzuiE/+Sli/BKA==
=TV20
-----END PGP SIGNATURE-----






From Majordomo at toad.com  Mon Aug 26 03:33:45 1996
From: Majordomo at toad.com (Majordomo at toad.com)
Date: Mon, 26 Aug 1996 18:33:45 +0800
Subject: Your Majordomo request results
Message-ID: <199608261033.DAA02112@toad.com>


--

Your request of Majordomo was:
>>>> subscribe cypherpunks
**** Address already subscribed to cypherpunks
Your request of Majordomo was:
>>>> end
END OF COMMANDS





From hugh at ecotone.toad.com  Mon Aug 26 04:07:46 1996
From: hugh at ecotone.toad.com (Hugh Daniel)
Date: Mon, 26 Aug 1996 19:07:46 +0800
Subject: ADMIN: The list was off for a day
Message-ID: <199608260857.BAA22202@ecotone.toad.com>


  The cypherpunks at toad.com list was turned off for just over a day to
keep a set of bogus messages off of the list.  Many thanks go to John
Gilmore for fixing the problem.
  The next message will be a (almost) digest of the 17 messages that
were not passed on in real time to the list.

  Think of it as a vacation.

		||ugh Daniel
		Majordomo Owner & Potty Trainer
		hugh at toad.com





From mark at unicorn.com  Mon Aug 26 04:15:02 1996
From: mark at unicorn.com (Rev. Mark Grant)
Date: Mon, 26 Aug 1996 19:15:02 +0800
Subject: MUD anyone?
Message-ID: <Pine.3.89.9608260847.A346-0100000@pegasus.unicorn.com>


Would anyone out there be interested in helping set up a 
crypto-anarcho-capitalist MUD to play around with some of the social 
aspects of crypto-anarchy and anarcho-capitalism? I can probably hack 
together a basic lpmud in a month or two if someone has a machine which 
it could run on and which could run a mailing list for those involved. 

On the software front, there's a demo of version 0.86 of Privtool on
utopia.hacktic.nl in /pub/replay/pub/PGP/unix (or something like that),
and my mailbot is also on there somewhere. Amongst other things that
allows you to remotely maintain Web pages by sending PGP-signed email
(actually, PGP-encrypted would probably also work if you don't mind
leaving a secret key on the system with no passphrase). Doesn't yet
protect against replay attacks and there are a few known bugs but it's 
only an Alpha. If anyone wants to use it for real I can mail you a patch 
for the worst problems.

Finally, does anyone outside the US have the last few months of the list
available for ftp? I'd like to catch up on what I've missed since I
unsubscribed and using the Web archive is far too slow and expensive.

Please send replies to me directly as I'm travelling and consequently off 
the list. Looks like I'll be on a mad bus trip round New Zealand for most 
of next month so Net access will be erratic.

	Mark

|-----------------------------------------------------------------------|
|Reverend Mark Grant M.A., U.L.C.	       EMAIL: mark at unicorn.com  |
|WWW: http://www.c2.org/~mark	  	       MAILBOT: bot at unicorn.com	|
|Approximate Current Location: Melbourne, Australia			|
|-----------------------------------------------------------------------|







From stewarts at ix.netcom.com  Mon Aug 26 05:15:05 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Mon, 26 Aug 1996 20:15:05 +0800
Subject: [US POLITICS] Cypherpunk voting - ITAR or CDA
Message-ID: <199608260837.BAA29555@cygnus.com>


At 01:37 AM 8/25/96 -0400, Vincent Cate <vince at offshore.com.ai> wrote:
>Dole says he would fix the ITAR problem, but try to keep something like
>CDA. 
>Clinton is keeping ITAR and signed CDA.  But not having the religious
>right he might soften on CDA.

Clinton is, of course, not a liberal.  Censorship doesn't bother him much.
(He's a friendly statist who likes to control your money more than
your life, so he might occasionally feel a twinge of guilt,
but not enough to change policies, and only if the polls are suggesting
that guilt would be a useful PR move.)

Dole, on the other hand, stands for being in his party longer than
anyone else, doing a competent job of insider coordination, and 
keeping Big Agribusiness happy.  His speechwriters are mildly
opposed to free trade, but like US exports.  Crypto software is not
a product of Archer Daniels Midland, Supermarket to the World,
but if the polls suggest that it's as popular as corn oil,
he'll have his speechwriters write a speech in favor of it.

Ross Perot's gonna get together a team of experts to decide on it,
though if we allow those Canadians to get American Encryption Technology
before we throw out NAFTA, there's gonna be a giant sucking sound
as all our cryptography business gets hoovered up to the Frozen North.

Ralph Nader knows that Clipper is unsafe at any speed, and would certainly
allow open public inquiry into the military-industrial complex's
encryption policy-making process, though any technological exports
would require an environmental impact statement, 2% of sales would be
required to be on solar-powered low-emission computing equipment,
and foreign cryptographic developers would have to be paid a living wage.

Dr. John Hagelin (no, not _that_ Hagelin) knows that mathematics
operates in harmony with Natural Law, and his party will introduce
scientifically proven techniques for reducing the entropy level of
messages, and eliminating the stress and paranoia that lead people to
hide the content of their messages.  Further more, special teams of
Sidhi(tm)-trained technicians will provide telepathic transmission for
areas with high levels of stress, which has been shown to reduce conflict
when only 1% of the telephone callers are accessed using these Scientifically
Proven Techniques.  Bring an offering of fruit and flowers to the polls.

The Socialist Worker's Party statement will be available as soon as
the Teamsters election results allow appointment of a bargaining unit
for the Bit Twiddlers, Left Shifters, and Table Look-up locals to
negotiate protocols with network management, and categorically
refuses the counter-revolutionary demands for EXclusive Or which the
multi-national corporations intend to impose on the work force.

.....

As you might have guessed, I'm still planning to vote Libertarian :-)
Free minds, free markets, free speech, and I guess Harry Browne
will do as good a job as any candidate we've had in a while.
Vice-presidential candidate Jo Jorgenson has run her own software
business for a while.

......

However, if you're tired of the Lesser of N evils, Cthulu's
export policy is that you can't escape anyway, and your puny mortal 
lives will be absorbed along with his morning coffee.
Your encryption technology is futile against the Elder Ghods,
and the arcane formulas in the Cyphernomicon of that mad physicist
Tim The Enchanter may summon spirits from the vasty deep, but
no secrets are safe from Nyarla-S-Ahothep who knows all and sees all.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From apache at quux.apana.org.au  Mon Aug 26 07:09:54 1996
From: apache at quux.apana.org.au (Charles Senescall)
Date: Mon, 26 Aug 1996 22:09:54 +0800
Subject: Is this list dead?
In-Reply-To: <ae43349d010210042760@[205.199.118.202]>
Message-ID: <Pine.LNX.3.91.960826212603.28441A-100000@quux.apana.org.au>



Nothing through here in the last 24 hours.



-- 
   .////.   .//    Charles Senescall            apache at quux.apana.org.au
 o:::::::::///     Fuck TEL$TRA                    
>::::::::::\\\     Finger me for PGP PUBKEY           Brisbane AUSTRALIA
   '\\\\\'   \\    http://quux.apana.org.au/~apache/ 







From hugh at ecotone.toad.com  Mon Aug 26 07:14:39 1996
From: hugh at ecotone.toad.com (Hugh Daniel)
Date: Mon, 26 Aug 1996 22:14:39 +0800
Subject: DIGEST: 17 messages from the last day
Message-ID: <199608260905.CAA22219@ecotone.toad.com>


>From cpadmin at toad.com  Sun Aug 25 00:43:46 1996
Received: from tera.mcom.com (tera.netscape.com [205.217.237.94]) by toad.com (8.7.5/8.7.3) with SMTP id AAA17288 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 00:44:34 -0700 (PDT)
Received: (from news at localhost) by tera.mcom.com (8.6.12/8.6.9) id AAA04984; Sun, 25 Aug 1996 00:46:00 -0700
To: cypherpunks at toad.com
Path: usenet
From: Tom Weinstein <tomw at netscape.com>
Newsgroups: mcom.list.cypherpunks
Subject: Re: Weird "Suppression" messages
Date: Sun, 25 Aug 1996 00:43:53 -0700
Organization: Netscape Communications, Inc.
Lines: 42
Message-ID: <32200439.41C6 at netscape.com>
References: <3.0b11.32.19960823232429.00d969ec at mail.teleport.com>
NNTP-Posting-Host: ammodump.mcom.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailer: Mozilla 3.0 (X11; U; IRIX 5.3 IP22)

Alan Olsen wrote:
> 
> At 10:36 PM 8/23/96 -0700, Z.B. wrote:
>>On Fri, 23 Aug 1996, Alan Olsen wrote:
>>
>>> At 10:54 PM 8/20/96 -0700, Rich Graves wrote:
>>> >   ----- Message body suppressed -----
>>> >
>>> >--SAA08114.840765294/tera.mcom.com--
>>>
>>> This is bizzare.  I have gotten three messages with this message.
>>>
>>> Is someone at Netscape canceling messages?  (mcom.com is the old
>>> domain name
>>> of Netscape.)
>>>
>>> Anyone have any ideas on this?
>>
>> I don't have a clue what it is, but it's sure pissing me off.  I've
>> gotten about 15 or so of these messages in the past two hours.  If
>> it's an honest error, then someone better fix it real fast; if some
>> loser is jerking us around, ......
> 
> Some list redirector of somesort has gone wonky at Netscape.  (Take a
> look at the headers if you do not believe me.  They are originating
> off of some internal lists at mcom.com, the original Netscape domain.)
> 
> Cypherpunks is not the only list effected by this.  I am getting these
> weird messages on wwwsecurity as well.
> 
> Since it is Friday, I expect that this will be with us until someone
> gets in the office on Monday.

We have a gateway here that gateways mailing lists into newsgroups and
sends posts back out to the mailing lists.  There was a problem with it
which caused these strange suppression messages.  I got the person
responsible to come in and fix it, so there should be no more messages
like that, I hope.

-- 
You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      | tomw at netscape.com

>From cpadmin at toad.com  Sun Aug 25 02:04:41 1996
Received: from irc.io-online.com ([206.245.244.5]) by toad.com (8.7.5/8.7.3) with ESMTP id CAA18654 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 02:05:30 -0700 (PDT)
Received: from IO-ONLINE.COM ([206.245.244.154]) by irc.io-online.com
          (post.office MTA v1.9.3b ID# 285-17715) with SMTP id AAA47;
          Sun, 25 Aug 1996 02:05:45 -0700
From: Adamsc at io-online.com (Adamsc)
To: "cypherpunks at toad.com" <cypherpunks at toad.com>,
        "William H. Geiger III" <whgiii at amaranth.com>
Date: Sun, 25 Aug 96 02:05:22 -0800
Reply-To: "Chris Adams" <adamsc at io-online.com>
Priority: Normal
X-Mailer: Chris Adams's Registered PMMail 1.52 For OS/2
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Subject: Re: Spamming (Good or Bad?)
Message-ID: <19960825090543625.AAA47 at IO-ONLINE.COM>

On Sat, 24 Aug 96 03:47:47 -0500, William H. Geiger III wrote:

>No I have to dissagree. Who I send mail to or whom I receive mail from is >no-ones business. I for one have no intention of "signing up" or >"regestering" with any mail server. I most certainally want to be the one >to decide what mail I receive or do not receive, not someone elses idea of >what I should receive.

What I'd prefer is a configurable POP server for an ISP - something that you
could set to, say, only send a brief header and 1st couple lines of any message
that is either over a certain size, repeated, or passed the limit for messages
from a given host.  So you could set certain people to have their messages pass
directly through, something like cypherpunks might get more and all others
could be limited to something like 10/day.  Have all of this configured right,
as well has host-end filtering/rejecting and such tasks would be done with the
high bandwidth a host has, as opposed to your average dialup link.

>Sorry but I will not be made a sheep for the "protection" from spam. baah >baah

Baah humbug! (And I agree fully!)

/ If you think education is expensive, try ignorance.
/ Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
/ Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
/ Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
/ Member in good standing of the GNU whirled hors d'oeuvre

>From cpadmin at toad.com  Sun Aug 25 03:21:23 1996
Received: from pop1.jmb.bah.com (pop1.jmb.bah.com [156.80.9.161]) by toad.com (8.7.5/8.7.3) with ESMTP id DAA19560; Sun, 25 Aug 1996 03:22:11 -0700 (PDT)
Received: from crypto-1.bah.com ([156.80.2.177]) by pop1.jmb.bah.com (8.7.5/8.7.3) with SMTP id GAA26790; Sun, 25 Aug 1996 06:27:50 -0400 (EDT)
Received: by crypto-1.bah.com with Microsoft Mail
	id <01BB924D.9E549120 at crypto-1.bah.com>; Sun, 25 Aug 1996 06:21:14 -0000
Message-ID: <01BB924D.9E549120 at crypto-1.bah.com>
From: Charley Sparks <sparks at bah.com>
To: "'cypherpunks at toad.com'" <cypherpunks at toad.com>
Cc: "'cypherpunk at toad.com'" <cypherpunk at toad.com>
Subject: Need the majordomo commands for cypherpunk
Date: Sun, 25 Aug 1996 06:21:13 -0000
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNED MESSAGE-----

the heading says it all....

-----BEGIN PGP SIGNATURE-----
Version: 2.9

iQCXAgUBMiA3KOJ+JZd/Y4yVAQHaJQQMC4i3iPpinbyMfQ8x6wOrQEFYFg7kt1Qf
trmMt4nwNSwy3ZV2EAS/ohm9BMz9PWfiAvetcpyPf2QZxQS9ZBqF69TqmpRkX7Xe
ke6Cz4GqYy51MM29WuE1nvPRSELHvrsubq9A1U2+QeArOC6sw6mVZFMFClP+I2NI
q9NH9sjEljgXTw==
=nFIP
-----END PGP SIGNATURE-----

>From cpadmin at toad.com  Sun Aug 25 05:28:39 1996
Received: from dns1.noc.best.net (root at dns1.noc.best.net [206.86.8.69]) by toad.com (8.7.5/8.7.3) with SMTP id FAA22362 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 05:29:27 -0700 (PDT)
Received: from jamesd.vip.best.com (jamesd.vip.best.com [204.156.153.125]) by dns1.noc.best.net (8.6.12/8.6.5) with SMTP id FAA21914; Sun, 25 Aug 1996 05:29:16 -0700
Message-Id: <199608251229.FAA21914 at dns1.noc.best.net>
X-Sender: jamesd at best.com
X-Mailer: Windows Eudora Version 2.1
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Sat, 24 Aug 1996 17:06:32 -0700
To: Vincent Cate <vince at offshore.com.ai>, cypherpunks at toad.com
From: "James A. Donald" <jamesd at echeque.com>
Subject: Re: Cypherpunk voting - ITAR or CDA

At 01:37 AM 8/25/96 -0400, Vincent Cate wrote:
> So it seems Dole is the better vote.  Is this important enough to many
> cypherpunks to actually determine their vote?

Dole stands for nothing, and Clinton stands for everything.

Any resemblance between their election platforms and what they
will actually do when in office is purely coincidental.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com

>From cpadmin at toad.com  Sun Aug 25 05:41:56 1996
Received: from tipper.oit.unc.edu (tipper.oit.unc.edu [152.2.22.85]) by toad.com (8.7.5/8.7.3) with SMTP id FAA22601 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 05:42:45 -0700 (PDT)
Received: from hilly.oit.unc.edu (cnc019039.concentric.net [206.173.35.39]) by tipper.oit.unc.edu (8.6.12/8.6.10) with SMTP id IAA22997 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 08:42:42 -0400
Date: Sun, 25 Aug 1996 08:42:43 -0400 ()
From: Simon Spero <ses at tipper.oit.unc.edu>
To: cypherpunks at toad.com
Subject: -- Message body depressed --
Message-ID: <Pine.WNT.3.95.960825084108.-7095A-100000 at hilly.oit.unc.edu>
X-X-Sender: ses at tipper.oit.unc.edu
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

Life. Don't talk to me about Life.  The first 100 spams were the worst.
The second 100 spams were the worst as well. After that I went into a bit
of decline. 



>From cpadmin at toad.com  Sun Aug 25 06:06:43 1996
Received: from osceola.gate.net (root at osceola.gate.net [199.227.0.18]) by toad.com (8.7.5/8.7.3) with SMTP id GAA23105 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 06:07:30 -0700 (PDT)
Received: from miafl2-30.gate.net (miafl2-30.gate.net [199.227.2.157]) by osceola.gate.net (8.6.13/8.6.12) with SMTP id JAA97272 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 09:07:16 -0400
Date: Sun, 25 Aug 1996 09:07:16 -0400
Message-Id: <199608251307.JAA97272 at osceola.gate.net>
From: Jim Ray <liberty at gate.net>
To: cypherpunks at toad.com
X-Priority: Normal
Subject: Re: Cypherpunk voting - ITAR or CDA
X-Mailer: Pronto Secure [Ver 1.05]
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Pgprequest: signed

-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Sun Aug 25 09:06:51 1996
Vincent Cate wrote:

> Dole says he would fix the ITAR problem, but try to keep something like
> CDA. 

He would say anything to get elected.

> Clinton is keeping ITAR and signed CDA.  But not having the religious
> right he might soften on CDA.

Lame ducks don't have to soften, on anything. That's what's fun about being 
a lame duck.

> The courts seem to be throwing out CDA much faster than ITAR (some fast
> track to the supreme court built into the law).  It also seems like
>  ITAR
> is the more important thing to fix (it is easier to move pornography
>  etc
> out of the US than major software companies). 
> 
> So it seems Dole is the better vote.  Is this important enough to many
> cypherpunks to actually determine their vote?

If the Republican candidate had been Forbes, there might have been a "don't 
let the great be the enemy of the good" argument against voting 
Libertarian. As it stands now, Dole is, at best, arguably the "lesser of 2 
evils," which still comes out evil in my book. As the designated partisan 
Libertarian on the list, I urge all cypherpunks to vote their consciences 
and pick Harry Browne and Jo Jorgensen. The mere fact that the media is 
[grudgingly] covering us suggests we are finally doing something right, and 
Harry is winning many Internet polls despite much fawning, hopeful coverage 
for the big-eared billionaire hypocrite stealth-candidate, who has no 
position but certainly would enjoy having the TLAs investigate his enemies.

I fully accept that it is likely Dole or Clinton will win, but I think it 
will fill an important cypherpunk goal if the Libertarian Party candidates 
get a vote large enough to be the margin of victory, and I will be very 
proud of my vote, no matter who wins this election. Vote your consciences 
for your own sake, and the sake of the children who will inherit the debt 
of the irresponsible statists in power now.
JMR

Regards, Jim Ray -- DNRC Minister of Encryption Advocacy

"'Filegate' is starting to make _Ed_ _Meese_ look ethical."
 -- me
 Defeat the Duopoly! Vote "NOTA," not Slick/Dull in November.
 Harry Browne for President. Jo Jorgensen for Vice-president.
 http://www.HarryBrowne96.org/
___________________________________________________________________
PGP id.E9BD6D35 51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8
<mailto:liberty at gate.net> http://www.shopmiami.com/prs/jimray C
Ross Perot is now on welfare.<sigh>
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMiBP8m1lp8bpvW01AQFIJAQAlXsJF6cbghTbNe026MYY2UmG6BWPHeUe
clf8KSRdT3Fxr/U5juo9FhroDmKSverVkl7ReCQ9Vfxcw0bBdhopJYvkVzB4AOeh
8EMIQnuUGjtPydJvf1pcMUu+C2j7HfhPvI33P3q0v7iG9bb5o6eIzoTMifsc1Kzk
n9rakt5JoGg=
=c8mZ
-----END PGP SIGNATURE-----

>From cpadmin at toad.com  Sun Aug 25 08:16:36 1996
Received: from netcom10.netcom.com (qut at netcom10.netcom.com [192.100.81.120]) by toad.com (8.7.5/8.7.3) with SMTP id IAA01414 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 08:17:24 -0700 (PDT)
Received: (from qut at localhost) by netcom10.netcom.com (8.6.13/Netcom)
	id IAA04507; Sun, 25 Aug 1996 08:17:22 -0700
Date: Sun, 25 Aug 1996 08:17:22 -0700
From: qut at netcom.com (Skipp OBC)
Message-Id: <199608251517.IAA04507 at netcom10.netcom.com>
To: Thetapunks <cypherpunks at toad.com>
Newsgroups: alt.politics.white-power,alt.politics.nationalism.white,can.politics,alt.discrimination,alt.revisionism
Subject: Re: Where have all the racists gone? Griswold, LA Times story
References: <4vo52r$or2 at freenet-news.carleton.ca> <rcgraves-2408962338530001 at nntp.stanford.edu>
X-No-Archive: yes

In <rcgraves-2408962338530001 at nntp.stanford.edu> rcgraves at ix.netcom.com (Skippy) writes:

! -----BEGIN PGP SIGNED MESSAGE-----
! 
! In article <4vo52r$or2 at freenet-news.carleton.ca>,
! ai433 at FreeNet.Carleton.CA (John Baglow) wrote:
! 
! > So, where *is* Les Griswold? Readers are invited to speculate.
! 
! I don't need to.
! 
! Racists come, racists go. Milton Kleim, George Graves, Ron Schoedel, and
! Les Griswold are all out of the business. The Nazi troller who dedicates
! himself to "The Movement" for life is rare. Human beings have large,
! well-developed brains. This enables us to use tools, read, write, speak,
! and see through the appeal of Nazism. Only the real psychopaths (Metzger),
! charlatans in it for the money (Zundel), and criminals (Burdi, Droege,
! Mathews) stick with "The Movement" once they understand what it's really
! about.
! 
! [Yes, I'm aware that things are a bit more serious and complex in real
! life, but I do think it's fine to gloat now, when the "Net.Nazis" are so
! few and disorganized that their #1 troller, qut at netcom.com, is believed to
! be an anti-racist parodying them.]

The movement must learn to deal with these situations.

! Another bit of good news, and perhaps an inspiration for those few racists
! still reading alt.politics.white-power:
! 
! "Ex-Skinhead breaks from a racist past"
! San Jose Mercury News, August 19, 1986, page 3B.
! Reprint of a story from the Los Angeles Times.
! 
! LOS ANGELES -- Even among his fellow skinheads, Tom Leyden stood out as an
! angry warrior.
! 
! Leyden recalls prowling the streets at night, pummeling "blacks, Hispanics
! and longhairs" with his steel-toed boots. In the Marines, he kept a copy
! of Adolf Hitler's "Mein Kampf" next to his bunk. At home, he hung a Nazi
! flag over the baby's crib.
! 
! Leyden, 30, might seem like a dubious candidate to lead a crusade against
! white supremacists. But this tattooed high school dropout has broken with
! his racist past and joined ranks with an unlikely ally -- the Simon
! Wiesenthal Center.
! 
! It is a rare and unexpected alliance.
! 
! Leyden is the first skinhead to voluntarily lend his expertise to the
! Wiesenthal Center since it opened in Los Angeles 19 years ago. Skeptical
! leaders of the center -- a watchdog organization that fights anti-Semitism
! and other forms of prejudice -- greeted his arrival last month with
! suspicion. They wondered whether he was a spy.
! 
! But Leyden offered inside information about neo-Nazi methods: how they
! recruit young members by inciting racial violence on school campuses and
! by distributing music that preaches the death of Jews, blacks and other
! groups.
! 
! He also discounted his disillusionment with a movement that labeled his
! own mother inferior because she was handicapped. He spoke out about the
! angst of watching his sons -- ages 4 and 2 -- grow up as hatemongers
! saluting the Nazi and Confederate flags.
! 
! And he recounted his decision to leave his wife of six years for a chance
! to redeem himself.
! 
! "I got the impression that this was a person who has had a profound change
! of heart and who is willing to tell the world, 'I was wrong,'"" recalled
! Rabbi Marvin Hier, the Wiesenthal Center's founder. "He is saying,
! 'Everything I've stood for in the last decade was for nothing.' That's
! admitting to a life's mistake."
! 
! Now the Wiesenthal Center and Leyden are putting his firsthand knowledge
! of neo-Nazi activities to work -- a plan that has earned Leyden a
! "traitor" label among former skinhead associates.
! 
! The center has arranged for Leyden to address a national hate conference
! in Miami in October. Leyden is also scheduled to speak about hate groups
! in the military during an upcoming visit to Fort Bragg, the North Carolina
! Army base where swastikas were found last month painted on the doors of
! rooms occupied by white soldiers.
! 
! Leyden's family now fears for its safety. He said late-night callers
! frequently hang up or leave obscene messages.
! 
! But Leyden refuses to let the threats scare him.
! 
! "I think Tom has already removed the tattoos inside," said Rabbi Abraham
! Cooper, associate dean at the Wiesenthal Center. "He's made some really
! severe errors. But he has my respect, which is the last thing I thought
! I'd be saying about someone who spent years in the skinhead movement."
! 
!                                - 30 -
! -----BEGIN PGP SIGNATURE-----
! Version: 2.6.2
! 
! iQBVAwUBMh/065NcNyVVy0jxAQESeQH+M9A1vU5hxZnOID7gNAWkmQabQTwe9uv/
! LWETIkkWQoHqnEYlcjtgxC1ayDu1xBC0rEpvA/MPL/LauCkrxRbaAw==
! =C7nU
! -----END PGP SIGNATURE-----
! 
! -rich
!  http://www.anonymizer.com:8080/http://www.c2.org/~rich/

Easy come, easy go.


--
I marvel at the resilience of the white people.
Their best characteristic is their desire to learn.
No other people has such an obsession with the intellect.

>From cpadmin at toad.com  Sun Aug 25 08:46:32 1996
Received: from wichita.fn.net (root at wichita.fn.net [204.233.71.1]) by toad.com (8.7.5/8.7.3) with ESMTP id IAA03380 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 08:47:21 -0700 (PDT)
Received: from steve.shelby.com (mark108.fn.net [204.233.108.131]) by wichita.fn.net (8.7.4/8.6.9) with SMTP id KAA13490 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 10:47:18 -0500 (CDT)
Message-Id: <2.2.32.19960825144031.006d5e80 at mail.fn.net>
X-Sender: sshelby at mail.fn.net
X-Mailer: Windows Eudora Pro Version 2.2 (32)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Sun, 25 Aug 1996 10:40:31 -0400
To: cypherpunks at toad.com
From: Steve Shelby <sshelby at wichita.fn.net>
Subject: Posting HTML.


When posting an article that was originally HTML, perhaps you could save it
as a text instead?

Makes it a little easier to read.

Thanks

>From cpadmin at toad.com  Sun Aug 25 08:56:21 1996
Received: from mail-1.mail.demon.net (mail-1.mail.demon.net [158.152.1.211]) by toad.com (8.7.5/8.7.3) with SMTP id IAA04034 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 08:57:07 -0700 (PDT)
From: paul at fatmans.demon.co.uk
Received: from post.demon.co.uk ([158.152.1.72]) by mail-1.mail.demon.net
           id ag08175; 25 Aug 96 16:53 BST
Received: from fatmans.demon.co.uk ([158.152.120.223]) by relay-3.mail.demon.net
          id aa17201; 25 Aug 96 16:52 +0100
Received: from fatmans.demon.co.uk by fatmans.demon.co.uk with SMTP 
	id AA840935122 ; Sun, 25 Aug 96 01:05:22 +0000
Comments: Authenticated sender is <paul at fatmans.demon.co.uk>
To: cypherpunks at toad.com
Date: Sun, 25 Aug 1996 01:05:21 +0000
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Subject: subscribe cypherpunks
Priority: normal
X-mailer: Pegasus Mail for Windows (v2.31)
Message-ID: <840988336.17201.0 at fatmans.demon.co.uk>

SUBSCRIBE cypherpunks paul at fatmans.demon.co.uk

  Datacomms Technologies web authoring and data security
     Paul Bradley, Paul at fatmans.demon.co.uk
       "Don`t forget to mount a scratch monkey"

>From cpadmin at toad.com  Sun Aug 25 12:13:53 1996
Received: from laguna.arc.unm.edu (laguna.arc.unm.edu [198.59.173.7]) by toad.com (8.7.5/8.7.3) with ESMTP id MAA16785 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 12:14:37 -0700 (PDT)
Received: from alb-nm4-03.ix.netcom.com (finite at alb-nm4-03.ix.netcom.com [206.214.146.67]) by laguna.arc.unm.edu (8.7.3/8.7.3) with SMTP id NAA01875 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 13:14:34 -0600 (MDT)
Message-Id: <1.5.4.16.19960825191447.0b77e912 at arc.unm.edu>
X-Sender: drosoff at arc.unm.edu
X-Mailer: Windows Eudora Light Version 1.5.4 (16)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Sun, 25 Aug 1996 13:14:47 -0600
To: cypherpunks at toad.com
From: David Rosoff <drosoff at ARC.unm.EDU>
Subject: You have your papers, please? [off-topic]

-----BEGIN PGP SIGNED MESSAGE-----

Today, I returned to school, a bright shiny venture into my junior year.
Only slightly dampened by the closing of campuses - well, I should explain.
High school campuses have typically been "open" here in Albuquerque, which
to put it simply means that school is dismissed for lunch and opens again after
it. But, in the traditional school style, that is, punishing the many for the
crimes of the few, the politically-controlled and very partisan school board 
decided last year to close them, which would of course stop all the fights and
robberies and graffiti during the noon hour, and not push it up two hours at all.
Of course. This is rather drastic, so in an atypical show of clemency the people
who do things to me for my own good decided to phase it in. Thus it affects me
not at all - or so I thought. So my mood today wasn't really affected by this
violation of rights, because I had my mind on other things.

Until I was informed that I must carry my school-issued picture ID that is
barely recognizable as human at all times, because at any time on campus a
Gestapo agent disguised as a "campus aide" could demand to make sure that
my papers were in order. When going to lunch I was carded to leave campus.
Taking out my anger on someone who probably didn't deserve it, I said, 
"Are my papers in order, mein Fuehrer?" My, my, if looks could kill. The
disturbing thing is that while I know it really is not a big deal to have
to carry a dumb school ID so that bad rules can be enforced, no one around
me understood why I was upset. I am worried that happenings of this sort will
give Big Brother an opening for universal IDs and internal passports. No one
will question it because they've been doing it their whole lives. And of course,
anyone who does object must be a pervert, criminal, or other social deviant.

===============================================================================
David Rosoff (nihongo ga sukoshi dekiru)  --------------->  drosoff at arc.unm.edu
PGP public key 0xD37692F9 -----> finger drosoff at acoma.arc.unm.edu or keyservers
0xD37692F9  Key fingerprint =  25 7D AA 01 85 41 43 89  50 5A 33 76 F1 F1 99 67
Do you know who's reading your email? ---> http://www.arc.unm.edu/~drosoff/pgp/
Is it a forgery? --- I have PGP signed all email and news posts since May 1996.
===============================================================================
"Your Honor, I have been following this person's movements for quite some time,
and I can prove that he is in possession of secret government underwear."

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMhkizhguzHDTdpL5AQHGTwQAq2bYziwWjHsTm2WgxBpN6ch8vZcpVkRQ
oKfR1XfshzObsvNup4Hr5q1LsgWXef8nb1Br49TSGj4u4GBWrfzuowftfDkem5JN
YXpIX6QSsZeXKMMW06S7MnOM6qL5u83s8SKCS+amnpVEQcxhFNXkb8CMo0+6Kwid
NZwSgwjtgYU=
=c1Tj
-----END PGP SIGNATURE-----

>From cpadmin at toad.com  Sun Aug 25 13:19:48 1996
Received: from mailhost1.primenet.com (mailhost1.primenet.com [206.165.5.51]) by toad.com (8.7.5/8.7.3) with ESMTP id NAA18464 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 13:20:36 -0700 (PDT)
Received: from primenet.com (root at usr06.primenet.com [206.165.5.106]) by mailhost1.primenet.com (8.7.5/8.7.1) with ESMTP id NAA00959 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 13:20:34 -0700 (MST)
Received: from heavily.censored.org (heavily.censored.org [206.165.50.96]) by primenet.com (8.7.5/8.7.5) with SMTP id NAA25762 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 13:07:27 -0700 (MST)
Message-Id: <2.2.16.19960825201159.232fec0e at primenet.com>
X-Sender: carolab at primenet.com
X-Mailer: Windows Eudora Pro Version 2.2 (16)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Sun, 25 Aug 1996 15:11:59 -0500
To: cypherpunks at toad.com
From: Censored Girls Anonymous <carolann at censored.org>
Subject: Re: Ruritania 

I thank all of you for your fine detective work.

I found this on the tsmenace list without an attribute.
It was a strange place for it, as it was cypherpunk in content.
But as it applies anywhere, (and the using PGP on a political
activist list project continues), at least they are making some
progress in their thinking. The article drew no flames whatsoever.

I will Mr. Perry, happily inform the tsmenace list (tsmenace at zoom.com)
who the originator of the article is.

Love Always,

Carol Anne

At 01:32 PM 8/24/96 -0400, you wrote:

>>                       The Legend of Ruritania 
> technology had been developed,  and in this new age of wood, everyone in

>When people repost my writing, I prefer that they leave some
>indication on that I wrote it.
>
>Perry
>
>
Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/

>From cpadmin at toad.com  Sun Aug 25 14:46:45 1996
Received: from server.multipro.com (root at server.multipro.com [204.253.122.2]) by toad.com (8.7.5/8.7.3) with SMTP id OAA20422 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 14:47:31 -0700 (PDT)
Received: from LOCALNAME (s5.pm.crossville.multipro.com [207.78.144.15]) by server.multipro.com (8.6.9/8.6.9) with SMTP id QAA09138 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 16:35:53 -0500
Message-Id: <199608252135.QAA09138 at server.multipro.com>
X-Sender: nick at mail.multipro.com
X-Mailer: Windows Eudora Light Version 1.5.2
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Sun, 25 Aug 1996 16:49:12 -0500
To: cypherpunks at toad.com
From: Nick West <nick at multipro.com>
Subject: URL for Browne and crypto

"Stop the Browne Out!" now has a page that compares Harry Browne to Clinton
& Dole on the subject of digital privacy. The URL is
http://home.connectnet.com/qqq/crypto/ . They have various links and a logo
you can add to your web site to link to the page.

Nick West
nick at multipro.com
Member of the National Wild Turkey Federation and 
The Libertarian Party of Tennessee

http://members.tripod.com/~NWest/index.html

PGP Fingerprint= F9 F7 92 D9 D3 0B 56 3E  FA 2A 78 59 27 32 7D 6F

Public key available on request.

>From cpadmin at toad.com  Sun Aug 25 16:05:04 1996
Received: from dns2.noc.best.net (dns2.noc.best.net [206.86.0.21]) by toad.com (8.7.5/8.7.3) with SMTP id QAA22928 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 16:05:54 -0700 (PDT)
Received: from sophi.best.com (sophi.vip.best.com [206.86.81.52]) by dns2.noc.best.net (8.6.12/8.6.5) with ESMTP id QAA05562; Sun, 25 Aug 1996 16:05:46 -0700
Message-Id: <199608252305.QAA05562 at dns2.noc.best.net>
From: "Greg Kucharo" <sophi at best.com>
To: "Vincent Cate" <vince at offshore.com.ai>, <cypherpunks at toad.com>
Subject: Re: Cypherpunk voting - ITAR or CDA
Date: Sun, 25 Aug 1996 16:07:53 -0700
X-MSMail-Priority: Normal
X-Priority: 3
X-Mailer: Microsoft Internet Mail 4.70.1155
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

  Does it matter?  Shound't the fight here be in the courts and Congress as
opposed to the President?  The problem here is a constant one.  If you vote
Republican, it opens the door for less stringent economic laws but greater
restriction on social freedoms.  The Democrats are tradtionaly the
opposite.
  It's like the Janus. They speak of countermanding viewpoints, but in the
end the truth lies somewhere in the middle.  There will undoubtely be
watered down versions of both laws in effect.  My guess is that a new ITAR
style would run along the lines of current arms trafficking regulations. 
That means no trading yer crypto with the so-called rogue states. 
Impossible, but we are talking about the U.S. Government here.  I have no
idea how they could enforce anything like the CDA.  Possibly they would
promote the use of restictive services in browsers.  Who knows.

----------
> From: Vincent Cate <vince at offshore.com.ai>
> To: cypherpunks at toad.com
> Subject: Cypherpunk voting - ITAR or CDA
> Date: Saturday, August 24, 1996 10:37 PM
> 
> 
> Dole says he would fix the ITAR problem, but try to keep something like
> CDA. 
> 
> Clinton is keeping ITAR and signed CDA.  But not having the religious
> right he might soften on CDA.
> 
> The courts seem to be throwing out CDA much faster than ITAR (some fast
> track to the supreme court built into the law).  It also seems like ITAR
> is the more important thing to fix (it is easier to move pornography etc
> out of the US than major software companies). 
> 
> So it seems Dole is the better vote.  Is this important enough to many
> cypherpunks to actually determine their vote?
> 
>   --  Vince
> 
> -----------------------------------------------------------------------
> Vincent Cate   vince at offshore.com.ai  http://www.offshore.com.ai/vince/
> Offshore Information Services         http://www.offshore.com.ai/

>From cpadmin at toad.com  Sun Aug 25 17:17:49 1996
Received: from mstrinet.usmc.mil ([192.156.78.41]) by toad.com (8.7.5/8.7.3) with SMTP id RAA24560 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 17:18:38 -0700 (PDT)
Received: by mstrinet.usmc.mil; Sun, 25 Aug 96 6:20:48 -0400
Date: Sun, 25 Aug 96 6:20:45 -24000
Message-ID: <vines.Afe5+xX06mB at mstrinet.usmc.mil>
X-Priority: 3 (Normal)
To: <cypherpunks at toad.com>
From: <MAILER-DAEMON at mqg-smtp3.usmc.mil>
Subject: Undeliverable Message
MIME-Version: 1.0
Content-type: text/plain;
               charset=ISO-8859-1

To:            <cypherpunks at toad.com>
Cc:            
Subject:       Re: "----- Message body suppressed -----"

Message not delivered to recipients below.  Press F1 for help with VNM
error codes.               

	VNM3043:  BANYAN SERVER at MAG26@2DMAW NEW RIVER


VNM3043 -- MAILBOX IS FULL

   The message cannot be delivered because the
   recipient's mailbox contains the maximum number of 
   messages, as set by the system administrator.  The
   recipient must delete some messages before any
   other messages can be delivered.
    The maximum message limit for a user's mailbox is 
   10,000.  The default message limit is 1000 messages.  
   Administrators can set message limits using the 
   Mailbox  Settings function available in the 
   Manage User menu  (MUSER). 

   When a user's mailbox reaches the limit, the 
   user must delete some of the messages before 
   the mailbox can accept any more incoming messages.

UNDEFINED! At 1:10 AM 8/21/96, llurch at stanford.edu (Rich Graves) wrote:
! >   ----- Message body suppressed -----
! >
! 
! 
! Sounds good to me. Keep it up.
! 
! 
! --Tim May
! 
! 
! --
! [This Bible excerpt awaiting review under the U.S. Communications Decency
! Act of 1996]
! And then Lot said, "I have some mighty fine young virgin daughters. Why
! don't you boys just come on in and fuck them right here in my house - I'll
! just watch!"....Later, up in the mountains, the younger daughter said:
! "Dad's getting old. I say we should fuck him before he's too old to fuck."
! So the two daughters got him drunk and screwed him all that night. Sure
! enough, Dad got them pregnant, and had an incestuous bastard son....Onan
! really hated the idea of doing his brother's wife and getting her pregnant
! while his brother got all the credit, so he pulled out before he
! came....Remember, it's not a good idea to have sex with your sister, your
! brother, your parents, your pet dog, or the farm animals, unless of course
! God tells you to. [excerpts from the Old Testament, Modern Vernacular
! Translation, TCM, 1996]

Your sigs are better looking than his body.

>From cpadmin at toad.com  Sun Aug 25 17:33:10 1996
Received: from fat.doobie.com (remailer at fat.doobie.com [204.62.130.103]) by toad.com (8.7.5/8.7.3) with ESMTP id RAA24941 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 17:34:00 -0700 (PDT)
Received: (from remailer at localhost) by fat.doobie.com (8.7.5/8.6.9) id RAA16531 for cypherpunks at toad.com; Sun, 25 Aug 1996 17:34:02 -0700
Date: Sun, 25 Aug 1996 17:34:02 -0700
Message-Id: <199608260034.RAA16531 at fat.doobie.com>
Subject: The wisdom of the US Government
To: cypherpunks at toad.com
From: nobody at huge.cajones.com (Huge Cajones Remailer)
Comments: Please report misuse of this automated remailing service to <remailer-admin at cajones.com>

Hacking the US Treasury web page wasn't very smart, there are much
better places to hack:

	http://www.irs.ustreas.gov/plain/forms_pubs/expert.html

Unencrypted, unauthenticated, self-extracting archive executables from
America's most beloved Governmental `service'?

>From cpadmin at toad.com  Sun Aug 25 18:01:42 1996
Received: from panix3.panix.com (panix3.panix.com [198.7.0.4]) by toad.com (8.7.5/8.7.3) with ESMTP id SAA25595 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 18:02:30 -0700 (PDT)
Received: (from shabbir at localhost) by panix3.panix.com (8.7.5/8.7/PanixU1.3) id VAA03356; Sun, 25 Aug 1996 21:02:23 -0400 (EDT)
Date: Sun, 25 Aug 1996 21:02:23 -0400 (EDT)
From: Voters Telecommunications Watch <shabbir at vtw.org>
Message-Id: <199608260102.VAA03356 at panix3.panix.com>
To: cypherpunks at toad.com
Errors-To: shabbir at vtw.org
Subject:  INFO: Democratic convention chats online!  Be there! (8/25/96)

============================================================================

	       DEMOCRATIC CONVENTION ONLINE CHAT SCHEDULE!
	            LIVE CHATS FROM THE CONVENTION! 
		(DO NOT DISTRIBUTE AFTER SEPTEMBER 1, 1996)

----------------------------------------------------------------------------
Table of contents
	What's New
	Chat Schedule
	Getting Chat Software

----------------------------------------------------------------------------
WHAT'S NEW

The Democratic convention's online chat program has begun!  It's crucial
that Netizens make net concerns a high profile issue in the online chats
this year.  You can do this by showing up and simply asking the right
questions.  Does the candidate think the Communications Decency Act is
an effective method of shielding kids from material online, or parental
control?  Does the candidate support the use of privacy-enhancing 
encryption technology?  Does the candidate support program such as
THOMAS, that put government info in the hands of the people?

If you don't ask these questions, they'll never know we care.

----------------------------------------------------------------------------
CHAT SCHEDULE

[Notably missing from this schedule are Senators Patrick J. Leahy (D-VT) 
 and Russell Feingold (D-WI) and House member Jerrold Nadler (D-NY).  All
 three have impeccable cyberspace credentials and we look forward to seeing
 them online.]

All chats take place at http://ichat.dncc96.org:4080/

Monday
	08/26/96 - 4:20pm CDT Governor Lawton Chiles 
	08/26/96 - 7:15pm CDT House Candidate Michela Alioto 
	08/26/96 - 10:30pm CDT Congressman Bill Richardson 
Tuesday
	08/27/96 - 9:00am CDT Senate Candidate Houston Gordon 
	08/27/96 - 5:00pm CDT Congresswoman Nita Lowey 
Wednesday
	08/28/96 - 9:00am CDT - Senate Candidate Houston Gordon 
	08/28/96 - 10:00am CDT - Governor Gaston Caperton 
	08/28/96 - 3:00pm CDT - Senator John D Rockefeller IV 
	08/28/96 - 4:00pm CDT - Senator John Kerry 
	08/28/96 - 4:30pm CDT - Senator Harry Reid 
	08/28/96 - 9:30pm CDT - Representative Corrine Brown 
Thursday
	08/29/96 - 10:30am CDT - Senate Candidate Houston Gordon 
	08/29/96 - 2:30pm CDT - Senator Kent Conrad 
	08/29/96 - 3:30pm CDT - Representative Eliot Engel 
	08/29/96 - 6:00pm CDT - Representative Barney Frank 
	08/29/96 - 7:00pm CDT - Senators Boxer & Murray 

Don't miss this opportunity to question the newsmakers on net issues
such as free speech and privacy!  We have to ensure that they feel 
appreciated for standing up for Net issues.

----------------------------------------------------------------------------
GETTING CHAT SOFTWARE

The Democratic Convention has chosen iChat's chat software for their
interface.  To obtain a copy, simply follow the links from the main
convention homepage at http://www.dncc96.org/ to the software section.

				###
============================================================================

>From cpadmin at toad.com  Sun Aug 25 18:20:16 1996
Received: from infinity.c2.org (infinity.c2.org [140.174.185.11]) by toad.com (8.7.5/8.7.3) with ESMTP id SAA25839 for <cypherpunks at toad.com>; Sun, 25 Aug 1996 18:21:06 -0700 (PDT)
Received: from zirko (exit17.bluegrass.net [205.198.88.217]) by infinity.c2.org (8.7.4/8.6.9) with SMTP
Date: Sun, 25 Aug 1996 18:19:30 -0700 (PDT)
Message-Id: <199608260119.SAA22964 at infinity.c2.org>
From: Lou Zirko <lzirko at c2.net>
To: cypherpunks at toad.com
X-Priority: Normal
Subject: 128-bit MSIE
X-Mailer: Pronto Secure [Ver 1.05]
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Pgprequest: signed

-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Sun Aug 25 21:18:42 1996
It appears that the 128-bit download of MS Internet Explorer had 
disappeared from their website again.  Did anyone successfully download it 
and if so is it archived anywhere.

Thanks,

Lou Zirko


Lou Zirko                                (502)383-2175
Zystems                                  lzirko at c2.org
"We're all bozos on this bus" - Nick Danger, Third Eye

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: latin1

iQEVAwUBMiEJi8tPRTNbb5z9AQEKVAf+KbP/v0Yg0oTFx/PSghgApIkyMJjUkK27
mASRZvqSZzAsizxUTPuIn7qGlYpM2qQCLYYXe986zYP39sDaGEdhTpNxzixa2XN4
k+ZmuklUFPWPUwRbhxSTrjFiId38MhPYJ0zaKWdzFt8iI6UlwypD9999HC913k2F
gAjGxQW4lzEA2/juavxENiG1vGeQQ64Ms0wOP8wAdaEE0O5RSiVhlOjpqtlpamTd
Mx3DR6EKSLrz9acjB87rya6YRRtVfsjrzngOjiPMLdqhhYImYooPYNx+4vac7o92
gsEsOkh5l9u2NHfyoAcowXWUpIS9gGcstxTiWGiaDpIeSWbXj07UZw==
=hX+X
-----END PGP SIGNATURE-----






From pjn at nworks.com  Mon Aug 26 07:21:18 1996
From: pjn at nworks.com (pjn at nworks.com)
Date: Mon, 26 Aug 1996 22:21:18 +0800
Subject: Husband/Wife jailed f
Message-ID: <TCPSMTP.16.8.26.7.47.22.2645935021.670907@.nworks.com>


 > Published in Washington, D.C.   July 9, 1996
 > Insult to Clinton leads to 2 arrests
 > 
 > ------------------------------------------------------
 > By Ruth Larson
 > THE WASHINGTON TIMES
 > ------------------------------------------------------

 In> I think you should try a more credible paper. Say, Scientology's
 In> Freedom Magazine, rather than the Moonies'. You are of course free to
 In> believe whatever you wish.

 In> -rich

 Lets see...

 I heard that on:

 * CNN
 * Local News
 * And on a Shortwave radio broadcast.


 They might not bat 1000, but even 500 is good.


 P.J.
 pjn at nworks.com


... RAM = Rarely Adequate Memory

___ Blue Wave/QWK v2.20 [NR]







From jya at pipeline.com  Mon Aug 26 09:03:37 1996
From: jya at pipeline.com (John Young)
Date: Tue, 27 Aug 1996 00:03:37 +0800
Subject: NAV_ios
Message-ID: <199608261253.MAA23264@pipe1.t1.usa.pipeline.com>


   8-26-96, NYP: 
 
   "A Netscape Bid For the Souls of New Machines." Markoff. 
 
      Netscape plans on Monday to announce that it has created 
      a software company that will enter an alliance with 
      I.B.M., Oracle and four Japanese consumer electronics 
      giants. The venture, called the Navio Corporation, 
      intends to develop refined software for browsing the 
      Internet and a new OS that Netscape hopes will become a 
      standard means for controlling Internet access and basic 
      operations for a broad range of consumer devices. 
 
      The four Japanese companies in the alliance -- Sony, 
      Nintendo, Sega and NEC -- are dominant in producing a 
      variety of home entertainment devices, and the expected 
      announcement, analysts said, suggested that the 
      Internet, which until now has largely been a business 
      and educational marketplace, would soon vastly broaden 
      its scope. 
 
   ----- 
 
   http://jya.com/navios.txt  (8 kb) 
 
   NAV_ios 
 
 
 
 
 





From maldrich at grci.com  Mon Aug 26 11:38:17 1996
From: maldrich at grci.com (Mark O. Aldrich)
Date: Tue, 27 Aug 1996 02:38:17 +0800
Subject: your mail
In-Reply-To: <UPMAIL01.199608241925150568@msn.com>
Message-ID: <Pine.SCO.3.93.960826094019.6590A-100000@grctechs.va.grci.com>


On Sat, 24 Aug 1996, Mike Howell wrote:

> Does anybody know what I can get for generating the credit card numbers?
> 

Two to ten, if this is your first offense.

------------------------------------------------------------------------- 
|Just as the strength of the Internet is  |Mark Aldrich                 |
|chaos, so the strength of our liberty    |GRCI INFOSEC Engineering     |
|depends upon the chaos and cacophony of  |maldrich at grci.com            |
|the unfettered speech the First Amendment|MAldrich at dockmaster.ncsc.mil |
|protects - District Judge Stewart Dalzell|                             |
|_______________________________________________________________________|
|The author is PGP Empowered.  Public key at:  finger maldrich at grci.com |
|    The opinions expressed herein are strictly those of the author     |
|         and my employer gets no credit for them whatsoever.           |
-------------------------------------------------------------------------






From lwp at conch.aa.msen.com  Mon Aug 26 11:39:09 1996
From: lwp at conch.aa.msen.com (Lou Poppler)
Date: Tue, 27 Aug 1996 02:39:09 +0800
Subject: Public vs Private (Was: Re: Violation or Protection?)
In-Reply-To: <ae255b9d0002100491ab@[205.199.118.202]>
Message-ID: <6xzHyMz2BACP083yn@mail.msen.com>


On Wed, 31 Jul 1996 18:50:38 -0700, tcmay at got.net (Timothy C. May) wrote:
} At 11:51 PM 7/31/96, Blanc Weber wrote:
[ re: searches of visitors to "Centennial Park" in Atlanta ]
} >But if the park was a private one, would it make any difference?
} 
} Of course, which is why stores can have "bags will be searched" policies,
} restrictions about atire, and all sorts of other policies which are not
} allowed in public places.
} 
} Disneyland is a private park, and has rules which are not the rules a
} public park can have.
} 
} Put it this way, "My house, my rules."
 
As with anything, there are gray areas and boundary cases in real life 
where this is not as clear-cut as in the private/public examples TCM
has provided us in the past.  Let's look at a couple of fuzzy examples.

Years ago, I worked for a company which operated a chain of movie theatres.
A group decided to picket in front of several of our theatres.  One of the
theatres was right downtown, with the front of the building about ten feet
from the street, separated only by the city sidewalk.  Everyone agreed
that this sidewalk was clearly public, and the company couldn't control
what the picketers did on this public sidewalk.  Later, this same group
moved their picketing to another of our theatres, across town.  Here,
the theatre sat in the middle of a large parking lot, with no sidewalks
between the parking lot and the street, but a sidewalk right in front
of the building.  It seemed pretty clear that this time the sidewalk
was private property -- the company owned the entire lot, including
all the parking, the sidewalk, and the building.  On the advice of the
company's attorneys, the manager called the City Police who escorted
the picketers off the property.  The picketers took the company to court,
and won a judgement allowing them to return and requiring the company
to apologize.  The judgement was upheld on appeal -- the case mostly
hinged on the fact that there was no other reasonable place for them
to picket, since there was no sidewalk at the public street.

Another fuzzy gray area would be the common areas in shopping malls --
the large corridors outside the stores, with fountains and park benches
and payphones and trees and public performance areas.  These spaces 
are the evolutionary replacement of the urban downtown public spaces.
Yes, they are technically private property, and the property owners
are careful not to jeopardize that status, with carefully worded public
signage, and detailed procedures for their rent-a-cops' dealings with
the members of the public.  Yet at the same time, the management also
carefully cultivates the image of their common space as the cool place
for trendy young people to want to gather.  Various skirmishes are 
occasionally fought over such questions as soliciting petition signatures
or giving out free printed information in these spaces.  

This is a market-driven mutation of the notion of common spaces, away 
from the publicly-owned town square, toward the corporately-owned.
TCM's mention of Disneyland is right on target.

} > I mean, either it is, or it isn't, a "right".   When could it really be
} >okay to violate that definition.  How are the law enforcers to do their
} >job if they can't intrude into your shopping bag, when it's a critical
} >National Emergency.  This is what Denning is always referring to.
} 
} One needs to distinguish "rights" vis-a-vis government actions, and the
} policies of private actors. The usual point about "freedom of speech"
} applies. E.g., Blanc has "freedom of speech," but not inside Microsoft.
} 
} Not to lecture, but this frequent blurring of public vs. private areas, of
} government vs. corporate actions, of "property rights," is  hurting the
} cause of liberty.

This is true in perhaps more ways than those so far discussed.
The cause of liberty is broad: it embraces Mr. May's freedom to run his
hypothetical business by his own rules, dictating what his employees may
and may not do using his computers and firing them if he doesn't like
the color of their tie; it also embraces the freedom of surly youths
and old codgers to hang out somewhere, up to no particular good and
espousing unpopular or pig-headedly-wrong opinions, frightening horses
and small children.  

The "frequent blurring of public vs. private areas" is partly due to
fuzzy-headed thinking by the public at large.  It is also partly due
to deliberate blurring by powerful & cynical forces whose causes are
furthered by the resulting confusion and by the incremental restrictions
on unapproved liberties.  A corporation might see more revenue and 
decreased repair/security/PR costs, if they can reduce the number of
teenagers skateboarding and smoking cigarettes outside their doors.
An ambitious citycouncilman or district attorney might see more favorable
publicity and advancement to more powerful positions, if they can control
irritating protest rallies and disagreeable eccentrics impairing the
"quality of life" in their jurisdictions.

One direct means to this intentional "blurring" is the current trend of
"privatizing" various government activities.  A city-owned public library
is open to basicly anyone (or recently at least anyone who can prove they
are a resident of that city).  A privately-operated public library may
and will exclude undesirable persons arbitrarily.  A state park is open
to basicly anyone, with few restrictions on what is illegal activity
therein; a Disney-operated private theme-park is a quite different.

Expect more of this privatization, in more areas of life.
For example, in East Lansing the Downtown Development initiative has
"revitalized" a couple blocks of downtown:  what was formerly a parking
lot and a small city park and a few decayed storefronts, is now a shiny
new hotel/commercial complex complete with a "fountain square" containing
some benches and sidewalks and trees.  The catch?  Fountain Square is 
owned by the hotel, and anyone named by hotel security guards as
undesirable is removed therefrom by the city police for trespassing on
private property.  Gone is the former city park.

:::::::::::::::::::::::::::::::::::::: It is much easier for an arbitrary
:: Lou Poppler <lwp at mail.msen.com>  :: intelligence to pass the Turing Test
::      http://www.msen.com/~lwp/   :: via email rather than via live chat.
::::::::::::::::::::::::::::::::::::::  





From raph at CS.Berkeley.EDU  Mon Aug 26 11:42:12 1996
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Tue, 27 Aug 1996 02:42:12 +0800
Subject: List of reliable remailers
Message-ID: <199608261350.GAA13823@kiwi.cs.berkeley.edu>


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list at kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail. For more information, see:
http://www.c2.org/~raph/premail.html

   For the PGP public keys of the remailers, finger
pgpkeys at kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list at kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail at miron.vip.best.com> cpunk pgp special";
$remailer{"c2"} = "<remail at c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon at anon.penet.fi> penet post";
$remailer{"flame"} = "<remailer at flame.alias.net> cpunk mix pgp. hash latent cut post reord";
$remailer{"mix"} = "<mixmaster at remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"replay"} = "<remailer at replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"ecafe"} = "<cpunk at remail.ecafe.org> cpunk mix";
$remailer{"amnesia"} = "<amnesia at chardos.connix.com> cpunk mix pgp hash latent cut ksub";
$remailer{'alpha'} = '<alias at alpha.c2.org> alpha pgp';
$remailer{'nymrod'} = '<nymrod at nym.jpunix.com> alpha pgp';
$remailer{"lead"} = "<mix at zifi.genetics.utah.edu> cpunk pgp hash latent cut ek";
$remailer{"nemesis"} = "<remailer at meaning.com> cpunk pgp hash latent cut";
$remailer{"exon"} = "<remailer at remailer.nl.com> cpunk pgp hash latent cut ek";
$remailer{"vegas"} = "<remailer at vegas.gateway.com> cpunk pgp hash latent cut";
$remailer{"haystack"} = "<haystack at holy.cow.net> cpunk mix pgp hash latent cut ek";
$remailer{"ncognito"} = "<ncognito at rigel.cyberpass.net> mix cpunk pgp hash latent";
$remailer{"lucifer"} = "<lucifer at dhp.com> cpunk mix pgp hash latent cut ek";
$remailer{"jam"} = "<remailer at cypherpunks.ca> cpunk mix pgp hash latent cut ek";
$remailer{"winsock"} = "<winsock at c2.org> cpunk pgp hash cut ksub reord";
$remailer{'nym'} = '<config at nym.alias.net> newnym pgp';
$remailer{"balls"} = "<remailer at huge.cajones.com> cpunk pgp hash latent cut ek";
$remailer{"squirrel"} = "<mix at squirrel.owl.de> cpunk mix pgp hash latent cut ek";
$remailer{"middle"} = "<middleman at jpunix.com> cpunk mix pgp hash middle latent cut ek reord";
catalyst at netcom.com is _not_ a remailer.
lmccarth at ducie.cs.umass.edu is _not_ a remailer.
usura at replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(c2 alpha)
(flame replay)
(alumni portal)

The alpha and nymrod nymservers are down due to abuse.

Last update: Mon 26 Aug 96 6:48:16 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
exon     remailer at remailer.nl.com                ***-*    17:17  99.96%
mix      mixmaster at remail.obscura.com     +-++-+--++++  2:27:19  99.95%
jam      remailer at cypherpunks.ca          *******.****  1:14:34  99.94%
nemesis  remailer at meaning.com             ************    15:42  99.93%
squirrel mix at squirrel.owl.de                     +-+-   2:27:26  99.62%
penet    anon at anon.penet.fi               ...---..--   21:06:37  99.58%
replay   remailer at replay.com              **** *++* **     5:07  99.10%
middle   middleman at jpunix.com                      --   1:34:56  99.02%
amnesia  amnesia at chardos.connix.com       -------- --   3:52:36  98.47%
lead     mix at zifi.genetics.utah.edu       +  +++++++-+    52:43  96.86%
winsock  winsock at c2.org                   ..------  -- 12:52:32  95.16%
balls    remailer at huge.cajones.com        *******# ***     4:39  92.86%
haystack haystack at holy.cow.net            * - -*#*#*      37:17  83.96%
extropia remail at miron.vip.best.com        ----     -    5:40:19  73.28%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien





From sclatter at netscape.com  Mon Aug 26 16:09:17 1996
From: sclatter at netscape.com (sclatter at netscape.com)
Date: Tue, 27 Aug 1996 07:09:17 +0800
Subject: Apology
Message-ID: <199608261727.KAA23073@littlewing.mcom.com>



During my efforts to rectify a problem with our news server, I
inadvertently remailed a number of messages to this list.  I
apologise for the disturbance this has caused, and will do my best 
to prevent a repeat of the error.

Thank you,

Sarah





From jim at acm.org  Mon Aug 26 16:09:23 1996
From: jim at acm.org (Jim Gillogly)
Date: Tue, 27 Aug 1996 07:09:23 +0800
Subject: NSA's Venona Intercepts
In-Reply-To: <v01540b06ae4781a60981@[172.17.1.61]>
Message-ID: <199608261720.KAA02103@mycroft.rand.org>



smith at sctc.com (Rick Smith) writes:
>One question that I haven't found answered in my perusals of the site is a
>definitive statement of the cryptographic technology used by the Soviets. I
>was re-reading Kahn's 1967 chapter on Soviet crypto and he claimed that
>they relied primarily on one time pads. In fact, he was pretty specific
>about them using OTPs for exactly the type of traffic appearing in the
>Venona archive. But when I look at the partial decrypts in the Venona
>archive I don't understand how you'd get such partial decrypts from OTPs.

>The intercepts seem to indicate the use of ciphers with some codewords
>weakly layerd on top. Some intercepts show translations based on the
>phonetic properties of the extracted Russian plaintext. So I don't think
>the "unrecovered codegroups" are caused by a classic code that substitutes
>tokens for word meanings. But you're not going to crack only part of a OTP
>ciphertext -- presumably you'd need a compromised key tape, and that would
>either decrypt everything or nothing.

>So they were either really using rotor machines or they were using
>something else. Any other ideas? Other references?

I too am waiting eagerly for them to show more of the real details of
decryption; but from what we know so far, the partial decrypts seem quite
compatible with what NSA says they broke: an underlying code system
superencrypted with a OTP which occasionally becomes a 2TP.  For example,
suppose you have two chunks of ciphertext, and you've determined using the
kappa test that they have a partial overlap (the easy part of the
process).  You superimpose them as follows:

	aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
		bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb

and then work on the parts where the a's and b's overlap.  If you know the
underlying code book (through a decade of previous hard work, or, if you're
really lucky, finding a partially-burned copy of a codebook in a castle in
Germany), you can with considerable sweat determine the code groups in
both messages in the overlapped part, recover that part of the OTP, and
then drag the recovered OTP through the rest of your traffic looking for
more matches.

If you don't have a complete code book you may not know what all of the
code words mean; for example, I've seen no evidence that ALES really does
stand for ALGER HISS.  In addition, if you have no more overlaps with the
part at the beginning of message "a" or the end of message "b" above, you
have no way to determine anything about those parts of the OTPs other than
the length of the bits you can't read.

These two sources of difficulty seem to me to explain the "unrecovered
codegroups" you noted: for the long stretches, they didn't have
overlapping messages to give an entry into the OTP; for individual code
groups, they didn't have enough context to break that part of the code.

The phonetic stuff you mentioned doesn't cause me heartburn -- a code will
include syllables or letters, so that concepts that don't have their own
code group can get assembled out of constituent parts.  Still seems
consistent to me.

	Jim Gillogly
	4 Halimath S.R. 1996, 17:08





From bkmarsh at feist.com  Mon Aug 26 16:11:04 1996
From: bkmarsh at feist.com (Bruce M.)
Date: Tue, 27 Aug 1996 07:11:04 +0800
Subject: USPS
In-Reply-To: <199608240345.WAA10974@mailhub.amaranth.com>
Message-ID: <Pine.BSI.3.91.960826085230.20367B-100000@wichita.fn.net>


On Fri, 23 Aug 1996, William H. Geiger III wrote:

> Once in place all the goverment needs to do is ban all e-mail not sent
> through their system. Add this to the outlawing of all non-keyescrowed 
> encryption, and the ability to archive all messages sent through their 
> system. Now the goverment would have total access to everything you 
> wright. 

    Why not?  I believe it is already illegal to place anything in a 
person's physical mail box that the post office hasn't processed.  For 
the sake of preserving the 'integrity and security' of the Internet I 
can see the govt. taking such future actions.

                       ________________________________
                      [ Bruce M. - Feist Systems, Inc. ]
                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     "Official estimates show that more than 120 countries have or are 
      developing [information warfare] capabilities." -GAO/AIMD-96-84
                         So, what is your excuse now?







From tcmay at got.net  Mon Aug 26 16:37:57 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 27 Aug 1996 07:37:57 +0800
Subject: Public vs Private (Was: Re: Violation or Protection?)
Message-ID: <ae47274102021004e948@[205.199.118.202]>



This is a very thoughtful essay. We need more of them.

Though "I agree" messages are frowned upon, the fact is that most
Cypherpunks messages understandably are messages critiquing or disagreeing
with some part of another message...this is not too surprising.

But sometimes it's useful to say "I agree."

At 1:31 PM 8/26/96, Lou Poppler wrote:
...
>As with anything, there are gray areas and boundary cases in real life
>where this is not as clear-cut as in the private/public examples TCM
>has provided us in the past.  Let's look at a couple of fuzzy examples.
...
>Another fuzzy gray area would be the common areas in shopping malls --
>the large corridors outside the stores, with fountains and park benches
>and payphones and trees and public performance areas.  These spaces
...
>for trendy young people to want to gather.  Various skirmishes are
>occasionally fought over such questions as soliciting petition signatures
>or giving out free printed information in these spaces.

This is essentially a "squatter's rights" kind of "blurring," as I see it.
(And I don't agree with the argument for the blurring.) The argument goes
something like this: "I've been coming to this Mall for many years, and
this is where the people I want to see my protest come. Therefore, I have
earned a kind of squatter's right to enter your property and make my
protest."

The larger game-theoretic point is the one Lou notes later, that the
players on all sides use the law to jockey for advantage--the merchant gets
skateboarding and loitering banned on public streets, customers of private
shopping malls get the courts to let them set up their protests on the
property of others.

(Needless to say, I don't sympathize with either example.)


...
>This is true in perhaps more ways than those so far discussed.
>The cause of liberty is broad: it embraces Mr. May's freedom to run his
>hypothetical business by his own rules, dictating what his employees may
>and may not do using his computers and firing them if he doesn't like
>the color of their tie; it also embraces the freedom of surly youths
>and old codgers to hang out somewhere, up to no particular good and
>espousing unpopular or pig-headedly-wrong opinions, frightening horses
>and small children.

And just as one lobbying group is pushing for restrictions in public places
of "loiterers" and "bums" (my town, Santa Cruz, passed a law which
criminalized _sitting_ on public streets, even out of the flow of traffic),
other lobbying groups are pushing for interfering with rights of employers
to set dress codes, as but one example.

A constant confusion of what "rights" really are.

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From vznuri at netcom.com  Mon Aug 26 16:58:49 1996
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Tue, 27 Aug 1996 07:58:49 +0800
Subject: Denning interview in Wired
Message-ID: <199608261817.LAA03556@netcom11.netcom.com>


don't recall anyone mentioning this--
Steven Levy did a lengthy piece on Dorothy Denning for the
recent Wired. 

any reactions?

I was personally struck at how Dorothy seems to lack strong
convictions that hold up in the face of others. she wrote
a paper urging that hackers be studied and worked with by
the security community and then backed away from the position
quickly after talking to "authorities".


I was amazed that Dorothy, after a long time, has failed to
confront some very basic issues in her advocation of 
Clipper:

1. constitutional issues. it would be ok for me if she described
why she thinks that privacy is not constitutionally protected,
but she fails to mention constitutionality issues in virtually
any of her writings. frankly this strikes me as the utmost
weasely evasion. is she aware of any court precedent on freedom
of speech, freedom to speak in private etc? she never quotes
any case law etc.

2. she fails to address the issue of "returns vs. cost" or
"cost/benefit" ratio. her argument amounts to an extremely
simplistic line, "law authorities have been stymied by crypto. therefore
it should be restricted". but this reminds me of speed limit
advocates saying, "55 saves lives". well, how many? 35 saves lives
over 55. the key issue is that of *compromise*: what is the optimum
compromise?  we can catch more criminals by adding security cameras
everywhere, but what are the costs? 

such back-and-white thinking has 
little place in any complex policy issue, yet unfortunately tends to 
dominate them. it's very bizarre to see an academic like Denning
just seem to be vacuously oblivious to such simple concepts such
as "tradeoffs". nothing I've read suggests she has ever addressed
the issue of *compromise* in regard to catching criminals vs.
protecting rights.

but amazingly, people like Kallstrom seem to think the same way.
paraphrased, "if even one criminal gets away because we didn't have enough
funding in the FBI, we need more funding in the FBI" etc.

3. she fails to address the "big brother" issue. why is wiretapping
never going to be used by "big brother"? it's inconceivable to me
how she can honestly evade this issue as well. she has never addressed
the issue of abuse by law authorities from what I can tell.

4. Denning seems to be to be remarkably swayed by "authority figures".
she has changed her opinion before based merely on conversations 
with "authority figures" in the FBI and NSA. it seems maybe she has
a bit of "spook envy" or something like that. many of her arguments
for me essentially amount to, "people that claim to know what they
are doing say we need [x], therefore we need [x]"


well, I am not trying to start a new round of Denning-bashing 
(although that's always fun, hee, hee) but the recent article does
give a little new food for thought about Denning's psychology etc.

frankly I think that Denning has lost the intellectual battle because
she absolutely fails to address some of the above key points. (particularly
the total failure to address the constitution is getting more egregious). I 
suggest that anyone who wants to debunk her line of thinking (which apparently
is getting to be awfully easy) just focus on any of the above areas.
she apparently has no reponse to these points in anything I have
read of hers.






From frantz at netcom.com  Mon Aug 26 16:59:54 1996
From: frantz at netcom.com (Bill Frantz)
Date: Tue, 27 Aug 1996 07:59:54 +0800
Subject: NSA's Venona Intercepts
Message-ID: <199608262018.NAA02361@netcom8.netcom.com>


At 10:49 AM 8/26/96 -0600, Rick Smith wrote:
>One question that I haven't found answered in my perusals of the site is a
>definitive statement of the cryptographic technology used by the Soviets.

I haven't revisited the site to check, but I distinctly remember a
statement to the effect that the system was a one time pad system. 
However, due to a mistake somewhere in the chain, some of the one time pads
were used twice.  The resulting two time pad system gave NSA the wedge they
needed to recover what they have.


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From jad at dsddhc.com  Mon Aug 26 16:59:55 1996
From: jad at dsddhc.com (John Deters)
Date: Tue, 27 Aug 1996 07:59:55 +0800
Subject: Spamming
Message-ID: <2.2.32.19960826182604.008973e0@labg30>


At 12:38 PM 8/25/96 -0500, you wrote:
>Vipul Ved Prakash wrote:
>
>What do cypherpunks think about the following practice or law (I realize
>that it may be impossible to implement): each email message should carry
>a little digicash check for, say, 20 cents. Mail reading programs should
>reject (send back unread) all messages not carrying these digital
>checks, unless the senders are in the "friends list". The MUAs should
>ask users whether they want to "cash" the digital check or not.

I'm all in favor of it.  The POP3 client I write to cash those little
digital droplets and tell the spammers that I *love* to get their ads, read
each one for 45 seconds/page, scroll thru them lovingly, and reply to the
specified address for much more information, has the potential to pay for my
master's degree.

Call it the SpamMonster(tm).  ("Spam is for money, that's good enough for me")

Therefore, in order to actually make their system work, they'd need to send
out their own special mail readers.  And I'd disassemble one and
SpamMonster(tm) would continue to eat their spam, ad infinitum (pun not
intended, but it works really, really well, n'est pa?)

I do not believe it is possible to have a secure executable that exists on
an uncontrolled user's machine.  "Tamperproof" encryption chips still
require communications in and out from the user's program.  A determined
attacker could continue to use the pieces of their code that talk to the
encryption chip.

Never underestimate the allure of "free money" when you're planning to give
it away.

>If they do cash the check, the digital bank notifies the senders, so
>that they can adjust their behavior and would not send letters to such
>individuals.
>
>The checks should expire very soon to prevent people cashing them later
>when they are desperate for money. There can also be public notice
>systems that store addresses of individuals who abuse the system (for
>example, those who post questions to newsgroups and collect the digital
>checks), so that people would not reply to such users in the future.

Hmm.  Reading ONE message from them puts me on a "Spammer's blacklist"?
Without the e-cash incentive, sign me up!

>Is there a potential for abuse in this system?

Depends on your point of view  :-)  I certainly think it has potential!

John
--
J. Deters  "Captain's log, stardate 25970-point-5.  I am nailed to the hull."
+-------------------------------------------------------+
| NET:   jad at dsddhc.com (work)    jad at pclink.com (home) |
| PSTN:  1 612 375 3116 (work)    1 612 894 8507 (home) |
| ICBM:  44^58'36"N by 93^16'27"W Elev. ~=290m (work)   |
| PGP Key ID:  768 / 15FFA875                           |
+-------------------------------------------------------+






From jims at MPGN.COM  Mon Aug 26 17:06:10 1996
From: jims at MPGN.COM (James C. Sewell)
Date: Tue, 27 Aug 1996 08:06:10 +0800
Subject: Spamming (Good or Bad?)
Message-ID: <3.0b11.32.19960826110912.006d4158@central.tansoft.com>


At 03:47 AM 8/24/96 -0500, William H. Geiger III wrote:
>
>No I have to dissagree. Who I send mail to or whom I receive mail from is 
>no-ones business. I for one have no intention of "signing up" or 
>"regestering" with any mail server. I most certainally want to be the one to 
>decide what mail I receive or do not receive, not someone elses idea of what 
>I should receive.

Upon reflection I can say you are right, UNLESS we can put this "signup"
thing on the end-user's machine so he can set it in his own privacy and
no one else can pilfer it.

The ultimate solution is AI mail clients, but that's too far off to wait for,
I feel.

Jim Sewell - jims at tansoft.com    Tantalus Incorporated - Key West, FL






From byrd at acm.org  Mon Aug 26 17:40:12 1996
From: byrd at acm.org (Jim Byrd)
Date: Tue, 27 Aug 1996 08:40:12 +0800
Subject: sorry about the mail bounces
Message-ID: <2.2.32.19960826155707.006f1f34@super.zippo.com>


It seems that my address may have caused lots of problems for
the list, mailing lists were getting lots of bounces of things
sent to me.  I haven't heard for sure, but I'm guessing this
is the reason the list was taken down yesterday.

ACM Network Services tells me they have fixed the problem now.

Sorry about that, but I had no idea the problem was happening.






From smith at sctc.com  Mon Aug 26 17:49:32 1996
From: smith at sctc.com (Rick Smith)
Date: Tue, 27 Aug 1996 08:49:32 +0800
Subject: NSA's Venona Intercepts
Message-ID: <v01540b06ae4781a60981@[172.17.1.61]>


The bulk of the material available from NSA's web site is associated with a
long time project called Venona to decrypt Soviet message traffic from the
1940s. It's an interesting exhibition of the practical output of
cryptanalysis that, incidentally, contains alleged reference to famous
Commie spies of that era (Hiss, the Rosenbergs, etc).

One question that I haven't found answered in my perusals of the site is a
definitive statement of the cryptographic technology used by the Soviets. I
was re-reading Kahn's 1967 chapter on Soviet crypto and he claimed that
they relied primarily on one time pads. In fact, he was pretty specific
about them using OTPs for exactly the type of traffic appearing in the
Venona archive. But when I look at the partial decrypts in the Venona
archive I don't understand how you'd get such partial decrypts from OTPs.

The intercepts seem to indicate the use of ciphers with some codewords
weakly layerd on top. Some intercepts show translations based on the
phonetic properties of the extracted Russian plaintext. So I don't think
the "unrecovered codegroups" are caused by a classic code that substitutes
tokens for word meanings. But you're not going to crack only part of a OTP
ciphertext -- presumably you'd need a compromised key tape, and that would
either decrypt everything or nothing.

So they were either really using rotor machines or they were using
something else. Any other ideas? Other references?

Rick.
smith at sctc.com          secure computing corporation







From ncognito at gate.net  Mon Aug 26 17:58:42 1996
From: ncognito at gate.net (Ben Holiday)
Date: Tue, 27 Aug 1996 08:58:42 +0800
Subject: Microsoft Explorer security hole (fwd)
Message-ID: <Pine.A32.3.93.960826001930.31882A-100000@seminole.gate.net>




---------- Forwarded message ----------
Date: Mon, 26 Aug 1996 01:35:07 GMT
Subject: Microsoft Explorer security hole (fwd)

On Sun, 25 Aug 1996 13:55:30 -0600 (MDT), Carl Nation
<carl at iserver.com> wrote:

To our Resellers/Customers,

Our sysadmin received this security alert, and we thought we should
pass it along...

------- Forwarded Message

Date: Wed, 21 Aug 1996 13:12:59 -0400
From: felten at CS.Princeton.EDU (Ed Felten)
Subject: Internet Explorer Security Problem

We have discovered a security flaw in the current version (3.0) of
Microsoft's Internet Explorer browser running under Windows 95.  An
attacker could exploit the flaw to run any DOS command on the machine of
an Explorer user who visits the attacker's page.  For example, the
attacker could read, modify, or delete the victim's files, or insert a
virus or backdoor entrance into the victim's machine.  We have verified
our discovery by creating a Web page that deletes a file on the machine of
any Explorer user who visits the page.

The core of the attack is a technique for delivering a document to the
victim's browser while bypassing the security checks that would
normally be applied to the document.  If the document is, for example, a
Microsoft Word template, it could contain a macro that executes any DOS
command.

Normally, before Explorer downloads a dangerous file like a Word
document, it displays a dialog box warning that the file might contain a
virus or other dangerous content, and asking the user whether to abort the
download or to proceed with the download anyway.  This gives the user a
chance to avoid the risk of a malicious document.  However, our technique
allows an attacker to deliver a document without triggering the dialog
box.

Microsoft has been notified and they are working on fixing the
problem. Until a remedy is widely available, we will not disclose further
details about the flaw.

For more information, contact Ed Felten at felten at cs.princeton.edu or
609-258-5906.

Dirk Balfanz and Ed Felten
Dept. of Computer Science, Princeton University
http://www.cs.princeton.edu/sip/

------- End of Forwarded Message









From perry at alpha.jpunix.com  Mon Aug 26 18:39:02 1996
From: perry at alpha.jpunix.com (John Perry)
Date: Tue, 27 Aug 1996 09:39:02 +0800
Subject: New type2.list/pubring.mix
Message-ID: <199608262251.RAA01261@alpha.jpunix.com>


-----BEGIN PGP SIGNED MESSAGE-----

Hello Everyone,

	There is a new type2.list/pubring.mix update for Mixmaster on
jpunix.com. The update reflects the temporary retirement of the anon
Mixmaster remailer. Please update your files accordingly. The files
can be obtained by WWW at www.jpunix.com and by anonymous FTP at
ftp.jpunix.com.

- -- 
 John Perry - perry at alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry at jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMiIqVlOTpEThrthvAQE4QwQAhFWK/mkfi7ucQq4xdnRJKiezeVr7tuT6
j0RYV+mnmiBjYX7jMtsEA4dSuEoTqG0IzXtihbu91qNk7mTyNfNmIegyIDfneD4M
bJh3jpUK6d2zHJ8Bo8+dwVd6e+etZZ+0+CC9AULfuWC0AKUpkoF5ussjWf2L8thB
WuSJQTT72UM=
=DcDL
-----END PGP SIGNATURE-----





From declan at eff.org  Mon Aug 26 18:45:22 1996
From: declan at eff.org (Declan McCullagh)
Date: Tue, 27 Aug 1996 09:45:22 +0800
Subject: Sen. Leahy's "impeccable cyberspace credentials"
Message-ID: <Pine.SUN.3.91.960826094918.6129F-100000@eff.org>





---------- Forwarded message ----------
Date: Mon, 26 Aug 1996 12:23:57 -0400
From: Jonah Seiger <jseiger at cdt.org>
To: Declan McCullagh <declan at eff.org>
Cc: shabbir at vtw.org, fight-censorship at vorlon.mit.edu, brock at well.com,
    telstar at wired.com
Subject: Re: INFO: Democratic convention chats online! Be there! (8/25/96)

Declan:

What are you thinking?!

In a world where we have very few real friends, I simply don't understand
what you are trying to accomplish. It's fine (and healthy) to raise
concerns about the particular positions a member of Congress takes (hell, I
don't agree with everything Leahy does), but to simply dismiss Leahy as a
'no friend of the Net'  is naive and counterproductive.

Look at the record. Leahy is hands down the strongest supporter of the Net
in Congress. Period. No other Member (including our small but growing
handful of other friends like Burns, White, Wyden, Cox, Eshoo, etc) has
been a more forceful or consistent advocate for your causes for as long as
Leahy has. What exactly do you want? Perhaps we should elect you to
Congress and see how well you can do.

Of course we are not going to agree with our friends on every issue. If
Leahy takes a position you don't like, I'd suggest you talk to his office.
I have found in my experience that Leahy's staff (and him personally) will
take the time to listen when presented with a well presented argument.

I'm also confused about another thing: which hat were you wearing when you
wrote this? If it is your "advocate" hat I think it must covering your
eyes. If it's your "journalist" hat, you need to do a bit better job of
checking your facts in the future.

Go a head and reject the "Beltway politicians". It's fashionable, sure, but
what does it really accomplish?  Some of them are dangerous. Others are
sympathetic. The fact is that short of armed rebellion they are going to be
here for a while.
I shudder to think of the wrath our opponents could wage if we all threw up
our hands packed up our bags and left town.

Face the facts. Members of Congress have a lot of constituencies to deal
with, and we are a small and relatively powerless faction. We can do a lot
to change the outcomes of policy debates (if I didn't believe that I
wouldn't be doing what I do everyday), but we have to be realistic,
recognize where we fit in to the process and who are friends are.  One
thing's for sure - we have A LOT more enemies than we have friends.

Most members of Congress don't really understand us or our issues.  Many
are willing to learn, and some have been real champions for our causes.
But none of them are gong to continue reaching out a hand to us if we bark
and bite when we don't get 100% of our way. Zealots rarely win (though it
sure is fun to throw bombs).

Sorry for the public thrashing, but this kind of attitude REALLY gets under
my skin.

Flames welcome (though response is not guaranteed <g>),

Jonah

At 6:45 PM 8/25/96, Declan McCullagh wrote:
>On Sun, 25 Aug 1996, Voters Telecommunications Watch wrote:
>> [Notably missing from this schedule are Senators Patrick J. Leahy (D-VT)
>>  and Russell Feingold (D-WI) and House member Jerrold Nadler (D-NY).  All
>>  three have impeccable cyberspace credentials and we look forward to seeing
>>  them online.]
>
>As Shabbir and Steve know, I'm a huge fan of VTW and congratulate them for
>their successful efforts to keep netizens up-to-date on what's happening
>in the meatspace body politic.
>
>But VTW's statement above is, unfortunately, untrue and misleading.
>
>Even though Sen. Leahy opposed the CDA, his stance on privacy illustrates
>that his "cyberspace credentials" are anything but impeccable. His crypto
>bill, introduced before Pro-CODE, would liberalize some export controls
>but impose new and unprecedented criminal penalties for the use of crypto
>associated with a crime. Worse yet, as recently as this month Leahy has
>been clamoring to fund the invasive wiretapping legislation ("Digital
>Telephony") he shepherded through Congress two years ago.
>
>Equally distressingly, Leahy demonstrated his "impeccable cyberspace
>credentials" by cosponsoring the Senate online copyright bill -- aka the
>Hollywood Media Mafia's wet dream. (Yes, these are the same rapacious
>folks who are demanding that the Boy Scouts and summer camps pay cash to
>sing "God Bless America" and "Puff the Magic Dragon.") Opposed by the
>American Library Association, EFF, and teachers' organizations, Leahy's
>bill would slam fair use rights online and could make it a crime to
>browse the Net without a license.
>
>When VTW heralds Leahy as a friend of the Net with "impeccable cyberspace
>credentials," they do the Net a disservice. Leahy is in no way a true
>friend of the Net; I don't know of any Beltway politican who is.
>
>-Declan
>
>
>// declan at eff.org // I do not represent the EFF // declan at well.com /

  ** THE FIGHT FOR FREE SPEECH ONLINE CONTINUES TO THE SUPREME COURT **
      It's not too late to be a part of history -- Join the Lawsuit
         <http://www.cdt.org/ciec>   --    <ciec-info at cdt.org>

--
Jonah Seiger, Policy Analyst           Center for Democracy and Technology
<jseiger at cdt.org>                           1634 Eye Street NW, Suite 1100
                                                      Washington, DC 20006
PGP Key via finger                                     (v) +1.202.637.9800
http://www.cdt.org/                                    (f) +1.202.637.0968
http://www.cdt.org/homes/jseiger/









From liberty at gate.net  Mon Aug 26 19:00:45 1996
From: liberty at gate.net (Jim Ray)
Date: Tue, 27 Aug 1996 10:00:45 +0800
Subject: Cypherpunk voting - ITAR or CDA
Message-ID: <199608261832.OAA90700@osceola.gate.net>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Mon Aug 26 14:32:37 1996
I sent this earlier, but evidently toad.com ate it, so I am sending again, 
despite Bill Stewart's excellent post on the subject. BTW, Bill is one of 
the nicest guys you would ever want to meet, and all cypherpunks should try 
to meet him if they get a chance.

Apologies if you get this twice, and I would only add that in any election 
there are winners and losers, and the sets of losers on cypherpunks if 
Harry Browne wins or does does well are:

1. Lawyers. If laws are simpler and better-written in something approaching 
the English language and judges who respect the constitution are 
selected-for, lawyers and law-professors would feel the economic effects of 
less demand for their services.
2. Accountants. If the tax laws are simplified and the IRS is eliminated, 
there will be less need for accountants to figure out what people actually 
owe in taxes.
3. Offshore dataheaven providers. ;) If the above happens, running 
businesses from the US will be relatively more attractive than running them 
from Anguilla, all other things being equal.

Vincent Cate wrote:

> Dole says he would fix the ITAR problem, but try to keep something like
> CDA. 

He would say anything to get elected.

> Clinton is keeping ITAR and signed CDA.  But not having the religious
> right he might soften on CDA.

Lame ducks don't have to soften, on anything. That's what's so fun about 
being a lame duck.

> The courts seem to be throwing out CDA much faster than ITAR (some fast
> track to the supreme court built into the law).  It also seems like
>  ITAR
> is the more important thing to fix (it is easier to move pornography
>  etc
> out of the US than major software companies). 
> 
> So it seems Dole is the better vote.  Is this important enough to many
> cypherpunks to actually determine their vote?

If the Republican candidate had been Forbes, there might have been a "don't 
let the great be the enemy of the good" argument against voting for a
Libertarian. As it stands now, Dole is, at best, arguably the "lesser of 2 
evils," which still comes out evil in my book. As the designated partisan 
Libertarian on the list, I urge all cypherpunks to vote their consciences 
and pick Harry Browne and Jo Jorgensen. The mere fact that the media is 
[grudgingly] covering us suggests we are finally doing something right, and 
Harry is winning many Internet polls despite much fawning, hopeful coverage 
for the big-eared billionaire hypocrite stealth-candidate, who has no 
position on much of anything, but certainly would enjoy having the TLAs 
investigate his enemies.

I fully accept that it is likely Dole or Clinton will win, but I think it 
will fill an important cypherpunk goal if the Libertarian Party candidates 
get a vote large enough to be the margin of victory, and I will be very 
proud of my vote, no matter who wins this election. Vote your consciences 
for your own sake, and the sake of the children who, no matter what, will 
inherit the debt of the irresponsible statists in power now.
JMR

Regards, Jim Ray -- DNRC Minister of Encryption Advocacy

"'Filegate' is starting to make _Ed_ _Meese_ look ethical."
 -- me
 Defeat the Duopoly! Vote "NOTA," not Slick/Dull in November.
 Harry Browne for President. Jo Jorgensen for Vice-president.
 http://www.HarryBrowne96.org/
___________________________________________________________________
PGP id.E9BD6D35 51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8
<mailto:liberty at gate.net> http://www.shopmiami.com/prs/jimray C
Ross Perot is now on welfare.<sigh>
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMiHtzG1lp8bpvW01AQFxxAP9GW/NizRkEqW0y4b0vGF5npoOGQj4jSVQ
wBz8toN78LUY1xKyEj2y0WWqjfl3WQOMk2dCMlRskHZU8C8+nqLS3FgHaWCwrVF+
Th7LA3hvErvoVNKsrRTKAuGUkIm8XFQLfmPi8L6z94OXY5qXXRvVS9exRwlbH/DZ
gpwGznNDjw0=
=t8M2
-----END PGP SIGNATURE-----






From rich at c2.org  Mon Aug 26 19:00:58 1996
From: rich at c2.org (Rich Graves)
Date: Tue, 27 Aug 1996 10:00:58 +0800
Subject: GIFs of Observer [UK] anti-Net, anti-Remailer fear-mongering
Message-ID: <Pine.GUL.3.95.960826094500.21613A-100000@Networking.Stanford.EDU>



---------- Forwarded message ----------
Date: Mon, 26 Aug 1996 09:44:24 -0700 (PDT)
From: Rich Graves <rich at c2.org>
To: fight-censorship at vorlon.mit.edu
Subject: Observer anti-Net story on the web

Blatant copyright violation at:

 http://scallywag.com/

It's a couple of 105K GIFs. US Copyright terrorists may wish to mirror this
information lest the intrepid Scallywag melt down.

-rich






From vipul at pobox.com  Mon Aug 26 19:05:17 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Tue, 27 Aug 1996 10:05:17 +0800
Subject: bot at anon.penet.fi
Message-ID: <199605150537.FAA00496@fountainhead.net>


C'punks,

I posted the contents of a web site containing netspam stuff to cypherpunks. 
In the transaction a bot at anon.penet.fi caught my mail (thought it was a 
copy of the infamous Make Money Fast chain) and posted me a FAQ and bounced my
message. (Though it seems to have reached cypherpunks already)

-Vipul
 





From maldrich at grci.com  Mon Aug 26 19:07:33 1996
From: maldrich at grci.com (Mark O. Aldrich)
Date: Tue, 27 Aug 1996 10:07:33 +0800
Subject: Cypherpunks at InfowarCon '96
Message-ID: <Pine.SCO.3.93.960826131945.1169A-100000@grctechs.va.grci.com>


There've been a couple of posts mentioning that there will be a Cypherpunk
presence at InfowarCon '96.  Besides the more public figures (Eric
Hughes and Phil Zimmermann, among them), I'm sure that the audience will
have a fair number of list participants in attendance.  If anyone wants to
say "howdy" or swap key fingerprints, I'll be there both days and for the
reception on the 4th.  I'm the panel moderator for "B1 -
Emergency/Disaster Planning for the Effects of Information Warfare" affair
on the 5th (stop by if you want to see FEMA and the Red Cross go at it).

If you're at the "schmooze and booze" reception on the evening of the
fourth, please come up and introduce yourself.  I'll be the guy who's
6'2", 200lbs, shoulder-length brown hair in a red bandanna headband, full
beard, jeans, boots, and my leather biker vest.  I should be fairly easy
to spot :)

------------------------------------------------------------------------- 
|Just as the strength of the Internet is  |Mark Aldrich                 |
|chaos, so the strength of our liberty    |GRCI INFOSEC Engineering     |
|depends upon the chaos and cacophony of  |maldrich at grci.com            |
|the unfettered speech the First Amendment|MAldrich at dockmaster.ncsc.mil |
|protects - District Judge Stewart Dalzell|                             |
|_______________________________________________________________________|
|The author is PGP Empowered.  Public key at:  finger maldrich at grci.com |
|    The opinions expressed herein are strictly those of the author     |
|         and my employer gets no credit for them whatsoever.           |
-------------------------------------------------------------------------






From vipul at pobox.com  Mon Aug 26 19:24:51 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Tue, 27 Aug 1996 10:24:51 +0800
Subject: Nuke attack? No, bug in DNS! (fwd)
Message-ID: <199605160122.BAA00187@fountainhead.net>


I think this is the main cause of all strange things happening on the
net for last few days. 

Vipul

Rishab A. Ghosh Wrote : 
> Was I the only one nuked by the DNS/BIND crash yesterday? I hope
> I've not been automatically unsubscribed from the list. As not
> everyone here reads c.p.tcp-ip.d I've attached Karl Denninger's
> analysis. For those who were luckily immune, my ISP (best.com) like
> many others, had it's DNS crash for _local_ domain names (belonging
> to the ISP and customers like me) through most of yesterday. No,
> not a virus, but bad DNS records "floating around" as Karl puts it,
> that happened to expose a bug in the latest version of BIND.
> 
> So much for immunity to nuclear war!
> 
> Rishab
> 
> > From: karl at MCS.COM (Karl Denninger)
> > Newsgroups: comp.protocols.tcp-ip.domains
> > Subject: SERIOUS PROBLEM WITH DNS SERVERS AND BAD RECORDS - Rev 4.9.4
> > Date: 23 Aug 1996 10:10:39 -0500
> > Organization: MCSNet Ops, Chicago, IL
> > Message-ID: <4vkhlf$u4 at Jupiter.mcs.net>
> > 
> > CAUTION!
> > 
> > There are a series of bad nameserver records floating around on the net
> > which are blowing up BIND versions 4.9.4 (REL and T5B) and possibly other
> > releases as well.  
> > 
> > This has been VERIFIED to be impacting multiple ISPs and their DNS servers.
> > 
> > We are shutting off updates from ANY DNS server which presents bogus data,
> > which stops it from killing our code, but is of no help to the large number
> > of domains which are presumably rendered unreachable.
> > 
> > At present, this list is:
> > 
> > bogusns 204.94.129.65 158.43.192.7
> > ;
> > bogusns 199.3.12.2 38.241.98.5 199.71.224.105 206.215.3.10
> > bogusns 134.75.30.253 198.41.0.4 128.63.2.53 198.41.0.4
> > bogusns 206.66.184.11 206.66.104.37
> > ;
> > bogusns 163.173.128.6 163.173.128.254 200.6.39.1 192.33.4.12 128.174.36.254
> > bogusns 129.79.1.9 128.174.5.58
> > 
> > 
> > All of these have presented at least one malformed record to us in the 
> > last two hours!
> > 
> > Folks, if you run one of these servers, start tracking down the problem on
> > your end.   If this is bad cached data, THOSE AFFECTED MUST FLUSH IT
> > AS SOON AS POSSIBLE TO TRY TO PREVENT PROPAGATION.
> > 
> > This problem started as an isolated set of incidents yesterday, and is now
> > spreading like wildfire.
> > 
> > The actual bad data appears to be a domain name being returned in an 
> > authority record which is of the form "domain.com<tab>com".  We have not
> > yet caught a bad returned record in a debug file; that is being attempted
> > now.
> > 
> > When this goes through "dn_expand" in the BIND code, it causes memory
> > arena corruption and subsequent failure to resolve VALID zones which you 
> > are authoritative for.  First signs are reports of "corrupted authority data"
> > if you are using "dig" to check zones which you hold authority records for.
> > 
> > We are working on a way to "harden" the code against this kind of junk data,
> > but until we can get one deployed our defense is to shut down communication
> > from those who are presenting us the garbage.
> > 
> > PLEASE CHECK YOUR NAMESERVERS OUT AND TAKE NECESSARY STEPS YOURSELF!  This
> > is a serious problem which has the possibility of melting significant parts
> > of the Internet infrastructure.
> > 
> > --
> > --
> > Karl Denninger (karl at MCS.Net)| MCSNet - The Finest Internet Connectivity
> > http://www.mcs.net/~karl     | T1 from $600 monthly; speeds to DS-3 available
> > 			     | 23 Chicagoland Prefixes, 13 ISDN, much more
> > Voice: [+1 312 803-MCS1 x219]| Email to "info at mcs.net" WWW: http://www.mcs.net/
> > Fax:   [+1 312 248-9865]     | Home of Chicago's only FULL Clarinet feed!
> > 
> > 
> > -- 
> >  bryant durrell                             http://www.innocence.com/~durrell
> >         durrell at innocence.com              http://www.innocence.com/fengshui
> >         durrell at bofh.net                  http://www.innocence.com/shadowfist
> >  big black nemesis parthenogenesis no one move a muscle as the dead come home
> > 
> 
> 






From karlton at netscape.com  Mon Aug 26 19:25:48 1996
From: karlton at netscape.com (Philip L. Karlton)
Date: Tue, 27 Aug 1996 10:25:48 +0800
Subject: Message Body Suppressed...
In-Reply-To: <199608250312.WAA05286@bluestem.prairienet.org>
Message-ID: <3221ED48.5079@netscape.com>


David E. Smith wrote:

> This is getting annoying.  Could one of our
> resident Netscape employees take a look into
> this one and see what's happening?

A system admin had a brain freeze over the weekend and was
resubmitting some messages that bounced to a broken news
server on Thursday. Some of the messages were redirected
back to their originating mailing list.

I have no idea why the message bodies were "suppressed."

I can't tell when the messages were actually resent since
the news gateway software rewrites the Date: field of the
incoming messages.

In any event, I don't believe anything sinister or intentional
was done.

PK
--
Philip L. Karlton		karlton at netscape.com
Principal Curmudgeon		http://home.netscape.com/people/karlton
Netscape Communications





From tcmay at got.net  Mon Aug 26 19:26:11 1996
From: tcmay at got.net (Timothy C. May)
Date: Tue, 27 Aug 1996 10:26:11 +0800
Subject: USPS
Message-ID: <ae4723f1010210042224@[205.199.118.202]>


At 1:54 PM 8/26/96, Bruce M. wrote:
>On Fri, 23 Aug 1996, William H. Geiger III wrote:
>
>> Once in place all the goverment needs to do is ban all e-mail not sent
>> through their system. Add this to the outlawing of all non-keyescrowed
>> encryption, and the ability to archive all messages sent through their
>> system. Now the goverment would have total access to everything you
>> wright.
>
>    Why not?  I believe it is already illegal to place anything in a
>person's physical mail box that the post office hasn't processed.  For
>the sake of preserving the 'integrity and security' of the Internet I
>can see the govt. taking such future actions.

I'm skeptical of this analogy (that it could be used to take control of e-mail).

The postal mailboxes that the Postal Service claims to control are those
that are either marked "U.S. Mail" or fit the form and function typically
associated with a "mailbox." A box standing on a post by the side of the
road near one's house, for example. Often saying something about "Approved
by the U.S. Postal Service," blah blah. The Postal Service has nominal
ownership of these boxes, even when installed by customers (as is the norm,
of course).

(This comes up in one major way: non-Postal Service deliveries are not
supposed to be made into such boxes. Secondly, there are limits on what
customers can do to "defend" these boxes against vandals...this has come up
in discussions of placing a small box inside a large box and filling the
space between with cement, to break the arms of hooligans who play "mailbox
baseball.")

Anyone is free to place boxes on their property marked "For Federal Express
Deliveries," "For Packages from Neighbors," etc. Or to rent "Mailboxes,
Etc."-type boxes.

These latter examples are analogous to e-mail accounts folks have at
various ISPs. Or to Mailboxes, Etc.-type rental boxes.

The Postal Service has limited jurisdiction over rental mailboxes, and even
less authority over my placing of a "UPS leave stuff here" box on my porch.

Thus, I don't seen the analogy as giving the Postal Service more sweeping
powers over e-mail than they already have over physical deliveries. And
given the already-anarchic and already-distributed nature of e-mail, it's
hopeless.

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From rich at c2.org  Mon Aug 26 19:27:57 1996
From: rich at c2.org (Rich Graves)
Date: Tue, 27 Aug 1996 10:27:57 +0800
Subject: The Observer [UK] editorializes against online freedoms (fwd)
Message-ID: <Pine.GUL.3.95.960826160534.24037A-100000@Networking.Stanford.EDU>


Information longs to be free, even if some forums aren't...

We've put scans of the full story onto www.scallywag.com.

The source is a reporter for a competing newspaper.

---------- Forwarded message ----------
Date: Mon, 26 Aug 1996 09:40:43 -0700 (PDT)
From: Rich Graves <rich at c2.org>
To: fight-censorship at vorlon.mit.edu
Subject: Re: The Observer [UK] editorializes against online freedoms

Attribution for the forward deleted on request. Richardson's included
PGP-signed letter, though, is public. I hope this reassures US activists
that *even the British* know the story is wrong.

-rich

---------- Forwarded message ----------
Date: Mon, 26 Aug 1996 12:24:05 +0100
Subject: Response to Observer

A nice technical response to some of the factual innacuracies in The
Observer piece. Not quite the way I would have done it . . . but good
nonetheless.

-----BEGIN PGP SIGNED MESSAGE-----

I. T. Consultancy Limited

Our reference  L2217

The Editor
The Observer
119 Farringdon Road
London EC1R 3ER

26 August 1996

AN OPEN LETTER - FOR PUBLICATION

Sir,

I read with some interest the article by David Connett and Jon Henley
in yesterday's edition regarding the Internet and child pornography.
I was particularly interested as I am a computer consultant advising
clients on Internet issues.

In my professional opinion, the technical standard of the reporting
was sufficiently poor as to be both inaccurate and misleading.  The
purpose of this letter is to clarify certain technical issues which
might cause your readers to reach unfounded or incorrect conclusions.

It is important to be aware of the various methods by which
information generally (which can include pornography) is distributed
around the Internet.  Your article focuses on one particular route,
namely Newsgroups.  It is Newsgroups which are detailed in the
Metropolitan Police's letter to Internet Providers and which are
concentrated upon by your article.  There are several other means of
distributing information.  I believe however that the Police letter
lists fewer than the 150 groups referred to by the authors.
Interestingly enough Newsgroups only offer the means of broadcasting
information to anyone who wants to retrieve it.

The authors do not appear to have a sufficient grasp of what a
"remailer" does.  For example they seem to draw a direct link between
the use of such remailers and people being able to "log on and
participate in 'live' and 'interactive' filmed sessions".  A lay
reader would perhaps draw the inference that the remailer is somehow
involved in any such live participation.  Unfortunately this could
not be further from the truth.  Remailers simply allow people to post
messages, either as email to other people or to Newsgroups for
general reading.  Nothing more.  Remailers are generally incapable of
being "logged on" to.

Your article also refers to "remailing companies", from which the lay
reader might infer that remailers are operated for commercial profit.

Such an inference would again be wholly incorrect.  I know of no
organisation operating a remailer for profit, indeed none of them
even charge for their services.  They are generally run by
individuals on a voluntary basis who consider them as a service to
the Internet community.  Your article appears not to mention any of
the purposes of such remailers other than in terms of the
distribution of pornography.  In my view it would be difficult to
present a balanced article without doing so.

Different remailers take different steps to prevent whatever their
operators consider as "abuse".  My understanding is that Mr.
Helsingius' service restricts messages to 48k bytes (or characters)
and prohibits postings to the "binaries" newsgroups designated for
images.  I also understand that it only allows 30 messages per user
per day.  At a technical level these restrictions would make it
almost impossible to use his service for mass distribution of any
binary data, not just pornography.

It therefore appears surprising to me that your article should allege
that Mr. Helsingius' remailer is responsible for handling "90 per
cent of all child pornography" on the Internet.  I wonder what
substantiating evidence The Observer has to this effect other than
the alleged claim by Toby Tyler.  Indeed it appears from your article
that the words "is supplied through this remailer" may not be a
direct quote from Toby Tyler.

Your article alleges that "the photographs made available to Demon's
subscribers through the Internet are supplied anonymously by
remailing companies".  The lay reader might infer from this that all
photographs therefore come via remailers.  Again this would be far
from the truth.

Finally I hope this letter offers some assistance to your readers in
clarifying a number of issues which were perhaps less than clear in
your article.  Given your newspaper's difficulties with technical
issues, I would be grateful if you would kindly refer any editing of
this letter to me prior to publication.

Yours faithfully,
Matthew Richardson

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAgUBMiFvEAKwLwcHEv69AQGjIQP+IGR9rhvdYXe7CuCcwPl/tIrIBryikTM2
IVOpygTF2nCPf3WEJ8czRvs1emp9d9d++69XiG1f6QAeP9Jv/h9KzVtV7mjjuqCX
LhlhXBYjLIiGCcxljKZ07zHFlCeZWCzuAmIFnZbz2fNNjqyicheIMlxI2tDrGgjp
dlaGZuAI2XY=
=dkXg
-----END PGP SIGNATURE-----






From jamesd at echeque.com  Mon Aug 26 20:02:08 1996
From: jamesd at echeque.com (James A. Donald)
Date: Tue, 27 Aug 1996 11:02:08 +0800
Subject: Sen. Leahy's "impeccable cyberspace credentials"
Message-ID: <199608262107.OAA16648@dns1.noc.best.net>


At 09:50 AM 8/26/96 -0700, Declan McCullagh wrote:
> Go a head and reject the "Beltway politicians". It's fashionable, sure, but
> what does it really accomplish?  Some of them are dangerous. Others are
> sympathetic. 

Not true, some of them are merely less dangerous and harmful than others.

As to whether Leahy is one of the less dangerous and harmful ones, that
is seriously questionable.

> The fact is that short of armed rebellion they are going to be
> here for a while.I shudder to think of the wrath our opponents 
> could wage if we all threw up our hands packed up our bags and left town.

Bad cop, good cop.  You cooperate with the "good" cop, you go to jail.  You
tell them both to go to hell, then maybe you will not go to jail, and if you
do go to jail, at least you will have the satisfaction of screaming injustice
all the way:

Re read what our "good" cop has been up to:

> > Worse yet, as recently as this month Leahy has
> > been clamoring to fund the invasive wiretapping legislation ("Digital
> > Telephony") he shepherded through Congress two years ago.
> >
> > Equally distressingly, Leahy demonstrated his "impeccable cyberspace
> > credentials" by cosponsoring the Senate online copyright bill -- aka the
> > Hollywood Media Mafia's wet dream. (Yes, these are the same rapacious
> > folks who are demanding that the Boy Scouts and summer camps pay cash to
> > sing "God Bless America" and "Puff the Magic Dragon.") Opposed by the
> > American Library Association, EFF, and teachers' organizations, Leahy's
> > bill would slam fair use rights online and could make it a crime to
> > browse the Net without a license.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From stewarts at ix.netcom.com  Mon Aug 26 20:24:10 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Tue, 27 Aug 1996 11:24:10 +0800
Subject: Credit enforcement
Message-ID: <199608270039.RAA20498@toad.com>


At 06:43 PM 8/17/96 -0400, you wrote:
>I thought that classical libertarians agree that the enforcement of 
>contracts is a proper function of the government.

The minarchists generally do, the anarchists generally don't,
at least if you're talking about last-resort contract enforcement.
The primary mechanisms always have been to use the market,
whether through reputations, insurance companies, bonding agencies,
boycotts, or (often the most powerful) the sheer value of repeat business.
Much of the development of commercial law from the Romans
through the Middle Ages been to find peaceful and efficient ways
to do business without the King helping.

There are historical alternatives to having government do it;
the Irish, Icelandic, Somali, and American Arbitration Association
non-state-based justice systems had/have various sets of social pressure
to do the job.  (For instance, Somali dispute resolutions usually end up
with some number of cows or other money getting paid to a winning 
plaintiff, and if you don't pay, your extended family has to.
Rarely, the family also refuses and bringing in a higher-reputation
judge fails, and a brief feud ensues...)

On the "should the government or the free market do this" scale,
most people put last-resort contract enforcement at the
"we don't mind too much if the government does it" end
rather than the "overthrow the government if they even think
about touching it" end, which is for issues like sex, drugs, rock&roll,
freedom to travel, etc.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From geoff at digidem.com  Mon Aug 26 20:26:48 1996
From: geoff at digidem.com (Geoffrey Gussis)
Date: Tue, 27 Aug 1996 11:26:48 +0800
Subject: Whistleblowing on the Internet
Message-ID: <v03007802ae47e8a83d6d@[128.252.112.220]>


I'm writing a paper for my ethics class on Whistleblowing, and specifically
how it has been aided by the Internet.  If anyone knows of any resources,
pointers, etc., I would greatly appreciate it.  The results will be
published on-line, and I can send a copy to anyone who is interested as
well.  I am interested in information covering both the private sector and
the government as well.  I do know that the Federal Government has an
online BBS where you can send in information on fraud, etc.

What I have uncovered so far:

+ As far as a Lexis/Nexis search goes, I only found a few articles, and
they centered around the Tobacco Papers, and the Scientology debate.

+ I located the Whistleblowing FAQ and contacted its author, but its last
update was in 1994 and it is no longer being maitained.

+ I visited a couple of other related Internet sites (I searched using many
search engines), but they don't really have examples of using the Internet
for whistleblowing purposes.

+ I am also aware of the majority of Anonymity/Privacy sites on the
Internet, and will definitely be utilizing them in the paper.


Overall, I am quite surprised that there isn't a whistleblowing
clearinghouse on the Internet; a site sponsored by a non-profit that lists
email addresses and secure forms for sending anonymized email to those
areas of the public and private sector that deal with whistleblowing.  As
the Internet is a great medium for information dissemination, and offers
significant privacy advantages, I really expected to find much more.

Is anyone else working in this area?  Any help would be greatly appreciated.

Cheers,

Geoffrey Gussis
2L - Washington University School of Law

___________________________________________________________________
Internet Law Projects at http://www.digidem.com/legal/

+ Worldwide Top-Level Domain/Trademark Dispute Resolution Policies

+ Businesses on the Internet (BOTI) Legal Research Initiative

+ Legal Links in Electronic Commerce and Interactive Entertainment







From deviate at lipschitz.sfasu.edu  Mon Aug 26 20:52:04 1996
From: deviate at lipschitz.sfasu.edu (J. Kelly Cunningham)
Date: Tue, 27 Aug 1996 11:52:04 +0800
Subject: New type2.list/pubring.mix
In-Reply-To: <199608262251.RAA01261@alpha.jpunix.com>
Message-ID: <Pine.NXT.3.93.960826180857.3357A-100000@lipschitz>


-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 26 Aug 1996, John Perry wrote:
 
jp> Hello Everyone,
jp> 
jp> 	There is a new type2.list/pubring.mix update for Mixmaster on
jp> jpunix.com. The update reflects the temporary retirement of the anon
jp> Mixmaster remailer. Please update your files accordingly. The files
jp> can be obtained by WWW at www.jpunix.com and by anonymous FTP at
jp> ftp.jpunix.com.
jp> 

I notice that there is an entry for treehole:

 treehole treehole at mockingbird.alias.net 2c9f098377bf4f068751683f803834f5 2.0.3

Is it back?


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp2.b, a Pine/PGP interface.

iQCVAwUBMiHo2+Bu0383Om6dAQGyPAP+LeLbvQKL74t35BovqZcGA7ELWasUEA71
DJfLKWApg700lgGN4PQ8+puYIFxuHzN2oa0mksFUkl3uINXgY3C8KnWBVMuEwHKO
m2IQjf5kX9MIeZ9DNEyXgb0FYfc4ohK4632gdZIkTeKVfcdRY/CZFc6UU1eRmUnS
RVNZADo9OZc=
=aj3h
-----END PGP SIGNATURE-----


-- kc    finger deviate at lipschitz.sfasu.edu | pgp -fka    49860926614586AF
"The  strongest reason for the people to retain  their    54105BA338FBF0FB
right  to  keep  and  bear  arms is, as a last resort,
to protect themselves against tyranny in  government." -- Thomas Jefferson






From unicorn at schloss.li  Mon Aug 26 20:54:10 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Tue, 27 Aug 1996 11:54:10 +0800
Subject: Discussion: The Digital Commerce Clause [Long] [Was: Re: The Commerce Clause and the Crypto Issue]
In-Reply-To: <ae432be9000210041c17@[205.199.118.202]>
Message-ID: <Pine.SUN.3.94.960826125620.28010A-100000@polaris>



On Fri, 23 Aug 1996, Timothy C. May wrote:

> It seems to me that in recent years nearly any type of sweeping legislation
> is justifed, constitutionally, by the clause in the U.S. Constitution which
> says Congress shall have the power to regulate commerce. (More precisely,
> the clause says: "To regulate commerce with foreign nations, and among the
> several states, and with the Indian tribes;" This is usually interpreted to
> mean _interstate_ commerce, and not sales/commerce/etc. that do not
> centrally involved more than one state....obviously nearly all things sold
> in one state are sold in other states, so there is lattitude for applying
> the commerce clause, albeit wrongly.)
> 
> Today's news is the sweeping new restrictions on tobacco and cigarettes,
> including restriction on advertising and even on the placement of tobacco
> and cigarette logos and names on sports jerseys and shirts.

[...]

> The catch-all for these laws seems to be the "regulate commerce" language
> in the Constitution. Cigarettes are sold in multiple states, the logic
> goes, so the commerce clause gives the government the power/authority to
> regulate it.
> 
> (Well, Steven King novels are sold in all 50 states, too. Does this
> "regulate commerce" clause give the government the power/authority to
> regulate what King puts in his novels? Or to ban advertising for Steven
> King novels? Or to require that stores only sell such novels to adults?)
> 
> This language is already being cited for some as a justification for
> regulating encryption (hey, some businesses use it!), digital signatures
> (ditto), and other forms of crypto.
> 
> In fact, since nearly everything involves "commerce" in some way, whether
> interstate or not, the "regulate commerce" clause can presumably be used as
> a jusitification for interfering in all sorts of areas.
> 
> The several legal experts out there on this list can clarify any errors of
> interpretation I have made. I certainly know that the commerce clause
> cannot be used to suppress certain kinds of speech, though the boundaries
> of where it may be applied seem unclear.

Mr. May is fairly close.  If the commerce clause can not be used to
suppress speech it is because there is a constitutional amendment
protecting it.

Practically speaking, the commerce clause is boundless in its grant.

The evolution of Commerce Clause use is one of the most interesting
examples of creeping statism in a western nation that I know of.

Consider the classic view of the Commerce Clause a la Gibbons v. Ogden, 22
U.S. 1 (1824).

[Robert Fulton and Robert Livingston were granted exclusive rights to
operate steamboats in New York waters by the New York Legislature.
Steamboats were a new technology, and the legislation was intended to
encourage investment in the boats.  Fulton and Livingston licensed Ogden
to run a ferry service to New Jersey and Gibbons began to compete.
Gibbon's's ferries were licensed as "vessels in the coasting trade" under
a 1793 piece of legislation enacted by Congress.  Ogden obtained an
injunction in New York, Gibbons appealed.]

Chief Justic Marshall for the majority:

"The subject to be regulated is commerce, and our constitution being, as
was aptly said at the bar, one of enumeration, and not of definition, to
ascertain the extent of the power, it becomes necessary to settle the
meaning of the word.  The counsel for the appellee would limit it to
traffic, to buying and selling, or the interchange of commodities, and do
not admit that it comprehends navigation.  This would restrict a general
term, applicable to many objects, to one of its significations.  Commerce,
undoubtledly, is traffic, but it is something more: it is intercourse.  It
describes the commercial intercourse between nations, and parts of
nations, in all its branches, and is regulated by prescribing rules for
carrying on that intercourse.  The mind can scarcely conceive a system
for regulating navigation, which shall exclude all laws concerning
navigation... and be confined to prescribing rules for the conduct of
individuals, in the actual employment of buying and selling or of
barter....

It is not intended to say that these words comprehend that commerce,
which is completely internal, which is carried on between man and man in a
state, or between different parts of the same states, and which does not
extend to or affect other states. [sic]  Such a power would be
inconvenient, and is certainly unnecessary.

Comprehensive as the word 'among' is, it may very properly be restricted
to that commerce which concerns more states than one.  The phrase is not
one which would probably have been selected to indicate the completely
interior traffic of a state, because it is not an apt phrase for that
purpose...."

Justice Johnson:

[Who discusses the history of the state powers over commerce where states
were complete sovereigns and the portion of that power which is delegated
to the federal government.]

[A]n absolute control is given over state legislation on [commerce], as
far as that legislation may be exercised, so as to affect the commerce of
the country.

::::

So as it stands in the day, commerce seems to include buying selling
bartering and transporting good or services between states.  It is the
interaction between states which defines commerce, and the authority to
regulate it stems from the need to prevent one state from "affect[ing] the
commerce of the country."

This is the classic, and (in my view) fairly rational analysis of the
commerce clause.

Use of the commerce clause before the nineteenth century to actually
regulate interstate commerce was limited.  Insteaed Congress concentrated
on programs and legislation to promote economic growth, taking steps, for
example, to create the Bank of the Unted States, transfer public lands to
private citizens, and providing for the national defense.

Some authors note that the aftermath of the Civil war created many of the
circumstances which made a more expansive view of the commerce clause
appealing.  For example, it is argued, the increasing success of the
national economy made it more obviously interdependent and that localized
problems increasingly became national problems.  One might consider the
period of Reconstruction, where the rights of newly freed slaves were not
adequately protected by southern state governments.  The case for national
intervention was fairly compelling in this example.  Theories of
federalism began to emerge which expanded the role of the federal
government and balloned the catagories of issues which fell into the
definition of "nationally impacting."  Many theorists use the Civil War
itself as a vindicating example of the concept that national power could
be used to "enforce" freedom.  (For larger views of these theories and the
historical context often used to support them, See Generally, H. Hyman, A
More Perfect Union (1973); R. Harrison, The Weakened Spring of Government
Revisited: The Growth of Federal Power in the Late Nineteenth Century, in
The Growth of Federal Power in American History (R. Jeffreys-Jones & B.
Collins eds. 1983).

Some of the period's legislation reflects the new attitude, the
Interstate Commerce Act of 1887 and the Sherman Antitrust act of 1880 are
classic examples.  These more active measures of regulation did, however,
produce a growing group of citizens sensitive to the growing national
powers.  Many commentators note that the groups objecting to national
legislation could provide very concrete examples why the congressional
acts hampered freedom and economic growth, while proponents of the acts
were limited to untested concepts of national economy, and theory.

Federalist based objections to these legislative inititives forced the
development of legal theories to address the concrete examples.  Note that
this period also began the currently obvious trend of promoting social
goals viewed "as valuable wholly apart from their relation to economic
development."

These approaches are generally lumped into the "formal" and "realist"
realms.  Consider first, United States v. E.C. Knight Co., 156 U.S. 1
(1895):

[The United States used the Sherman Act to set aside the acquisition by
the American Sugar Refining Company of four competing refineries.  The
aquisition left only one independent refinery in operation which produced
2 percent of the sugar refined in the country.  Chief Justice Fuller held
that the Sherman Act did not reach this monopoly because the Constitution
did not allow Congress to regulate "manufacturing."  The government had
argued that such concentrated manufacturing power constituted a monopoly
over a necessity of life which was enjoyed by a large population of the
United States which necessarily required resort to interstate commerce.

Fuller replied that "this argument cannot be confied to necessaries of
life merely, and must include all articles of general consumption.
Doubtless the power to control the manufacture of a given thing involves
in a certain sense the control of its disposition, but this is a
secondary and not the primary sense; and although the exercise of that
power may result in bringing the operation of commerce into play, it does
not control it, and affects it only incidently and indirectly.  Commerce
succeeds manufacture, and is not a part of it.

In Fuller's view, it would be "far-reaching" to permit a federal action
"whenever interstate or international commerce may be ultimately affected.
The fact that an article is manufactured for export to another state does
not of itself make it an article of interstate commerce, and the intent of
the manufacturer does not determine the time when the article or product
passes from the control of the state and belongs to commerce."  Fuller
continued, noting that a monopoly in manufacture might restrain interstate
commerce but that this was an indirect result and therefore American
Sugar's action "bore no relation" to interstate commerce.

Justice Harlan dissented, arguing that a monopoly that "obstructs freedom
in buying and selling articles" to be sold outside of the state of
manufacture "affects, not incidently, but directly, the people of all the
States."  In Harlan's view, "Whatever improperly obstructs the free course
of interstate intercourse and trade, as involved in the buying and selling
of articles to be carried from one state to another, may be reached by
congress."  To Harlan congress was merely, "prevent[ing] the coming into
existence of combination, the purpose or tendency of which was to impose
unlawful restraints upon interstate commerce."

E.C. Knight Co. through Fuller, demonstrates nicely the "formal" view.
The line of interstate commerce is drawn quite finely.  Indirect effects
are ignored.

The realist view, as expressed by Harlan, looks instead to the effect on
economy, the actual impact, or the intent of congress.

Concepts like the "stream of commerce" (Congress may regulate an activity
if it affects interstate commerce.  Taft in Stafford v. Wallace, 258 U.S.
495 (1922)., and the "current of commerce" (Swift and Co. v. United
States 196 U.S. 375 (1905)), began to form to facilitate the expansion of
the reach of the commerce clause in the early 1900s.

The court was a bit muddled about its approaches from the 1890's or so
until the 1920's but the result was a great deal of flexibility in
assessing the constitutionality of congressional statutes by the time the
1930's arrived.

In 1933 Franklin D. Roosevelt took office.  Addressing the crippled
economy, the new president fostered a host of legislation, unprecidented
in number and power.  Enter: The New Deal.

Consider the comments of one scholar: "Much of the legislation interfered
with what many had come to regard as the prerogatives of private property,
and, incidently, the proper domain of the states.  The New Deal statutes
were sure to generate challenges to their constitutionality.  Supporters
could draw on a complex, well-developed, and not entirely coherent body of
law regarding the extent of Congress's power to regulate interstate
commerce."

Some of the first challenges arrived in the mid 1930's in the form of
Nebbia v. New York, 291 U.S. 502 (1934); Norman v. Baltimore and Ohio
Railroad, 294 U.S. 240 (1935) (upholding the repudiation of contractual
duties to repay debts in gold) and Panama Refining Co. v. Ryan, 293 U.S.
388 (1935).  Only Panama Refining succeeded as a challenge to legislation,
invalidating portions of the National Industrial Recovery Act of 1933
which some commentators consider the conceptual centerpiece of the New
Deal.

More blows to the New Deal followed in the form of A. L. A. Schecter
Poultry Corp v. United States 295 U.S. 495 (1935); Carter v. Carter Coal
Co., 298 U.S. 238 (1936).

At the time of the Schecter decision, the act in question was about to
expire, and the administrative approach to its enforcement was becoming
less and less popular.  Schecter was, therefore, probably more important
for its approach than its actual result.  Consider Justice Hughes, for the
majority:

"The undisputed facts thus afford no warrant for the argument that the
poultry handled by defendants at their slaughterhouse markets was in a
'current' or 'flow' of interstate commerce and was thus subject to
congressional regulation.  The mere fact that there may be a constant flow
of commodities into a states does not mean that the flow continues after
the property has arrived and has become commingled with the mass of
property within the state and is there held solely for local dispotion and
use.

[...]

"If the commerce clause were construed to reach all enterprises and
transactions which could be said to have an indirect effect uipon
interstate commerce, the federal authority would embrace practically all
the activites of the people and the authority of the state over its
domestic concerns would exist only by sufference of the federal
government.  Indeed, on such a thoery, even the development of the
state's commercial facilities would be subject to federal control.

"If the federal government may determine the wages and hours of employees
in the internal commerce of a state, because of their relation to cost and
prices and their indirect effect upon interstate commerce, it would seem
that a similar control might be exerted over other elements of costs, also
affecting prices, such as the processes of production and distribution
that enter into cost could likewise be controlled.  If the cost of doing
an intrastate business is in itself the permitted object of federal
control, the extent of the regulation of cost would be a question of
discretion and not of power."

::::

So we find the court rejecting a strictly "realist" approach and guarding
certain "wholly local" activites from the reach of congression regulation
by insisting on a "formalist" reading.

One may note the attitude of the majority in Carter as demonstrative of
the protectiveness the court was showing toward local activity.  Consider
Justice Sutherland for the majority:

"Every journey to a forbidden end begins with the first step and the
danger of such a step by the federal governmnet in the direction of taking
over the powers of the states is that end of the journey may find the
states so despoiled of their powers, or-- what may amount to the same
thing-- so relieved of the responsibilities which possession of the powers
necessarily enjoins, as to reduce them to little more than geographical
subdivisions of the national domain."

::::

These cases, along with United States v. Butler, 297 U.S. 1 (1936);
Morehead v. New York ex rel Tipaldo, 298 U.S. 587 (1936), and the
landslide victory by FDR hatched a cunning plan.  Thwarted by the Supreme
Court in serious ways, FDR proposed certain "changes" in the structure of
the court.  Essentially Roosevelt proposed that one justice be added for
each justice over 70 who refused to resign or retire.  This would bring
the number of justices up to fifteen, and secure a safe majority on the 
court for the New Deal supporters.

The rational was the the older justices were increasing the workload on
the younger justices because they were unable to properly see to their
duties.

During debate on the proposal Justice Van Devanter left the Court and the
Court upheld a state minimum wage state in West Coast Hotel Co. v.
Parrish, 200 U.S. 379 (1937).  Justice Roberts, formerly a New Deal
opponent had switched his vote in West Coast.  This last minute alteration
was dubbed "The switch in time that saved Nine."

It should also be noted that the majority leader of the Senate, Joseph
Robinson, exerted a great deal of pressure on the Senate and personal
pressure on individual Senators and was believed by many to have
accumulated the required votes for the court packing plan.  Robinson died
of a heart attack however before the vote was taken and the plan was
rejected.  Personally, I am amazed that conspiracy buffs have not latched
on to this piece of history.  See Generally, Leuchtenberg, The Origins of
Franklin D. Roosevelt's Court Packing Plan, 1966 Sup. Ct. Rev 347.

One might also want to take into account the increasing power communists
were showing in the United States.  Several commentators have pointed out
that without the "concessions" of The New Deal, the United States might
well have faced a sudden and potent turn to socialism or communism

The result, however, was a suddenly pro-New-Deal court.  Witness Justice
Hughes in NLRB v. Jones and Laughlin Steel Corp., 301 U.S. 1 (1937):

"Although activites may be intrastate in character when separtely
considered, if they have such a close and substantial relation to
interstate commerce that their control is essential or appropriate to
protect that commerce from burdens and obstructions, Congress cannot be
denied the power to exercise that control."

::::

and the outer limits of the commerce clause:

Wickard v. Filburn, 317 U.S. 111 (1942)

[The Agricultural Adjustment Act allowed the Secretary of Agriculture to
set a quota for wheat production.  Each wheat grower was given an
allotment.  Filburn was a dary farm owner in Ohio.  He also raised small
amounts of wheat for his livestock and for making flower at home, for seed
purposes, and for sale.  His quota was 222 bushels, but he instead yielded
461 and was fined $117.  Fulburn sued to enjoin enforcement arguing,
among other issues, that his entiely local use and consumption of wheat
for his own family use was beyond the reach of Congressional Legislation.]

Justice Jackson:

"The Court's recognition of the relevance of the economic effects in the
application of the Commerce Clause has made the mechanical application of
legal formulas no longer feasible.  Once the economic measure of the reach
of the power granted to Congress in the commerce clause is accepted,
questions of federal power cannot be decided simply by finding the
activity in question to be "production," nor can consideration of the
economic effects be foreclosed by calling them "indirect"...

...even if appellee's activity be local and though it may not be regarded
as commerce, it may still, whatever its nature, be reached by congress if
it exerts a substantial economic effect on interstate commerce and this
irrespective of whether such effect is what might at some earlier time
have been defined as "direct" or "indirect..."

That appelee's own contribution to the demand for wheat may be trivial by
itself is not enough to remove him from the scope of federal regulation
where, as here, his contribution taken together with that of many others
similarly situated, is far from trivial."

::::

Now we see the extreme edges of the commerce clause.  Even individual
acts, which alone are not sufficent to impact interstate commerce, may in
their aggregate be seen to impact it.  Congress thus can reach the most
local acts.

As a result, the commerce clause has become a quick and easy clause to
rely upon when congress is attempting to impose its rule over what may
appear to be "local activities."  Civil rights legislation rested on the
commerce clause as its authority, typically by arguing that privately
owned estlablishments affected interstate commerce by e.g., their
proximity to an interstate and the interstate makeup of their clients.

It is worth noting that since the Wickard case, and until the year before
last, no challenge based on commerce clause authority has suceeded.  (The
only case I know of involves the regulation of firearms possession in
school zones and spurred some news stories last year).

> I do expect [the commerce clause] to be used for crypto, though, and
> this might even be upheld by the Supremes, especially in any areas
> directly involving "digital commerce."

Without a doubt.

> We should watch for this, and think about ways to deflect or derail such
> interpretations.

Extremely difficult.

As you can see, the commerce clause is deeply entrenched.  Direct and
indirect effects on commerce between the states are easily enough to reach
the questioned activity.

I think there is no doubt in the world that digital commerce will DIRECTLY
impact interstate and foreign commerce from a legal point of view.  If my
growing wheat in my back yard does, you can bet the farm that new means of
conducting business and making transactions across state boarders will.

I hate to differ with Mr. May, but I think that deflecting or derailing
this aspect of congressional authority to regulate is all but hopeless in
light of cases like Wickard and that our efforts are best directed
elsewhere.

Now I know some list member will mail me asking how I can support the
crushing grip congress has on the citizens of the United States and the
States themselves.  I do hope that member will re-read my post carefully
before pecking out that letter.

I believe the answer to preserving the purity of digital commerce is to
form it in such a way so as to make regulation impossible, because in my
view the constitution no longer provides citizens with the protection or
freedom to progress.  I feel the same way about privacy.  All the
constitutional arguments in the world mean little today.  A systematic
approach which makes violations of personal rights impossible whether
constitutional or not is the answer.

I see digital commerce burdened by regulations possessed of the character
of money laundering, reporting requirements and due dilligence statutes.
All of these are already entrenched, and there is literally ZERO chance of
prevailing in a challenge based on the illegitimacy of the commerce clause
in these cases.

("The cash is dead, long live the king.")

Cypherpunks should do what cypherpunks do best.  Write code, implement big
brother proof systems and make them entrenched before they are legislated
away.  There are always creative ways to make laws which take away rights.
You can't, however, legislate away mathamatics.

> --Tim May

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li












From ichudov at algebra.com  Mon Aug 26 21:08:30 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Tue, 27 Aug 1996 12:08:30 +0800
Subject: Microsoft Explorer security hole (fwd)
In-Reply-To: <Pine.A32.3.93.960826001930.31882A-100000@seminole.gate.net>
Message-ID: <199608262206.RAA03891@manifold.algebra.com>


please publish the exploit.

many many thanks in advance

igor

Ben Holiday wrote:
> 
> 
> 
> ---------- Forwarded message ----------
> Date: Mon, 26 Aug 1996 01:35:07 GMT
> Subject: Microsoft Explorer security hole (fwd)
> 
> On Sun, 25 Aug 1996 13:55:30 -0600 (MDT), Carl Nation
> <carl at iserver.com> wrote:
> 
> To our Resellers/Customers,
> 
> Our sysadmin received this security alert, and we thought we should
> pass it along...
> 
> ------- Forwarded Message
> 
> Date: Wed, 21 Aug 1996 13:12:59 -0400
> From: felten at CS.Princeton.EDU (Ed Felten)
> Subject: Internet Explorer Security Problem
> 
> We have discovered a security flaw in the current version (3.0) of
> Microsoft's Internet Explorer browser running under Windows 95.  An
> attacker could exploit the flaw to run any DOS command on the machine of
> an Explorer user who visits the attacker's page.  For example, the
> attacker could read, modify, or delete the victim's files, or insert a
> virus or backdoor entrance into the victim's machine.  We have verified
> our discovery by creating a Web page that deletes a file on the machine of
> any Explorer user who visits the page.
> 
> The core of the attack is a technique for delivering a document to the
> victim's browser while bypassing the security checks that would
> normally be applied to the document.  If the document is, for example, a
> Microsoft Word template, it could contain a macro that executes any DOS
> command.
> 
> Normally, before Explorer downloads a dangerous file like a Word
> document, it displays a dialog box warning that the file might contain a
> virus or other dangerous content, and asking the user whether to abort the
> download or to proceed with the download anyway.  This gives the user a
> chance to avoid the risk of a malicious document.  However, our technique
> allows an attacker to deliver a document without triggering the dialog
> box.
> 
> Microsoft has been notified and they are working on fixing the
> problem. Until a remedy is widely available, we will not disclose further
> details about the flaw.
> 
> For more information, contact Ed Felten at felten at cs.princeton.edu or
> 609-258-5906.
> 
> Dirk Balfanz and Ed Felten
> Dept. of Computer Science, Princeton University
> http://www.cs.princeton.edu/sip/
> 
> ------- End of Forwarded Message
> 
> 
> 
> 



	- Igor.





From jya at pipeline.com  Mon Aug 26 21:12:33 1996
From: jya at pipeline.com (John Young)
Date: Tue, 27 Aug 1996 12:12:33 +0800
Subject: CLE_nup
Message-ID: <199608262221.WAA00909@pipe5.t1.usa.pipeline.com>


   8-26-96. FiTi: 
 
   "Cleaning up the global economy. Policymakers must ponder 
   the effects of money laundering." 
 
      Is money laundering - as opposed to the crimes which 
      produce it - necessarily such a bad thing? 
 
      As Vito Tanzi notes in his IMF paper, the fact that 
      money launderers are not fussy about economic 
      fundamentals can help governments continue to pursue lax 
      fiscal and monetary policies if they are equally unfussy 
      about the origin of capital inflows. A pact with the 
      devil, perhaps. But for many countries it may seem more 
      attractive than signing up to a global financial market 
      equivalent of Neighbourhood Watch. 
 
      + Money Laundering and the International Financial 
      System, IMF working paper, May 1996. 
 
   ----- 
 
   http://jya.com/clenup.txt  (7 kb) 
 
   CLE_nup 
 
 
 
 





From frantz at netcom.com  Mon Aug 26 21:33:12 1996
From: frantz at netcom.com (Bill Frantz)
Date: Tue, 27 Aug 1996 12:33:12 +0800
Subject: Cypherpunk voting - ITAR or CDA
Message-ID: <199608261917.MAA24551@netcom8.netcom.com>


At  1:37 AM 8/25/96 -0400, Vincent Cate wrote:
>So it seems Dole is the better vote.  Is this important enough to many
>cypherpunks to actually determine their vote?

Every time I think about voting for Dole, I read something in the papers
that convinces me it is a bad idea.  The most recent is that he wants to
raise the intensity of the disastrous, failed war on drugs.

You know the war.  The one that has forced suppliers to enforce their
contracts with violence because the courts won't help them.  The one that
eliminated the concept of responsible use which has worked so well with
alcohol.  The one that has eliminated reputation from the drug market,
leading to overdoses and poisonings.  The one that is responsible for most
of the wire taps authorized in the USA.  The one that has turned the USA
into the prison capitol of the world.  Don't get me started.


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From gnu at toad.com  Mon Aug 26 21:45:53 1996
From: gnu at toad.com (John Gilmore)
Date: Tue, 27 Aug 1996 12:45:53 +0800
Subject: RSA/Security Dynamics filings are on the web
Message-ID: <199608262238.PAA17133@toad.com>


The RSA/SDTI merger may be the only chance we ever get to see RSA's
financial info.  Previously it was a privately held company, which
didn't report its finances publicly; now it'll be reported as part of
SDI (a much bigger company), so its finances will be hidden in
their larger business.

You can also see what RSA and SDTI are saying about the
RSA/Cylink/Schlafly lawsuits, the origins of VeriSign, how
Addison Fisher bankrolled RSA and owned 55% of it, etc.

Look on the SEC's EDGAR system, which contains copies of reports that
the government requires publicly traded companies to file.  Go to
http://www.sec.gov/cgi-bin/srch-edgar?security+dynamics+technologies
and view the various forms.  The most fun is probably the big one,
the 1.5MB S-4 form from the merger itself.

These documents will require a tolerance for legalese, but there are lots
of gems in there for the patient.

	John Gilmore





From hugh at ecotone.toad.com  Mon Aug 26 21:46:20 1996
From: hugh at ecotone.toad.com (Hugh Daniel)
Date: Tue, 27 Aug 1996 12:46:20 +0800
Subject: ADMIN:  Problems with the list goto the owner, not the list!
Message-ID: <199608262123.OAA26029@ecotone.toad.com>


  In the future please send all messages of the form ~something is
wrong with the list~ to owner-cypherpunks at toad.com and NOT the list
its self.  We already have enough off topic and puerile traffic
cluttering up the list.
  If you think you see a _very_ major problem then please do email me
directly.
  Now please get back to building the better world we sometimes still
talk about building...

		||ugh Daniel
		Majordomo Owner & Potty Trainer
		hugh at toad.com





From adam at homeport.org  Mon Aug 26 21:46:43 1996
From: adam at homeport.org (Adam Shostack)
Date: Tue, 27 Aug 1996 12:46:43 +0800
Subject: Code Review Guidelines (draft)
Message-ID: <199608270158.UAA24640@homeport.org>


A few weeks back, I posted a request for source code review
guidelines.  I got about 50 me-toos, but no guidelines.  So I wrote
some I think are decent.  They're still in draft format.  I'd
appreciate feedback & commentary on them.

http://www.homeport.org/~adam/review.html

Adam

PS: Someone did pay me to do this, but doesn't want their name
associated with it, because there are shoulds and musts in it.  I have
their permission to post the anonymized document.

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From mhw at wittsend.com  Mon Aug 26 22:18:22 1996
From: mhw at wittsend.com (Michael H. Warfield)
Date: Tue, 27 Aug 1996 13:18:22 +0800
Subject: The POUCH
In-Reply-To: <960826234448_76473.1732_BHT119-3@CompuServe.COM>
Message-ID: <m0uvCrF-0000xRC@wittsend.com>


JOHN E. HOLT enscribed thusly:
> 
> The Pouch uses a 64 x 64 block product cipher, a 1024 bit random initialization
> vector and the CBC technique.  Most experts agree that such an implementation is highly resistant to all forms of cryptographic attack.
> Hellman and Dilfie rely on knowing the algorithm for their known plain text attacks
> An unpublished algorithm forces them into reverse engineering the computer
> programs to learn the algorithm. The POUCH has many roadblocks built in
> to prevent this.

	An unpublished algorithm mean that it's worthless snakeoil that
depends on obfuscation until it is successfully reverse engineered (which
you just set yourself up as a prime target) and then all of your chumps
(ahh..  clients) get raped.  I wouldn't even look at it and would advise
all of my clients to avoid it like the plague...

> I refer to Cummings, Cryptography and Data Security pages 150 and 98 in this regard.
> John Holt

-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!





From ses at tipper.oit.unc.edu  Mon Aug 26 22:23:18 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Tue, 27 Aug 1996 13:23:18 +0800
Subject: Cypherpunk voting - ITAR or CDA
In-Reply-To: <199608261917.MAA24551@netcom8.netcom.com>
Message-ID: <Pine.SUN.3.91.960826213639.28400B-100000@tipper.oit.unc.edu>


On Mon, 26 Aug 1996, Bill Frantz wrote:

> At  1:37 AM 8/25/96 -0400, Vincent Cate wrote:
> >So it seems Dole is the better vote.  Is this important enough to many
> >cypherpunks to actually determine their vote?
> 
> Every time I think about voting for Dole, I read something in the papers
> that convinces me it is a bad idea.  The most recent is that he wants to
> raise the intensity of the disastrous, failed war on drugs.
> 
> You know the war.  The one that has forced suppliers to enforce their
> contracts with violence because the courts won't help them.  The one that
> eliminated the concept of responsible use which has worked so well with
> alcohol.  The one that has eliminated reputation from the drug market,
> leading to overdoses and poisonings.  The one that is responsible for most
> of the wire taps authorized in the USA.  The one that has turned the USA
> into the prison capitol of the world.  Don't get me started.
> 
> 
> -------------------------------------------------------------------------
> Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
> (408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
> frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA
> 
> 
> 

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From whgiii at amaranth.com  Mon Aug 26 22:32:15 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Tue, 27 Aug 1996 13:32:15 +0800
Subject: Spamming (Good or Bad?)
In-Reply-To: <3.0b11.32.19960826110912.006d4158@central.tansoft.com>
Message-ID: <199608270040.TAA10161@mailhub.amaranth.com>


-----BEGIN PGP SIGNED MESSAGE-----

In <3.0b11.32.19960826110912.006d4158 at central.tansoft.com>, on 08/26/96 at 11:09 AM,
   "James C. Sewell" <jims at MPGN.COM> said:

>At 03:47 AM 8/24/96 -0500, William H. Geiger III wrote:
>>
>>No I have to dissagree. Who I send mail to or whom I receive mail from is 
>>no-ones business. I for one have no intention of "signing up" or 
>>"regestering" with any mail server. I most certainally want to be the one to 
>>decide what mail I receive or do not receive, not someone elses idea of what 
>>I should receive.

>Upon reflection I can say you are right, UNLESS we can put this "signup"
>thing on the end-user's machine so he can set it in his own privacy and
>no one else can pilfer it.

>The ultimate solution is AI mail clients, but that's too far off to wait for,
>I feel.

Actually I just set-up a Twit/Auto-Reply filter for my email client. If you make it onto my twit filter all messages are bounced with a message to stop sending mail. I don't even know the message was sent to me unless I check my logfile.

If someone really pisses me off some creative mail-bombing tend to get the message accross.


- --
- -----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
Get Work Place Shell for Windows!!
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
- -----------------------------------------------------------
 
MR/2 Tag->I use OS/2 2.0 and I don't care who knows!
 
MR/2 Tag->"Do your parents *know* you are Ramones?" - Ms. Togar

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMiJNAo9Co1n+aLhhAQFmugP+NjGXIsalppe9FqrkrRdZpBoZpLxUJsbO
35u/UlkjmtfbX8hJGVML21/OZM+rk4GpAdmiBePs5cLcvOipE01378q5XleOSvD9
PmZCuee2rtpkTV6LbAK5yutu7pD5cXqM2gqV07UqTE2NYBPz0DWXrGPxxAGa+r0X
NrHTwOzvJeY=
=j50N
-----END PGP SIGNATURE-----






From 76473.1732 at CompuServe.COM  Mon Aug 26 22:39:22 1996
From: 76473.1732 at CompuServe.COM (JOHN E. HOLT)
Date: Tue, 27 Aug 1996 13:39:22 +0800
Subject: The POUCH
Message-ID: <960826234448_76473.1732_BHT119-3@CompuServe.COM>


The Pouch uses a 64 x 64 block product cipher, a 1024 bit random initialization
vector and the CBC technique.  Most experts agree that such an implementation is highly resistant to all forms of cryptographic attack.
Hellman and Dilfie rely on knowing the algorithm for their known plain text attacks
An unpublished algorithm forces them into reverse engineering the computer
programs to learn the algorithm. The POUCH has many roadblocks built in
to prevent this.
I refer to Cummings, Cryptography and Data Security pages 150 and 98 in this regard.
John Holt






From dlv at bwalk.dm.com  Mon Aug 26 22:54:54 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Tue, 27 Aug 1996 13:54:54 +0800
Subject: ADMIN:  Problems with the list goto the owner, not the list!
In-Reply-To: <199608262123.OAA26029@ecotone.toad.com>
Message-ID: <seNaTD8w165w@bwalk.dm.com>


Hugh Daniel <hugh at ecotone.toad.com> writes:
> wrong with the list~ to owner-cypherpunks at toad.com and NOT the list
> its self.  We already have enough off topic and puerile traffic
> cluttering up the list.

Too much of a good thing is never enough.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From declan at eff.org  Mon Aug 26 23:01:06 1996
From: declan at eff.org (Declan McCullagh)
Date: Tue, 27 Aug 1996 14:01:06 +0800
Subject: Sen. Leahy's "impeccable cyberspace credentials"
Message-ID: <Pine.SUN.3.91.960826190221.27037D-100000@eff.org>





---------- Forwarded message ----------
Date: Mon, 26 Aug 1996 18:52:40 -0700 (PDT)
From: Declan McCullagh <declan at eff.org>
To: Jonah Seiger <jseiger at cdt.org>
Cc: shabbir at vtw.org, fight-censorship at vorlon.mit.edu, brock at well.com,
    telstar at wired.com
Subject: Re: INFO: Democratic convention chats online! Be there! (8/25/96)

Jonah,

I had expected some negative feedback from CDT, but I should say I was
surprised by the tenor of your response. 

Unfortunately, you don't address the substance of my criticisms of Leahy:
how can you defend Leahy's avowed support for Digital Telephony and the
copyright legislation? How do his actions make him a "forceful" and
"consistent advocate" with "impeccable cyberspace credentials?" 

(Hint: They don't. He isn't.)

You write that: "Of course we are not going to agree with our friends on
every issue." But I disagree with your underlying assumption; if a senator
is our "friend," they won't do what Leahy does. Being familiar with
technology does not a Net-advocate make -- take Al Gore, for instance, who
net-surfs in an Old Executive Office building cluster... 

If I'm wearing any hat at all right now, it's my cypherpunk one. And that
prompts me to say that we'll have more freedom online not by relying on
the legislative process, but by deploying pro-freedom technology like
anonymous remailers and PGP. We can't rely on an ossified Beltway
Bureaucracy to preserve our freedoms. (In fact, we need to shrink the size
of the Federal bureaucracy drastically to make it less susceptible to
special-interest lobbying and to reduce its ability to encroach upon our
civil liberties.)

We've argued about this before, of course. I recognize that we have core
philosophical disagreements. You want to work the legislative process and
compromise, while I believe that some rights can't be negotiated away. I
recall you supported White's "Harmful to Minors" CDA compromise that would
have created a new and unprecedented category of speech crimes online.
(The ACLU's Barry Steinhardt wrote on this list last fall that "no true
civil liberties organization" would support such language.) You joined
Leahy in supporting the Bennett bill, which would have permitted Equifax
to create a national medical database with few privacy safeguards. Not to
mention your defense of Leahy's pet Digital Telephony project...

You write: "But none of them [members of Congress] are gong to continue
reaching out a hand to us if we bark and bite when we don't get 100% of
our way." I'm confused by this. Does it mean we shouldn't slam Leahy when
he fucks with the Net? More disturbingly, the incorrect and misleading
label of "impeccable cyberspace credentials" makes it more difficult to
criticize Leahy when he does something (like DT funding or copyright) that
harms netizens. 

I suppose you'd like to champion Leahy as a "Friend of the Net." But I'd
rather not ignore his attempts to pass legislation that would hinder the
development of the Net and intrude on our privacy.

I reiterate my earlier statement: "Leahy is in no way a true friend of the
Net; I don't know of any Beltway politican who is." 

-Declan



On Mon, 26 Aug 1996, Jonah Seiger wrote:

> Declan:
> 
> What are you thinking?!
> 
> In a world where we have very few real friends, I simply don't understand
> what you are trying to accomplish. It's fine (and healthy) to raise
> concerns about the particular positions a member of Congress takes (hell, I
> don't agree with everything Leahy does), but to simply dismiss Leahy as a
> 'no friend of the Net'  is naive and counterproductive.
> 
> Look at the record. Leahy is hands down the strongest supporter of the Net
> in Congress. Period. No other Member (including our small but growing
> handful of other friends like Burns, White, Wyden, Cox, Eshoo, etc) has
> been a more forceful or consistent advocate for your causes for as long as
> Leahy has. What exactly do you want? Perhaps we should elect you to
> Congress and see how well you can do.
> 
> Of course we are not going to agree with our friends on every issue. If
> Leahy takes a position you don't like, I'd suggest you talk to his office.
> I have found in my experience that Leahy's staff (and him personally) will
> take the time to listen when presented with a well presented argument.
> 
> I'm also confused about another thing: which hat were you wearing when you
> wrote this? If it is your "advocate" hat I think it must covering your
> eyes. If it's your "journalist" hat, you need to do a bit better job of
> checking your facts in the future.
> 
> Go a head and reject the "Beltway politicians". It's fashionable, sure, but
> what does it really accomplish?  Some of them are dangerous. Others are
> sympathetic. The fact is that short of armed rebellion they are going to be
> here for a while.
> I shudder to think of the wrath our opponents could wage if we all threw up
> our hands packed up our bags and left town.
> 
> Face the facts. Members of Congress have a lot of constituencies to deal
> with, and we are a small and relatively powerless faction. We can do a lot
> to change the outcomes of policy debates (if I didn't believe that I
> wouldn't be doing what I do everyday), but we have to be realistic,
> recognize where we fit in to the process and who are friends are.  One
> thing's for sure - we have A LOT more enemies than we have friends.
> 
> Most members of Congress don't really understand us or our issues.  Many
> are willing to learn, and some have been real champions for our causes.
> But none of them are gong to continue reaching out a hand to us if we bark
> and bite when we don't get 100% of our way. Zealots rarely win (though it
> sure is fun to throw bombs).
> 
> Sorry for the public thrashing, but this kind of attitude REALLY gets under
> my skin.
> 
> Flames welcome (though response is not guaranteed <g>),
> 
> Jonah

// declan at eff.org // I do not represent the EFF // declan at well.com //








From talkingmail at realaudio.com  Mon Aug 26 23:03:43 1996
From: talkingmail at realaudio.com (RealAudio Talking E-mail)
Date: Tue, 27 Aug 1996 14:03:43 +0800
Subject: Scan the Web for Live News, Sports, & Music (Talking E-mail)
Message-ID: <199608270352.UAA15251@audio20.prognet.com>


          --------------------------------------
         |       Make this e-mail talk!         |
         | Load this URL into your Web browser: |
         |   http://www.realaudio.com/tmh.ram   |
          --------------------------------------

Dear RealAudio Customer,

Since you downloaded our free RealAudio Player a while back,
you have heard some pretty amazing things on the Web.

Now you can hear even more with RealAudio Player Plus,
an enhanced version of the RealAudio Player.

RealAudio Player Plus has a scan feature that lets you
scan the Web for live music, radio, sports, and news.
It also has Preset Buttons, like a car radio, that
take you straight to your favorite RealAudio sites.

Please visit our Web site to find out more:

http://www.realaudio.com/tmhplus/index.html

We hope you enjoy RealAudio Player Plus,

Rob Glaser                      Bruce Jacobsen
Chairman & CEO,                 President & COO,
Progressive Networks            Progressive Networks







From declan at eff.org  Mon Aug 26 23:08:09 1996
From: declan at eff.org (Declan McCullagh)
Date: Tue, 27 Aug 1996 14:08:09 +0800
Subject: Sen. Leahy's "impeccable cyberspace credentials"
In-Reply-To: <199608262107.OAA16648@dns1.noc.best.net>
Message-ID: <Pine.SUN.3.91.960826183426.26136A-100000@eff.org>


Just to clarify, Jonah Seiger wrote the "Go a head and reject" lines 
below and I wrote the now thrice-nested "Worse yet, as recently" lines.

My response to Jonah is forthcoming.

-Declan


On Mon, 26 Aug 1996, James A. Donald wrote:

> At 09:50 AM 8/26/96 -0700, Declan McCullagh wrote:
> > Go a head and reject the "Beltway politicians". It's fashionable, sure, but
> > what does it really accomplish?  Some of them are dangerous. Others are
> > sympathetic. 
> 
> Not true, some of them are merely less dangerous and harmful than others.
> 
> As to whether Leahy is one of the less dangerous and harmful ones, that
> is seriously questionable.
> 
> > The fact is that short of armed rebellion they are going to be
> > here for a while.I shudder to think of the wrath our opponents 
> > could wage if we all threw up our hands packed up our bags and left town.
> 
> Bad cop, good cop.  You cooperate with the "good" cop, you go to jail.  You
> tell them both to go to hell, then maybe you will not go to jail, and if you
> do go to jail, at least you will have the satisfaction of screaming injustice
> all the way:
> 
> Re read what our "good" cop has been up to:
> 
> > > Worse yet, as recently as this month Leahy has
> > > been clamoring to fund the invasive wiretapping legislation ("Digital
> > > Telephony") he shepherded through Congress two years ago.
> > >
> > > Equally distressingly, Leahy demonstrated his "impeccable cyberspace
> > > credentials" by cosponsoring the Senate online copyright bill -- aka the
> > > Hollywood Media Mafia's wet dream. (Yes, these are the same rapacious
> > > folks who are demanding that the Boy Scouts and summer camps pay cash to
> > > sing "God Bless America" and "Puff the Magic Dragon.") Opposed by the
> > > American Library Association, EFF, and teachers' organizations, Leahy's
> > > bill would slam fair use rights online and could make it a crime to
> > > browse the Net without a license.
>  ---------------------------------------------------------------------
>               				|  
> We have the right to defend ourselves	|   http://www.jim.com/jamesd/
> and our property, because of the kind	|  
> of animals that we are. True law	|   James A. Donald
> derives from this right, not from the	|  
> arbitrary power of the state.		|   jamesd at echeque.com
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From alanh at infi.net  Mon Aug 26 23:10:54 1996
From: alanh at infi.net (Alan Horowitz)
Date: Tue, 27 Aug 1996 14:10:54 +0800
Subject: "----- Message body suppressed -----"
In-Reply-To: <ae43a99302021004167e@[205.199.118.202]>
Message-ID: <Pine.SV4.3.91.960826202621.11454G-100000@larry.infi.net>


Y'all Christians have a doozey of a verse in the Book of (forget which) 
where they talk abnout the local Israelite babes lusting after the 
foreign pagan lads because they have horse-sized equipments.





From perry at piermont.com  Mon Aug 26 23:12:39 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 27 Aug 1996 14:12:39 +0800
Subject: The POUCH
In-Reply-To: <960826234448_76473.1732_BHT119-3@CompuServe.COM>
Message-ID: <199608270104.VAA27340@jekyll.piermont.com>



"JOHN E. HOLT" writes:
> The Pouch uses a 64 x 64 block product cipher, a 1024 bit random
> initialization vector and the CBC technique.  Most experts agree
> that such an implementation is highly resistant to all forms of
> cryptographic attack.

Thats just plain wrong.

Some block ciphers are highly resistant. Some block ciphers crack open
like eggs. Being a "block product cipher" doesn't in any way make you
"highly resistant to all forms of cryptographic attack".

> An unpublished algorithm forces them into reverse engineering the computer
> programs to learn the algorithm.

The principle in the modern world of crypto is that your cipher must
be resistant to attack even if the attacker knows all details of it.

Furthermore, the principle in buying crypto is to know that 99% of
crypto on the market is junk, and that if you can't find out how it
works its probably not any good at all.

Perry





From Adamsc at io-online.com  Mon Aug 26 23:12:51 1996
From: Adamsc at io-online.com (Adamsc)
Date: Tue, 27 Aug 1996 14:12:51 +0800
Subject: Spamming
Message-ID: <19960827042758906.AAA215@IO-ONLINE.COM>


On Mon, 26 Aug 1996 13:26:04 -0500, John Deters wrote:

>>What do cypherpunks think about the following practice or law (I realize
>>that it may be impossible to implement): each email message should carry
>>a little digicash check for, say, 20 cents. Mail reading programs should
>>reject (send back unread) all messages not carrying these digital
>>checks, unless the senders are in the "friends list". The MUAs should
>>ask users whether they want to "cash" the digital check or not.
>
>I do not believe it is possible to have a secure executable that exists on
>an uncontrolled user's machine.  "Tamperproof" encryption chips still
>require communications in and out from the user's program.  A determined
>attacker could continue to use the pieces of their code that talk to the
>encryption chip.

>Never underestimate the allure of "free money" when you're planning to >give
>it away.

Methinks you don't understand e-cash.  It's not executable, and uses public key
crypto to prevent "minting".  It uses records to prevent replays.  In other
words, it'd be like Ed McMahon including a quarter in the envelope.  You'd only
be able to use it once....

/ If you think education is expensive, try ignorance.
/ Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
/ Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
/ Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
/ Member in good standing of the GNU whirled hors d'oeuvre






From unicorn at schloss.li  Mon Aug 26 23:21:03 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Tue, 27 Aug 1996 14:21:03 +0800
Subject: NSA's Venona Intercepts
In-Reply-To: <199608262018.NAA02361@netcom8.netcom.com>
Message-ID: <Pine.SUN.3.94.960827002525.6637B-100000@polaris>


On Mon, 26 Aug 1996, Bill Frantz wrote:

> At 10:49 AM 8/26/96 -0600, Rick Smith wrote:
> >One question that I haven't found answered in my perusals of the site is a
> >definitive statement of the cryptographic technology used by the Soviets.
> 
> I haven't revisited the site to check, but I distinctly remember a
> statement to the effect that the system was a one time pad system. 
> However, due to a mistake somewhere in the chain, some of the one time pads
> were used twice.  The resulting two time pad system gave NSA the wedge they
> needed to recover what they have.

I seem to recall an exhibit on Verona including a proported Soviet OTP at
the National Cryptologic Museum in MD.

> 
> 
> -------------------------------------------------------------------------
> Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
> (408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
> frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA
> 
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From drifter at c2.net  Mon Aug 26 23:21:21 1996
From: drifter at c2.net (Drifter)
Date: Tue, 27 Aug 1996 14:21:21 +0800
Subject: File System Encryption
Message-ID: <3221922d.3171340@c2.org>


I'm aware of the three main disk encryption programs SFS, SECDRV, and
SECDEV, but I need to find a solution that works with Windows 95 32bit
or Windows NT 4.0.

I'm currently using SFS 1.17 and Secure Drive under Win-95, but am
unable to continue to work in dos compatability mode due to severe
performance hits.  I am open to commercial products that have passed
peer review, but know of none.

If anyone could suggest a solution (outside of switching OS's), I
would be *most* gratefull.

Please respond to the list, as I am a subscriber under another
account.

The Drifter






From adam at homeport.org  Mon Aug 26 23:23:14 1996
From: adam at homeport.org (Adam Shostack)
Date: Tue, 27 Aug 1996 14:23:14 +0800
Subject: Whistleblowing on the Internet
In-Reply-To: <v03007802ae47e8a83d6d@[128.252.112.220]>
Message-ID: <199608270353.WAA25380@homeport.org>


Geoffrey Gussis wrote:

| Overall, I am quite surprised that there isn't a whistleblowing
| clearinghouse on the Internet; a site sponsored by a non-profit that lists
| email addresses and secure forms for sending anonymized email to those
| areas of the public and private sector that deal with whistleblowing.  As
| the Internet is a great medium for information dissemination, and offers
| significant privacy advantages, I really expected to find much more.

	Such a clearinghouse is what we call a fat target; something
likely to attract attention since wiretapping it could be very useful
to an organization that worried about having a whistleblower.

	As such, the correct attitude towords whistleblowing is to use
an anonymous remailer, and send to interested parties.  That's how the
AT&T deal that sunk the des phones and made clipper a household word
was publicized; a member of the list(?) interested party sent a
number of interesting documents through remailers to cypherpunks.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From cmcurtin at ee.net  Mon Aug 26 23:25:16 1996
From: cmcurtin at ee.net (C Matthew Curtin)
Date: Tue, 27 Aug 1996 14:25:16 +0800
Subject: libelous action
In-Reply-To: <960826212342_76473.1732_BHT114-1@CompuServe.COM>
Message-ID: <199608270042.UAA04986@goffette.research.megasoft.com>


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "JOHN" == JOHN E HOLT <76473.1732 at CompuServe.COM> writes:

JOHN> Dear Mr. Curtin 
JOHN> Your statements about myself and my product, The
JOHN> POUCH are defamatory.  Since they have been made in writing and
JOHN> shown to and seen by other parties on the Internet, they
JOHN> constitute libel. Please admit to all parties that you have no
JOHN> personal knowledge of my product capabilities or my personal
JOHN> character or reputation.  Failure to do so at once will result
JOHN> in legal action against you personally and Megasoft.

As my signature said, I speak only for myself. I am not a
representative of Megasoft in any official capacity. That which I have
posted does not represent the views of Megasoft, its employees, its
shareholders, its customers, its business partners, its landlord, its
employees' mothers, and is in no way representative of any person
living or dead, other than myself.

I have no knowledge of JOHN E HOLT <76473.1732 at CompuServe.COM>. The
only knowledge I have of THE POUCH is its web site, found at 
http://www.flagler.com/security.html

On 18 August 1996, I posted to the Cypherpunks mailing list, a note
regarding THE POUCH, which included this paragraph:

    If it is any good, there's no way for us to know. But your
    marketing of the product has every indication that it's nothing
    more than smoke and mirrors. To coin a phrase, "pseudocrypto."

I, speaking only on behalf of myself, stand by this statement. I do
not apologize for my comments. If you, Mr. Holt, feel that this is a
personal attack against you, I regret that you've misunderstood the
tone and nature of my post. My statement is hardly libelous; I simply
observed that if your product is truly secure, there is no means by
which security experts can verify such claims.

Study of computer security has shown that obscurity (using unpublished
algorithms, for example) is not "security." By perpetuating confusion
between the two terms, nonexpert users of crypographic software are
hard pressed to make good decisions about what they use, and the risks
of the software they're using. Hiding the internals of such software,
claiming that it is "highly resistant to all known forms of
cryptographic attack," is, in my opinion, irresponsible marketing. It
is my hope that future marketing endeavors of THE POUCH will be more
open and straightforward in its approach to security, providing
evidence of a crystal-box architecture, whose security can be more
objectively determined by potential customers.

Hiding a paper from me by putting it somewhere in New York City is
obscurity. If you hide a paper from me by putting it in a safe, and then
give me the safe, and the technical documentation of the safe's
locking mechanism, and I still can't get the paper, then *that* is
security.

(And, by the way, I think you'll find insisting that I somehow retract
my statements, rather than prove me wrong by showing the quality of
your product, will likely further add to the suspicion that the
security of THE POUCH cannot be proven.)

- -- 
C Mattew Curtin
cmcurtin at ee.net

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Have you encrypted your data today?

iQCVAwUBMiJEYRhyYuO2QvP9AQFPmwQAgimf3IhoX4wMPPNk7JY9nlFDJG2K/gO3
Xnd7ygPYAhz4BRaEl6SAaOOWiKjBA1l5EI5GhZdTL0WIWdKQv5MJROElzTVcY7nx
Tq1wysgTRTLjt7XQS2FyIa1S7OSvyhJttAslbJjpl+PqCwT18bhr3Oh9Cp2g1LRq
sNxdtB1BtQQ=
=I28g
-----END PGP SIGNATURE-----





From rwright at adnetsol.com  Mon Aug 26 23:28:53 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Tue, 27 Aug 1996 14:28:53 +0800
Subject: libelous action
Message-ID: <199608270323.UAA13852@adnetsol.adnetsol.com>


Sirs:

If I was John E. Holt, I would take a different public relations 
tack.  I would seek positive input, not a negative reaction to 
criticism.  Or I would ignore the critique altogether.

Ross Wright


On Or About: 26 Aug 96, 22:29, Perry E. Metzger wrote:

> demonstrate that. If Mr. Holt would like to sue me, he's invited to.
> I'm sure he'll be at least as likely to follow up as Karl Denninger
> or "Dr." Fred C. Cohen.
> 
> Perry
> 
> C Matthew Curtin writes:
> > JOHN> Dear Mr. Curtin 
> > JOHN> Your statements about myself and my product, The
> > JOHN> POUCH are defamatory.  Since they have been made in writing
> > and JOHN> shown to and seen by other parties on the Internet, they
> > JOHN> constitute libel. Please admit to all parties that you have
> > no JOHN> personal knowledge of my product capabilities or my
> > personal JOHN> character or reputation.  Failure to do so at once
> > will result JOHN> in legal action against you personally and
> > Megasoft.
> [...]
> > I, speaking only on behalf of myself, stand by this statement. I
> > do not apologize for my comments. If you, Mr. Holt, feel that this
> > is a personal attack against you, I regret that you've
> > misunderstood the tone and nature of my post. My statement is
> > hardly libelous; I simply observed that if your product is truly
> > secure, there is no means by which security experts can verify
> > such claims.
> 





From unicorn at schloss.li  Mon Aug 26 23:36:39 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Tue, 27 Aug 1996 14:36:39 +0800
Subject: The POUCH
In-Reply-To: <960826234448_76473.1732_BHT119-3@CompuServe.COM>
Message-ID: <Pine.SUN.3.94.960827002927.6637D-100000@polaris>


On 26 Aug 1996, JOHN E. HOLT wrote:

> The Pouch uses a 64 x 64 block product cipher, a 1024 bit random initialization
> vector and the CBC technique.  Most experts agree that such an implementation is highly resistant to all forms of cryptographic attack.
> Hellman and Dilfie rely on knowing the algorithm for their known plain text attacks
> An unpublished algorithm forces them into reverse engineering the computer
> programs to learn the algorithm. The POUCH has many roadblocks built in
> to prevent this.
> I refer to Cummings, Cryptography and Data Security pages 150 and 98 in this regard.
> John Holt

Yes fine, but with an untested algorithm how do you propose to provide for
peer review, or do you propose that the authors of "The Pouch" are too
expert to need/require the input of fellow professionals?

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From jimbell at pacifier.com  Mon Aug 26 23:43:43 1996
From: jimbell at pacifier.com (jim bell)
Date: Tue, 27 Aug 1996 14:43:43 +0800
Subject: Sen. Leahy's "impeccable cyberspace credentials"
Message-ID: <199608270304.UAA07482@mail.pacifier.com>


At 09:50 AM 8/26/96 -0700, Declan McCullagh wrote:
>---------- Forwarded message ----------
>Date: Mon, 26 Aug 1996 12:23:57 -0400
>From: Jonah Seiger <jseiger at cdt.org>
>To: Declan McCullagh <declan at eff.org>
>Cc: shabbir at vtw.org, fight-censorship at vorlon.mit.edu, brock at well.com,
>    telstar at wired.com
>Subject: Re: INFO: Democratic convention chats online! Be there! (8/25/96)
>Declan:
>In a world where we have very few real friends, I simply don't understand
>what you are trying to accomplish. It's fine (and healthy) to raise
>concerns about the particular positions a member of Congress takes (hell, I
>don't agree with everything Leahy does), but to simply dismiss Leahy as a
>'no friend of the Net'  is naive and counterproductive.
>
>Look at the record. Leahy is hands down the strongest supporter of the Net
>in Congress. Period. No other Member (including our small but growing
>handful of other friends like Burns, White, Wyden, Cox, Eshoo, etc) has
>been a more forceful or consistent advocate for your causes for as long as
>Leahy has. What exactly do you want? Perhaps we should elect you to
>Congress and see how well you can do.

Leahy's crypto bill sucked, bigtime.  The portion of the bill criminalizing 
the use of encryption that had the effect of thwarting a government 
investigation is classic, "foot in the door" creeping government 
manipulation.  I was particularly disgusted to notice that a number of the 
traditional net-freedom organizations rushed to announce that they were in 
favor of that bill, without even a few days of analysis, and did not retract 
or even restrict that support when a more careful study (specifically, that 
of Peter Junger) showed how seriously flawed it was.  Indeed, I never saw 
another analysis that purported to defend Leahy's bill, despite the fact 
that it would have been the responsibility of any organization which claimed 
support of it to prepare one.

I believe that it is particularly suspicious that these bills come into 
existance without even cursory "vetting" on the Internet.  Both the Leahy 
bill and even the Burns crypto bill popped into public view without any 
indication of how they were written, or any public input on their intent and 
scope.  Perhaps this "take it or leave it" practice is old hat to 
politicians, but frankly I'm disgusted at politicians' presumption that they 
can prepare a law with no identifiable input from the public.

I am similarly disgusted at any organization (even if, ostensibly, acting in 
support of "net freedom") that assisted in the development of the Leahy 
crypto bill (and to some extent, even the Burns bill) because they clearly 
failed to solicit the kind of public input that such bills should 
automatically get.

And in a sense, "the Net" doesn't NEED "strong supporters": what we need are 
politicians who are willing to LEAVE US ALONE!  It should come as no 
surprise that the call you frequently see among net-freedom- supporters for 
new legislation is that which repeals existing restrictive laws, such as 
ITAR and censorship laws.  

Jim Bell
jimbell at pacifier.com





From markm at voicenet.com  Tue Aug 27 00:44:18 1996
From: markm at voicenet.com (Mark M.)
Date: Tue, 27 Aug 1996 15:44:18 +0800
Subject: pgpcrack v0.99b
Message-ID: <Pine.LNX.3.95.960827000916.166A-100000@gak>


-----BEGIN PGP SIGNED MESSAGE-----

I've finally gotten around to adding secret key cracking support to pgpcrack.
There also have been a few minor code changes to speed things up a bit.  The
source and cooresponding signature are located at
http://www.voicenet.com/~markm/pgpcrack.html.  Bug reports and suggestions are,
as always, welcome.

- -- Mark

PGP encrypted mail prefered.
Key fingerprint = d61734f2800486ae6f79bfeb70f95348
http://www.voicenet.com/~markm/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQEVAwUBMiJ0WCzIPc7jvyFpAQGaKAgAg5x5U26uy1JJYv2lVKSHItFYOuTVa+qL
EBL39NsscrZCuPSYmmm75AgjBJFR4giQ9mDA4QYvxg7Es1O7guX9oq5NHGowLGHH
uJblF2pA6T+faQto3oJ0sVLJ4EyekRW0tZWz+TjIUO/c9ijWnciXJuIZ8YAJJRHO
2la92IFiy9d6hab2p7lvQn6MOB0mHjioS1iWvOTaqHpkpjRQm5GSbWA7Hx913LeE
sAZM4FkI+KyujaatbuDjpemZ9R04BOmE4aDHuDY3TYAThWUz9sFpQuB8a0fe6Gwi
GupMq1dsovbmtO7AOKeoo7l4va/0l6Pmji5/5cInKHftNbE+1sHaTg==
=nxzL
-----END PGP SIGNATURE-----






From perry at piermont.com  Tue Aug 27 00:44:28 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 27 Aug 1996 15:44:28 +0800
Subject: libelous action
In-Reply-To: <199608270042.UAA04986@goffette.research.megasoft.com>
Message-ID: <199608270229.WAA27445@jekyll.piermont.com>



Mr. Curtin;

You are too kind. I suspect that 'The Pouch' is a piece of junk,
although the lack of public disclosure makes it impossible to
demonstrate that. If Mr. Holt would like to sue me, he's invited
to. I'm sure he'll be at least as likely to follow up as Karl
Denninger or "Dr." Fred C. Cohen.

Perry

C Matthew Curtin writes:
> JOHN> Dear Mr. Curtin 
> JOHN> Your statements about myself and my product, The
> JOHN> POUCH are defamatory.  Since they have been made in writing and
> JOHN> shown to and seen by other parties on the Internet, they
> JOHN> constitute libel. Please admit to all parties that you have no
> JOHN> personal knowledge of my product capabilities or my personal
> JOHN> character or reputation.  Failure to do so at once will result
> JOHN> in legal action against you personally and Megasoft.
[...]
> I, speaking only on behalf of myself, stand by this statement. I do
> not apologize for my comments. If you, Mr. Holt, feel that this is a
> personal attack against you, I regret that you've misunderstood the
> tone and nature of my post. My statement is hardly libelous; I simply
> observed that if your product is truly secure, there is no means by
> which security experts can verify such claims.





From nul at void.gov  Tue Aug 27 01:54:35 1996
From: nul at void.gov (The Prisoner)
Date: Tue, 27 Aug 1996 16:54:35 +0800
Subject: The POUCH
In-Reply-To: <Pine.SUN.3.94.960827002927.6637D-100000@polaris>
Message-ID: <32229A88.5F7E@void.gov>


> 
> On 26 Aug 1996, JOHN E. HOLT wrote:
> 
> > The Pouch uses a 64 x 64 block product cipher, a 1024 bit random initialization
> > vector and the CBC technique.  Most experts agree that such an implementation is highly resistant to all forms of cryptographic attack.
> > Hellman and Dilfie rely on knowing the algorithm for their known plain text attacks
> > An unpublished algorithm forces them into reverse engineering the computer
> > programs to learn the algorithm. The POUCH has many roadblocks built in
> > to prevent this.

There's another live one on sci.crypt, about "market leader" Genio USA; some good chuckles there.
Check out http://www.geniousa.com/genio/

Where's that snakeoil FAQ?  Any progress?





From stewarts at ix.netcom.com  Tue Aug 27 01:54:56 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Tue, 27 Aug 1996 16:54:56 +0800
Subject: Hackers invade DOJ web site
Message-ID: <199608270627.XAA02547@toad.com>


At 08:35 PM 8/20/96 -0700, some anonym remailer user wrote:
>All webservers (except maybe Spinner?) are riddled with buffer overrun
>bugs and other similar security holes.  If you run a webserver, you
>should basically assume that anyone who really wants a shell on your
>machine can get one.  Grab your favorite webserver and grep for
>sprintf.

Fred Cohen put out an 80-line-C GET-only HTTP server which is
short enough to verify that it doesn't have security bugs
like memory leaks, etc.  It's not blazingly fast,
and all it does is server pages, but it's clean.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From stewarts at ix.netcom.com  Tue Aug 27 01:55:50 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Tue, 27 Aug 1996 16:55:50 +0800
Subject: Edited Edupage, 18 Aug 1996 [SATELLITES]
Message-ID: <199608270627.XAA02553@toad.com>


At 12:35 AM 8/21/96 -0800, mccoy at communities.com (Jim McCoy) wrote:
>You want to avoid moving parts like the plague in orbit.  They eventually
>wear out or fail and once that happens you have a very expensive piece of
>junk in orbit.  Solid-state storage is the _only_ way to go if you want to
>avoid things like neding to pressurize the drive (eliminating any cost
>advantage over solid-state.) 

Why do you need to pressurize the drive?  Most hard disk drives
for the last N years have been airtight sealed containers,
haven't they?  (Removables are different, of course.)

I'd worry far more about the stresses of launch bothering
the drives.

> Its not like you can go up to swap a dead drive
> out you know...

You do obviously want RAID and/or mirrored drives.

> Solid-state

Most government space computer equipment has expensive RAD-hardended RAM;
it's much cheaper and probably more effective to just use conventional
RAM with ECC and shield it a bit.  At least at one time, the most powerful
computer on the Space Shuttle was the Compaq 386/25 laptop that one
of the astronauts brought along for some non-mission-critical work;
most of the built-in computers were 1 MIPS or less.

>The big problem is that no one has data that is worth protecting enough to
>make such a venture pay off.

Yup.  Ego would be a good motivation, if you know somebody with enough
spare cash :-)

While it would be nice to have satellites around all the time,
even one or two smallsats could provide services on a several-times-daily
basis which would be enough to do private email.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From unicorn at schloss.li  Tue Aug 27 02:12:13 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Tue, 27 Aug 1996 17:12:13 +0800
Subject: libelous action
In-Reply-To: <199608270229.WAA27445@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.94.960827023435.12189B-100000@polaris>


On Mon, 26 Aug 1996, Perry E. Metzger wrote:

> 
> Mr. Curtin;
> 
> You are too kind. I suspect that 'The Pouch' is a piece of junk,
> although the lack of public disclosure makes it impossible to
> demonstrate that. If Mr. Holt would like to sue me, he's invited
> to. I'm sure he'll be at least as likely to follow up as Karl
> Denninger or "Dr." Fred C. Cohen.
> 
> Perry
> 
> C Matthew Curtin writes:
> > JOHN> Dear Mr. Curtin 
> > JOHN> Your statements about myself and my product, The
> > JOHN> POUCH are defamatory.  Since they have been made in writing and
> > JOHN> shown to and seen by other parties on the Internet, they
> > JOHN> constitute libel. Please admit to all parties that you have no
> > JOHN> personal knowledge of my product capabilities or my personal
> > JOHN> character or reputation.  Failure to do so at once will result
> > JOHN> in legal action against you personally and Megasoft.
> [...]
> > I, speaking only on behalf of myself, stand by this statement. I do
> > not apologize for my comments. If you, Mr. Holt, feel that this is a
> > personal attack against you, I regret that you've misunderstood the
> > tone and nature of my post. My statement is hardly libelous; I simply
> > observed that if your product is truly secure, there is no means by
> > which security experts can verify such claims.

As an attorney I can say that not only would I happily represent anyone
Mr. Holt sued for libel, but I would consider my contingency fee a free
lunch.  I wouldn't even bother preparing for the pre-trial hearing.

Truth, afterall, is an absolute defense to libel.

Your threat to sue is, clearly, merely an attempt to stifle any effort to
criticize your product.

I believe a more accurate legal view is that you are committing fraud by
misrepresenting "The Pouch" as a more potent implementation than it really
is.

You state:

> The Pouch uses a 64 x 64 block product cipher, a 1024 bit random
> initialization vector and the CBC technique.  Most experts agree that
> such an implementation is highly resistant to all forms of cryptographic
> attack.

This position has been refuted by at least one expert on this list.

I would remind you that each and every sale you make of this product, when
based on material misrepresentation, constitutes a fraud.  If made by
wire, as these sales seem they may, they represent wire fraud.  That's one
count of fraud and one count of wire fraud.  If a check is sent to you via
mail, that's a count of mail fraud to boot.

As you have been warned now of the flaws in your system, I don't think you
have much of a defense unless you can produce some experts to support your
own view of the cipher.  I won't hold my breath.

I am constantly amazed that people advertize new crypto products on this
list and then whine when they are literally decimated as to their
technical merit.

Go sell to children if your product can't stand the intelligence of
adults.

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li







From alano at teleport.com  Tue Aug 27 02:20:53 1996
From: alano at teleport.com (Alan Olsen)
Date: Tue, 27 Aug 1996 17:20:53 +0800
Subject: [noise] Re: Cypherpunk voting - ITAR or CDA
Message-ID: <3.0b11.32.19960826233512.00bb673c@mail.teleport.com>


Jim Ray wrote:
>If the Republican candidate had been Forbes, there might have been a "don't 
>let the great be the enemy of the good" argument against voting 
>Libertarian.

If Forbes was the current Republican canidate, the nation would be spending
itself into debt dealing with all of the therapy bills resulting from their
childrens minds being irreversably damaged from looking at the Forbe's smile
on the news every night.  Forbes looks to me like H.P. Lovecraft tried to
design a cannidate.  What Eldrich bargains has he made to get to any sort of
public acceptance with a smile like that?

> As it stands now, Dole is, at best, arguably the "lesser of 2 
>evils," which still comes out evil in my book. As the designated partisan 
>Libertarian on the list, I urge all cypherpunks to vote their consciences 
>and pick Harry Browne and Jo Jorgensen. The mere fact that the media is 
>[grudgingly] covering us suggests we are finally doing something right, and 
>Harry is winning many Internet polls despite much fawning, hopeful coverage 
>for the big-eared billionaire hypocrite stealth-candidate, who has no 
>position but certainly would enjoy having the TLAs investigate his enemies.

I have seen little to no coverage of the Libretarians this (or any) year.
And even less coverage than usual now that they have a canidate who is even
worth voting for.  (I guess I won't vote for Pat Paulsen after all...)

As for the Perotbots...  Maybe someone should tell them what "perot" means
in French.

>I fully accept that it is likely Dole or Clinton will win, but I think it 
>will fill an important cypherpunk goal if the Libertarian Party candidates 
>get a vote large enough to be the margin of victory, and I will be very 
>proud of my vote, no matter who wins this election. Vote your consciences 
>for your own sake, and the sake of the children who will inherit the debt 
>of the irresponsible statists in power now.

And if Dole wins and dies in office, they could just pickle him and no one
would notice.  It would not be the first time we had a dill-dole running the
country.
---
|  "Remember: You can't have BSDM without BSD. - alan at ctrl-alt-del.com  "|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From bf578 at scn.org  Tue Aug 27 02:21:53 1996
From: bf578 at scn.org (SCN User)
Date: Tue, 27 Aug 1996 17:21:53 +0800
Subject: Microsoft Explorer security hole (fwd) MSoft's reply...
Message-ID: <199608270144.SAA18367@scn.org>




Date: Thu, 22 Aug 1996 15:49:33 -0700
From: Thomas Reardon <thomasre at MICROSOFT.com>
Subject: Re: Internet Explorer security problem (Felten, RISKS-18.36)
 
  >We have discovered a security flaw in the current version (3.0) of
  >Microsoft's Internet Explorer browser running under Windows 95.  An
  >attacker could exploit the flaw to run any DOS command on the machine 
  >of an Explorer user who visits the attacker's page.
 
We now post the virus warning dialog on local files (file: urls).  We have
always posted it on remote files (http: urls).  Note that the root of the
problem is not Java or the browser, but in macro-enabled applications.  IE3
has a mechanism to warn users about safety of documents when used with
common macro-enabled applications.  We are have updated Microsoft Word such
that by default it will not run macros embedded in documents.
 
-Thomas
 

>
>
>
>---------- Forwarded message ----------
>Date: Mon, 26 Aug 1996 01:35:07 GMT
>Subject: Microsoft Explorer security hole (fwd)
>
>On Sun, 25 Aug 1996 13:55:30 -0600 (MDT), Carl Nation
><carl at iserver.com> wrote:
>
>To our Resellers/Customers,
>
>Our sysadmin received this security alert, and we thought we should
>pass it along...
>
>------- Forwarded Message
>
>Date: Wed, 21 Aug 1996 13:12:59 -0400
>From: felten at CS.Princeton.EDU (Ed Felten)
>Subject: Internet Explorer Security Problem
>
>We have discovered a security flaw in the current version (3.0) of
>Microsoft's Internet Explorer browser running under Windows 95.  An
>attacker could exploit the flaw to run any DOS command on the machine of
>an Explorer user who visits the attacker's page.  For example, the
>attacker could read, modify, or delete the victim's files, or insert a
>virus or backdoor entrance into the victim's machine.  We have verified
>our discovery by creating a Web page that deletes a file on the machine of
>any Explorer user who visits the page.
>
>The core of the attack is a technique for delivering a document to the
>victim's browser while bypassing the security checks that would
>normally be applied to the document.  If the document is, for example, a
>Microsoft Word template, it could contain a macro that executes any DOS
>command.
>
>Normally, before Explorer downloads a dangerous file like a Word
>document, it displays a dialog box warning that the file might contain a
>virus or other dangerous content, and asking the user whether to abort the
>download or to proceed with the download anyway.  This gives the user a
>chance to avoid the risk of a malicious document.  However, our technique
>allows an attacker to deliver a document without triggering the dialog
>box.
>
>Microsoft has been notified and they are working on fixing the
>problem. Until a remedy is widely available, we will not disclose further
>details about the flaw.
>
>For more information, contact Ed Felten at felten at cs.princeton.edu or
>609-258-5906.
>
>Dirk Balfanz and Ed Felten
>Dept. of Computer Science, Princeton University
>http://www.cs.princeton.edu/sip/
>
>------- End of Forwarded Message
>
>
>
>
>



--
------------------------------------------
There are no facts, only interpretations.

I always wanted to be somebody, 





From rp at rpini.com  Tue Aug 27 02:23:02 1996
From: rp at rpini.com (Remo Pini)
Date: Tue, 27 Aug 1996 17:23:02 +0800
Subject: cryptocd grabbing material
Message-ID: <9608270702.AA28238@srzts100.alcatel.ch>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Tue Aug 27 09:01:57 1996
If anyone out there knows of anything I should (and am allowed to) put on 
the cryptocd (check www.rpini.com/crypto/cryptocd.html), let me know.

If anyone out there knows of anything I MUSTN'T put on the cryptocd (due to 
copyright, law or whatsnot), let me know also.

Thanks,

Remo Pini

- ------< fate favors the prepared mind >------
Remo Pini                        rp at rpini.com
PGP:  http://www.rpini.com/crypto/crypto.html
- ----< words are what reality is made of >----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMiKdZhFhy5sz+bTpAQEg9gf9EY+SvhGMW1iKB+2U0JVNs3zDqGPNkYpJ
zM9WW2oxTtTWn4znjMTXWEVAbGzmdZCkmgHsN3tFWwkWxIYxXrfFcInPNqCzxcXG
DZHcQ2nNkH1MOnQ0Wzp9l9riz8TBCzbZNtJsPoVKMup6qAGLV6ninCrAKBGaQJmY
1KR3yez3OVq04SkRXUjXKQRjwtKH2OWmZfzSormEwphHvjgE0nPJhLB9gnVDevTw
lSY3YP2NBPtIlaJbxohkvro8Mm+FGIk2vVoOY6cXwFcpZWONtyiwZPiYQzFfcOzw
yjbIzGU8qU5MH58MeS/wZuTVzHhtmRl7lCLYS2xPH73ZpgvUh3ZDsw==
=LGSU
-----END PGP SIGNATURE-----






From nobody at replay.com  Tue Aug 27 02:35:02 1996
From: nobody at replay.com (Anonymous)
Date: Tue, 27 Aug 1996 17:35:02 +0800
Subject: No Subject
Message-ID: <199608270711.JAA08793@basement.replay.com>


On Mon, 26 Aug 1996, Geoffrey Gussis wrote:

> Overall, I am quite surprised that there isn't a whistleblowing
> clearinghouse on the Internet; a site sponsored by a non-profit that lists
> email addresses and secure forms for sending anonymized email to those
> areas of the public and private sector that deal with whistleblowing.  As
> the Internet is a great medium for information dissemination, and offers
> significant privacy advantages, I really expected to find much more.

http://www.greatworld.com/ Used to have a whole pile of web accessable 
databases dealing with political corruption, crooked cops, government waste, 
and a database of alleged child molesters...  I beleive the site had to be 
shut down due to massive abuse, though.  The sponsor of the site was/is a 
guy named Tony Gatlin, his phone number was/is 615-859-3710. The company he 
worked for was/is called Self Test Software (selftestsoftware.com), but 
the company web page is defunct now as well. I'm guessing a massive libel suit
led to his untimely dissapearance from the net, but i could be wrong.. 

I'd say that he could probably contribute a paragraph or two on the 
problems facing people who try to engage in "whistle-blowing" on the net,
and could give a few good reasons why you aren't finding more services 
dealing with this sort of thing. Anonymity is great, if you really have 
something to say, but unfortunately for many people anonymity is nothing 
but a tool to injure others with impunity.



"Peaceful confrontation, meet war machine."   -Slayer
  "This time, I'm voting with a bullet."      -Corrosion of Conformity






From apache at quux.apana.org.au  Tue Aug 27 02:58:20 1996
From: apache at quux.apana.org.au (Charles Senescall)
Date: Tue, 27 Aug 1996 17:58:20 +0800
Subject: Threat to Australian internet WAS Re: USPS
In-Reply-To: <Pine.BSI.3.91.960826085230.20367B-100000@wichita.fn.net>
Message-ID: <Pine.LNX.3.91.960827164126.511G-100000@quux.apana.org.au>


On Mon, 26 Aug 1996, Bruce M. wrote:

If u think this is a worry, u should take a look at what the government 
owned monoploly telco here in Australia is doing..

On Mon, 26 Aug 1996, Bruce M. wrote:

> On Fri, 23 Aug 1996, 
William H. Geiger III wrote: > 
> > Once in place all the goverment needs to do is ban all e-mail not sent
> > through their system. Add this to the outlawing of all non-keyescrowed 
> > encryption, and the ability to archive all messages sent through their 
> > system. Now the goverment would have total access to everything you 
> > wright. 
> 
>     Why not?  I believe it is already illegal to place anything in a 
> person's physical mail box that the post office hasn't processed.  For 
> the sake of preserving the 'integrity and security' of the Internet I 
> can see the govt. taking such future actions.

Or 'they' can use our Telco (Tel$tra) 's approach and introduce 
_timecharged_ local data calls as it is trying to do here in Australia.

What better or easier way to destroy our meagre outlet for free speech 
than to cost it out of existance.

See Stewart Fist's excellent article on the subject currently available 
on "The Australian" newspapers site:

<A HREF="http://www.australian.aust.com/computer/columns/fistcom.htm">

See also draft legislation at

<A HREF="http://www.dca.gov.au/govtpol.html">

and Universal Telco Service Obligations at

<A HREF="http://www.dca.gov.au/"> (many references) 

They took our firearms last month..they're comin back for the net this month.

-- 
   .////.   .//    Charles Senescall            apache at quux.apana.org.au
 o:::::::::///     Fuck TEL$TRA          
>::::::::::\\\     Finger me for PGP PUBKEY           Brisbane AUSTRALIA
   '\\\\\'   \\    http://quux.apana.org.au/~apache/ 
    DO something for your country: Butt slap a politician this xmas








From choi at virtu.sar.usf.edu  Tue Aug 27 04:17:11 1996
From: choi at virtu.sar.usf.edu (Charles Choi)
Date: Tue, 27 Aug 1996 19:17:11 +0800
Subject: LACC: Metacomputing : got it from EurekAlert
Message-ID: <Pine.SUN.3.93.960826233902.25039B-100000@virtu>


Metacomputing: Sharing Hardware Could Put Cash in Your Pocket

While you're asleep, your home computer signs onto the Internet and looks
for work. By morning, it's done complex calculations for a scientist in
London, designed an ad for an Arizona business--and fattened up your bank
account. 

This scenario--called metacomputing--could become a reality in the very
near future, says Baruch Awerbuch, a professor of computer science at The
Johns Hopkins University.  He is studying the economics of sharing
computer power over the Internet, including pricing and marketing issues.
There is money to be earned, Awerbuch says, by tapping the enormous power
that lies dormant while computer owners are asleep, at lunch or merely
away from their terminals.  At such times, these computers could earn
extra cash by doing remote work for researchers or business owners in
other locations. People who need extra computing horsepower or special
equipment for a one-time project will line up to lease time on these idle
machines, Awerbuch believes, because renting someone else's computer costs
far less than buying a new one. 

"It makes huge economic sense," Awerbuch says. "For example, if once in a
lifetime you want to use a fancy program that only runs on a particular
piece of hardware, why do you need to buy this piece of hardware? Instead,
you could lease a cycle on that machine in exchange for some economic
favor. The opportunities are endless." 

Most of the technology to share hardware over telephone lines or some
other network already exists.  What's needed, the researcher says, is a
system for buying and selling cycles of time on idle machines, along with
safeguards to make sure "renters" can't pry into an owner's files. It will
also require a change in the close attachment most people feel toward
their computers. 

"People are accustomed to using only the machines that they've purchased," 
Awerbuch says. "They're not used to using machines that are not their own.
Yet it seems silly to invest lots of money to buy more computing power
when all you have to do is utilize what's already out there. Think of it
this way: 90 percent of the computing power in the world is inaccessible
to people, simply because we haven't set up the right mechanism to help
one another." 

Here's how that mechanism might work, Awerbuch says: An accountant owns a
PC. It crunches numbers perfectly but can't handle the elaborate graphic
design work needed to create a splashy business brochure. The accountant
posts a note on the Internet, offering 50 cents a minute any time that
week for remote use of a Macintosh computer with graphics software. If the
brochure is needed within the next hour or two, the accountant might offer
$5 a minute for immediate access. A Macintosh owner, or an unattended
machine that searches the Internet for work whenever it is idle, responds.
The accountant takes temporary control over the Mac terminal, which might
be located anywhere in the world. When the project is completed, the
accountant issues an electronic payment for the time. 

This same system could allow a hospital to lease time on powerful
computers elsewhere for demanding jobs such a medical imaging. Other
companies could break complex tasks into small pieces, then farm them to
small outside computers. Hardware owners could also post notices on the
Internet, describing their machines, hours of availability, memory
capacity and software. 

People who are reluctant to loan their lawn mower to a neighbor may be
even less inclined to let perfect strangers use their computers by remote
control. But Awerbuch believes these transactions can be sound and
profitable. 

"This sharing should not be viewed as an altruistic thing, nor as some
kind of a Communist idea, where you don't own anything personally and you
must share with other people,"  he says. "To the contrary, this is purely
an entrepreneurial arrangement, where you trade what you own in exchange
for cash or some other economic benefit. The policies and approaches will
be totally up to the individuals or companies or whoever is doing it. It
could be quite interesting to see this electronic marketplace in action." 

This research, by Awerbuch and co-principal investigator Yair Amir,
assistant professor of computer science at Hopkins, is funded entirely by
a $1 million three-year federal grant from the Advanced Research Project
Agency, Technology Management Office. 

Johns Hopkins University news releases can be found on the World Wide Web
at http://www.jhu.edu/news_info/news/

In addition, Johns Hopkins University science and medical news releases
can be accessed on-line through the following services: 

CompuServe in the SciNews-MedNews library of the Journalism Forum under
file extensions ".JHM" or ".JHU"; also in NASW Online in the same forum. 

Quadnet: send email to: scitech at quadnet.vyne.com. In the body of the
message type "info Quadnet." 

EurekAlert! at http://www.eurekalert.org 



							Sincerely.
							Quentin Holte.
							( aka Charles Choi. ) 
							
							You are all the Buddha.
								- Last words
								  of Buddha.

							If you see the Buddha,
                                            		             kill him.
                                                                - Zen proverb.







From stewarts at ix.netcom.com  Tue Aug 27 04:32:51 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Tue, 27 Aug 1996 19:32:51 +0800
Subject: [noise]Re: The grey lady puts on some boots and rides a horseman or two...
Message-ID: <199608270848.BAA04297@toad.com>


Another interesting connection is that John Aristotle Phillips
is the former Princeton student who designed an atom bomb
as his junior physics project.  (He wasn't a brilliant physicist -
he was trying to save his grade point average by doing a good paper :-)
Senator Feinstein, of course, is a leader in the "Bomb Info Off Lists"
movement....

At 07:45 AM 8/22/96 -0700, Declan wrote:
...
>I met Polly's father at the "Kids off Lists" press conference in front of
>the Capitol in June. He's an irascable fellow, and there's more to the
>story than you might think at first. 
...
>http://www.muckraker.com/muckraker/96/24/index3a.html
....
>The report drove Representative Bob Franks (R-New Jersey) and Senator
>Dianne Feinstein (D-California) to introduce the "Children's Privacy
>Protection and Parental Empowerment Act." The idea is to keep kids'
>names off direct marketing lists. It's a good concept, but it's short
>on focus and long on fear - the fear that gathering such information
>can lead to child abuse or worse.
......
>But there's a subplot here. The actual driving force and financial
>backer of KOL is John Phillips, who runs Aristotle Publishing, a
>political software company in Washington, DC. Phillips, as it turns
>out, has been in a kind of run-and-shoot legal battle with Donnelley
>for the past five years, according to an article in the Washington City
>Paper, an alternative weekly published in DC.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From cea01sig at gold.ac.uk  Tue Aug 27 07:53:41 1996
From: cea01sig at gold.ac.uk (Sean Gabb)
Date: Tue, 27 Aug 1996 22:53:41 +0800
Subject: Net Censorship in the Uk
Message-ID: <Pine.SUN.3.93.960827124127.16748C-100000@scorpio.gold.ac.uk>



You may have seen this already.  If so apologies.  However, it is a
blatant example of police oppression and stupidity.  If nothing else, just
imagine how much of the taxpayers' money it cost to decide
whether alt.binaries.erotica.fetish.feet contravenes the Obscene
Publications Act 1959.


Sean Gabb
Editor
Free Life

---------- Forwarded message ----------
Date: Mon, 26 Aug 96 15:44:45 BST
From: Sean Gabb <cea01sig at gold.ac.uk>
To: cea01sig at gold.ac.uk
Subject: theMet.html


  LETTER FROM THE METROPOLITAN POLICE
  
   
     _________________________________________________________________
   
   
   

METROPOLITAN POLICE SERVICE

Clubs and Vice Unit
Charing Cross Police Station
Agar Street
London WC2N 4JP

Telephone: 0171 321 7752
Facsimile:   0171 321 7762

To: All Internet Service Providers





Dear Sir / Madam

Pornographic Material on the Internet

Further to the seminar held at New Scotland Yard on 2nd August I enclose,
as promised by Superintendent Mike Hoskins, a list of those Newsgroups
which we believe contain pornographic material.

We have attempted to confirm that the Newsgroups listed currently contain
this offensive material but as you will be only too aware the content is
continually changing and you will need to satisfy yourself about the
nature and content before taking any action. Furthermore, this list is
not exhaustive and we are looking to you to monitor your Newsgroups
identifying and taking necessary action against those others found to
contain such material. As you will  be aware the publication of obscene
articles is an offence.

This list is only the starting point and we hope, with the co-operation
and assistance of the industry and your trade organisations, to be moving
quickly towards the eradication of this type of Newsgroup from the
Internet. At the seminar we debated the means of maintaining an up to
date list and you will recall that ISPA volunteered to pool information
and assist in this initiative. However, we are very anxious that all
service providers should be taking positive action now, whether or not
they are members of a trade association.

We trust that with your co-operation and self regulation it will not be
necessary for us to move to an enforcement policy.

Yours Faithfully


Stephen French
Chief Inspector


List
alt.binaries.pictures.boys
alt.binaries.pictures.child.erotica.female
alt.binaries.pictures.child.erotica.male
alt.binaries.pictures.children
alt.binaries.pictures.erotic.children
alt.binaries.pictures.erotica child
alt.binaries.pictures.erotica.child.female
alt.binaries.pictures.erotica.child.male
alt.binaries.pictures.erotica.children
alt.binaries.pictures.erotica.lolita
alt.binaries.pictures.erotica.pre-teen
alt.binaries.pictures.erotica.teen.fuck
alt.binaries.pictures.erotica.young
alt.binaries.pictures.lolita.fucking
alt.binaries.pictures.lolita.misc
alt.sex.boys
alt.sex.children
alt.sex.fetish.tinygirls
alt.sex.girls
alt.sex.incest
alt.sex.intergen
alt.sex.pedophile.mike-labbe
alt.sex.pedophilia.
alt.sex.pedophilia.boys
alt.sex.pedophilia.girls
alt.sex.pedophilia.swaps
alt.sex.pedophilia.pictures
alt.sex.pre-teens
alt.sex.teens
alt.sex.weight-gain 0000000928 0000000418 y
alt.fan.cock-sucking 0000001482 0000001311 y
alt.binaries.pictures.voyeurism 0000005117 0000004495
alt.binaries.pictures.lolita.fucking 0000001097 00000861 y
alt.binaries.pictures.erotica.voyeurism 0000011396 0000010495 y
alt.binaries.pictures.erotica.young 0000006499 0000005208 y
alt.binaries.pictures.erotica.uniform 0000001274 0000001110 y
alt.binaries.pictures.erotica.urine 0000005542 0000004911 y
alt.binaries.pictures.erotica.teen.fuck 0000003398 0000003162 y
alt.binaries.pictures.erotica.uncut 0000002220 0000001970 y
alt.binaries.pictures.erotica.spanking 0000005484 0000004927 y
alt.binaries.pictures.erotica.teen.female.masturbation 0000003770
0000003085 y
alt.binaries.pictures.erotica.pornstars 0000010919 0000010192 y
alt.binaries.pictures.erotica.pre-teen 0000004945 0000004100 y
alt.binaries.pictures.erotica.oral 0000013599 0000012668 y
alt.binaries.fetish.scat 0000000958 0000000842 y
alt.binaries.pictures.erotic.anime 0000001886 0000001724 y
alt.binaries.pictures.erotic.centerfolds 0000015743 0000014219 y
alt.binaries.pictures.erotic.senior-citizens 0000004426 0000003944 y
alt.binaries.pictures.erotica.animals 0000001511 0000001403 y
alt.binaries.pictures.erotica.art.pin-up 0000003274 0000002916 y
alt.binaries.pictures.erotica.breasts.small 0000004812 0000004400 y
alt.binaries.pictures.erotica.butts 0000010763 0000010048 y
alt.binaries.pictures.erotica.cheerleaders 0000010297 0000009498 y
alt.binaries.pictures.erotica.disney 0000001471 0000001281 y
alt.binaries.pictures.erotica.fetish.feet 0000008454 0000007840 y
alt.binaries.pictures.erotica.fetish.hair 0000003162 0000002804 y
alt.binaries.pictures.erotic.senior-citizens 0000004042 0000003695 y
alt.binaries.pictures.erotica.teen 0000005349 0000005098 y
alt.binaries.pictures.erotica.male.anal 0000004414 0000004164 y
alt.sex.pedophile.mike-labbe 0000001015 0000000752 y
alt.sex.masturbation 0000004038 0000002204 y
alt.sex.fetish.tickling 0000014620 0000011227 y
alt.sex.fetish.waifs 0000007005 0000005391 y
alt.sex.fetish.watersports 0000015798 0000012599 y
alt.sex.fetish.wrestling 0000008522 0000006281 y
alt.sex.first-time 0000007333 0000005072 y
alt.sex.fetish.girl.watchers 0000006418 0000003795 y
alt.sex.homosexual 0000025299 0000020411 y
alt.sex.incest 0000016099 0000009889 y
alt.sex.intergen 0000012715 0000010756 y
alt.sex.jp 0000003101 0000002194 y
alt.sex.magazines 0000016261 0000012956 y
alt.sex.masturbation 0000066212 0000058405 y
alt.sex.movies 0000090182 0000084718 y
alt.sex.necrophilia 0000003469 0000002177 y
alt.sex.pedophilia 0000040531 0000026257 y
alt.sex.pictures 0000120660 0000097707 y
alt.sex.pictures.female 0000091859 0000067880 y
alt.sex.pictures.male 0000040412 0000032695 y
alt.sex.services 0000038170 0000032355 y
alt.sex.spam 0000000717 0000000283 y
alt.sex.spanking 0000043401 0000037424 y
alt.sex.stories 0000130604 0000115635 y
alt.sex.strip-clubs 0000035850 0000030078 y
alt.magazines.pornographic 0000005618 0000003705 y alt.magick.sex
0000007227 0000006197 y
alt.personals.spanking.punishment 0000006983 0000005028 y
alt.sex. 0000318682 0000299098
alt.sex.anal 0000028283 0000020514 y
alt.sex.bestiality 0000039473 0000035720 y
alt.sex.bondage 0000175209 0000162338 y
alt.sex.breast 0000035836 0000029671 y
alt.sex.enemas 0000009235 0000007242 y
alt.sex.exhibitionism 0000046981 0000035201 y
alt.sex.fat 0000015956 0000013563 y
alt.sex.fetish.diapers 0000012816 0000010872 y
alt.sex.fetish.fa 0000015012 0000010470 y
alt.sex.fetish.feet 0000025850 0000022025 y
alt.sex.fetish.hair 0000011779 0000010356 y
alt.sex.fetish.orientals 0000047159 0000044315 y
alt.binaries.multimedia.erotica 0000094765 0000092313
alt.binaries.pictures.boys 0000025827 0000025062 y
alt.binaries.pictures.children 0000009753 0000009586 y
alt.binaries.pictures.erotica 0000387356 0000382534 y
alt.binaries.pictures.erotica.amateur.d 0000012832 0000012505 y
alt.binaries.pictures.amateur.female 0000104107 0000100909 y
alt.binaries.pictures.amateur.male 0000020070 0000019186 y
alt.binaries.pictures.erotica.anime 0000031144 0000030438 y
alt.binaries.pictures.erotica.bestiality 0000022378 0000021836 y
alt.binaries.pictures.erotica.blondes 0000061623 0000059763 y
alt.binaries.pictures.erotica.bondage 0000060612 0000058636 y
alt.binaries.pictures.erotica.cartoons 0000023721 0000023233 y
alt.binaries.pictures.erotica.female 00000155979 0000152810 y
alt.binaries.pictures.erotica.furry 0000007251 0000007021 y
alt.binaries.pictures.erotica.gaymen 0000047272 0000045207 y
alt.binaries.pictures.erotica.male 0000137705 0000135723 y
alt.binaries.pictures.erotica. orientals 0000096484 0000094139 y
alt.binaries.pictures.erotica.pregnant 0000000038 0000000039 m
alt.binaries.pictures.erotica.teen 0000048099 0000046561 y
alt.binaries.pictures.erotica.teen.d 0000005063 0000004755 y
alt.binaries.pictures.girlfriend 0000029946 0000029100 y
alt.binaries.pictures.girlfriends 0000055197 0000053838 y
alt.binaries.pictures.girl 0000022149 0000021105 y
alt.binaries.pictures.horny.nurses 0000001839 0000001704 y
alt.binaries.pictures.pictures.nudism 0000032432 0000031050 y
alt.binaries.pictures.tasteless 0000036867 0000036442 y
alt.homosexual 0000080096 0000072533 y
alt.sex.swingers 0000027930 0000020021 y
alt.sex.telephone 0000027530 0000021705 y
alt.sex.trans 0000015985 0000011104 y
alt.sex.wanted 0000082382 0000071809 y
alt.sex.watersports 0000005838 0000003666 y
alt.sex.bestiality.pictures 0000000791 0000000300 y
alt.sex.children 0000001311 0000000690 y
alt.sex.cu-seeme 0000001049 0000000273 y
alt.sex.fetish.scat 0000002756 0000001143 y
alt.sex.fetish.tinygirls 0000003322 0000001229 y
alt.sex.fetish.wet-and-messy 0000003209 0000001432 y
alt.sex.oral 0000007820 0000003177 y
alt.sex.orgy 0000004025 0000001330 y
alt.sex.pedophilia.girls 0000001130 0000000267 y
alt.sex.pedophilia.pictures 0000001138 0000000276 y
alt.sex.pictures.d 0000005114 0000002086 y
alt.sex.stories.gay 0000002918 0000000997 y
alt.sex.stories.tg 0000001831 0000001078 y
alt.sex.super-size 0000001987 0000000711 y
alt.sex.tasteless 0000001003 0000000202 y
alt.sex.teens 0000002394 0000000540 y
alt.sex.video-swap 0000001363 0000000489 y
alt.binaries.pictures.erotica.black.male 0000012581 0000012054 y
alt.binaries.pictures.erotica.children 0000005812 0000005117 y
alt.sex.sm.fig 0000006729 0000004915 y


   
     _________________________________________________________________






From gary at systemics.com  Tue Aug 27 08:05:02 1996
From: gary at systemics.com (Gary Howland)
Date: Tue, 27 Aug 1996 23:05:02 +0800
Subject: The POOCH
In-Reply-To: <960826234448_76473.1732_BHT119-3@CompuServe.COM>
Message-ID: <3222E9E9.237C228A@systemics.com>


JOHN E. HOLT wrote:
> 
> The Pouch uses a 64 x 64 block product cipher, a 1024 bit random initialization
> vector and the CBC technique.  Most experts agree that such an implementation
> is highly resistant to all forms of cryptographic attack.
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Wow!  Resistant to those not invented yet - I guess this means one of
two things - the pooch is a OTP, or Mr. Holt has a time machine.

> Hellman and Dilfie rely on knowing the algorithm for their known plain text attacks

> An unpublished algorithm forces them into reverse engineering the computer
> programs to learn the algorithm. The POUCH has many roadblocks built in
> to prevent this.

Wow! (again).  Dongleless protection!  I'm impressed.  Now we don't need
tamper resistant smart cards - we can do it all in software!

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T





From pjb at ny.ubs.com  Tue Aug 27 09:14:58 1996
From: pjb at ny.ubs.com (pjb at ny.ubs.com)
Date: Wed, 28 Aug 1996 00:14:58 +0800
Subject: NSA's Venona Intercepts
Message-ID: <199608271315.JAA10821@sherry.ny.ubs.com>


it is my understanding that the Venona traffic used a code book with super-
encyption using a otp.  the break was possible because the Soviet's got
sloppy with the otp keys and in fact used some of them more than once. 
even then, it tooks years of work to make the breaks.  everything you ever
heard about using true random keys, and only once is true.  difficult as it
may be to accomplish,  it is possible to break a otp if the pad isn't really
'one time'.

	-paul

> From cypherpunks-errors at toad.com Mon Aug 26 18:14:44 1996
> X-Sender: smith at mailhost.sctc.com
> Mime-Version: 1.0
> Content-Type> : > text/plain> ; > charset="us-ascii"> 
> Date: Mon, 26 Aug 1996 10:49:39 -0600
> To: cypherpunks at toad.com
> From: smith at sctc.com (Rick Smith)
> Subject: NSA's Venona Intercepts
> Sender: owner-cypherpunks at toad.com
> Content-Length: 1510
> 
> The bulk of the material available from NSA's web site is associated with a
> long time project called Venona to decrypt Soviet message traffic from the
> 1940s. It's an interesting exhibition of the practical output of
> cryptanalysis that, incidentally, contains alleged reference to famous
> Commie spies of that era (Hiss, the Rosenbergs, etc).
> 
> One question that I haven't found answered in my perusals of the site is a
> definitive statement of the cryptographic technology used by the Soviets. I
> was re-reading Kahn's 1967 chapter on Soviet crypto and he claimed that
> they relied primarily on one time pads. In fact, he was pretty specific
> about them using OTPs for exactly the type of traffic appearing in the
> Venona archive. But when I look at the partial decrypts in the Venona
> archive I don't understand how you'd get such partial decrypts from OTPs.
> 
> The intercepts seem to indicate the use of ciphers with some codewords
> weakly layerd on top. Some intercepts show translations based on the
> phonetic properties of the extracted Russian plaintext. So I don't think
> the "unrecovered codegroups" are caused by a classic code that substitutes
> tokens for word meanings. But you're not going to crack only part of a OTP
> ciphertext -- presumably you'd need a compromised key tape, and that would
> either decrypt everything or nothing.
> 
> So they were either really using rotor machines or they were using
> something else. Any other ideas? Other references?
> 
> Rick.
> smith at sctc.com          secure computing corporation
> 
> 
> 





From steven at echonyc.com  Tue Aug 27 09:58:50 1996
From: steven at echonyc.com (Steven Levy)
Date: Wed, 28 Aug 1996 00:58:50 +0800
Subject: Denning interview in Wired
In-Reply-To: <199608261817.LAA03556@netcom11.netcom.com>
Message-ID: <Pine.SOL.3.91.960827100044.4214E-100000@echonyc.com>



This was not an interview, but an article.  Though all quotes are 
accurate (and checked with the source) it was me who did the choosing, so 
it's really not fair to fault Dorothy for not addressing issues x and y, 
etc.For a more comprehensive defense of her position you can go to her 
web site, where she has lotsa position papers.

Incidentally, I didn't set out to rehash the Clipper issues in the 
article, but to try to give some insight into Dorothy herself. 

On Mon, 26 
Aug 1996, Vladimir Z. Nuri wrote:

> don't recall anyone mentioning this--
> Steven Levy did a lengthy piece on Dorothy Denning for the
> recent Wired. 
> 
> any reactions?
> 
> I was personally struck at how Dorothy seems to lack strong
> convictions that hold up in the face of others. she wrote
> a paper urging that hackers be studied and worked with by
> the security community and then backed away from the position
> quickly after talking to "authorities".
> 
> 
> I was amazed that Dorothy, after a long time, has failed to
> confront some very basic issues in her advocation of 
> Clipper:
> 
> 1. constitutional issues. it would be ok for me if she described
> why she thinks that privacy is not constitutionally protected,
> but she fails to mention constitutionality issues in virtually
> any of her writings. frankly this strikes me as the utmost
> weasely evasion. is she aware of any court precedent on freedom
> of speech, freedom to speak in private etc? she never quotes
> any case law etc.
> 
> 2. she fails to address the issue of "returns vs. cost" or
> "cost/benefit" ratio. her argument amounts to an extremely
> simplistic line, "law authorities have been stymied by crypto. therefore
> it should be restricted". but this reminds me of speed limit
> advocates saying, "55 saves lives". well, how many? 35 saves lives
> over 55. the key issue is that of *compromise*: what is the optimum
> compromise?  we can catch more criminals by adding security cameras
> everywhere, but what are the costs? 
> 
> such back-and-white thinking has 
> little place in any complex policy issue, yet unfortunately tends to 
> dominate them. it's very bizarre to see an academic like Denning
> just seem to be vacuously oblivious to such simple concepts such
> as "tradeoffs". nothing I've read suggests she has ever addressed
> the issue of *compromise* in regard to catching criminals vs.
> protecting rights.
> 
> but amazingly, people like Kallstrom seem to think the same way.
> paraphrased, "if even one criminal gets away because we didn't have enough
> funding in the FBI, we need more funding in the FBI" etc.
> 
> 3. she fails to address the "big brother" issue. why is wiretapping
> never going to be used by "big brother"? it's inconceivable to me
> how she can honestly evade this issue as well. she has never addressed
> the issue of abuse by law authorities from what I can tell.
> 
> 4. Denning seems to be to be remarkably swayed by "authority figures".
> she has changed her opinion before based merely on conversations 
> with "authority figures" in the FBI and NSA. it seems maybe she has
> a bit of "spook envy" or something like that. many of her arguments
> for me essentially amount to, "people that claim to know what they
> are doing say we need [x], therefore we need [x]"
> 
> 
> well, I am not trying to start a new round of Denning-bashing 
> (although that's always fun, hee, hee) but the recent article does
> give a little new food for thought about Denning's psychology etc.
> 
> frankly I think that Denning has lost the intellectual battle because
> she absolutely fails to address some of the above key points. (particularly
> the total failure to address the constitution is getting more egregious). I 
> suggest that anyone who wants to debunk her line of thinking (which apparently
> is getting to be awfully easy) just focus on any of the above areas.
> she apparently has no reponse to these points in anything I have
> read of hers.
> 
> 





From jseiger at cdt.org  Tue Aug 27 10:25:52 1996
From: jseiger at cdt.org (Jonah Seiger)
Date: Wed, 28 Aug 1996 01:25:52 +0800
Subject: Net Politics
Message-ID: <v02140b04ae48a9eadc87@[204.157.127.4]>


At 6:52 PM 8/26/96, Declan McCullagh wrote:
>Jonah,
>
>I had expected some negative feedback from CDT, but I should say I was
>surprised by the tenor of your response.

I am going to try and resist the tasty-looking flame bait you have dangled
in front of me here because we both have more important things to deal
with, and because Seth Finkelstein summed up this argument perfectly:

"One more round of 'work within the system' vs 'up against the wall!'," he
said.

This is an important debate that unfortunately seems to be dividing the
net.community when we most need to be united. All of us working on
net-policy issues share a common vision and goals - promoting the free flow
of information, preserving and enhancing First Amendment values and
protecting individual privacy. There are, for better or worse, many
different views on the best way to accomplish those objectives, and the
debate over who has the right tactics seems to frequently escalate in to
religious war.

Meanwhile, our opponents are well organized, determined, and do a much
better job of keeping their internal strategic differences to themselves.
Perhaps this is part of the reason they keep kicking our butts all over
town.

Jonah

  ** THE FIGHT FOR FREE SPEECH ONLINE CONTINUES TO THE SUPREME COURT **
      It's not too late to be a part of history -- Join the Lawsuit
         <http://www.cdt.org/ciec>   --    <ciec-info at cdt.org>

--
Jonah Seiger, Policy Analyst           Center for Democracy and Technology
<jseiger at cdt.org>                           1634 Eye Street NW, Suite 1100
                                                      Washington, DC 20006
PGP Key via finger                                     (v) +1.202.637.9800
http://www.cdt.org/                                    (f) +1.202.637.0968
http://www.cdt.org/homes/jseiger/









From strange at tezcat.com  Tue Aug 27 10:30:03 1996
From: strange at tezcat.com (Mike Scher)
Date: Wed, 28 Aug 1996 01:30:03 +0800
Subject: BoS: Nuke attack? No, bug in DNS! (fwd)
In-Reply-To: <199605160122.BAA00187@fountainhead.net>
Message-ID: <Pine.SUN.3.95.960827090758.12072B-100000@xochi.tezcat.com>


On Thu, 16 May 1996, Vipul Ved Prakash wrote:

> I think this is the main cause of all strange things happening on the
> net for last few days. 
[quoting q quote of Karl Denninger:]
> > > There are a series of bad nameserver records floating around on the net
> > > which are blowing up BIND versions 4.9.4 (REL and T5B) and possibly other
> > > releases as well.  

My employer experienced this problem -- I thought it was related to the
cashe clearing problem in 4.9.4 on some platforms and upgraded to 4.9.4P1
(FreeBSD 2.1.0) -- which appears to have solved the problem for us. 

info-sys.home.vix.com:/pub/bind/release/4.9.4/bind-4.9.4-P1.tar.gz

Not sure if it -really- fixes the problem or if we've been lucky since.

      -M

Michael Brian Scher   (MS683)   | Anthropologist, Attorney, Part-Time Guru
http://www.tezcat.com/~strange/ |          strange at cultural.com
strange at tezcat.com              |       mbscher at midway.uchicago.edu
   I'm a legal anthropologist; what's an illegal anthropologist?






From dfloyd at io.com  Tue Aug 27 10:38:19 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Wed, 28 Aug 1996 01:38:19 +0800
Subject: File System Encryption
In-Reply-To: <3221922d.3171340@c2.org>
Message-ID: <199608271401.JAA04116@xanadu.io.com>


> 
> I'm aware of the three main disk encryption programs SFS, SECDRV, and
> SECDEV, but I need to find a solution that works with Windows 95 32bit
> or Windows NT 4.0.
> 
> I'm currently using SFS 1.17 and Secure Drive under Win-95, but am
> unable to continue to work in dos compatability mode due to severe
> performance hits.  I am open to commercial products that have passed
> peer review, but know of none.
> 
> If anyone could suggest a solution (outside of switching OS's), I
> would be *most* gratefull.
> 
> Please respond to the list, as I am a subscriber under another
> account.

If you have another 386 or 486 lying around, you could install Linux and
Ian's encrypted loopback code on a remote box, then NFS or Samba the
filesystem over.  For protection, you could modify the vlock command to
lock the console (and not unlock it), and disable inetd.  Then, unless
someone has the permissions to access the files through the network, the
files are inaccessable ;-).

> 
> The Drifter
> 






From reagle at rpcp.mit.edu  Tue Aug 27 11:01:27 1996
From: reagle at rpcp.mit.edu (Joseph M. Reagle Jr.)
Date: Wed, 28 Aug 1996 02:01:27 +0800
Subject: Australian Interbet Betting System Gets US Interest 08/26/96
Message-ID: <2.2.32.19960827150324.0076792c@206.33.128.129>


  	  				 
>ALICE SPRINGS, AUSTRALIA, 1996 AUG 26 (NB) -- An American from Washington  
>DC has placed the first "Interbet" on the Australian Football League (AFL), 
>$250 for a win on North Melbourne to beat Geelong, with Alice Springs 
>bookmaker CentreBet which switched on its net-based computer betting 
>service last week. 
>
>CentreBet has taken more than 70 bets on the Internet since launching the  
>worldwide service, approved by the Northern Territory Racing and Gaming 
>Authority. Alice Springs, colloquially known as "The Alice," is a small 
>community close to Ayers Rock in the central outback of Australia where 
>people are few and betting is a way of life. 
>
>CentreBet's Gerard Daffy told the Australian Associated Press news service  
>he expects keen Interbet interest from Asians who are big fans of English 
>soccer and also from Americans whom he expects to bet on a variety of major 
>sporting events, starting with this week's US Open tennis and the upcoming 
>NFL season. 
>
>However the AFL bet from America came right out of left field (AFL, or  
>Australian Rules football, a descendant of Ireland's Gaelic football, is 
>played seriously only in several Australian States, but is shown regularly 
>on some US cable-TV services). "The guy who put the bet on North Melbourne 
>is part of an Australian Rules fan club in the US," said Daffy. "There's 
>another American in Michigan who has opened an Interbet account to bet on 
>the AFL as well." 
>
>For the record: the fan who bet on North Melbourne can forget his $250.  
>Geelong downed North Melbourne at the Melbourne Cricket Ground on Saturday 
>by 109 points to 96. 
>
>CentreBet can be reached at http://www.taunet.com.au/centrebet  
>
>(19960826)   	
>  	   	
>
>
_______________________
Regards,            Politics is the art of preventing people from taking 
                    part in affairs which properly concern them. -Paul Valery
Joseph  Reagle      http://rpcp.mit.edu/~reagle/home.html
reagle at mit.edu      E0 D5 B2 05 B6 12 DA 65  BE 4D E3 C1 6A 66 25 4E






From smith at sctc.com  Tue Aug 27 11:03:09 1996
From: smith at sctc.com (Rick Smith)
Date: Wed, 28 Aug 1996 02:03:09 +0800
Subject: NSA's Venona Intercepts
Message-ID: <v01540b0fae48c44b87ff@[172.17.1.61]>


At 12:26 AM 8/27/96, Black Unicorn wrote:

>I seem to recall an exhibit on Verona including a proported Soviet OTP at
>the National Cryptologic Museum in MD.

Kahn's "Codebreakers" also has photos of OTPs captured from undercover
Soviet spies. The fact that illegals were using OTPs to talk to their
controllers didn't necessarily imply that messages from Soviet embassies
and other offices needed to be using OTPs themselves. The could have used a
good rotor machine (well, good for the era). But now I'm convinced they
didn't.

The whole thing makes sense if we're looking at cryptanalysis based on
reused OTPs. I can see why the NSA doesn't mind letting the world know that
they could crack reused OTPs as opposed to some other identifiable cipher
technique. The degree of NSA's success doesn't help an adversary optimize
their crypto technology. The decryption success is in direct proportion to
how sloppy the Soviets were in using their OTPs. I'll bet some official got
shot when this was all figured out.

Partial decrypts occur when parts of the keystream are recovered and other
parts are not. I wonder if one could compare the "holes" in the various
messages and thereby infer which OTPs were used for which messages based on
patterns of keystream recovery.

Venona also presents an object lesson on why not to use OTPs: the security
does not degrade gracefully if they are misused. Reusing one even once
could easily compromise both messages sent with it. I doubt security
degrades nearly as quickly if you overuse or reuse keys in more modern
techniques. Thus, OTP keying requires a reliably pessimistic prediction of
traffic flow, and your security is toast if you underestimate your
transmission needs.

Besides, given that nobody can crack a truly randomized OTP, I can see why
NSA would want to publicize a failed use of OTPs. Might as well focus
interest on more theoretically tractable techniques.

Rick.







From privsoft at ix.netcom.com  Tue Aug 27 13:22:40 1996
From: privsoft at ix.netcom.com (Steve O)
Date: Wed, 28 Aug 1996 04:22:40 +0800
Subject: FYI: GOP's Stolen Laptop...
Message-ID: <1.5.4.16.19960827112653.295f6afc@popd.ix.netcom.com>


FYI:

Front page of the New Jersey Star Ladger:

"GOP's Stolen Laptop had credit card Details"

NJ Republicans' convention info and card card numbers and info was on the
laptop insecurely, a letter went oput to the NJ Republican committee
informing them of the 'inconveince'. Several key Rebulican Reps' cards were
among those stolen including: Dick ZImmer and Christopher Smith as well as
the State Committee's credit card. etc...
 
"True Utopia can only be reached by an uncensored and secure Internet,
	True Chaos can only be reached by the government,
		True love can only be reached in the movies."
S.O.

"Bang your head, Metal Health will drive you mad!"
Quiet Riot


"Welcome my friend, Welcome to The Machine"
Pink Floyd


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzHF2iIAAAEEAKw9QZ8yNG0X1YOGvaYeLaOQphDSEFYxelYED8a4YKoxnHuX
Wd7CPKXBS6Bhx9uGFpNa/7Km33TfhzJhuolHPb60upBIsNTdrkzVlSYyiE0aWuFt
EORVWEG6Rmy9w2yZ8obQAIx9aAy7h1wDi2mdSrDH+rPBw0pXelhDCiQ5KnJpAAUR
tCBTdGV2ZSBPIDxwcml2c29mdEBpeC5uZXRjb20uY29tPg==
=J4Tk
-----END PGP PUBLIC KEY BLOCK-----






From jimbell at pacifier.com  Tue Aug 27 13:23:54 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 28 Aug 1996 04:23:54 +0800
Subject: Edited Edupage, 18 Aug 1996 [SATELLITES]
Message-ID: <199608271609.JAA12761@mail.pacifier.com>


At 11:24 PM 8/26/96 -0700, Bill Stewart wrote:
>At 12:35 AM 8/21/96 -0800, mccoy at communities.com (Jim McCoy) wrote:
>>You want to avoid moving parts like the plague in orbit.  They eventually
>>wear out or fail and once that happens you have a very expensive piece of
>>junk in orbit.  Solid-state storage is the _only_ way to go if you want to
>>avoid things like neding to pressurize the drive (eliminating any cost
>>advantage over solid-state.) 
>
>Why do you need to pressurize the drive?  Most hard disk drives
>for the last N years have been airtight sealed containers,
>haven't they?  (Removables are different, of course.)

While I haven't looked at the more recent ones closely, most hard drives have an ultra-fine (<0.1 um particles?) filter element separating "inside" from "outside."  It allows air to pass to equalize pressure and humidity, while keeping out the dust.  (it is probably made of the same kind of material that is used, internally, as a filter for the airflow within the drive.)

Even if they didn't, there is a big difference between an enclosure that's good enough to hold a hard disk on earth, and one which can spend N-years in a high vacuum yet maintain enough air to run a hard drive.

>
>I'd worry far more about the stresses of launch bothering
>the drives.

That's not a problem at all.  Most modern drives are rated for 10's of G's, non-operating.  Satellite launches are probably a breeze compared to this.


Jim Bell
jimbell at pacifier.com





From ichudov at algebra.com  Tue Aug 27 13:42:29 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Wed, 28 Aug 1996 04:42:29 +0800
Subject: Code Review Guidelines (draft)
In-Reply-To: <199608270158.UAA24640@homeport.org>
Message-ID: <199608271620.LAA10933@manifold.algebra.com>


Adam Shostack wrote:
> 
> A few weeks back, I posted a request for source code review
> guidelines.  I got about 50 me-toos, but no guidelines.  So I wrote
> some I think are decent.  They're still in draft format.  I'd
> appreciate feedback & commentary on them.
> 
> http://www.homeport.org/~adam/review.html
> 

Thanks for an interesting paper.

In part " V.Code (Security Issues)/3.Data Checking" you say the following:

`` Data coming in to Acme Widgets should be checked very carefully for
        appropriateness. This check should be to see if the data is what
        is expected (length, characters). Making a list of bad
        characters is not the way to go; the lists are rarely complete.
        A secure program should know what it expects, and reject other
        input. (For example, if you are looking for an email address,
        don't check to see if it contains a semi-colon or a newline,
        check to see if it contains anything other than a [A-Za-z0-9._]
        followed by an @, followed by a hostname [A-Za-z0-9._].)''
END QUOTE

That is not entirely correct. An email address is much more than
that, it can contain "!", several "@" characters (not next to each other
though), "%", and so on. x400 mail addresses (?) can contain "/", "=",
and all emails can have "+" and "-" and "_" in them. 

Some of the valid email addresses are

user_name at company.com
alex+ at pitt.edu
mi%aldan.UUCP at algebra.com
user%host.domain at anon.penet.fi
host1!host2!user

Look at your sendmail.cf file for a humongous amount of 
email parsing rules.

Thanks for an excellent document though, I put a link to it from my
intranet page.

	- Igor "Code Obscurity Creates Job Security" Chudov.





From declan at eff.org  Tue Aug 27 14:36:40 1996
From: declan at eff.org (Declan McCullagh)
Date: Wed, 28 Aug 1996 05:36:40 +0800
Subject: Cato Institute conference on Net-regulation, 9/20/96
Message-ID: <Pine.SUN.3.91.960827095919.19005E-100000@eff.org>


This should be a good half-day conference, with some interesting 
speakers. I'll probably show up for Charles Platt's keynote.

Naturally, it's being held in the building's Hayek Auditorium. Hayek has 
some relevance to cypherpunks, I think -- he warned early on that the 
loss of economic freedom inevitably leads to the loss of civil liberties 
as well.

He also described the phenomenon of spontaneous order (admittedly in the 
context of markets), which speaks to the way the Net has ordered itself.

-Declan


// declan at eff.org // I do not represent the EFF // declan at well.com //


---------- Forwarded message ----------
Date: Tue, 27 Aug 1996 12:05:44 -0400
From: Solveig Bernstein <sberns at cato.org>
To: fight-censorship at vorlon.mit.edu

Please redistribute this conference announcement freely:


*********************************************************
Regulation or Private Ordering?  The Future of the Internet

The Cato Institute cordially invites you to a morning conference and luncheon 

Regulation or Private Ordering?
The Future of the Internet

Friday, September 20, 1996
8:30 a.m.   1:30 p.m.

The Cato Institute's F.A. Hayek Auditorium 
1000 Massachusetts Avenue, N.W. 
Washington, DC

The Internet promises users unprecedented individual control over
information. It is at once a tool for universal communication, a new form of
media, and a new way of doing business. But it is also a challenge to
lawmakers and regulators. Existing laws cannot easily be applied to the
Internet and appear doomed to failure. Do we need a new set of laws or will
voluntary private action ensure order on the information superhighway?
 
Cato's Regulation or Private Ordering? The Future of the Internet conference
will bring together leading authorities on law, regulation, and technology
to discuss the problems of adapting existing law to the Internet and to
explore private alternatives to regulation. Can private ordering consistent
with individual   
freedom forestall a government backlash against perceived Internet chaos?

The cost of this conference is $25.00.

Registration   Wintergarden 

8:30   8:35   a.m.	Lawrence Gasman   Welcoming Remarks
				Director, Telecommunications and Technology 				Studies, Cato Institute

8:35   9:20   a.m. JURISDICTIONAL BOUNDARIES

David Post;Collective Action in Cyberspace&quot; Georgetown University Law
Center

Dan Burk   Federalism without Borders; Seton Hall University School of Law

9:20   10:30 a.m. FEDERAL REGULATORY ISSUES

Robert Crandall; Rate Regulation and Arbitrage; Internet Telephony;
Brookings Institution
 
Trotter Hardy;Congress and Digital Copyright: Avoiding a Balancing
Act;William & Mary College of Law

Lori Fena;Security of Personal and Corporate Information Online: Moving
toward Industry Self Regulation; Electronic Frontier Foundation

10:30   10:45 a.m. Break

10:45   11:55 a.m. FREE SPEECH IN CYBERSPACE

Danny Weitzner; The Empowered User: Internet Technology Tools for Limiting
Access to Unwanted Material; Protecting Privacy; Center for Democracy and
Technology

Eugene Volokh;Private Online Speech Controls: Censorship, Constitutionally
Protected Editing, or Both? University of California at Los Angeles School
of Law

David Sobel;Prospects of the CDA in the Supreme Court; Electronic Privacy
Information Center

12:30 p.m. Keynote Address - Charles Platt; Net Futures: Scary and Sublime;
Author, Free Zone, The Silicone Man, Contributing Writer, Wired Magazine

12:30 p.m. Luncheon

News media please call Robin Hulsey at (202) 789 5293.
  
To Register, please e-mail Scott Wallis at swallis at cato.org, or vist our web
site at //www:cato.org.
**********************************************************************
Solveig Bernstein, Esq.
(202) 789-5274
(202) 842-3490 (fax)

Assistant Director of Telecommunications & Technology Studies
Cato Institute
1000 Mass. Ave. NW
Washington, DC 20001






From jf_avon at citenet.net  Tue Aug 27 14:39:58 1996
From: jf_avon at citenet.net (Jean-Francois Avon)
Date: Wed, 28 Aug 1996 05:39:58 +0800
Subject: libelous action
Message-ID: <9608271817.AB19462@cti02.citenet.net>


On 26 Aug 96 at 20:28, Ross Wright wrote:

 
> If I was John E. Holt, I would take a different public relations 
> tack.  I would seek positive input, not a negative reaction to 
> criticism.  Or I would ignore the critique altogether.
> Ross Wright

Yes Ross, but while writing this, your premise is that Holt has a 
product that is at least partially decent and that it could maybe be 
improved.  You assume he might be making an honest error.

Maybe it is not the case. 

;)

jfa

 DePompadour, Societe d'Importation Ltee; Limoges porcelain, silverware and crystal
 JFA Technologies, R&D consultants: physicists, technologists and engineers.

 PGP keys at: http://w3.citenet.net/users/jf_avon
 ID# C58ADD0D : 529645E8205A8A5E F87CC86FAEFEF891 
 





From jleonard at divcom.umop-ap.com  Tue Aug 27 14:40:35 1996
From: jleonard at divcom.umop-ap.com (Jon Leonard)
Date: Wed, 28 Aug 1996 05:40:35 +0800
Subject: MUD anyone?
In-Reply-To: <Pine.3.89.9608260847.A346-0100000@pegasus.unicorn.com>
Message-ID: <9608271647.AA22569@divcom.umop-ap.com>


> Would anyone out there be interested in helping set up a 
> crypto-anarcho-capitalist MUD to play around with some of the social 
> aspects of crypto-anarchy and anarcho-capitalism? I can probably hack 
> together a basic lpmud in a month or two if someone has a machine which 
> it could run on and which could run a mailing list for those involved. 

I've been planning to run a MUD like that, at mud.umop-ap.com port 2121.
I just don't have enough coded to be worth announcing yet.

Which cryptographic primitives should be coded in initially?

Obvious choices are:

Pseudonyms
Anonymous digital cash (issued by any pseudonym, not just "banks")
Public and private keys
Secret sharing
Anonymous broadcast & message pools
Anonymous markets

(ref: Tim May's sig)

What am I missing?  Should there be direct support for Jim Bell's
assasination markets?  It'd provide a means of demonstrating its
ineffectiveness as a means of social control.

I think that for purposes of simulation, it's reasonable to model
cryptographic primitives in a "Trust the server" mode, because you
need to trust the MUD server anyway (unlike a government), and it
puts a much lower load on the CPU.

There's also the question of log policy.  Having run a MUD for a few
years, I want to keep logs for bug detection.  A declared policy that
they aren't released for n years would work though.  Opinions, anyone?

[snip]
> Please send replies to me directly as I'm travelling and consequently off 
> the list. Looks like I'll be on a mad bus trip round New Zealand for most 
> of next month so Net access will be erratic.

Sent to Cypherpunks as well, in case anyone else is interested.

> 	Mark
 
Jon Leonard





From jad at dsddhc.com  Tue Aug 27 14:41:46 1996
From: jad at dsddhc.com (John Deters)
Date: Wed, 28 Aug 1996 05:41:46 +0800
Subject: Spamming
Message-ID: <2.2.32.19960827180935.008cd398@labg30>


At 09:27 PM 8/26/96 -0800, Adamsc wrote:
>On Mon, 26 Aug 1996 13:26:04 -0500, John Deters wrote:
>
>>>What do cypherpunks think about the following practice or law (I realize
>>>that it may be impossible to implement): each email message should carry
>>>a little digicash check for, say, 20 cents. Mail reading programs should
>>>reject (send back unread) all messages not carrying these digital
>>>checks, unless the senders are in the "friends list". The MUAs should
>>>ask users whether they want to "cash" the digital check or not.
>>
>>I do not believe it is possible to have a secure executable that exists on
>>an uncontrolled user's machine.  "Tamperproof" encryption chips still
>>require communications in and out from the user's program.  A determined
>>attacker could continue to use the pieces of their code that talk to the
>>encryption chip.
>
>>Never underestimate the allure of "free money" when you're planning to >give
>>it away.
>
>Methinks you don't understand e-cash.  It's not executable, and uses public key
>crypto to prevent "minting".  It uses records to prevent replays.  In other
>words, it'd be like Ed McMahon including a quarter in the envelope.  You'd only
>be able to use it once....

Maybe I misspoke; I wasn't referring to minting e-cash.  I was referring to
the fact that if you can get spammers to enclose a 20e coin for every junk
e-mail advertisement you agree to read, then you can write a mail reader
that will read their spam and collect all their 20e coins.  To me, that's
better than "minting" e-cash.  Totally legal, and the net effect transfers
funds from the spammers to me.

The rest of my letter was in regards to writing that mail reader.  And no,
even if they were to succeed at getting stupid users to install their own
special mail reader just for the privilege of reading their advertisements,
without secure hardware in the users' machines, their mail server would not
be secure against a spoofing attack.

John
--
J. Deters  "Captain's log, stardate 25970-point-5.  I am nailed to the hull."
+-------------------------------------------------------+
| NET:   jad at dsddhc.com (work)    jad at pclink.com (home) |
| PSTN:  1 612 375 3116 (work)    1 612 894 8507 (home) |
| ICBM:  44^58'36"N by 93^16'27"W Elev. ~=290m (work)   |
| PGP Key ID:  768 / 15FFA875                           |
+-------------------------------------------------------+






From vznuri at netcom.com  Tue Aug 27 14:52:00 1996
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Wed, 28 Aug 1996 05:52:00 +0800
Subject: Denning interview in Wired
In-Reply-To: <Pine.SOL.3.91.960827100044.4214E-100000@echonyc.com>
Message-ID: <199608271723.KAA23960@netcom23.netcom.com>



SL:
>This was not an interview, but an article.  Though all quotes are 
>accurate (and checked with the source) it was me who did the choosing, so 
>it's really not fair to fault Dorothy for not addressing issues x and y, 
>etc.

hey, cut me some slack. you did specifically "interview" her for the article,
(I'm remembering the part where you say
you pressed for details about how clipper would improve the world, and
she came back talking about how she got locked out of a swim locker in 
her wet bathing suit, hee, hee). it's not an interview in the sense that 
you are  directly quoting her the whole article, but I'd say it would be
fair to call it an interview. article, whatever, I don't care.

also, I was not claiming that Denning failed to address particular
issues in the article alone (which I agree would not be totally
fair, with only one "sample"). I've read a lot of her writing and
talking and am pointing out that she doesn't volunteer any info
on the points I mentioned (constitutionality etc.) in general, 
even when pressed, and that your article fits into suggesting this pattern 
of evasion of certain points on her part. 

did she talk to you about any of the issues I mentioned in 
my post? if so, I would have suspected you would have included them
in the article. in any case, even on her own and when directly
challenged, she avoids the key issues I mentioned to a degree that
for me approaches intellectual sloppiness or even dishonesty. 

the article imho correctly
conveys the reality that Denning, even after being the poster-girl
for Clipper, wiretapping, and key escrow, has failed to take into
account or address the key devastating counterpoints of her opposition, and 
still at this late date has great difficulty explaining why "all the above"
is a good thing and desirable, despite endless opportunity to boil
her stance into effective soundbites.

>For a more comprehensive defense of her position you can go to her 
>web site, where she has lotsa position papers.

fair enough. I challenge anyone to show how she's addressed the
points I mentioned. I'm simply pointing out a pattern I've noticed
in her thinking of which your own article is another confirmation,
but not the sole basis for the claim.

>Incidentally, I didn't set out to rehash the Clipper issues in the 
>article, but to try to give some insight into Dorothy herself. 

which you did. that's why I said in my post, it gives interesting
fodder for psychogical insights of Denning's position.

I don't know why you seem to be defensive about the article
in your response when I said nothing critical of your own role.

I guess I didn't make it clear I thought it was a fine
article and thought you did a commendable job, and I've always
been a big fan, if you care about my opinion in the matter <g>

there are other places in the article where I do sense a bit of a 
subtle bias against Denning, especially in the last paragraph, but
overall I thought it was very objective. it seems to me it would
be hard to write an objective article about Denning that didn't
raise doubts in the readers mind (i.e. by carefully avoiding all
mention of her opponents etc.)






From baby-x at cyberpolis.org  Tue Aug 27 15:07:21 1996
From: baby-x at cyberpolis.org (baby-X)
Date: Wed, 28 Aug 1996 06:07:21 +0800
Subject: Net Politics
Message-ID: <v01540b00ae48e087022c@[206.14.141.118]>


At 10:23 AM 8/27/96, Jonah Seiger wrote:

>This is an important debate that unfortunately seems to be dividing the
>net.community when we most need to be united. All of us working on
>net-policy issues share a common vision and goals - promoting the free flow
>of information, preserving and enhancing First Amendment values and
>protecting individual privacy. There are, for better or worse, many
>different views on the best way to accomplish those objectives, and the
>debate over who has the right tactics seems to frequently escalate in to
>religious war.

Not an unusual thing online (Windows! Mac! Windows! Mac! Linux!).

>Meanwhile, our opponents are well organized, determined, and do a much
>better job of keeping their internal strategic differences to themselves.
>Perhaps this is part of the reason they keep kicking our butts all over
>town.

I swer I had this conversation somewhere recently, and those of us involved
in it came up with one reason this rift seems to come up so often and get
discussed so publically, especially in comparison to our "organized,
determined" opponents. I would hazard a guess that those people working
within the cause of electronic freedoms tend not to be the simple
order-following, authority-heeding sort (compared to, say, followers of the
Religious Right). It's easy if you're Ralph Reed to send out a flyer or get
the telemarketters working and tell the troops what to do. It's not as easy
if you're, say, Jonah Seiger. Not because of Jonah (or Shabbir, or Declan,
or whoever), but because of his audience. It's not a push-button response
with us.

And I'm still not convinced (as I wasn't last year when I was more heavily
involved in some of this) that these differences of opinion have to somehow
be kept behind-closed-doors. That has always stuck me as the way -they- do
it (if I can stoop to using a Them for a moment), and never as a way that
was inherently required.

It's like the Gulf War or something. "Hey, we're at war, stop criticising,
we need to be united!" Hogwash.



-----------------------------------------------[ Christopher D. Frankonis ]---
--------------------------------------------------[ baby-x at cyberpolis.org ]---







From perry at piermont.com  Tue Aug 27 15:30:49 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 28 Aug 1996 06:30:49 +0800
Subject: please help
In-Reply-To: <v03007802ae48e6335946@[194.143.199.163]>
Message-ID: <199608272004.QAA29553@jekyll.piermont.com>



Manuel Benedicto Procas writes:
> Please...you know a macintosh program in order to war dialing TCP IP
> numbers and Unix or VMS localice Login/password cobinations.
> 
> MANUEL

Check the ftp site at fcd-3.gue.org

Perry





From mbened at encomix.es  Tue Aug 27 15:35:46 1996
From: mbened at encomix.es (Manuel Benedicto Procas)
Date: Wed, 28 Aug 1996 06:35:46 +0800
Subject: please help
Message-ID: <v03007802ae48e6335946@[194.143.199.163]>


Please...you know a macintosh program in order to war dialing TCP IP
numbers and Unix or VMS localice Login/password cobinations.


MANUEL







From reagle at rpcp.mit.edu  Tue Aug 27 15:38:52 1996
From: reagle at rpcp.mit.edu (Joseph M. Reagle Jr.)
Date: Wed, 28 Aug 1996 06:38:52 +0800
Subject: Boeing Antenna Demos T1 Reception Rates
Message-ID: <9608271954.AA15230@rpcp.mit.edu>



  	  				 
WASHINGTON, DC, U.S.A., 1996 AUG 27 (NB) -- By Bill Pietrucha. All  
eyes were on the truck as it meandered its way down the twisting 
mountain road in northern Bosnia. Except the eyes didn't belong to 
lookouts in an observation post along the road. They were in a 
modified US Air Force (USAF) C-135 flying at 35,000 feet along 
the East Coast of the United States, some 6,000 miles away. 

The USAF C-135, known by the name Speckled Trout, was participating  
in the 1996 Joint Warrior Interoperability Demonstration (JWID `96). 

JWID `96 is the eighth in a series of technology demonstrations  
designed to identify command, control, communications, computer, and 
intelligence (C4I) problems between the armed services, demonstrate 
improved operational capabilities for deployed forces, and promote 
interoperability among existing and emerging C4I systems needed to 
support a joint task force. 

As part of the exercise, the Air Force installed the first full-scale  
prototype Ku-band phased array receive antenna system on the 
Speckled Trout, a modified avionics testbed aircraft maintained by the 
412th Flight Test Squadron at Edwards Air Force Base, California. 

The antenna, developed by Boeing Co., is capable of receiving broad-  
band, high data rate satellite communications, with civilian as well 
as military applications, Boeing spokesperson Charles Ramey told 
Newsbytes. 

According to Ramey, the antenna will "revolutionize mobile satellite  
communications by increasing the data flow by thousands of times over 
current capabilities." 

Depending on the satellite and receiver, he said, rates of up to 30  
megabits-per-second (Mbps) may be realized through a single transponder. 

"To date, satellite communication to mobile platforms has been limited  
to relatively narrow bandwidths, and wide band communication has 
been subject to the limits of antenna technology," Ramey told 
Newsbytes. 

The Boeing design can be adapted to simultaneously receive signals  
from multiple satellites in different orbits with a single antenna. 
The electronically steered antenna also allows for rapid switching 
between different satellites. 

During the JWID exercises, which will continue through August 30,  
the Boeing antenna system is being used to receive satellite 
transmitted video and data to support the Global Broadcast Service 
(GBS) mission. GBS, Ramey said, is designed to provide the military 
with a worldwide, seamless, high-throughput broadcast information 
service to support current and future defense objectives. 

As one Air Force Colonel at MacDill Air Force Base in Tampa,  
Florida, told Newsbytes, "GBS is the CNN of the warfighter." 

EchoStar, a key member of the antenna demonstration team,  
transmitted video in Digital Video Broadcast (DVB) format for 
reception by the Boeing antenna system on the Speckled Trout. 

In addition to the video, an uplink data stream at T1, or 1.5Mbps,  
or higher is generated at the GBS uplink terminal testbed at the 
Operational Support Office facility located at the Naval research 
Facility near Washington DC. 

This signal, according to Ramey, is relayed through the GBS  
Americom K2 FSS satellite which downlinks to a receiver at an 
EchoStar facility. The data is then incorporated into the network 
broadcast system and retransmitted via the EchoStar 1 satellite 
to a GBS receiver. 

The data is then stored for retrieval by other systems, Ramey said,  
including the Global Command and Control System (GCCS), sponsored 
by the Air Force Communications Agency, and the Combat Information 
System, sponsored by the Air Intelligence Agency. 

"Other systems on board the Speckled Trout can retrieve data through  
the Boeing phased array antenna system, which is routed to terminals 
inside the aircraft for display and demonstration," Ramey said. 

The Speckled Trout also can track and receive video and data from  
EchoStar Dish Network TV, Hughes DirectTV, and USSB transmissions 
for display on a conventional monitor, Ramey said. 

Looking to commercial applications, Ramey said the phased array  
communication antenna system "offers the ability to provide 
passengers with more entertainment and information options. With 
the Boeing antenna system on board, passengers can have access to 
the entire spectrum of commercial television programming available 
from a BSS satellite." 

Ramey said the antenna system is capable of instantaneously  
bringing in approximately 100 channels from a given BSS satellite. 

(199670826/Press Contact: Charles Ramey, Boeing Defense & Space  
group, 206-657-1380) 
  	   	





From jamesd at echeque.com  Tue Aug 27 15:39:50 1996
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 28 Aug 1996 06:39:50 +0800
Subject: "The Observer" calls the internet a child pornography ring
In-Reply-To: <152310Z18071996@anon.penet.fi>
Message-ID: <199608272004.NAA15842@dns2.noc.best.net>


Banner Front page headline in the British Observer, Sunday 25th

"The Peddlers of child abuse"
see http://scallywag.com/

The internet is presented as a conspiracy by child molesters.

There is a picture of Johan Helsingius, the man who free of charge
provides an anonymous remailer service:  The picture is captioned "The
internet middle man who handles 90% of all child pornography"  He is
represented as personally profiting from the distribution of child
pornography, though in fact no posts to binary newsgroups can go
through his system, and no large binaries can go through his system,
and he provides the anonymising service free of charge.

There is a picture of Clive Feather, the man who runs the largest
internet service provider in Britain, captioned "The school governor
who sells access to photos of child rape"]]

The observer article savagely demonizes all who use the internet,
presenting it as primarily existing for the purpose of distributing
child pornography, and demonizes and libels by name those who have
sought to defend the liberty of netizens.

I urge you all to check out this article, and send snail mail letters
to the observer condemning (since they are obviously too low tech to
read email) and email letters of support to those netizens who have
been savagely libeled for their defence of liberty.
 ---------------------------------------------------------------------
We have the right to defend ourselves and our property, because 
of the kind of animals that we are. True law derives from this 
right, not from the arbitrary power of the omnipotent state.

http://www.jim.com/jamesd/      James A. Donald       jamesd at echeque.com






From nobody at zifi.genetics.utah.edu  Tue Aug 27 15:42:11 1996
From: nobody at zifi.genetics.utah.edu (Anonymous)
Date: Wed, 28 Aug 1996 06:42:11 +0800
Subject: A _REALLY_ Interesting Bet
Message-ID: <199608272002.OAA27298@zifi.genetics.utah.edu>


Betting on football is one thing, but some of us would be very
interested in the odds on US presidential election outcomes as
November approaches. This kind of betting is illegal here, and
I haven't looked lately for a "Ladbroke's" type site, but it is
interesting because the betting odds from across the Atlantic
more closely match eventual election results than the annoying
calls from Gallup & Roper during suppertime. I have posted here,
anonymously, on this topic before, but some of you are aware of
who I am. I'll thank you to keep that a secret. ;}







From alano at teleport.com  Tue Aug 27 15:45:30 1996
From: alano at teleport.com (Alan Olsen)
Date: Wed, 28 Aug 1996 06:45:30 +0800
Subject: The POUCH
Message-ID: <3.0b11.32.19960827120805.00bb8714@mail.teleport.com>


At 07:44 PM 8/26/96 EDT, JOHN E. HOLT wrote:
>The Pouch uses a 64 x 64 block product cipher, a 1024 bit random initialization
>vector and the CBC technique.  Most experts agree that such an
implementation >is highly resistant to all forms of cryptographic attack.

That depends highly on the cypher.  Also depends on if your "initialization
vector" is truly random.  (Or even close, as some other companies have found
in the past...)

It is resistant to all attacks that you know of.  Depending on the nature of
the algorythm, this could be true in some sense, false in some sense and
meaningless in some sense.  Without published code, it is meaningless in all
senses.

>Hellman and Dilfie rely on knowing the algorithm for their known plain text
>attacks
>An unpublished algorithm forces them into reverse engineering the computer
>programs to learn the algorithm. The POUCH has many roadblocks built in
>to prevent this.

As someone who has spent time reverse engeneering code, I find this one
pretty funny.  The only thing I have found that will obscure code in any
real fashion is writing it badly.  "Roadblocks" to reverse engeneering also
tend to be a speed hit.  Either way, it will not stop someone with the
proper skills and tools.

>I refer to Cummings, Cryptography and Data Security pages 150 and 98 in
this >regard.

Do we have to read them in reverse order or is that part of the roadblock
you are using to make things more difficult...?

I will be interested to see just what kind of liability problems you run
into when this thing gets compromised.  Of course, with a name like "The
Pouch", you will probibly just claim it was a "kangaroo court".
---
|  "Remember: You can't have BSDM without BSD. - alan at ctrl-alt-del.com  "|
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano at teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.teleport.com/~alano/          | alano at teleport.com  |






From maldrich at grci.com  Tue Aug 27 15:51:55 1996
From: maldrich at grci.com (Mark O. Aldrich)
Date: Wed, 28 Aug 1996 06:51:55 +0800
Subject: Code Review Guidelines (draft)
In-Reply-To: <199608271620.LAA10933@manifold.algebra.com>
Message-ID: <Pine.SCO.3.93.960827160057.5158A-100000@grctechs.va.grci.com>


On Tue, 27 Aug 1996, Igor Chudov @ home wrote:

> Adam Shostack wrote:
> > 
> > A few weeks back, I posted a request for source code review
> > guidelines.  I got about 50 me-toos, but no guidelines.  So I wrote
> > some I think are decent.  They're still in draft format.  I'd
> > appreciate feedback & commentary on them.
> > 
> > http://www.homeport.org/~adam/review.html
> > 

Sorry.  I missed your first post.

The Security Engineering CMM effort has also been looking at methods that
are used to create assurances in trusted systems/components/products.  One
of these is, of course, code examination and quality reviews.  You may
want to check out what they've done.  There are not necessarily "steps" to
be followed, but rather how the PA (process area) relates to the ability
of an organization to perform security engineering (i.e., it's maturity).
I haven't been in the PA's for awhile, but there *may* be something there
that you can use.

GRCI sits on both the authoring group and the steering committee for the
SSE CMM.  If you need more info, let me know and I'll hook you up with
someone.  The group is always looking for someone to test the
implementation of the security engineering CMM products through pilot
testing.

Point your browser at http://www.ssecmm.ashton.csc.com/
and then rummage.  There's stuff buried all over the server, but you
probably will be most interested in the peer review, security
vulnerability analysis, and quality management portions.  As I recall (I
can't get to the site right now), a lot of stuff is in RTF and not HTML,
so you may have to DL it instead of look at it online.

------------------------------------------------------------------------- 
|And if Dole wins and dies in office, they|        Mark Aldrich         |
|could just pickle him and no one would   |   GRCI INFOSEC Engineering  |
|notice.  It wouldn't be the first time we|     maldrich at grci.com       |
|had a dill-dole running the country.     | MAldrich at dockmaster.ncsc.mil|
|               -- Alan Olsen             |                             |
|_______________________________________________________________________|
|The author is PGP Empowered.  Public key at:  finger maldrich at grci.com |
|    The opinions expressed herein are strictly those of the author     |
|         and my employer gets no credit for them whatsoever.           |
-------------------------------------------------------------------------






From wb8foz at nrk.com  Tue Aug 27 16:15:38 1996
From: wb8foz at nrk.com (David Lesher)
Date: Wed, 28 Aug 1996 07:15:38 +0800
Subject: FYI: GOP's Stolen Laptop...
In-Reply-To: <1.5.4.16.19960827112653.295f6afc@popd.ix.netcom.com>
Message-ID: <199608272041.QAA01816@nrk.com>


Steve O sez:
> 
> FYI:
> 
> Front page of the New Jersey Star Ladger:
> 
> "GOP's Stolen Laptop had credit card Details"

They should have used PGP on those files.....

-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From jamesd at echeque.com  Tue Aug 27 16:18:45 1996
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 28 Aug 1996 07:18:45 +0800
Subject: "The Observer" calls the internet a child pornography ring
In-Reply-To: <152310Z18071996@anon.penet.fi>
Message-ID: <199608272015.NAA28383@dns1.noc.best.net>


Banner Front page headline in the British Observer, Sunday 25th

"The Peddlers of child abuse"
see http://scallywag.com/

The internet is presented as a conspiracy by child molesters.

There is a picture of Johan Helsingius, the man who free of charge
provides an anonymous remailer service:  The picture is captioned "The
internet middle man who handles 90% of all child pornography"  He is
represented as personally profiting from the distribution of child
pornography, though in fact no posts to binary newsgroups can go
through his system, and no large binaries can go through his system,
and he provides the anonymising service free of charge.

There is a picture of Clive Feather, the man who runs the largest
internet service provider in Britain, captioned "The school governor
who sells access to photos of child rape"]]

The observer article savagely demonizes all who use the internet,
presenting it as primarily existing for the purpose of distributing
child pornography, and demonizes and libels by name those who have
sought to defend the liberty of netizens.

I urge you all to check out this article, and send snail mail letters
to the observer condemning (since they are obviously too low tech to
read email) and email letters of support to those netizens who have
been savagely libeled for their defence of liberty.
 ---------------------------------------------------------------------
We have the right to defend ourselves and our property, because 
of the kind of animals that we are. True law derives from this 
right, not from the arbitrary power of the omnipotent state.

http://www.jim.com/jamesd/      James A. Donald       jamesd at echeque.com






From OSBORRI at msmail.northgrum.com  Tue Aug 27 16:20:07 1996
From: OSBORRI at msmail.northgrum.com (Osborne, Rick)
Date: Wed, 28 Aug 1996 07:20:07 +0800
Subject: Real-time key server
Message-ID: <32235B6D@smtpmmp2.northgrum.com>



Okay, I was told to not post to the list until I'd:
1. Lurked for a month,
2. Figured out who Detweiler was,
3. Found out about BlackNet and DC Nets,
4. Learned of at least three of David Chaum's innovations.
And at that point "[I] may be ready to post [my] first comments."

Well, dammit, I can't wait that long.  I need help now.  I've only been on 
for 2 weeks, I have no clue who Detweiler is (other than the
welcome message I haven't heard two words about him/her/it), and I know 
enough to sound stupid about the other stuff.  But if you still think I'm 
worthy of listeneing to, then read on.

I work for Northrop Grumman Corp (SBMS division) when I have been tasked to 
create a program for reciept of online forms.  The entire division is 
wanting to go paperless, and I am the sole person doing it.  (Yes, I'm going 
for pity here.)

I am writing my own CGI remailer for insecure forms, but some of them
have to be secure.  I think the best way to go about this is a public-key 
system with both keys stored locally and the public keys stored on a 
networked database (for routing purposes; ie, it has to go through managers 
and admin and will be verified and digitally signed with each hop).  Now, of 
course, acces to the public keys will be through a key server.

This is where I come into my problem.

In my research into keyservers, I find that none of them are realtime. 
 Sure, there are CGI interfaces to them, but that's not what I mean.  I was 
hoping for something along the line of a Finger or SMTP protocol, such that 
a client connects to a host (say, keyserv.northgrum.com) on a certain port 
(say, 5397) and goes through a realtime version of what is accomplished via 
email.

Something like:
[connect]
client>GET osborri
server>200 OK
server>-----Begin . . .

and so forth.

Now.  Yes, I am intelligent enough to implement something like this. 
 (Actually, that's debatable, but it's also besides the point.) What I want 
to know is this: Is there a realtime implementation out there already?

Why?  Because:
1. I do not want to reinvent the wheel.
2. I would like to conform to existing standards.

Now, if the answer is a 'no', then who wants to draft a quickie RFC?

 -oz





From raffetto at podesta.com  Tue Aug 27 16:35:22 1996
From: raffetto at podesta.com (John Raffetto)
Date: Wed, 28 Aug 1996 07:35:22 +0800
Subject: Sen. Leahy's "impeccable cyberspace credentials"
Message-ID: <199608272057.QAA01534@podesta.com>


Josh Crockett is exactly right here...

>  It would seem 
>that we need to hunt down our issues and support them, seeing as that 
>politicians are notoriously unreliable on supporting every single issue 
>we would like them to support.

And that's why Declan's message about Leahy is foolish.  When you find a
champion on the Hill for one issue, you rally around him/her.  And when they
won't support you on another issue, you find another champion. If your
policy is to disown Hill allies (in this case, Leahy) who break ranks with
you from time to time, you'll quickly run out of allies.  And when you have
no allies on the Hill, you're really screwed.

John Raffetto







From ichudov at algebra.com  Tue Aug 27 16:49:41 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Wed, 28 Aug 1996 07:49:41 +0800
Subject: Edited Edupage, 18 Aug 1996 [SATELLITES]
In-Reply-To: <199608271609.JAA12761@mail.pacifier.com>
Message-ID: <199608272046.PAA12319@manifold.algebra.com>


jim bell wrote:
> >I'd worry far more about the stresses of launch bothering
> >the drives.
> 
> That's not a problem at all.  Most modern drives are rated for 10's 
> of G's, non-operating.  Satellite launches are probably a breeze 
> compared to this.

I remember reading that Russian satellite launches with people aboard
had acceleration of about 9-10G.

	- Igor.





From mbabcock at tyenet.com  Tue Aug 27 17:04:44 1996
From: mbabcock at tyenet.com (Michael T. Babcock)
Date: Wed, 28 Aug 1996 08:04:44 +0800
Subject: $10K offer if you can break the code
Message-ID: <199608272124.OAA02407@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: mpd at netcom.com, cypherpunks at toad.com
Date: Tue Aug 27 17:17:57 1996
Date: 23 Aug 96 13:59:38 EDT
 From: "JOHN E. HOLT" <76473.1732 at CompuServe.COM>
Subject: secret message
To: <mbabcock at tyenet.com>

Date:  01-Aug-96 14:50 EDT
 From:  JOHN E. HOLT [76473,1732]
Subj:  puzzle

        ^%}{{
ZZ
VVPAGMIGJEKMCCHIAKKPEHJDDDLOABGAMMJOCDFNOLNOKKKNIADPBGPPOEPIDCEMPGWW
VVFCMOPKLKPJOHCNCJBDGOOJKFANCJJBDBMDIFIEKEDPLKDDGMPLHMIIPIJFMKOLENWW
VVCAKJGJCKPAEOOMLJPNFJEKEINIHFKHNOLPCAHLEKHHLMHJFCOEKAFAGPHJBCPBHBWW
VVOKLAENICAFDHEOEODMHMFGIONMAACAOHEOHDAJDNENGAHABNHGOCCPJNFDMAMKADWW
VVMGDHKGPKBEIDBNLOCMLFMEIOKBFBFKJIMIIIFKJDFENCBPAPFBAOFMHEDODBFFPDWW
VVOMFFJBNGEJPLGHJLFOBLFOGCBKAACEICLBIKHGILKCLMHPFIAHPDEOOODPPMLGDNWW
VVGLDNEBDINMILDJDOJOJNKCLIBBKBCBEJPBJCFHGKMFLLEPGLGOOIIGAKJEGNPFHDWW
VVIJBMFLALHPEHHGEGPCLGILBDBMEGMOGOIFBPPONGEDJPNFNMPCJFJPAEMIDOEMBLWW
ZZ
ZZ



Distribution:

To: ME > [76473,1732]


Message Copyright 1996, Michael T. Babcock
http://www.cyberbeach.net/~mbabcock

Send a message with the subject "Send public key" to
receive an automatic reply with my public key.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: ascii
Comment: http://www.cyberbeach.net/~mbabcock/PGP/

iQC1AgUBMiNmCttTCwP6TF2xAQG65AT9GW2JbpaAo26USWptnLhhdaHWXbvDEi2i
35KWFHPWnlfJmj7NiUz+YKAV1aoHJssbGGUKIGoU1R0AV9NepGcODRwamrpZMXZ2
2TWIjgc0NbI+G9PNJrtc9h0XhsWV+w9upF0Yr1uCdCMtsdQtMKGguPzfd3+CfOkq
X5kSv4WIhi22WYwHHlyEyEMPrxMo60ey1EFUUctBYLqgl91omsR+qg==
=wEv6
-----END PGP SIGNATURE-----






From hag at ai.mit.edu  Tue Aug 27 17:12:30 1996
From: hag at ai.mit.edu (Daniel Hagerty)
Date: Wed, 28 Aug 1996 08:12:30 +0800
Subject: Code Review Guidelines (draft)
In-Reply-To: <199608270158.UAA24640@homeport.org>
Message-ID: <199608272111.RAA23997@galapas.ai.mit.edu>


 > From: ichudov at algebra.com (Igor Chudov @ home)
 > Date: Tue, 27 Aug 1996 11:20:56 -0500 (CDT)
 >
 > Look at your sendmail.cf file for a humongous amount of
 > email parsing rules.

    Much better, look at rfc822.  (I wouldn't consider *anything* that
has the word "sendmail" in it a good reference).

    Hostnames will match the regexp [-A-Za-z0-9.]; those are the only
legal characters in the hostname portion.  Usernames
("domain-dependent local string") are much harder to what is and isn't
legal.  Read rfc822.





From joelm at eskimo.com  Tue Aug 27 17:25:59 1996
From: joelm at eskimo.com (Joel McNamara)
Date: Wed, 28 Aug 1996 08:25:59 +0800
Subject: Microsoft Explorer security hole (fwd) MSoft's reply...
Message-ID: <3.0b11.32.19960827142515.009f60f0@mail.eskimo.com>


Displaying warning dialogs in browsers and using default settings so as not
to auto run macros are only bandages to this problem.

Consider the following:

By using API routines to access the Win95 registry, someone writes a macro
virus (or even just a garden variety trojan) that turns off the warning
levels for MSIE which are stored in the registry (I haven't had time to
look, but I'm assuming they're there).

The user has no idea the setting has been changed, and is never warned when
evil, malicious, unsigned code is executed.  Until too late.

The registry, or whatever file you're saving state values to, should have
some form of write authorization associated with it.  Encryption would also
be extremely nice for privacy's sake (check out a Windows .INI file or
registry entry some time, and see what little tidbits of information are
being stored there).

In my experience, one of Microsoft's main problems when it comes to security
has been its developers and program/product managers don't think like "bad
guys" when it comes to design and subsequent exploits and holes.
Unfortunately, the user is the ultimate loser.

Joel

BTW - The paranoid side of me wouldn't be surprised to see PC
"espionage-enabled" viruses and trojans within the next few years.  Their
main purpose would be to either disable or patch various security features
for later attacks, or directly snatch information off of hard drives and
send it out over the Net.  I know of a few lab projects of a similar nature,
that were very easy to implement.

>Date: Thu, 22 Aug 1996 15:49:33 -0700
>From: Thomas Reardon <thomasre at MICROSOFT.com>
>Subject: Re: Internet Explorer security problem (Felten, RISKS-18.36)
> 
>  >We have discovered a security flaw in the current version (3.0) of
>  >Microsoft's Internet Explorer browser running under Windows 95.  An
>  >attacker could exploit the flaw to run any DOS command on the machine 
>  >of an Explorer user who visits the attacker's page.
> 
>We now post the virus warning dialog on local files (file: urls).  We have
>always posted it on remote files (http: urls).  Note that the root of the
>problem is not Java or the browser, but in macro-enabled applications.  IE3
>has a mechanism to warn users about safety of documents when used with
>common macro-enabled applications.  We are have updated Microsoft Word such
>that by default it will not run macros embedded in documents.
> 
>-Thomas






From mbabcock at tyenet.com  Tue Aug 27 17:29:24 1996
From: mbabcock at tyenet.com (Michael T. Babcock)
Date: Wed, 28 Aug 1996 08:29:24 +0800
Subject: (NOISE) Re: Free Pronto Secure Offer
Message-ID: <199608272140.OAA02638@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: unicorn at schloss.li, cypherpunks at toad.com
Date: Tue Aug 27 17:33:42 1996
> So would I, however, the assumption that "cypherpunk crypto review
> services" are to be had for nothing is the height of arrogance.

They've already got a lot of us reviewing it... sorry, it's not arrogance 
- -- they were right.

> If you were sincere, you'd thank them with cash.  Afterall, you seem
> to suggest that you have a good deal of liquidity eh?

Actually, they lose $99 each time they give us a free copy of the software 
... in case you're not as good in accounting as you think you are in 
crypto.  I have no idea what your rep. is ... but I know one thing, they're 
offering an exchange of valuable software (market value: $99) for valuable 
services (crypto-rebel review)

> Uh, the kiss ass paragraphs were the reviewers comments, not your code.

I aggreed with the reviewers comments, they're mine too ... I've sent many 
long E-mails to people I do computer service for endorsing Pronto Secure.  
I have lined up 6 people who wish to purchase it.  This is for real pal.  
If you don't like it, get out of the ring.  Some of us want our PGP to be 
nice and easy like E-mail used to be.
Message Copyright 1996, Michael T. Babcock
http://www.cyberbeach.net/~mbabcock

Send a message with the subject "Send public key" to
receive an automatic reply with my public key.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: ascii
Comment: http://www.cyberbeach.net/~mbabcock/PGP/

iQC1AgUBMiNpvNtTCwP6TF2xAQGKSwT+Lg+uEKBX9yUfZvkZ6tO32fhilvb65sgJ
lpH2MPIArTKIYw/nD4UGQbQPTtx/9+1ASx5V+uqmquy7t/yfbuajrmsuLjnGBc/D
tYxAxRl31+sU3N8X2ie54X1VWcLzgqfXCByuTYIHPPkeHjk7kWJfwTqXZsLV/ZZp
NYGaL6OWq+DXWN3IYxd43fVdfi6qzCxDjseIdAdoV4J7TCjOUCNXbg==
=WqpJ
-----END PGP SIGNATURE-----






From mbabcock at tyenet.com  Tue Aug 27 17:37:47 1996
From: mbabcock at tyenet.com (Michael T. Babcock)
Date: Wed, 28 Aug 1996 08:37:47 +0800
Subject: (NOISE) Re: Free Pronto Secure Offer
Message-ID: <199608272136.OAA02567@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: geoff at commtouch.co.il, cypherpunks at toad.com
Date: Tue Aug 27 17:29:43 1996
> To: unicorn at schloss.li, cypherpunks at toad.com
> Date: Fri Aug 16 02:41:34 1996
> Unicorn,
> 
> > No, I was merely pointing out that if the review revealed that it
> > had problems (one assumed that the intent of peer review is to reveal
> > such problems in the first place, but perhaps you just like giving
> > software away?) then the offered reward was valueless.

No, actually, after having pointed out one (and found another) bug in 
Pronto Secure, I find it to be an amazing piece of software!  It does 
everything with PGP and although it's slow at adding new keys (I presume it 
always checks the signatures down a few levels every time it adds one, and 
thus justifiably slower then straight adding a key) it's fast, efficient, 
and fairly easy to use.

I must admit that of the "View/Save/Inspect" options, only "Save" is very 
clear and the rest are (excuse the pun in advance) cryptic at best.

However, the methods used for the cryptography seem to be sound and after 
monitoring my COM transmissions, I haven't had it sending my secret key 
ring out ... ;) ... (unless they're hiding it in tiny packets ;)

> Peer review seems to have voted that their risk paid off.

My vote's in.  Thanks for the software!

> > Cypherpunks is always getting the cash poor developer who thinks he
> > very clever because he has to pay testers no money if he offers his
> > new product free to the person who discovers a flaw, or writes a
> > review.

        I actually think that Commtouch will not be cash poor in a few 
months ...

> > From your home page, I would guess that you request that reviewers
> > allow you to make their comments public.  That's called an
> > endorsement, and, by the way, people are usually paid for them.
> > Sometimes in the millions. Think Michael Jordan is getting a deal
> > when you use his name to promote your product and then give him a
> > $99.00 piece of software (which is effectively worth the amount of
> > time it takes to write a few kiss ass paragraphs on the software, not
> > $99.00)?

That's because they're famous and their opinion is considered to be very 
good.  I could see them paying Phil Zimmerman to endorse it publicly, but 
it wouldn't matter much because the mainstream people (the ones they're 
targetting with Pronto Secure) don't know who Zimmerman is ... so it's not 
worth they're money ...!

> I venture that most c'punks would agree that moving strong e-mail
> security into mainstream is a good thing. This is not going to happen
> without people making money from it.

Definately...
Message Copyright 1996, Michael T. Babcock
http://www.cyberbeach.net/~mbabcock

Send a message with the subject "Send public key" to
receive an automatic reply with my public key.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: ascii
Comment: http://www.cyberbeach.net/~mbabcock/PGP/

iQC1AgUBMiNo19tTCwP6TF2xAQHwUgUAlJGE5ZU0xV7Hx3u7+/MRv+n83Kn9ZxsE
8igHrEjLwVbfBC9ivoZ7aonm/misAdy2jr77oowPcvuE3t750oCMCfb+AdhUPQGx
Knu29L4XNbgpUH+t5rCCqUiSM7EHIYtmURBjrmDSAADIH3vcd8b9Cc6T5soNIQK+
Nsy9hve+ly+4nVwujNKqAhOCvIMBn+wK/K+ifbAvGbXP65YQFktp4Q==
=AF5P
-----END PGP SIGNATURE-----






From james at corp.netcom.net.uk  Tue Aug 27 17:57:18 1996
From: james at corp.netcom.net.uk (James Fidell)
Date: Wed, 28 Aug 1996 08:57:18 +0800
Subject: "The Observer" calls the internet a child pornography ring
In-Reply-To: <199608272004.NAA15842@dns2.noc.best.net>
Message-ID: <199608272209.XAA22191@corp.netcom.net.uk>


> Banner Front page headline in the British Observer, Sunday 25th
> 
> "The Peddlers of child abuse"
> see http://scallywag.com/
> 
> The internet is presented as a conspiracy by child molesters.
> 
> There is a picture of Johan Helsingius, the man who free of charge
> provides an anonymous remailer service:  The picture is captioned "The
> internet middle man who handles 90% of all child pornography"  He is
> represented as personally profiting from the distribution of child
> pornography, though in fact no posts to binary newsgroups can go
> through his system, and no large binaries can go through his system,
> and he provides the anonymising service free of charge.
>
> There is a picture of Clive Feather, the man who runs the largest
> internet service provider in Britain, captioned "The school governor
> who sells access to photos of child rape"]]

I'm not sure even Clive would claim that he "runs the largest ISP in
Britain" :-)

> The observer article savagely demonizes all who use the internet,
> presenting it as primarily existing for the purpose of distributing
> child pornography, and demonizes and libels by name those who have
> sought to defend the liberty of netizens.
> 
> I urge you all to check out this article, and send snail mail letters
> to the observer condemning (since they are obviously too low tech to
> read email) and email letters of support to those netizens who have
> been savagely libeled for their defence of liberty.

They do have a WWW site -- http://www.guardian.co.uk/observer/
The only feedback address I could find is nml at guardian.co.uk

James.
-- 
 "Yield to temptation --             | Work: james at corp.netcom.net.uk
  it may not pass your way again"    | Play: james at hermione.demon.co.uk
                                     | http://www.netcom.net.uk/~james/
        - Lazarus Long               |              James Fidell





From andrew_loewenstern at il.us.swissbank.com  Tue Aug 27 18:30:11 1996
From: andrew_loewenstern at il.us.swissbank.com (Andrew Loewenstern)
Date: Wed, 28 Aug 1996 09:30:11 +0800
Subject: FYI: GOP's Stolen Laptop...
In-Reply-To: <199608272041.QAA01816@nrk.com>
Message-ID: <9608272141.AA00390@ch1d157nwk>


Steve O sez:
> > Front page of the New Jersey Star Ladger:
> >
> > "GOP's Stolen Laptop had credit card Details"

David Lesher responds:
> They should have used PGP on those files.....

...but I thought fine, upstanding, and law-abiding citizens didn't have  
anything to hide...


andrew





From wclerke at emirates.net.ae  Tue Aug 27 18:47:45 1996
From: wclerke at emirates.net.ae (Wayne Clerke)
Date: Wed, 28 Aug 1996 09:47:45 +0800
Subject: File System Encryption
Message-ID: <01BB948C.BD6EAD20@csb085.emirates.net.ae>


----------
From: 	Drifter[SMTP:drifter at c2.net]
Sent: 	Monday, 26 August 1996 16:19
To: 	cypherpunks at toad.com
Subject: 	File System Encryption

I'm aware of the three main disk encryption programs SFS, SECDRV, and
SECDEV, but I need to find a solution that works with Windows 95 32bit
or Windows NT 4.0.

I'm currently using SFS 1.17 and Secure Drive under Win-95, but am
unable to continue to work in dos compatability mode due to severe
performance hits.  I am open to commercial products that have passed
peer review, but know of none.

If anyone could suggest a solution (outside of switching OS's), I
would be *most* gratefull.

Please respond to the list, as I am a subscriber under another
account.

Tried secdev? Edgar Swank (author of secdrv) recently posted
that secdev (note, not secdrv) does, in fact, uses 32 bit disk 
access with win95. Win95 reports that the secure device is in 
compatibility mode, but the host disk (and therefore the secure 
volume file) is being accessed in 32 bit (disk) mode. Not sure 
what issues there are with '32 bit FILE access' mode here. 

Sounds worth a try though. Please post the results if 
you try this.

The Drifter


EMail: wclerke at emirates.net.ae
PGP key ID: AEB2546D		FP: D663D11E DA19D74F 5032DC7E E001B702
PGP mail welcome.		Voice: +971 506 43 48 53
<a href=mailto:wclerke at emirates.net.ae>Wayne Clerke</a>
If you're not living on the edge, you're taking up too much space.










From sparks at bah.com  Tue Aug 27 20:01:05 1996
From: sparks at bah.com (Charley Sparks)
Date: Wed, 28 Aug 1996 11:01:05 +0800
Subject: a question please
Message-ID: <199608272340.TAA08496@booz.bah.com>


-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: cypherpunks at toad.com
Date: Tue Aug 27 19:39:45 1996
I have been lurking for some time, the occasional quip of a post, perhaps a comment 
on a "shrink wrap" - I still haven't figured out "Black Net"  
Done searches, ( the usual ) and no luck... can I get a break ? Would someone please 
explain it to me ?

Thanks, and my PSecure is registered !
- --------------------------------
Charley Sparks <sparks at bah.com>
     Booz Allen & Hamilton
- --------------------------------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCXAwUBMiOHQuJ+JZd/Y4yVAQGMcwQMDs5Owwd5XH6+XPUVZow4NMq1rV+QXp6W
dLeF0vGT9rg5n6NZJKuAxSFuiXjJLKpv1JePSI2y2mmqMKncajhl2NvvtNPtnK/z
dYF8D2sDvdPVffbxBO7QfjDwV9k5LmEVk24sOjbIk+j6zIZW899OAvT6CadoCmRS
1dQ9VWMyI0vunw==
=tfni
-----END PGP SIGNATURE-----






From dfloyd at io.com  Tue Aug 27 20:29:29 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Wed, 28 Aug 1996 11:29:29 +0800
Subject: Net Politics
In-Reply-To: <v01540b00ae48e087022c@[206.14.141.118]>
Message-ID: <199608272357.SAA27804@bermuda.io.com>


> 
> At 10:23 AM 8/27/96, Jonah Seiger wrote:

[...]

> 
> I swer I had this conversation somewhere recently, and those of us involved
> in it came up with one reason this rift seems to come up so often and get
> discussed so publically, especially in comparison to our "organized,
> determined" opponents. I would hazard a guess that those people working
> within the cause of electronic freedoms tend not to be the simple
> order-following, authority-heeding sort (compared to, say, followers of the
> Religious Right). It's easy if you're Ralph Reed to send out a flyer or get
> the telemarketters working and tell the troops what to do. It's not as easy
> if you're, say, Jonah Seiger. Not because of Jonah (or Shabbir, or Declan,
> or whoever), but because of his audience. It's not a push-button response
> with us.

The herding cats analogy comes to mind here.

[...]






From jya at pipeline.com  Tue Aug 27 20:30:25 1996
From: jya at pipeline.com (John Young)
Date: Wed, 28 Aug 1996 11:30:25 +0800
Subject: DEF_con
Message-ID: <199608280059.AAA26208@pipe5.t2.usa.pipeline.com>


   8-26-96. EeTi: 
 
   "Unix gives hackers a crack at systems." 
 
      Las Vegas: Many of the hacking elite were on the 
      Internet long before the World Wide Web was a gleam in 
      the eye of inventor Tim Berners Lee. And these folks 
      know the best-kept secret of gaining access to-and 
      control of-someone else's electronic property: Unix. 
 
      An expert underground Web cracker who goes by the 
      handle +ORC noted with apparent glee: "With each 
      company that connects to the Net, new frontiers are 
      created for crackers to explore." 
 
      Indeed, even as many old-line hackers of the sort who 
      gathered here recently for the DefCon convention go 
      legit, some starting cyber-security companies of their 
      own, Internet-security experts look with trepidation 
      to the next, more threatening wave of cybercrime. 
 
      Perhaps the legendary hacker group l0pht is the best 
      example of the thin line between cybercriminal and 
      corporate comer. Several members spoke at DefCon, 
      notably Death Vegetable, administrator of the Cult of 
      the Dead Cow; and Mudge, the brilliant encryption 
      cracker who devised the S/Key Cracker's Toolkit and 
      posted it on the Net, much to the chagrin of Bellcore, 
      S/Key's owners. 
 
   ----- 
 
   http://jya.com/defcon.txt  (9 kb) 
 
   DEF_con 
 
 
 
 
 





From lambert at tyenet.com  Tue Aug 27 20:34:50 1996
From: lambert at tyenet.com (Wayne Lambert)
Date: Wed, 28 Aug 1996 11:34:50 +0800
Subject: No Subject
Message-ID: <199608280103.SAA06674@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Tue Aug 27 21:06:05 1996

- ---
Wayne Lambert
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQC1AwUBMiObgojTYwU2UXOVAQHNtwT9Gt9WFfG5WNWwfiqNKU/mOQdzVAY17108
E9h5kVZOuTmA64RIbtwDwD8ehfdJBYguaxIY5Iwm6no9R7YlS5JfyPZ1a1LdnUkp
nA/Le0Ru2pnb4jDLt2fvYDox9NatBH18nIKNWkDo7l3nxf8y4gur/WS2OHlNsiw+
otNsi993lNuIieYgJ4ZZ3qp0vBhMjvOsUgNZ0RaSpHAei65lcpAInw==
=/+Dx
-----END PGP SIGNATURE-----






From tcmay at got.net  Tue Aug 27 20:39:58 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 28 Aug 1996 11:39:58 +0800
Subject: Hayek (was: Cato Institute conference on Net-regulation)
Message-ID: <ae48e75e01021004001f@[205.199.118.202]>


At 5:05 PM 8/27/96, Declan McCullagh wrote:
>This should be a good half-day conference, with some interesting
>speakers. I'll probably show up for Charles Platt's keynote.
>
>Naturally, it's being held in the building's Hayek Auditorium. Hayek has
>some relevance to cypherpunks, I think -- he warned early on that the
>loss of economic freedom inevitably leads to the loss of civil liberties
>as well.
>
>He also described the phenomenon of spontaneous order (admittedly in the
>context of markets), which speaks to the way the Net has ordered itself.

Indeed, Hayek has had a _lot_ to do with the Cypherpunks! From "The Road to
Serfdom" to "Law, Legislation, and Liberty," his works have exerted a
profound influence on me, and on many others.

Lots of connections, from ur-Cypherpunk Phil Salin having worked with him,
to  special Hayek issues of magazines also featuring Cypherpunk fellow
travellers like Mark Miller, and so on.

I described to Kevin Kelly the "emergent order" work Hayek did, for Kevin's
development of his ideas which later became "Out of Control." (I'm sure
Kelly was generally aware of Hayek, but I emphasized to him the importance
of his emergent order ideas as the underpinnings of anarcho-capitalism.)

(In fact, I would say Hayek would've been a candidate for being a cover boy
for "Wired"...assuming of course he was 60 years younger, had some of his
body parts peirced, and, even better, was a Netchick. Being instead a dead
white European male, he'll never be mentioned in "Wired.")

"Hayek -- Tired (Dead tired, in fact), Beavis -- Wired"

("Uh, like, economics like really sucks.")

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jya at pipeline.com  Tue Aug 27 20:43:16 1996
From: jya at pipeline.com (John Young)
Date: Wed, 28 Aug 1996 11:43:16 +0800
Subject: SUN_pak
Message-ID: <199608280101.BAA26550@pipe5.t2.usa.pipeline.com>


   08-26-96. MiPa: 
 
   System for signatureless transmission and reception of 
   data packets between computer networks (Assignee -- Sun 
   Microsystems, Inc.) 
 
   Abstract: A system for automatically encrypting and 
   decrypting data packet sent from a source host to a 
   destination host across a public internetwork. 
 
   Inventors: Aziz; Mulligan; Patterson; Scott. 
 
   ----- 
 
   http://jya.com/sunpak.txt  (6 kb) 
 
   SUN_pak 
 
 
 
 
 
 
 





From tcmay at got.net  Tue Aug 27 21:06:17 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 28 Aug 1996 12:06:17 +0800
Subject: a question please
Message-ID: <ae48f18d02021004648c@[205.199.118.202]>


At 11:40 PM 8/27/96, Charley Sparks wrote:

>I have been lurking for some time, the occasional quip of a post, perhaps
>a comment
>on a "shrink wrap" - I still haven't figured out "Black Net"
>Done searches, ( the usual ) and no luck... can I get a break ? Would
>someone please
>explain it to me ?

Then perhaps you need new search tools!

My own searches of one of the mysteries you mentioned, BlackNet, produce
lots of informative results. But, then, I use Alta Vista, the One True
Search Engine.

(Actually, all similar search engines, e.g. Excite, Yahoo, Inktomi, etc.,
produce comparable results.)

And since I have been seeing your messages--which I presume is roughly
coterminous with you subscription to this list--there have been several
mentions of my Cyphernomicon FAQ. I suggest you consult this for long
explanations of many Cypherpunks topics.

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From AFDA2 at aol.com  Tue Aug 27 21:08:23 1996
From: AFDA2 at aol.com (AFDA2 at aol.com)
Date: Wed, 28 Aug 1996 12:08:23 +0800
Subject: AFDA Web Site
Message-ID: <960827203703_395539315@emout14.mail.aol.com>


MEMORANDUM

SUBJECT:  AFDA Web site, located at:  http://www.afda.org

In September, the Web site for the Association of Federal Defense Attorneys
(AFDA) will become password-protected for members only.  Those of you who
have paid your membership dues for 1996 will be receiving an email message
containing a User ID and Password, which will be good through December 31,
1997 -- almost a year and a half of unlimited usage for the small membership
fee that allows the association to continue financing the cost of maintaining
and upgrading the web site.

Once the member password system goes into effect in September, the online
Library will be stocked with research memos in many areas of federal criminal
litigation (including topics in white collar / corporate criminal
litigation), along with sample briefs and an expanded collection of court
opinions and government agency documents, all of which can be downloaded to
your hard drive.  At present, the library has all criminal law-related
Supreme Court opinions, key U.S. Sentencing Commission documents (including
the 1995 guidelines), and over 60 operations memoranda of the Bureau of
Prisons.  In addition, the online Newsletter will be expanded to add a
separate section for white collar / corporate criminal defense.  

Please note that upon installing the member-password system, the Message
Board on the web site will provide members with a private resource for
discussing strategies and issues with other colleagues, without feeling
exposed to the general web population.  We hope you will take advantage of
this opportunity and put the message board to good use.

Any of you who have not yet joined the association may do so easily by
clicking the "Join AFDA" bar at the top of the home page and completing the
membership form.

Please feel free to complete the "Feedback" form on the web site so that we
can continue to receive your comments and suggestions, a number of which have
already been incorporated into the site.  Please remember that this web site
exists to serve the educational needs of the federal criminal defense bar, so
the association counts on you to join and give us your views on how the site
can continue to serve specific needs and interests of the defense bar.

All email inquiries should be addressed to:  AFDA2 at AOL.com

Best regards to all, and thanks again for your support.

Marc S. Sanders
(System Operator / Webmaster)





From drifter at c2.net  Tue Aug 27 21:11:42 1996
From: drifter at c2.net (The Drifter)
Date: Wed, 28 Aug 1996 12:11:42 +0800
Subject: File System Encryption
Message-ID: <Pine.SUN.3.94.960827181944.23478B-100000@infinity.c2.net>


On Wed, 28 Aug 1996 02:55:20 +0400, Wayne Clerke <wclerke at emirates.net.ae>
wrote:

>Tried secdev? Edgar Swank (author of secdrv) recently posted
>that secdev (note, not secdrv) does, in fact, uses 32 bit disk 
>access with win95. Win95 reports that the secure device is in 
>compatibility mode, but the host disk (and therefore the secure 
>volume file) is being accessed in 32 bit (disk) mode. Not sure 
>what issues there are with '32 bit FILE access' mode here. 
>
>Sounds worth a try though. Please post the results if 
>you try this.
>

I have actually had Secure File System, Secure Drive, and Secure Device
all installed with mounted volumes at the same time under Win95.  However,
32bit file access is not the problem.  When you load a TSR in Win95, the
operating system forces you into 16bit DOS compatability mode.  I'm not a
kernal guru so I can't explain all the specifics, but it basically makes
95 act as Win-3.11 and looses multithreading (as it were) and creates
serious memory paging problems if you have >32mb installed.

Thanks for the reply though .. and if you need assitance with getting
SECDEV working under 95, just drop me a note.

Drifter






From drifter at c2.net  Tue Aug 27 21:21:48 1996
From: drifter at c2.net (The Drifter)
Date: Wed, 28 Aug 1996 12:21:48 +0800
Subject: File System Encryption
In-Reply-To: <199608271401.JAA04116@xanadu.io.com>
Message-ID: <Pine.SUN.3.94.960827181039.23478A-100000@infinity.c2.net>




On Tue, 27 Aug 1996, Douglas R. Floyd wrote:

> If you have another 386 or 486 lying around, you could install Linux and
> Ian's encrypted loopback code on a remote box, then NFS or Samba the
> filesystem over.  For protection, you could modify the vlock command to
> lock the console (and not unlock it), and disable inetd.  Then, unless
> someone has the permissions to access the files through the network, the
> files are inaccessable ;-).

I may have to consider this approach. I'll have to look into Ian's system.
Does it pass muster with the crypto gods? (that's meant as a compliment
guys :)

Drifter






From lists at lina.inka.de  Tue Aug 27 21:24:14 1996
From: lists at lina.inka.de (Bernd Eckenfels)
Date: Wed, 28 Aug 1996 12:24:14 +0800
Subject: Code Review Guidelines (draft)
In-Reply-To: <199608272111.RAA23997@galapas.ai.mit.edu>
Message-ID: <m0uvZT1-0004kIC@lina>


Hi,

>     Much better, look at rfc822.  (I wouldn't consider *anything* that
> has the word "sendmail" in it a good reference).

its much better if you dont rely on the content of the string at all. Dont
use sh -c or system and you will be save. Simply asume that all characters
are valid in user suplied strings and treat them exactly that way... If they
need to be exporeted then unfortunately they need to be 'untainted' and this
should be done by positive not negative lists as mentioned in the
guidelines.

Greetings
Bernd

PS: I have collected the references on
http://www.inka.de/sites/lina/freefire-l/
-- 
  (OO)      -- Bernd_Eckenfels at Wittumstrasse13.76646Bruchsal.de --
 ( .. )   ecki@{lina.inka.de,linux.de}  http://home.pages.de/~eckes/
  o--o     *plush*  2048/A2C51749  eckes at irc  +4972573817  *plush*
(O____O)       If privacy is outlawed only Outlaws have privacy





From Omegaman at bigeasy.com  Tue Aug 27 21:41:16 1996
From: Omegaman at bigeasy.com (Omegaman)
Date: Wed, 28 Aug 1996 12:41:16 +0800
Subject: (Fwd) Re: The POUCH
Message-ID: <199608280157.UAA08066@bigeasy.com>


After reading Mr. Holt's announcement and the subsequent replies on 
the list I decided to send him a polite off-list reply.  In it I 
briefly reiterated the argument that knowing how a lock mechanism 
work does not make the lock insecure; furthermore, it makes it more 
secure.

I then stated, in all caps, that not knowing the algorhythm is 
inherently insecure.  I stated that he should not be surprised when 
encryption activists bristle at the knowingly (or otherwise) 
techniques which pander to a crypto-ignorant populace.  
I requested no reply and completed with a few quotes from the "Snake Oil" 
chapter of the PGP documention.  I told him to ask himself if he felt
that the marketing techniques he was using fit the profile contained 
therein.

While not the friendliest of e-mails, I was certainly civil and 
sincerely hoped to prod Mr. Holt to consider these issues and assess 
his approach.

His reply was so rediculous that I decided to post it to the list 
with my own reply attached.  Chuckle at will.

------- Forwarded Message Follows -------
From:          Self <Single-user mode>
To:            "JOHN E. HOLT" <76473.1732 at CompuServe.COM>
Subject:       Re: The POUCH
Reply-to:      omega at bigeasy.com
Date:          Tue, 27 Aug 1996 20:54:21


> You write me using a software package that was ripped off from RSA
> that you got free from a bulletin board.  What level of trust is that?

You really know nothing at all about encryption.  At least I KNOW 
what I'm getting.  I know what the RSA algorhythm is.  I know it has 
been tested and studied.  Whether or not it was "ripped off" depends 
on whether or not you're related to RSA data security in some way.  
It's a copyright issue and has nothing whatsoever to do with the 
technology itself.  All the algorhythms used in the PGP package were 
written by others; what does that have to do with anything?

What does the price of the software have to do with anything?  If I 
spent money on it does that make it any more secure?  I would gladly 
spend money on secure encryption technology.  I, for one, would like 
to be comfortable that it's money well-spent.

Your defenses are those of one who has nothing to defend.  Crying 
"libel" and making empty statements such as the above are actions 
that divert attention from the truth; that your product is most 
likely worthless crap.  Furthermore, you really don't know for 
yourself whether or not this is true.

Happy selling.

me
------------------------------------------------------------------
Omegaman <omega at bigeasy.com>
PGP Key fingerprint =  6D 31 C3 00 77 8C D1 C2  
                       59 0A 01 E3 AF 81 94 63 
Send E-mail with the "get key" in the "Subject:" field
to get my public key
-------------------------------------------------------------------





From ses at tipper.oit.unc.edu  Tue Aug 27 21:55:39 1996
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Wed, 28 Aug 1996 12:55:39 +0800
Subject: "The Observer" calls the internet a child pornography ring
In-Reply-To: <199608272209.XAA22191@corp.netcom.net.uk>
Message-ID: <Pine.SUN.3.91.960827213738.4461B-100000@tipper.oit.unc.edu>



The   letters page is editor at observer.co.uk . 

The thing  that really got me riled was the use of a quote from Tom Paine 
on the front page as the header to their leader. Tom Paine published most
of his important work anonymously, and thugs wouldoften try to beat up 
the publishers to find out who the author was. (Paine's friends sometimes 
did this too). 

Common.Sense at alpha.c2.org

---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........





From unicorn at schloss.li  Tue Aug 27 22:13:46 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Wed, 28 Aug 1996 13:13:46 +0800
Subject: $10K offer if you can break the code
In-Reply-To: <199608272124.OAA02407@toad.com>
Message-ID: <Pine.SUN.3.94.960827222149.5361C-100000@polaris>


On Tue, 27 Aug 1996, Michael T. Babcock wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> To: mpd at netcom.com, cypherpunks at toad.com
> Date: Tue Aug 27 17:17:57 1996
> Date: 23 Aug 96 13:59:38 EDT
>  From: "JOHN E. HOLT" <76473.1732 at CompuServe.COM>
> Subject: secret message
> To: <mbabcock at tyenet.com>
> 
> Date:  01-Aug-96 14:50 EDT
>  From:  JOHN E. HOLT [76473,1732]
> Subj:  puzzle
> 
>         ^%}{{
> ZZ
> VVPAGMIGJEKMCCHIAKKPEHJDDDLOABGAMMJOCDFNOLNOKKKNIADPBGPPOEPIDCEMPGWW
> VVFCMOPKLKPJOHCNCJBDGOOJKFANCJJBDBMDIFIEKEDPLKDDGMPLHMIIPIJFMKOLENWW

[blah blah]

Ok, just a second here.  What are the terms of the contest?

Why am I convinced I know the answer already?

> Message Copyright 1996, Michael T. Babcock
> http://www.cyberbeach.net/~mbabcock
> 
> Send a message with the subject "Send public key" to
> receive an automatic reply with my public key.
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3i
> Charset: ascii
> Comment: http://www.cyberbeach.net/~mbabcock/PGP/
> 
> iQC1AgUBMiNmCttTCwP6TF2xAQG65AT9GW2JbpaAo26USWptnLhhdaHWXbvDEi2i
> 35KWFHPWnlfJmj7NiUz+YKAV1aoHJssbGGUKIGoU1R0AV9NepGcODRwamrpZMXZ2
> 2TWIjgc0NbI+G9PNJrtc9h0XhsWV+w9upF0Yr1uCdCMtsdQtMKGguPzfd3+CfOkq
> X5kSv4WIhi22WYwHHlyEyEMPrxMo60ey1EFUUctBYLqgl91omsR+qg==
> =wEv6
> -----END PGP SIGNATURE-----
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From EALLENSMITH at ocelot.Rutgers.EDU  Tue Aug 27 22:15:06 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Wed, 28 Aug 1996 13:15:06 +0800
Subject: Edited Edupage, 20 August 1996
Message-ID: <01I8SBQ60IWW9JDBTS@mbcl.rutgers.edu>


> From:	IN%"educom at educom.unc.edu" 21-AUG-1996 02:46:51.91
>To:	IN%"edupage at elanor.oit.unc.edu"  "EDUCOM Edupage Mailing List"
>CC:	
>Subj:	Edupage, 20 August 1996

[...]

>*****************************************************************
>Edupage, 20 August 1996.  Edupage, a summary of news about information
>technology, is provided three times a week as a service by Educom,
>a Washington, D.C.-based consortium of leading colleges and universities
>seeking to transform education through the use of information technology.
>*****************************************************************

[...]

	I am willing to bet that the new domain name organization(s) will also
have to implement a policy similar to the below, although some may be more
lax on one side or the other. (It occurs to me that ibm.org should not be
confusable with ibm.com by any "reasonable person" - or at least any reasonable
person with any business making assumptions by what they see on the Net.)

>NETWORK SOLUTIONS SEEKS DOMAIN DISPUTE SOLUTIONS
>Network Solutions Inc., which August 9 announced another round of revisions
>to its Domain Name Dispute Policy, is imposing additional requirements on
>the trademark holder who challenges a domain name registrant with trademark
>violation.  The trademark registration must be identical to the domain name,
>and trademark holders must provide NSI a certified copy of its trademark
>registration, as well as a copy of a written notification addressed to the
>domain registrant of the trademark holder's prior claim.  In an attempt to
>avoid being named in any more lawsuits, the new NSI policy implements an
>interpleader-like procedure, where NSI turns over control of any disputed
>domain name to the court and will carry out all court orders without being
>named a party to the suit.  The new guidelines go into effect Sept. 9, and
>text of the revised policy can be found at < http://rs.internic.net >.  (BNA
>Daily Report for Executives 19 Aug 96 A7)

	Hopefully, the below is a bit too pessimistic... it appears quite
possible to institute more just charges (as per how much the person is
burdening the Net) without a crash. (Did AOL's size have anything to do with
the length of the shutdown, as opposed to its effects?)

>GROWING PAINS ON THE NET
>The inadvertent shutdown of America Online a few weeks ago was only the
>beginning, say some industry observers, who predict that outages at
>overburdened Internet providers will become more common in the future.
>"Maybe for the first time in the history of the Internet, the demand is
>exceeding the supply that technology can deliver," says the CEO of Advanced
>Network & Services.  Because flat-rate pricing is the dominant Internet
>service provider business model, there is no financial incentive to conserve
>the resource, warns the executive VP of Nynex Science & Technology.  He
>predicts that the Internet eventually will collapse under its own weight,
>but will reemerge with "a lot more tollbooths on that highway than there are
>now."  (Business Week 26 Aug 96 p62)

[...]

>Edupage is written by John Gehl <gehl at educom.edu> & Suzanne Douglas
><douglas at educom.edu>.  Voice:  404-371-1853, Fax: 404-371-8057.

>Technical support is provided by Information Technology Services at the
>University of North Carolina at Chapel Hill.

>***************************************************************
>Edupage ... is what you've just finished reading.  To subscribe to Edupage:
>send mail to: listproc at educom.unc.edu with the message:  subscribe edupage
>George Gershwin (if your name is George Gershwin;  otherwise, substitute
>your own name).  ...  To cancel, send a message to: listproc at educom.unc.edu
>with the message: unsubscribe edupage.   (If you have subscription
>problems, send mail to manager at educom.unc.edu.)





From unicorn at schloss.li  Tue Aug 27 22:16:28 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Wed, 28 Aug 1996 13:16:28 +0800
Subject: (NOISE) Re: Free Pronto Secure Offer
In-Reply-To: <199608272139.RAA19477@polaris.mindport.net>
Message-ID: <Pine.SUN.3.94.960827215748.5361B-100000@polaris>


On Tue, 27 Aug 1996, Michael T. Babcock wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> To: unicorn at schloss.li, cypherpunks at toad.com
> Date: Tue Aug 27 17:33:42 1996
> > So would I, however, the assumption that "cypherpunk crypto review
> > services" are to be had for nothing is the height of arrogance.
> 
> They've already got a lot of us reviewing it... sorry, it's not arrogance 
> - -- they were right.

Read what I said carefully please.  I said the assumption that they are
for free is arrogance.  Perhaps your services are worth less, that's
not really my concern.  They may have a wonderful product, but expecting
and taking for granted free review by the entire list is still arrogance.

> > If you were sincere, you'd thank them with cash.  Afterall, you seem
> > to suggest that you have a good deal of liquidity eh?
> 
> Actually, they lose $99 each time they give us a free copy of the software 
> ...

Uh, no.

Assume a Scoobie Doo Mystery Machine Van is free with your one cent
donation to Burger King, or $1.49 with no donation.

Query:  How much is a Scoobie Doo Mystery Machine Van worth?

Query 2:  How much has Burger King "lost" if you donate a cent and take
the van?

Replace "one cent donation to Burger King" with "opportunity cost of
reviewing and writing a review of the software."

Replace "Scoobie Doo Mystery Machine Van" with "copy of crypto product."

Determine the cost of producing one software package.
Subtract the opportunity cost of the reviewer from software package.
production cost (or market cost if you prefer).

Now, revist your statement above.

> in case you're not as good in accounting as you think you are in 
> crypto.

Uh, perhaps you better direct your keen and unblurred accounting acumen
inward.

> I have no idea what your rep. is ... but I know one thing, they're 
> offering an exchange of valuable software (market value: $99) for valuable 
> services (crypto-rebel review)

The relevance of "market value" in the above paragraph is left as an
exercise for the reader, as is the nature of the term "valuable software."
 
> > Uh, the kiss ass paragraphs were the reviewers comments, not your code.
> 
> I aggreed with the reviewers comments, they're mine too ... I've sent many 
> long E-mails to people I do computer service for endorsing Pronto Secure.

Ok, and how much did it cost you in opportunity cost to write a few kiss
ass paragraphs about the software?  (Hint, it's almost certainly less than
$99, and if not, the crypto company is taking you for a ride).
  
> I have lined up 6 people who wish to purchase it.

And thousands in this country have bought pet rocks.  So?

> This is for real pal.  

Thankfully, I am not your pal.

I don't care if it is real or if it is not.  The point is that certain
marketing and review tactics make a crypto product, regardless of its
merit, look like a pile of dung.  Offering free copies to write reviews
where that offer contains phrases like "a $99 value) is one such tactic.

> If you don't like it, get out of the ring.

A little dissention upsetting for you?  If you don't like it, get off the
list.

> Some of us want our PGP to be nice and easy like E-mail used to be.

I'm not sure why my comments are so clearly, to you, a value judgement
about Pronto Secure itself.  My comments were directed toward their
marketing efforts and tactics.  I have since come to believe that the
marketing department there has got it on the money now, and understands
the way those kind of offers go over with some individuals on the list.  I
suggest you consider reviewing my original message.  Looks to me like you
just replied to a reply to a reply.

> Message Copyright 1996, Michael T. Babcock
> http://www.cyberbeach.net/~mbabcock

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From blancw at microsoft.com  Tue Aug 27 22:23:25 1996
From: blancw at microsoft.com (Blanc Weber)
Date: Wed, 28 Aug 1996 13:23:25 +0800
Subject: Discussion: The Digital Commerce Clause [Long] [Was: Re: The Commerce Clause and the Crypto Issue]
Message-ID: <c=US%a=_%p=msft%l=RED-81-MSG-960828022819Z-22262@mail.microsoft.com>


>From:	Black Unicorn 
>
>I believe the answer to preserving the purity of digital commerce is to
>form it in such a way so as to make regulation impossible, because in my
>view the constitution no longer provides citizens with the protection or
>freedom to progress.  I feel the same way about privacy.  All the
>constitutional arguments in the world mean little today.  A systematic
>approach which makes violations of personal rights impossible whether
>constitutional or not is the answer.
>.....................................................
>
>
>I, like others on the list, have often misunderstood your references to court
>cases and other legal stuff as indicators that you were being pessimistic,
>discouraging, and presenting obstacles to free-thinking, imaginative ideas.
>
>The way in which you expressed yourself left out your true inclinations on
>the subjects, and it would only be someone who had read a large number of
>your posts who would realize what side of the issues you are really on.
>
>I agree very much with what you say in the above paragraph about the
>constitutional arguments [by jove, I think he's got it :>)]   So many times
>people (especially libertarian types) will present their protests in
>reference to constitutional issues.  Yet there are some contradictions within
>the Constitution, or areas which sound that way, and which are therefore too
>easily misconstrued by present thinkers (judges, lawyers, etc.).
>
>So often the document is referred to like a magic mantra which is going to
>take away the ills and boogeymen by waving it in front of their faces.  But
>the document is not so well read, understood, nor respected by those in
>public office.  It isn't used as a guide to move towards more self-reliance
>rather than less.  I have heard from one political potentiate that his
>opponent (already in office) had not ever even read it.
>
>You can't depend upon adherence to the Constitution to create the reality
>you're after (although, like a dart-shoot, you can always try and it does,
>after all, supply the basics for the established legal procedures and it's
>possible to set the fear of it upon government types by setting their feet to
>its fire -  if you can pay for it).
>
>(This gives me a sense of deja-vu:  I think you and I had a long argument
>about this on the list, once.)
>
>   ..
>Blanc
>
>
>





From bf578 at scn.org  Tue Aug 27 22:32:06 1996
From: bf578 at scn.org (SCN User)
Date: Wed, 28 Aug 1996 13:32:06 +0800
Subject: Microsoft Explorer security hole (fwd) MSoft's reply...
Message-ID: <199608280257.TAA25752@scn.org>



Actually I think its thier lack of foreseeing how a produbt can and will be
used.  Problems throughout thier line of products show this off.
Most of thier products are a creation of Microsoft anyway, they've stolen,
borrowed, purchased or purchased the company to obtain their products, then
added features upon features so they can market the hell out of it
to become #1 in market share. Many cases they've taken a reliable product
and made it less than reliable.
  I don't understand why people continue to support Microsoft they way 
they do!
  
   Ponder the thought of Microsoft buying up every web server/broswer
  company in the first year or two of the WEB?  Would it have made it where
  it is today?  
  Ponder the thought of Micorosft having ultimate control over the
  IETF

>In my experience, one of Microsoft's main problems when it comes to security
>has been its developers and program/product managers don't think like "bad
>guys" when it comes to design and subsequent exploits and holes.
>Unfortunately, the user is the ultimate loser.
>
>Joel
>
>BTW - The paranoid side of me wouldn't be surprised to see PC
>"espionage-enabled" viruses and trojans within the next few years.  Their
>main purpose would be to either disable or patch various security features
>for later attacks, or directly snatch information off of hard drives and
>send it out over the Net.  I know of a few lab projects of a similar nature,
>that were very easy to implement.
>



BTW: When is this list/listserver going to convert the reply-to fields to 
     point to cypherpunks at toad.com?



--
------------------------------------------
There are no facts, only interpretations.

I always wanted to be somebody, 





From rah at shipwright.com  Tue Aug 27 23:15:47 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Wed, 28 Aug 1996 14:15:47 +0800
Subject: (flatulence): Reply-to loops
In-Reply-To: <199608280257.TAA25752@scn.org>
Message-ID: <v0300781cae49348e071b@[206.119.69.46]>


At 2:57 AM -0000 8/28/96, SCN User wrote:
> BTW: When is this list/listserver going to convert the reply-to fields to 
>      point to cypherpunks at toad.com?

Never.

We don't do it because of reply-to loops.

Only idiots, or charitably, those with very low traffic, run their mail lists any other way.

Accidentally sending private e-mail to the list is bad enough without bringing the listserver to its knees...

Cheers,
Bob Hettinga
([probationary] former idiot)

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From EALLENSMITH at ocelot.Rutgers.EDU  Tue Aug 27 23:49:37 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Wed, 28 Aug 1996 14:49:37 +0800
Subject: Nando.Net on Observer, Julf
Message-ID: <01I8SF5X601C9JDBTS@mbcl.rutgers.edu>


	Good luck. Overall a positive article, although I've noted one definite 
goof. I wonder if it would be possible to sue this FBI idiot as well as The
Observer?
	-Allen

>   Avis
>                    FINN REJECTS INTERNET CHILD PORN CLAIMS
   __________________________________________________________________________
>      Copyright &copy 1996 Nando.net
>      Copyright &copy 1996 Reuter Information Service
      
>   HELSINKI (Aug 26, 1996 10:53 a.m. EDT) - On the eve of a major
>   conference on child sex abuse, a Finnish Internet specialist on Monday
>   angrily dismissed allegations in a British newspaper that his system
>   handled up to 90 percent of child pornography on the Net.
   
[...]
   
>   The newspaper reported the charges, by a U.S. policeman and FBI
>   adviser, in the run-up to an international conference in Stockholm on
>   the commercial sexual exploitation of children starting on Tuesday.
   
>   Finnish police also said they had found no evidence in areas they can
>   investigate that Helsingius's system is now being used to forward
>   child pornography on a large scale.
   
>   "We are working very closely with the authorities and the child
>   protection agencies -- I am always encouraging people to report any
>   incidence of child pornography they see on the Internet to police, so
>   that they can investigate and act," Helsingius told Reuters by
>   telephone.
   
>   The Observer quoted Toby Tyler, a Federal Bureau of Investigation
>   adviser on child abuse and pornography, as saying 75-90 percent of the
>   child pornography he saw on the Internet was forwarded through
>   Helsingius' system.
   
>   Internet remailers are computers which receive and forward messages
>   with a pseudonym or anonymous source.
   
>   There are about five in the world, and they exist to enable anonymous
>   discussion of sensitive subjects -- for instance by victims of child
>   abuse, potential suicides or people in politically repressed
>   societies.

	Five? Someone's miscounted...
   
>   Helsingius said one key reason his system would not be used for
>   pornorgaphy was that it has built-in capacity limitations which make
>   it impossible to send large pictures through it -- only small amounts
>   of text.
   
>   "Also the groups where pictures are carried...are not supported in my
>   server," he said.
   
>   It could be possible to compress and chop up picture material for use
>   through the server but this would involve using "tens or hundreds of
>   separate messages," he said.
   
>   Kai Malmberg, a Helsinki police specialist in Internet affairs, said
>   he had in the past found child pornography remailed through the server
>   but it had stopped since police started investigating.
   
>   "I've found really no evidence of the Finnish remailer being used for
>   child pornography," he said. "But we can't -- we don't want to --
>   check people's mail. That would be like going into the post office and
>   opening all the letters.
   
>   "I believe that he's quite sincere in trying to protect his server for
>   people to discuss sensitive issues," he said.
   
>   Asked if his system could be used to carry child pornography through
>   individual e-mail messages, Helsingius said this was possible but not
>   on a large scale as it does not support e-mail systems which
>   simultaneously send to many recipients.
   
>   But he said it was possible for Internet experts to imitate his
>   remailer address to make it seem as if messages were coming through
>   his system.
   
>   "In a prevous case roughly a year ago we could find a couple of cases
>   of child porn," he said. "It was actually posted in the UK to the UK
>   -- it didn't come to Finland at all but it was being made to look like
>   it came from my server. Anyone can alter the origination information."
   
>   He said all the allegations about his remailer seemed to stem from
>   Tyler, yet he had been unable to contact him. Tyler was travelling to
>   the Stockholm conference on Monday and unavailable for comment.
   
>   "The fact that he's claiming 90 percent of the child porn goes through
>   my remailer is pretty far from the truth. There might be the
>   occasional instance and we are actively working against that,"
>   Helsingius said.
   
>   "My reputation has been tarnished all over Europe. We will take legal
>   action, but we are not quite sure in what country."
   
[...]

>    Copyright &copy 1996 Nando.net





From mbabcock at tyenet.com  Tue Aug 27 23:56:49 1996
From: mbabcock at tyenet.com (Michael T. Babcock)
Date: Wed, 28 Aug 1996 14:56:49 +0800
Subject: Pronto making a comment
Message-ID: <199608280425.VAA09757@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: liberty at gate.net, cypherpunks at toad.com
Date: Wed Aug 28 00:17:58 1996
> >-----BEGIN PGP SIGNATURE-----
> >Version: 2.6.3i
> >Charset: ascii
> >Comment: http://www.cyberbeach.net/~mbabcock/PGP/
> 
> How did you get Pronto to do a comment?
> JMR

I added a "comment=" in my config.txt ;) ... the old fashionned way.
Message Copyright 1996, Michael T. Babcock
http://www.cyberbeach.net/~mbabcock

Send a message with the subject "Send public key" to
receive an automatic reply with my public key.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: ascii
Comment: http://www.cyberbeach.net/~mbabcock/PGP/

iQC1AgUBMiPIe9tTCwP6TF2xAQFk4wT/Z4gZo5FW3QbiMKEjcXylL0Q449x2ZvaC
pJ+3i/ExfxoDgxgsRTo7b2/Rz0JWn5x8K1TnAABfoRrnDe/wtoBEGekzxh9U69MQ
RT0m0leok3ep91QKE2WFdWPXw1WHmOduXD+rCPB4cjQ0yENYdHGMnPzTaLG/Y5t3
8q/sq0G4DA7xGbOqJkwa+ALmhaNMt+VTQIfX02RZC0lIJYhcdLs+mQ==
=zMc7
-----END PGP SIGNATURE-----






From tcmay at got.net  Tue Aug 27 23:56:53 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 28 Aug 1996 14:56:53 +0800
Subject: The Dangers of Complying with "Registration" Laws
Message-ID: <ae4910bd04021004b84d@[205.199.118.202]>



Several years ago, California decided that certain rifles which had
previously been sold openly and without restriction were now to be
classified as "assault rifles," and owners were to fill out forms and
register them. (I don't recall if a fee was involved.)

(Some of you readers may, of course, think that such guns are in fact more
dangerous than, say, shotguns. This is not so, but this is also beside my
point. My point is not to argue that a Colt AR-15 with various cosmetic
features (such as "flash suppressor") should not be registered. Indeed, I
take it as a given that such registration is in violation of the Second
Amendment. Rather, my point is about the dangers of complying with such
registration laws.)

It turns out that the suckers who voluntarily registered the so-called
assault rifles they owned were subjected to _additional_ and _unwarranted_
delays in later purchases. The article below refers to some cases.

Not surprisingly, the act of voluntarily registering an "assault rifle"
placed one on a computerized list of suspicious citizen-units.

(I'm glad I had the presence of mind not to register my Colt AR-15, bought
in 1975, and having the "evil features" which the criminals in Congress
declared to be evil. Had I done so, I might have been unable to buy the
various guns I've bought recently.)

Although guns are not the same as crypto, and comparisons of crypto to
firearms are flawed, the lesson is that one should NEVER VOLUNTEER! No
doubt in 1999, when citizen-units are ordered to voluntarily register their
copies of assualt cryptography tools, those who step forward like lambs to
the slaughter will find themselves on lists of subversive citizen-units.
Yet more of a reason for Stego-PGP.

This article appeared in rec.guns:


In article <4vssg2$3dh at xring.cs.umd.edu>, wd6cmu at netcom.com (Eric
Williams) wrote:

> In a previous post, John C. Woo (jwoo at rezn8.com) wrote:
> : Eric Williams wrote:
> : # I read somewhere (I can look it up if someone cares) that the DOJ is
> : # holding up paperwork on purchases by people who have registered their
> : # "assault rifle" with the state.  Has anyone experienced this?
>
> : This is starting to sound like a conspiracy.
> : I DO happen to own a registered AR-15 here
> : in sunny California.
>
> : I would be interested to know where you discovered
> : this tasty tidbit.
>
> It came from an paper by David Kopel, "Why gun waiting periods threaten
> public safety." (Journal on Firearms and Public Policy, V1 #4, summer
> '92)  He writes:
>
>   About 10% of California's 300,000 "assault weapon" owners have registered
>   their weapons, as required by law.  The group that complied with the
>   retroactive registration law surely qualifies as a highly law-abiding
>   set of people.  Yet this group of highly law-abiding gun-owners, when
>   they attempt to buy a new rifle or pistol following California's 15-day
>   waiting period, find that the California Department of Justice has put a
>   1 to 4 month hold on their applications because they are registered
>   "assault weapon" owners.
>
> As a cite, he references LA Daily News, March 4, 1991, a letter
> to the editor by William Davis under the title "Gun Law Backfires".
> The letter was from a law enforcement officer and licensed federal
> firearms dealer whose application was put on hold.
> --
> Eric Williams  |  wd6cmu at netcom.com  |  WD6CMU at WD6CMU.#NOCAL.CA.USA.NOAM
>
>  "The information superhighway is a revolution that in years to come will
>   transcend newspapers, radio, and television as an information source.
>   Therefore, I think this is the time to put some restrictions on it."
>                                           -- Sen. James Exon (D-Neb.)


We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From dlv at bwalk.dm.com  Wed Aug 28 00:06:24 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Wed, 28 Aug 1996 15:06:24 +0800
Subject: Hayek (was: Cato Institute conference on Net-regulation)
In-Reply-To: <ae48e75e01021004001f@[205.199.118.202]>
Message-ID: <4TscTD14w165w@bwalk.dm.com>


Senile tcmay at got.net (Timothy C. May) rants:
> Indeed, Hayek has had a _lot_ to do with the Cypherpunks! From "The Road to
> Serfdom" to "Law, Legislation, and Liberty," his works have exerted a
> profound influence on me, and on many others.

But he's fucking unreadable.  I plan to teach economic this semester and
make every student read Hazlitt (economics in 1 lesson). I can't force them
to read hayek (or Rothbard) because they're fucking unreadable. Shit.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From wiechman at iconnet.com  Wed Aug 28 00:07:37 1996
From: wiechman at iconnet.com (wiechman at iconnet.com)
Date: Wed, 28 Aug 1996 15:07:37 +0800
Subject: WORD Mail: A Part of Our Lives...
Message-ID: <9608280446.AA00120@word.iconnet.net>


 
     
      Dear Friends of Word [http://www.word.com]:
            
      Two things:
      
      1.  Word has been nominated for 3 (three) of the 1996 Cool Site of the 
      Year Awards (Cool Site of the Year, Cool Design of the Year, and Cool 
      Web Designer of the Year).  Please vote for us.  We're literally 
      begging you.  Does this seem desperate?  Cool Site of the Year is 
      located at http://cool.infi.net/vote.html
      
      2.  Please check out Word [http://www.word.com].  Right now you can 
      experience our special feature "Guyana," a super-deluxe documentary 
      about three NYC artists' (Bob Braine, Mark Dion, and Alexis Rockman) 
      six-week trek through the Amazon jungle.  It's got art, animation, 
      text, and an original score. Sort of like a movie. But not. Anyway, 
      it's real good. Mmmmm!
      
            Truly Yours,
            WORD
      
      
      
      3.  I know we said there would only be two things, but we just thought 
      we should mention that if you've requested to be removed from our 
      mailing list, it *will* happen very soon.  We've had a bit of trouble 
      keeping everything up to date.  Word swears to remove you from the 
      list.
      
 
 






From mbabcock at tyenet.com  Wed Aug 28 00:08:43 1996
From: mbabcock at tyenet.com (Michael T. Babcock)
Date: Wed, 28 Aug 1996 15:08:43 +0800
Subject: Key Exchange Request
Message-ID: <199608280446.AAA01992@spirit.hks.net>


-----BEGIN PGP SIGNED MESSAGE-----

Type Bits/KeyID    Date       User ID
pub  1280/FA4C5DB1 1996/06/13 Michael T. Babcock <mbabcock at tyenet.com>
                              Michael T. Babcock <mbabcock at cyberbeach.net>

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i
Comment: http://www.cyberbeach.net/~mbabcock/PGP/

mQCtAzHAhC8AAAEFAMG+C+yN8q7KDT5TUSdyQNZlDDlTGuF4vUzPEq52lrqx7NAA
YwJuj0dtOnnU2GAAonNutYF7nbbsS5yjWWgENioKOzIdjgDpq+YBZDkX4kFTD/+5
PM5EZhS1kT54zDpbjlZHtu9ViL3xUD/vp5zmp7Mlxqdd5SbkM0bpIBlBIqfpij59
hOVgc837YtAMmAbuRzwzy06/5ne221MLA/pMXbEABRG0KE1pY2hhZWwgVC4gQmFi
Y29jayA8bWJhYmNvY2tAdHllbmV0LmNvbT6JALUCBRAyG4B8iNNjBTZRc5UBAQgN
BQCUEtqBZp6AHxuzl8ul5YdrgSmVzL5KZ+h5ZSsahq3Z880Z2+iL2nHlQxE/Kx+A
+sBALnqjcZ1jFVd//kdUW3Z6MR805txMXhxSm8350uxv9SVgR9fFatuBphyMY3+H
JCJABOD8W/78l+ryKzrDIkTRcZZ/ZfAIFx8CuQbHAHREbd5WxUvwYD1RmYN0roEm
lX08htgUVpM5KrsdO1QFZXJciQCVAwUQMdnXD03i+M8vT7SzAQGdPgP/U/LYSAdj
Fv9F9B+B0zzUOUyZVzP+esMRLVja69FXpLvpSbzHZuibwgx6iHzQvJU7FgoNR6Le
xMjVobVz6dvQNn4Cyv/IVSYhQ7OeQpVpPROMd7oNpi2REond6iTulNwJ582yNWbg
HpXF+rcyQGLSZW1M97dstKVJaA1M+1I+KBiJAJUDBRAxwISNpWTgrlDImaUBAXK9
BACT9ZVN4CQonU8MhzZXNepMm2k3xAkM/01e1vjqjnHR95g9xysVJCeSh0aky+Jk
v7Yok5hRLhZ8CWmt+n/vAEZI6thIJlF++CLX6XHaZVN0sXtOKJuzsu1za4Kllqbf
nRKkEKjixFQk37sDUHJPehiy7tYWVF364A5KQU9K7JenDIkAtQMFEDHAhDDbUwsD
+kxdsQEBo9wE/1TDLucmWU8nIQ3izH8bDLHv8UNfyKItlMwKQXcokOxFV1lhxtKu
RhsBjIiLD3iBXG7xd/Q8EgV9gbAXJ0IfdMBEXUbAqNgZBu0sPT5OWtdxQ4l7/uXl
A0bHNGe8/O+L76bq81dWn7i/iyggIDpcSYYp4pCqm0fPQFS8eMUc5fwQMhODgVH2
WTSKbIZrSXYUjv9Nu1hAHeo1xB7tyJCJePi0LE1pY2hhZWwgVC4gQmFiY29jayA8
bWJhYmNvY2tAY3liZXJiZWFjaC5uZXQ+iQCVAwUQMcCKaqVk4K5QyJmlAQF56gP9
F/kU8pMxVJdCDFVXyXm9STzEwZauLzMAHbIqWE7RzzDX1jX6e4bFDkpOP79SM19K
RMrB70IQ/0OerNDGA3foMTFde79CZwSN+sE4CBIziEzClCkoZR8lsURgrNCpgrfD
SfefCMERK2wsPRCHTm1/SQoc107xgPdZKV2MTsKa+l6JALUDBRAxwIo/21MLA/pM
XbEBAbXOBPsFGBbIKo04YVMaQRQXUXNJNaFys21ZforSlLXX6jh9XVnPfTzJHbba
lYtzBNMSzTn1S2INJUTsmakfMWSi3yghi6BVlBPJDhaC/lbmUPzbs1UtGwKzTJPP
oIW0ogvNiBUnEJBXLyEpLg4DDsmg74jT23m9kDIY5IT9tDQy2l+bVlDUl341DCSw
qd98jWjPf38BgLOldtanlYiYfSBcVIdO
=N34I
- -----END PGP PUBLIC KEY BLOCK-----


	This message was sent by Pronto Secure Mail.
	Above is my public key.
	Please send your public key by return mail.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMiPPNCoZzwIn1bdtAQHwiAGA25takabrZ8cinCavjJ4DMhYclePThtCz
2Wy+KH/pT42RVsMDtPvmwKeF8MEffw1N
=QuAh
-----END PGP SIGNATURE-----





From tcmay at got.net  Wed Aug 28 00:16:42 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 28 Aug 1996 15:16:42 +0800
Subject: Scoring Politicians on Digital Liberty Issues (Re: Net Politics)
Message-ID: <ae4916c905021004240c@[205.199.118.202]>



(I have no idea where the virtual nexus of this debate is taking place...I
see these addresses copied on the message to which I'm replying:
fight-censorship at vorlon.mit.edu, cypherpunks at toad.com, brock at well.com,
telstar at wired.com, shabbir at vtw.org, jseiger at cdt.org (Jonah Seiger), Declan
McCullagh <declan at eff.org>. I despise such massive cross-contamination of
lists and duplication of messages, so I will delete all but the list I am
part of, and Jonah Seiger, out of courtesy, as it his message I am replying
to.)

At 2:23 PM 8/27/96, Jonah Seiger wrote:

>"One more round of 'work within the system' vs 'up against the wall!'," he
>said.
>
>This is an important debate that unfortunately seems to be dividing the
>net.community when we most need to be united. All of us working on
>net-policy issues share a common vision and goals - promoting the free flow
>of information, preserving and enhancing First Amendment values and
>protecting individual privacy. There are, for better or worse, many
>different views on the best way to accomplish those objectives, and the
>debate over who has the right tactics seems to frequently escalate in to
>religious war.
>
>Meanwhile, our opponents are well organized, determined, and do a much
>better job of keeping their internal strategic differences to themselves.
>Perhaps this is part of the reason they keep kicking our butts all over
>town.

I think it laudable that CDT has chosen to remain in D.C. to "work within
the system." Personally, I could never stomach doing this. Nor do I think
the Cypherpunks group per se should do it; technological monkeywrenching of
the best-laid plans of Leahy, Swinestein, and all the other "mice and men"
is so much more effective and satisfying.

Yes, as far as legislation goes, the politicians are constantly on the
offensive, proposing new and more draconian legislation on a continuing
basis. Maybe they hope to wear us out, to create battle fatigue (some say
it worked with EFF, but I've heard various reasons given as to why EFF left
D.C.).

But technology also is winning, in its own way. Web proxies defeat national
governments in their plans to limit access. Remailers have transformed the
Net. Digital pseudonyms have restored anonymous commentaries to their
once-honored place. And the sheer growth of the Net, the Web, and the vast
number of connections has made Leahy- and Exon-style control essentially
hopeless to enforce.

On the specific issue of whether Sen. Leahy is or is not a "friend of the
Net," to use him as an example here, I suggest a different approach.
Instead of classifying Leahy as a friend or an enemy, or Burns as a friend
or an enemy, etc., why not a *ratings system*? As with the "perfect 100%"
liberal ratings that the ACLU or somesuch puts out...

Thus, we can say "Conrad Burns has scored a 67% on Digital Liberty issues,
Patrick Leahy has scored a 42% on these issues, and Dianne Feinstein scored
17%."

Determination would have to be made on what the important issues, but this
has been done successfully in the past, as with the liberal groups and
union groups (and conservative/NRA/family values groups) who "score"
candidates.

A scoring system has the advantage of looking relatively impartial, and
avoids the "friend/enemy" naming, at least in terms of personalities. Thus,
one can say to Leahy, "Sorry, Senator, this is just how you score. If you
want to score higher in the future, take careful note of what our community
thinks is important and vote accordingly."

The issues for a scorecard might be accumulated on the Net, with inputs
from CDT, VTW, EFF, Cypherpunks, and other interested groups. It could be
messy, but perhaps not. Even a *simple* set of principles, picked by almost
any of these organizations, would likely be enough to get a reasonable
scoring system...it's not as if we all don't know that Leahy's support for
the Digital Telephony Bill was a major downcheck--whatever the realpolitik
issues were--and that his support of Pro-Code is a major upcheck. The value
of scoring is that it takes out the often-painful issues of classifying
politicians as "friends" or "enemies."

Objective scoring means never having to say you're sorry.

--Tim may


--
[This Bible excerpt awaiting review under the U.S. Communications Decency
Act of 1996]
And then Lot said, "I have some mighty fine young virgin daughters. Why
don't you boys just come on in and fuck them right here in my house - I'll
just watch!"....Later, up in the mountains, the younger daughter said:
"Dad's getting old. I say we should fuck him before he's too old to fuck."
So the two daughters got him drunk and screwed him all that night. Sure
enough, Dad got them pregnant, and had an incestuous bastard son....Onan
really hated the idea of doing his brother's wife and getting her pregnant
while his brother got all the credit, so he pulled out before he
came....Remember, it's not a good idea to have sex with your sister, your
brother, your parents, your pet dog, or the farm animals, unless of course
God tells you to. [excerpts from the Old Testament, Modern Vernacular
Translation, TCM, 1996]







From jimbell at pacifier.com  Wed Aug 28 00:24:04 1996
From: jimbell at pacifier.com (jim bell)
Date: Wed, 28 Aug 1996 15:24:04 +0800
Subject: Sen. Leahy's "impeccable cyberspace credentials"
Message-ID: <199608280419.VAA01883@mail.pacifier.com>


While I, on the other hand, am surprised by your over-optimistic tone.  
Bills in Congress are, technically, ALWAYS up for public comment.  And yes, 
they are almost always subject to amendment.  But the REALITY (remember 
reality?!?) is that once a bill has been officially introduced in Congress, 
it is substantially more difficult to add a good part, or remove a bad part, 
than if the bill remained on a word-processor or was simply put on the 'net 
for comments.

The status-quo system might have made sense in the pre-Internet era, when 
the public familiarity of issues and/or legislation was less, or 
communication costs to the public were higher, etc.  But today, when it's 
easy and cheap to put the text of a proposed bill on the Internet, it simply 
no longer makes sense to not accept public comment BEFORE the 
"high-hysteresis" environment of Congress has been entered.

Here's what is REALLY going on.  Congress wants to maintain the illusion 
that the public actually has some input into the way bills are drafted.  But 
in reality, they want essentially total control.  One of the many biases 
inserted into the system to ensure this control is maintained is to disguise 
the extent to which special interests (and Congress, itself, is a "special 
interest") get to dictate how law reads.  

Consider the alternative, and in particular the Leahy crypto bill, and even 
more particularly the portion of that bill criminalizing the use of 
encryption in a way which thwarts an investigation.  Suppose the pieces of 
entire bill, before actual filing, had been publicly posted on the Internet, 
and there had been either a vote or at least a collection of comments about 
the individual proposed sections.  What would have happened?  That portion 
of the bill would have gotten flamed and rejected, with a large majority 
opposing it.  Moreover, we would all have KNOWN that it had been rejected.  
At that point, if Leahy still insisted on including it, it would be 
tantamount to giving the 'net his middle finger, and we would have rightly 
lambasted Leahy, as he deserved.  Moreover, we would have known that someone 
was pushing that part of the bill, and could reasonably insist that he is 
identified.

But the way Leahy actually proposed it, in a package that had been put 
together in secret, it isn't clear how much Leahy detests our opinions, and 
he might actually have gotten away with foisting this on us.  

See the difference?  An open system holds legislators to a much higher 
standard, which is why they don't like it and is why we should insist on it. 
  An open system reveals to the public if their interests are being 
followed.  An open system will allow more people to become aware of being 
screwed by politicians, maybe even before it happens, and it will allow them 
to reject legislative proposals which contain undesirable portions, 
particularly portions which are written into a bill despite opposition.

_THAT_ could, hypothetically, become the "legislative process" someday.  In 
fact, it SHOULD BE the legislative process.  I consider the current system 
illegitimate to the extent (at least!) that it is biased against public 
participation.




At 08:51 AM 8/27/96 -0400, John Raffetto wrote:
>Jim -- I'm surprised by your message.  Members of Congress rarely introduce
>bills and say take it or leave it.  Rather, by introducing a bill, they're
>offering it up for public comment.  After introduction, the bill is referred
>to a committee, and perhaps a subcommittee, where there are hearings and the
>like.  The lobbyists swarm in, constituent letters roll in.  Then the bill
>is marked up in committee, and emerges in a revised form.
>
>If you want to vet a proposed piece of legislation on the Internet, then
>copy the text off of THOMAS and post it... then participate in the
>legislative process.
>
>John Raffetto
>
>
>>
>>I believe that it is particularly suspicious that these bills come into 
>>existance without even cursory "vetting" on the Internet.  Both the Leahy 
>>bill and even the Burns crypto bill popped into public view without any 
>>indication of how they were written, or any public input on their intent and 
>>scope.  Perhaps this "take it or leave it" practice is old hat to 
>>politicians, but frankly I'm disgusted at politicians' presumption that they 
>>can prepare a law with no identifiable input from the public.
>>
>>I am similarly disgusted at any organization (even if, ostensibly, acting in 
>>support of "net freedom") that assisted in the development of the Leahy 
>>crypto bill (and to some extent, even the Burns bill) because they clearly 
>>failed to solicit the kind of public input that such bills should 
>>automatically get.
>>
>>And in a sense, "the Net" doesn't NEED "strong supporters": what we need are 
>>politicians who are willing to LEAVE US ALONE!  It should come as no 
>>surprise that the call you frequently see among net-freedom- supporters for 
>>new legislation is that which repeals existing restrictive laws, such as 
>>ITAR and censorship laws.  
>>
>>Jim Bell
>>jimbell at pacifier.com
>>
>>
>
>
>
>

Jim Bell
jimbell at pacifier.com





From steven at echonyc.com  Wed Aug 28 01:02:57 1996
From: steven at echonyc.com (Steven Levy)
Date: Wed, 28 Aug 1996 16:02:57 +0800
Subject: Denning interview in Wired
In-Reply-To: <199608271723.KAA23960@netcom23.netcom.com>
Message-ID: <Pine.SOL.3.91.960828012847.800B-100000@echonyc.com>


Didn't mean to be defensive or criticize you, Vladimir.  Just wanted to 
make it clear that the story didn't necessarily include all her 
reasonings. You make some fine points. 





From tcmay at got.net  Wed Aug 28 01:08:35 1996
From: tcmay at got.net (Timothy C. May)
Date: Wed, 28 Aug 1996 16:08:35 +0800
Subject: Hayek (was: Cato Institute conference on Net-regulation)
Message-ID: <ae492e2b01021004ff49@[205.199.118.202]>


At 4:26 AM 8/28/96, Dr.Dimitri Vulis KOTM wrote:
>Senile tcmay at got.net (Timothy C. May) rants:
>> Indeed, Hayek has had a _lot_ to do with the Cypherpunks! From "The Road to
>> Serfdom" to "Law, Legislation, and Liberty," his works have exerted a
>> profound influence on me, and on many others.
>
>But he's fucking unreadable.  I plan to teach economic this semester and
>make every student read Hazlitt (economics in 1 lesson). I can't force them
>to read hayek (or Rothbard) because they're fucking unreadable. Shit.

Well, to one who inserts "(spit)" after nearly every name he cites, and
critiques Hayek as "fucking unreadable. Shit.," I suppose Hayek must indeed
seem unreadable. Shit.

After all, Hayek rarely writes things like: "The senile Von Mises (spit)
and his Sovok Cabal plotters...."

As to "forcing" your students to read Hayek, just who is in charge? If
you're the instructor, they can choose to read what you tell them to read,
or be unprepared on the exams you give and possibly flunk the class. What
part of "Required Reading" do you or your students not understand?

--Tim (spit) May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From unicorn at schloss.li  Wed Aug 28 01:27:54 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Wed, 28 Aug 1996 16:27:54 +0800
Subject: Discussion: The Digital Commerce Clause [Long] [Was: Re: The Commerce Clause and the Crypto Issue]
In-Reply-To: <c=US%a=_%p=msft%l=RED-81-MSG-960828022819Z-22262@mail.microsoft.com>
Message-ID: <Pine.SUN.3.94.960828020522.18743A-100000@polaris>


On Tue, 27 Aug 1996, Blanc Weber wrote:

> >From:	Black Unicorn 
> >
> >I believe the answer to preserving the purity of digital commerce is to
> >form it in such a way so as to make regulation impossible, because in my
> >view the constitution no longer provides citizens with the protection or
> >freedom to progress.  I feel the same way about privacy.  All the
> >constitutional arguments in the world mean little today.  A systematic
> >approach which makes violations of personal rights impossible whether
> >constitutional or not is the answer.
> >.....................................................

[...]

> >I agree very much with what you say in the above paragraph about the
> >constitutional arguments [by jove, I think he's got it :>)]   So many times
> >people (especially libertarian types) will present their protests in
> >reference to constitutional issues.  Yet there are some contradictions within
> >the Constitution, or areas which sound that way, and which are therefore too
> >easily misconstrued by present thinkers (judges, lawyers, etc.).
> >
> >So often the document is referred to like a magic mantra which is going to
> >take away the ills and boogeymen by waving it in front of their faces.  But
> >the document is not so well read, understood, nor respected by those in
> >public office.  It isn't used as a guide to move towards more self-reliance
> >rather than less.  I have heard from one political potentiate that his
> >opponent (already in office) had not ever even read it.
> >
> >You can't depend upon adherence to the Constitution to create the reality
> >you're after (although, like a dart-shoot, you can always try and it does,
> >after all, supply the basics for the established legal procedures and it's
> >possible to set the fear of it upon government types by setting their feet to
> >its fire -  if you can pay for it).

With all the talk of self-enforcing contracts via cryptography, it is a
bit surprising to me that no one has suggested a constitution (which is
basically a unilateral contract) be enforced in such a matter, or in an
indirect way through technology.

I do find it sad that it seems that rights today must be enforced despite,
and not by, trust.

Perhaps soon there will exist institutions which make rights inalienable
in fact, not in theory.

> >Blanc

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From jf_avon at citenet.net  Wed Aug 28 01:33:06 1996
From: jf_avon at citenet.net (Jean-Francois Avon)
Date: Wed, 28 Aug 1996 16:33:06 +0800
Subject: Sen. Leahy's "impeccable cyberspace credentials"
Message-ID: <9608280621.AA29030@cti02.citenet.net>


On 27 Aug 96 at 21:16, jim bell wrote:

> See the difference?  An open system holds legislators to a much
> higher standard, which is why they don't like it and is why we
> should insist on it.

Fine Jim, but how?  Any idea of a system that could lead to that?

JFA
who's ROTFL!

 DePompadour, Societe d'Importation Ltee; Limoges porcelain, silverware and crystal
 JFA Technologies, R&D consultants: physicists, technologists and engineers.

 PGP keys at: http://w3.citenet.net/users/jf_avon
 ID# C58ADD0D : 529645E8205A8A5E F87CC86FAEFEF891 
 





From dfloyd at io.com  Wed Aug 28 01:33:37 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Wed, 28 Aug 1996 16:33:37 +0800
Subject: File System Encryption
In-Reply-To: <Pine.SUN.3.94.960827181039.23478A-100000@infinity.c2.net>
Message-ID: <199608280536.AAA01510@xanadu.io.com>


> 
> 
> 
> On Tue, 27 Aug 1996, Douglas R. Floyd wrote:
> 
> > If you have another 386 or 486 lying around, you could install Linux and
> > Ian's encrypted loopback code on a remote box, then NFS or Samba the
> > filesystem over.  For protection, you could modify the vlock command to
> > lock the console (and not unlock it), and disable inetd.  Then, unless
> > someone has the permissions to access the files through the network, the
> > files are inaccessable ;-).
> 
> I may have to consider this approach. I'll have to look into Ian's system.
> Does it pass muster with the crypto gods? (that's meant as a compliment
> guys :)

It uses IDEA in a decently secure manner, as well as TDES.  You can also
mount .au files as filesystems, and the data will be hidden in the sound
file.

(Last place I remember Ian's loop.c and des patches for Linux was on
ftp.csua.berkeley.edu, /pub/cypherpunks/<somewhere>)

> 
> Drifter
> 







From stewarts at ix.netcom.com  Wed Aug 28 02:06:07 1996
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Wed, 28 Aug 1996 17:06:07 +0800
Subject: FYI: GOP's Stolen Laptop...
Message-ID: <199608280700.AAA11957@toad.com>


At 04:41 PM 8/27/96 -0500, Andrew Loewenstern
<andrew_loewenstern at il.us.swissbank.com> wrote:
>> They should have used PGP on those files.....
>
>...but I thought fine, upstanding, and law-abiding citizens didn't have  
>anything to hide...

These are _Republicans_, Andrew!    :-)

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From matthew at itconsult.co.uk  Wed Aug 28 02:43:12 1996
From: matthew at itconsult.co.uk (Matthew Richardson)
Date: Wed, 28 Aug 1996 17:43:12 +0800
Subject: An open letter to the Editor of The Observer
Message-ID: <3224ef54.383859120@itconsult.co.uk>


[I understand the text of the Observer article is available at
http://www.hclb.demon.co.uk/obs.txt]

-----BEGIN PGP SIGNED MESSAGE-----

I. T. Consultancy Limited

Our reference  L2217

The Editor
The Observer
119 Farringdon Road
London EC1R 3ER

26 August 1996

AN OPEN LETTER � FOR PUBLICATION

Sir,

I read with some interest the article by David Connett and Jon Henley 
in yesterday's edition regarding the Internet and child pornography.  
I was particularly interested as I am a computer consultant advising 
clients on Internet issues.

In my professional opinion, the technical standard of the reporting 
was sufficiently poor as to be both inaccurate and misleading.  The 
purpose of this letter is to clarify certain technical issues which 
might cause your readers to reach unfounded or incorrect conclusions.

It is important to be aware of the various methods by which 
information generally (which can include pornography) is distributed 
around the Internet.  Your article focuses on one particular route, 
namely Newsgroups.  It is Newsgroups which are detailed in the 
Metropolitan Police's letter to Internet Providers and which are 
concentrated upon by your article.  There are several other means of 
distributing information.  I believe however that the Police letter 
lists fewer than the 150 groups referred to by the authors.  
Interestingly enough Newsgroups only offer the means of broadcasting 
information to anyone who wants to retrieve it.

The authors do not appear to have a sufficient grasp of what a 
"remailer" does.  For example they seem to draw a direct link between 
the use of such remailers and people being able to "log on and 
participate in 'live' and 'interactive' filmed sessions".  A lay 
reader would perhaps draw the inference that the remailer is somehow 
involved in any such live participation.  Unfortunately this could 
not be further from the truth.  Remailers simply allow people to post 
messages, either as email to other people or to Newsgroups for 
general reading.  Nothing more.  Remailers are generally incapable of 
being "logged on" to.

Your article also refers to "remailing companies", from which the lay 
reader might infer that remailers are operated for commercial profit.

Such an inference would again be wholly incorrect.  I know of no 
organisation operating a remailer for profit, indeed none of them 
even charge for their services.  They are generally run by 
individuals on a voluntary basis who consider them as a service to 
the Internet community.  Your article appears not to mention any of 
the purposes of such remailers other than in terms of the 
distribution of pornography.  In my view it would be difficult to 
present a balanced article without doing so.

Different remailers take different steps to prevent whatever their 
operators consider as "abuse".  My understanding is that Mr. 
Helsingius' service restricts messages to 48k bytes (or characters) 
and prohibits postings to the "binaries" newsgroups designated for 
images.  I also understand that it only allows 30 messages per user 
per day.  At a technical level these restrictions would make it 
almost impossible to use his service for mass distribution of any 
binary data, not just pornography.

It therefore appears surprising to me that your article should allege 
that Mr. Helsingius' remailer is responsible for handling "90 per 
cent of all child pornography" on the Internet.  I wonder what 
substantiating evidence The Observer has to this effect other than 
the alleged claim by Toby Tyler.  Indeed it appears from your article 
that the words "is supplied through this remailer" may not be a 
direct quote from Toby Tyler.

Your article alleges that "the photographs made available to Demon's 
subscribers through the Internet are supplied anonymously by 
remailing companies".  The lay reader might infer from this that all 
photographs therefore come via remailers.  Again this would be far 
from the truth.  

Finally I hope this letter offers some assistance to your readers in 
clarifying a number of issues which were perhaps less than clear in 
your article.  Given your newspaper's difficulties with technical 
issues, I would be grateful if you would kindly refer any editing of 
this letter to me prior to publication.

Yours faithfully,
Matthew Richardson

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAgUBMiFvEAKwLwcHEv69AQGjIQP+IGR9rhvdYXe7CuCcwPl/tIrIBryikTM2
IVOpygTF2nCPf3WEJ8czRvs1emp9d9d++69XiG1f6QAeP9Jv/h9KzVtV7mjjuqCX
LhlhXBYjLIiGCcxljKZ07zHFlCeZWCzuAmIFnZbz2fNNjqyicheIMlxI2tDrGgjp
dlaGZuAI2XY=
=dkXg
-----END PGP SIGNATURE-----





From wendell at singnet.com.sg  Wed Aug 28 02:47:21 1996
From: wendell at singnet.com.sg (Wendell Lee)
Date: Wed, 28 Aug 1996 17:47:21 +0800
Subject: [Fwd: Re: Code Review Guidelines (draft)]
Message-ID: <304171D2.77A3@singnet.com.sg>

unsubcribe wendell at singnet.com.sg


To: hag at ai.mit.edu
Subject: Re: Code Review Guidelines (draft)
From: lists at lina.inka.de (Bernd Eckenfels)
Date: Wed, 28 Aug 1996 03:30:49 +0200 (MET DST)
Cc: ichudov at algebra.com, adam at homeport.org, firewalls at greatcircle.com,       cypherpunks at toad.com, coderpunks at toad.com
In-Reply-To: <199608272111.RAA23997 at galapas.ai.mit.edu> from "Daniel Hagerty" at Aug 27, 96 05:11:39 pm
Sender: owner-cypherpunks at toad.com

Hi,

>     Much better, look at rfc822.  (I wouldn't consider *anything* that
> has the word "sendmail" in it a good reference).

its much better if you dont rely on the content of the string at all. Dont
use sh -c or system and you will be save. Simply asume that all characters
are valid in user suplied strings and treat them exactly that way... If they
need to be exporeted then unfortunately they need to be 'untainted' and this
should be done by positive not negative lists as mentioned in the
guidelines.

Greetings
Bernd

PS: I have collected the references on
http://www.inka.de/sites/lina/freefire-l/
-- 
  (OO)      -- Bernd_Eckenfels at Wittumstrasse13.76646Bruchsal.de --
 ( .. )   ecki@{lina.inka.de,linux.de}  http://home.pages.de/~eckes/
  o--o     *plush*  2048/A2C51749  eckes at irc  +4972573817  *plush*
(O____O)       If privacy is outlawed only Outlaws have privacy





From accessnt at ozemail.com.au  Wed Aug 28 03:09:35 1996
From: accessnt at ozemail.com.au (Mark Neely)
Date: Wed, 28 Aug 1996 18:09:35 +0800
Subject: Australian Interbet Betting System Gets US Interest 08/26/96
Message-ID: <2.2.32.19960828082856.006d5744@ozemail.com.au>



>>CentreBet can be reached at http://www.taunet.com.au/centrebet  

BTW .. that is //www.taunet.net.au/centrebet
                            ^^^

Regards,

Mark
___
Mark Neely - accessnt at ozemail.com.au 
Lawyer, Internet Consultant, Professional Cynic
Author: Australian Beginner's Guide to the Internet (2nd Ed.)
	Australian Business Guide to the Internet
	Internet Guide for Teachers, Students & Parents
Check out my Anti-SPAM FAQ: http://www.accessnt.com.au/faqs/spam.htm






From jcr at pirate  Wed Aug 28 03:34:01 1996
From: jcr at pirate (John C. Randolph)
Date: Wed, 28 Aug 1996 18:34:01 +0800
Subject: Identification docs needed.
Message-ID: <9608280826.AA00285@pirate.thoughtport.com>


c'punks,

Sorry for the off-topic post, but I think that the resourceful
people on this list might be able to help.

I have a friend here in NYC who is in a bit of a bind, because she  
has *no* id.  Her birth was never recorded (i.e. no birth
certificate!)

So, the question is:  Anyone have any suggestions as to how one
could obtain documentation that would pass muster with the local
passport office?  I'm hoping to help her obtain the documentation
she needs to get on an airplane without gaining too much attention  
from the JBT's.

BTW, she was born a US citizen in Puerto Rico.  Baptismal records
may be forthcoming, but that isn't certain.

advTHANKSance,

-jcr





From ravage at einstein.ssz.com  Wed Aug 28 07:02:28 1996
From: ravage at einstein.ssz.com (Jim Choate)
Date: Wed, 28 Aug 1996 22:02:28 +0800
Subject: (Fwd) Re: **"OuR" Project press release** (fwd)
Message-ID: <199608281137.GAA08101@einstein>



Hi all,


I thought I would forward this so those less connected might know of amateur
space technology. With a factor of 5 increase in altitude these folks will
be putting things in LEO. My guess, 3-5 years.


Forwarded message:
> From postmaster at ddg.com Tue Aug 27 23:25:59 1996
> Message-Id: <199608280351.WAA21839 at oak.zilker.net>
> Comments: Authenticated sender is <stu at mail.zilker.net>
> From: "Stu Barrett" <stu at zilker.net>
> Organization: Personal Business
> To: hct at ddg.com
> Reply-To: hct at ddg.com
> Errors-To: postmaster at ddg.com
> Precedence: bulk
> X-Listserver: AutoShare 1.0.2fc14 by Mikael Hansen
> X-Administrivia-To: Stu Barrett (Stu at Zilker.net)
> X-To-Unsubscribe: autoshare at ddg.com, body: unsub hct
> X-See-Also: http://www.DDG.com/
> Date: Tue, 27 Aug 1996 22:53:36 -6
> Subject: (Fwd) Re: **"OuR" Project press release**
> Priority: normal
> X-mailer: Pegasus Mail for Windows (v2.23)
> 
> Pulled this off of the net.  The was even better than SkyeDance IV ;-)
> 
> ------- Forwarded Message Follows -------
> 
> Paul Robinson & Ken Mizoi wrote:
> > 
> > To All Fellow Rocketeers:
> > 
> >         The "OuR" project was launched Friday, August 16th, 1996 at 9:05 PST.
> > All available flight data is still being analyzed so any information
> > presented is preliminary and is provided for the courtesy of all those
> > who have supported the "OuR" team.
> > 
> >         First, the principal members of the "OuR" team are, in alphabetical
> > order, Frank Kosdon, Phil Prior, Paul Robinson, and Jim Rosson.  These
> > dedicated souls spent two years of dedicated research and effort, not
> > to mention tens of thousands of dollars, to build and fly the "OuR"
> > project.
> > 
> >         The R motor is a proprietary engine design with the propellant
> > provided by Frank Kosdon.  It was 10.5" in diameter and contained
> > almost 300 pounds of propellant, including a 21 pound, full diameter
> > delay "cake" for tracking.  It was calculated to burn for 10.5
> > seconds, and provide 285,000 Newtons of total impulse.  Yes, in
> > rocketeer terms an R27,000!
> > 
> >         The airframe was 21 feet long, with a 5 to 1 conical nose.  The gross
> > launch mass was about 700 pounds.  On board was a ten watt video
> > downlink, provided by Jon Dunbar, a Trimble GPS, video overlay and
> > associated electronics, provided by Bob Rau, and various other backup
> > electronics.  Both main and drouge parachutes were provided by Bob
> > Stroud.
> > 
> >         The rocket was launched in almost no winds, pointing a few degrees
> > away from the town of Gerlach, NV for safety reasons.  The rocket flew
> > perfectly straight and the motor functioned flawlessly with a total
> > activity time around 12 to 14 seconds.  The rocket coasted for about
> > 80 seconds, slightly more than calculated, into the ozone layer.  The
> > altitude simulations pointed to an expected altitude of just under
> > 100,000 feet.  With the increased activity time and increased coast
> > time, the altitude most likely exceeded 100,000 feet.
> > 
> >         One highlight of this flight was the video data transmitted back to
> > earth from approximately twenty miles in the sky.  What was seen was a
> > clear outline of the entire Black Rock Dessert and the surrounding
> > terrain, the curvature of the earth, and the great blackness of the
> > space.
> > 
> >         Higher altitudes are accessible by smaller rockets, but the intent of
> > this project was to successfully build and fire a "large" rocket
> > motor.  Previously, only commercial enterprises have had success with
> > motors of over four inches in diameter and the results of last year's
> > BALLS launch support this presumption.  Furthermore, the instruments
> > carried aloft simply would not fit in say a 54mm "altitude optimized"
> > motor.
> > 
> >         Unfortunately, the rocket failed to deploy its recovery systems and
> > accelerated to over Mach 1 and impacted into the sand dunes several
> > miles away.  There was a loud sonic boom heard by all that literally
> > shook the earth.  In fact, instead of the nominal "hole and fin slits"
> > seen in previous impacts, there was a twenty foot diameter area with
> > large chunks of sheared earth as if a high energy charge had been
> > detonated under the ground.  The rocket was not recovered, but several
> > pieces of metal, fiberglass, and burnt Nomex were found indicating the
> > ejection charges did in fact fire.
> > 
> >         As more data is analyzed, and more hard facts are gathered, more
> > information will follow.  Furthermore, the rights to the video are in
> > the negotiation stage with the various film crews present, but do
> > expect a very detailed video from Earl Cagle of Point 39 Productions.
> > 
> >         Once again, the "OuR" Project members wish to express sincere thanks
> > to all those who listened, donated, and gave their support who were
> > not specifically named.  This project would not have flown if were not
> > for the "believers" and the tremendous team spirit.  Only they know
> > the sweat and the number of hours it takes to fly such a rocket.
> > 
> >                                                         Members of the "OuR" Team
> 
> -----------------
> Stu Barrett
> e-mail: stu at zilker.net
> Phone: 512-255-6052
> 
> "Out the transceiver, down the coax, through the router, down the
> fiber, off another router, down the T1, past the firewall.....nothing
> but Net."
> 






From jburrell at crl.com  Wed Aug 28 07:29:41 1996
From: jburrell at crl.com (Jason Burrell)
Date: Wed, 28 Aug 1996 22:29:41 +0800
Subject: File System Encryption
In-Reply-To: <199608280536.AAA01510@xanadu.io.com>
Message-ID: <Pine.SUN.3.91.960828042422.29651A-100000@crl.crl.com>


On Wed, 28 Aug 1996, Douglas R. Floyd wrote:

> > I may have to consider this approach. I'll have to look into Ian's system.
> > Does it pass muster with the crypto gods? (that's meant as a compliment
> > guys :)
> 
> It uses IDEA in a decently secure manner, as well as TDES.  You can also
> mount .au files as filesystems, and the data will be hidden in the sound
> file.
> 
> (Last place I remember Ian's loop.c and des patches for Linux was on
> ftp.csua.berkeley.edu, /pub/cypherpunks/<somewhere>)
> 

ftp.csua.berkeley.edu:/pub/cypherpunks/filesystems/linux. 

I haven't looked through the code very hard yet, but I do wonder how the
passphrase and such is stored. If I run losetup and setup
/root/stego_file.au as a filesystem on /dev/loop0, does that get stored
anywhere that isn't secure from non-root processes, or that is kept after
the filesystem is unmounted? I figure the passphrase definately is removed
as soon as the filesystem is unmounted, and that this is stored in
protected kernel memory. 






From Scottauge at aol.com  Wed Aug 28 08:13:32 1996
From: Scottauge at aol.com (Scottauge at aol.com)
Date: Wed, 28 Aug 1996 23:13:32 +0800
Subject: SCO giving free licenses to UNIX OpenServer
Message-ID: <960828080524_511466918@emout19.mail.aol.com>


Hit www.sco.com

Pick What's New

Look for UNIX Unbound.

Read, Understand, and Delight... Microsoft maybe in trouble at last.

This is for single user home based UNIX systems.

Was announced August 19, don't know how long this is to happen.





From anonymous-remailer at shell.portal.com  Wed Aug 28 08:16:23 1996
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 28 Aug 1996 23:16:23 +0800
Subject: Real or Not ?
Message-ID: <199608281157.EAA04520@jobe.shell.portal.com>


I snagged this off a news group this AM.. comments??

A lot of people think that PGP encryption is unbreakable and that the
NSA/FBI/CIA/MJ12 cannot read their mail. This is wrong, and it can be a
deadly mistake. In Idaho, a left-wing activist by the name of Craig Steingold
was arrested  _one day_ before he and others where to stage a protest at
government buildings; the police had a copy of a message sent by Steingold
to another activist, a message which had been encrypted with PGP and sent
through E-mail.

 Since version 2.1, PGP ("Pretty Good Privacy") has been rigged to 
allow the NSA to easily break encoded messages. Early in 1992, the author, 
Paul Zimmerman, was arrested by Government agents. He was told that he 
would be set up for trafficking narcotics unless he complied. The Government 
agency's demands were simple: He was to put a virtually undetectable 
trapdoor, designed by the NSA, into all future releases of PGP, and to
tell no-one.

 After reading this, you may think of using an earlier version of 
PGP. However, any version found on an FTP site or bulletin board has been 
doctored. Only use copies acquired before 1992, and do NOT use a recent 
compiler to compile them. Virtually ALL popular compilers have been 
modified to insert the trapdoor (consisting of a few trivial changes) into 
any version of PGP prior to 2.1. Members of the boards of Novell, Microsoft, 
Borland, AT&T and other companies were persuaded into giving the order for
the modification (each ot these companies' boards contains at least one
Trilateral Commission member or Bilderberg Committee attendant).

 It took the agency more to modify GNU C, but eventually they did it.
The Free Software Foundation was threatened with "an IRS investigation",
in other words, with being forced out of business, unless they complied. The
result is that all versions of GCC on the FTP sites and all versions above 
2.2.3, contain code to modify PGP and insert the trapdoor. Recompiling GCC
with itself will not help; the code is inserted by the compiler into
itself. Recompiling with another compiler may help, as long as the compiler
is older than from 1992.






From gary at systemics.com  Wed Aug 28 08:17:06 1996
From: gary at systemics.com (Gary Howland)
Date: Wed, 28 Aug 1996 23:17:06 +0800
Subject: A _REALLY_ Interesting Bet
In-Reply-To: <199608272002.OAA27298@zifi.genetics.utah.edu>
Message-ID: <322439A4.69D8BD19@systemics.com>


Anonymous wrote:
> 
> Betting on football is one thing, but some of us would be very
> interested in the odds on US presidential election outcomes as
> November approaches. This kind of betting is illegal here, and
> I haven't looked lately for a "Ladbroke's" type site, but it is
> interesting because the betting odds from across the Atlantic
> more closely match eventual election results than the annoying
> calls from Gallup & Roper during suppertime. I have posted here,
> anonymously, on this topic before, but some of you are aware of
> who I am. I'll thank you to keep that a secret. ;}


This is an interesting bet.  Can anyone provide me with a list of
candidates for the election?

Many thanks,

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06





From vipul at pobox.com  Wed Aug 28 08:36:54 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Wed, 28 Aug 1996 23:36:54 +0800
Subject: Spamming (fwd)
Message-ID: <199608260000.AAA00199@fountainhead.net>


Forwarded message:
>From daemon Sun Aug 25 06:35:39 1996
Message-Id: <199605140403.EAA00545 at fountainhead.net>
Subject: Re: Spamming
To: jad at dsddhc.com (John Deters)
Date: Tue, 14 May 1996 04:03:55 +0000 (GMT)
Cc: cypherpunks at toad.com
In-Reply-To: <2.2.32.19960822220224.006a0ff0 at labg30> from "John Deters" at Aug 22, 96 05:02:24 pm
From: Vipul Ved Prakash <vipul at pobox.com>
Reply-To: vipul at pobox.com
X-Organization: Positive Ideas 
Content-Type: text
Sender: owner-cypherpunks at toad.com
Precedence: bulk
X-Status: 

> 
> At 02:55 PM 8/22/96 +0000, Vipul Ved Prakash wrote:
> >> 
> >> At 06:09 PM 8/20/96 -0700, Rich Graves wrote:
> [deleted]
> >>   1. Junkmail requires the SENDER to pay for it, not the recipient.
> >    Internet pricing models are complicated and debatable, but you surely
> >    end up paying for snail-junk-mail. Not directly, but hidden in the high
> >    first-class mail costs. More mail, more infrastructure, higher costs.
> >    This could be quite true for the net also, if we consider bandwidth costs
> >    money.
> 
> I beg to differ.  The USPS considers "junk" mail their bread-and-butter.
> Huge mailings of all manner of bulk mail (especially those that are PostNet
> barcoded by the sender) pay the bills around the Post Office.  Your "more
> mail, more infrastructure, higher costs" argument is flawed.  The post
> office has many fixed costs related to maintaining their huge presence,
> delivering to so many rural addresses.  If we had to pay a per-letter basis
> *discounting* the value provided by the infrastructure already in place
> supporting the bulk-mail handling systems, we'd be paying roughly Federal
> Express 2-day letter rates for each piece of mail (around $6.00, if memory
> serves correctly.)

Alright, I agree. Though this could very easily differ with size and reach 
of a PS.  But on the net it means more bandwidth right? 
Which means more bandwidth, and more money. Hang on. This might not be 
a problem in US (as jim bell points out there is tons of untapped bandwith), 
but it is in other not so well connected countries. 
For example, if somebody spams an Indian Network from india, the
spam goes to US and comes back to india (since our govt sayz you cant connect
2 local networks!) and eats up most of the 20 MBps bandwidth.
Gov't will buy more bandwidth and will make us pay for it!

- Vipul







From shabbir at vtw.org  Wed Aug 28 08:37:58 1996
From: shabbir at vtw.org (Voters Telecommunications Watch)
Date: Wed, 28 Aug 1996 23:37:58 +0800
Subject: ALERT: Sen. Kerry, who voted FOR THE CDA, will be online tonight to chat! (8/28/96)
Message-ID: <199608281215.IAA00261@panix3.panix.com>


============================================================================
__     _________        __
\ \   / /_   _\ \      / /        HELP EDUCATE SENATOR KERRY ONLINE!
 \ \ / /  | |  \ \ /\ / /	AT THE DEMOCRATIC CONVENTION ONLINE CHAT
  \ V /   | |   \ V  V /	    ON AUGUST 28, 1996 -- 4PM CDT/5PM EST
   \_/    |_|    \_/\_/	       

	SENATOR KERRY, WHO VOTED FOR THE COMMUNICATIONS DECENCY ACT, WILL
 	BE ONLINE!  PLEASE ATTEND AND EDUCATE HIM ABOUT SMART NET POLICY!

		DO NOT DISTRIBUTE AFTER SEPTEMBER 1, 1996

----------------------------------------------------------------------------
Table of contents
	What's New
	Why you should join these chats
	Chat schedule
	Getting chat software

----------------------------------------------------------------------------
WHAT'S NEW

Senator John Kerry, who voted in favor of the Communications Decency
Act and who has been dragging his feet on the encryption issue in the
Senate Commerce Committee, is on the Democratic Convention Chat schedule 
for this Wednesday, 4pm CDT (5pm EST).

Like many Senators, John Kerry's views are a combination of his personal
opinions, plus his perception of his constituencies' opinion.  When
he voted IN FAVOR OF THE COMMUNICATIONS DECENCY ACT, he was not listening
to his constituency very well.  The high tech community of Cambridge 
must make him understand that bad Internet policy, like the Communications
Decency Act, can kill this industry, causing us to lose our jobs and the
state to lose a valuable industry.

Although Sen. Kerry shouldn't be let off the hook for voting of the CDA,
he needs to be shown that in hindsight, this was a terrible vote. Hostility
will not change his mind though, so please don't ask questions like,
"Senator, what the heck were you thinking when you voted for this stupid
bill which everyone knew was unconstitutional?"

Questions like these will just cause him to wrap himself in a "protecting
children" speech.  Instead, why not try questions like,

"Senator, don't you think that enough has changed in the past several months
 that would suggest that parents are really the best ones to control their
 kids access to the net?  Would you still vote for the CDA today?"

"Senator, don't you agree laws such as the CDA are really a poor second to
 a little bit of plain old parenting?  If more parents were to learn about
 the net, would there still be a need for the CDA?"

"Senator, I surf the net with my 10-year-old.  I think that's a far better
 cry than the CDA.  What could we do to encourage more parents to take this
 approach, rather than passing laws that harm Massachusetts businesses and
 freedom of speech?"

Know that the urge to flame him for his vote on the CDA will be strong.
It should be, it was a terrible position for someone from such an incredibly
net-savvy state.  No matter how you view politics, it was a poor move.
It angers both the business and public.  Please do not flame him, instead
try to change his mind.

It is imperative that the net community come out and show him this is a 
very serious issue for us, and that we won't forget his position on this.
Remember, the chat is at 4pm CDT, which is 5PM EST.  Please show up
early, as this is likely to be a very full chat.

----------------------------------------------------------------------------
WHY YOU SHOULD JOIN THESE CHATS

The Democratic convention's online chat program has begun!  It's crucial
that Netizens make net concerns a high profile issue in the online chats
this year.  You can do this by showing up and simply asking the right
questions.  Does the candidate think the Communications Decency Act is
an effective method of shielding kids from material online, or parental
control?  Does the candidate support the use of privacy-enhancing 
encryption technology?  Does the candidate support program such as
THOMAS, that put government info in the hands of the people?

If you don't ask these questions, they'll never know we care.

----------------------------------------------------------------------------
CHAT SCHEDULE

[Notably missing from this schedule are Senators Patrick J. Leahy (D-VT) 
 and Russell Feingold (D-WI) and House member Jerrold Nadler (D-NY).  All
 three have impeccable cyberspace credentials and we look forward to seeing
 them online.]

All chats take place at http://ichat.dncc96.org:4080/

Monday
	08/26/96 - 4:20pm CDT Governor Lawton Chiles 
	08/26/96 - 7:15pm CDT House Candidate Michela Alioto 
	08/26/96 - 10:30pm CDT Congressman Bill Richardson 
Tuesday
	08/27/96 - 9:00am CDT Senate Candidate Houston Gordon 
	08/27/96 - 5:00pm CDT Congresswoman Nita Lowey 
Wednesday
	08/28/96 - 9:00am CDT - Senate Candidate Houston Gordon 
	08/28/96 - 10:00am CDT - Governor Gaston Caperton 
	08/28/96 - 3:00pm CDT - Senator John D Rockefeller IV 
---->	08/28/96 - 4:00pm CDT - Senator John Kerry 
	08/28/96 - 4:30pm CDT - Senator Harry Reid 
	08/28/96 - 9:30pm CDT - Representative Corrine Brown 
Thursday
	08/29/96 - 10:30am CDT - Senate Candidate Houston Gordon 
	08/29/96 - 2:30pm CDT - Senator Kent Conrad 
	08/29/96 - 3:30pm CDT - Representative Eliot Engel 
	08/29/96 - 6:00pm CDT - Representative Barney Frank 
	08/29/96 - 7:00pm CDT - Senators Boxer & Murray 

Don't miss this opportunity to question the newsmakers on net issues
such as free speech and privacy!  We have to ensure that they feel 
appreciated for standing up for Net issues.

----------------------------------------------------------------------------
GETTING CHAT SOFTWARE

The Democratic Convention has chosen iChat's chat software for their
interface.  To obtain a copy, simply follow the links from the main
convention homepage at http://www.dncc96.org/ to the software section.

				###
============================================================================





From campbell at c2.org  Wed Aug 28 08:49:31 1996
From: campbell at c2.org (Rick Campbell)
Date: Wed, 28 Aug 1996 23:49:31 +0800
Subject: Microsoft Explorer security hole (fwd) MSoft's reply...
In-Reply-To: <199608280257.TAA25752@scn.org>
Message-ID: <9608281246.AA15630@cfdevx1.lehman.com>


    Date: Tue, 27 Aug 1996 19:57:53 -0700 (PDT)
    From: SCN User <bf578 at scn.org>
    
    BTW: When is this list/listserver going to convert the reply-to fields to 
         point to cypherpunks at toad.com?

Hopefully never.  It's the wrong way for a distribution list to work.

If you personally want replies to just go to the list, then you can
add a reply-to field in your message.  I prefer when people do a
standard `reply all' to reply to me and CC the recipients of my
message.  In that way, I can file messages to a list in a folder while
treating those that are explicitly specially -- I might want to see
them sooner so as to reply sooner.

The distribution list should just distribute messages.  The sender
should determine the addressing.

			Rick





From merriman at amaonline.com  Wed Aug 28 10:08:01 1996
From: merriman at amaonline.com (David K. Merriman)
Date: Thu, 29 Aug 1996 01:08:01 +0800
Subject: AFDA Web Site
Message-ID: <199608281409.HAA19374@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Wed Aug 28 09:08:59 1996
> MEMORANDUM
> 
> SUBJECT:  AFDA Web site, located at:  http://www.afda.org
> 
> In September, the Web site for the Association of Federal Defense
>  Attorneys
> (AFDA) will become password-protected for members only.  Those of you
>  who
> have paid your membership dues for 1996 will be receiving an email
>  message
> containing a User ID and Password, which will be good through December
>  31,
> 1997 -- almost a year and a half of unlimited usage for the small
>  membership

Okay, so are they going to encrypt the email, or should I go ahead and make 
arrangements to steal a message :-)

Dave Merriman

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome, encouraged, and PREFERRED. Visit my web
site at         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
I use Pronto Secure (tm) PGP-fluent Email software for Windows
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMiOcLsVrTvyYOzAZAQG4XAQAnNHZtuU5rB9cttuP4xIJ16N/XO3Ds6+L
k4sS0w0I8+Rm+0Py9kYf3en3I9oPrP8fuQxXefBtlTO9FltWrApSR5otgO1LJtX6
EzYtDcXnXwD7nRZ74efLFktn5DXG4xODIFT0fRWbohZOkukh6ePheWWnOiPc+nFr
e8hXmqO7KWk=
=IfoC
-----END PGP SIGNATURE-----






From merriman at amaonline.com  Wed Aug 28 10:11:58 1996
From: merriman at amaonline.com (David K. Merriman)
Date: Thu, 29 Aug 1996 01:11:58 +0800
Subject: Crypto-related (sort of) Dilbert
Message-ID: <199608281418.HAA19532@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Wed Aug 28 09:17:30 1996
For those that haven't seen it - the Dilbert page has a kind-of 
crypto-related comic at

http://www.unitedmedia.com/comics/dilbert/

Dave Merriman

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome, encouraged, and PREFERRED. Visit my web
site at         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
I use Pronto Secure (tm) PGP-fluent Email software for Windows
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMiOeL8VrTvyYOzAZAQEEIwQAms06+S3+2NGhh18vgC2sHQ7/tOsry5i1
BPAPVo2guBfHMNhtCaof0mie/wsv6mKoESz8HwtRdSZTOLUtGntsS4TQxfEgdkFA
bDJxdC1bathMcgSw2He/pU+KldModPh3BGGzoQjAlkQPyE/15boDJUrZyW2rKphI
wLWekKCd+1w=
=J/2x
-----END PGP SIGNATURE-----






From jseiger at cdt.org  Wed Aug 28 10:58:34 1996
From: jseiger at cdt.org (Jonah Seiger)
Date: Thu, 29 Aug 1996 01:58:34 +0800
Subject: Scoring Politicians on Digital Liberty Issues (Re: Net Politics)
Message-ID: <v02140b01ae49f4f77a33@[204.157.127.4]>


At 9:38 PM 8/27/96, Timothy C. May wrote:
>(I have no idea where the virtual nexus of this debate is taking place...

  [the 'virtual nexus' of this debate is actually on fight-censorship
   <http://www.eff.org/~declan/fight-censorship/>. Somehow it got cross
   posted to c'punks. Though I know it is annoying, I am cc'ing this to
   c'punks but I will keep all further replies to fight-censorship]

>I think it laudable that CDT has chosen to remain in D.C. to "work within
>the system." Personally, I could never stomach doing this.

Thanks. Sometimes I need to throw back a few bottles of Pepto (or something
a little harder), but working in DC is sometimes rewarding and always
exciting.

<...>

>On the specific issue of whether Sen. Leahy is or is not a "friend of the
>Net," to use him as an example here, I suggest a different approach.
>Instead of classifying Leahy as a friend or an enemy, or Burns as a friend
>or an enemy, etc., why not a *ratings system*?

A very solid suggestion.

I think this is a good idea for a lot of reasons, not the least of which is
that it would help define our issues for the Congress, the Administration,
the press, and the rest of the country. Partly because it's true and partly
because we are not as well organized as we could be, the perception of the
net.community on Capitol Hill is of a less-than-unified body politic.

This idea could help to change that attitude if it is done right.

<...>

>The issues for a scorecard might be accumulated on the Net, with inputs
>from CDT, VTW, EFF, Cypherpunks, and other interested groups. It could be
>messy, but perhaps not. Even a *simple* set of principles, picked by almost
>any of these organizations, would likely be enough to get a reasonable
>scoring system...it's not as if we all don't know that Leahy's support for
>the Digital Telephony Bill was a major downcheck--whatever the realpolitik
>issues were--and that his support of Pro-Code is a major upcheck. The value
>of scoring is that it takes out the often-painful issues of classifying
>politicians as "friends" or "enemies."

I remember 2 years ago (I think?) VTW did something like this.  As I
recall, the only issue was Digital Telephony, and every member of Congress
(save 2 or 3) got an F. IMHO, this was not as effective as it could have
been, but it was a good start.  Our issues are much more front-and-center
than they were in 94, so this time around perhaps such and effort will have
more impact.

As far as I know, VTW is gearing up to do this again, though I haven't
spoken to Shabbir about his plans. If he or anyone else is seriously
considering doing this, I am certainly happy to contribute some time and a
few ideas to the effort.

Jonah

  ** THE FIGHT FOR FREE SPEECH ONLINE CONTINUES TO THE SUPREME COURT **
      It's not too late to be a part of history -- Join the Lawsuit
         <http://www.cdt.org/ciec>   --    <ciec-info at cdt.org>

--
Jonah Seiger, Policy Analyst           Center for Democracy and Technology
<jseiger at cdt.org>                           1634 Eye Street NW, Suite 1100
                                                      Washington, DC 20006
PGP Key via finger                                     (v) +1.202.637.9800
http://www.cdt.org/                                    (f) +1.202.637.0968
http://www.cdt.org/homes/jseiger/









From hvdl at sequent.com  Wed Aug 28 11:38:42 1996
From: hvdl at sequent.com (Hans Unicorn Van de Looy)
Date: Thu, 29 Aug 1996 02:38:42 +0800
Subject: Real or Not ?
In-Reply-To: <199608281157.EAA04520@jobe.shell.portal.com>
Message-ID: <9608281505.AA10933@amsqnt.nl.sequent.com>


The one-and-only anonymous-remailer at shell.portal.com once stated:
! I snagged this off a news group this AM.. comments??

[ Part of previous message deleted ]

!  It took the agency more to modify GNU C, but eventually they did it.
! The Free Software Foundation was threatened with "an IRS investigation",
! in other words, with being forced out of business, unless they complied. The
! result is that all versions of GCC on the FTP sites and all versions above 
! 2.2.3, contain code to modify PGP and insert the trapdoor. Recompiling GCC
! with itself will not help; the code is inserted by the compiler into
! itself. Recompiling with another compiler may help, as long as the compiler
! is older than from 1992.

I vote for Bogus,  since it resembles too much a  story from the ancient
days of UNIX.

This story  stated that Ken  Thompson modified  the UNIX CC  compiler to
include  a trapdoor  in  each version  of  (I think  it  was) the  login
program, thus ensuring the placement of a trapdoor enabling him to enter
each  and every  system.   After  that (since  all  compiler passes  are
written in C)  he modified the compiler to include  this code (to modify
the login  program) into the  compiler and compiled the  compiler, after
which he destroyed the original sources.

Hope this story will not become the next "Good Time Virus" story or some
similar hoax...

-- 

GreetZ,
Unicorn.

==== _ __,;;;/ TimeWaster on http://www.IAEhv.nl/users/hvdl ============
  ,;( )_, )~\| Hans "Unicorn" Van de Looy   PGP: ED FE 42 22 95 44 25 D8
 ;; //  `--;   GSM: +31 653 261 368              BD F1 55 AA 04 12 44 54
'= ;\ = | ==== finger hvdl at sequent.com for more info ===================






From ichudov at algebra.com  Wed Aug 28 11:46:52 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Thu, 29 Aug 1996 02:46:52 +0800
Subject: File System Encryption
In-Reply-To: <Pine.SUN.3.91.960828042422.29651A-100000@crl.crl.com>
Message-ID: <199608281505.KAA03928@manifold.algebra.com>


Jason Burrell wrote:
> 
> On Wed, 28 Aug 1996, Douglas R. Floyd wrote:
> 
> > > I may have to consider this approach. I'll have to look into Ian's system.
> > > Does it pass muster with the crypto gods? (that's meant as a compliment
> > > guys :)
> > 
> > It uses IDEA in a decently secure manner, as well as TDES.  You can also
> > mount .au files as filesystems, and the data will be hidden in the sound
> > file.
> > 
> > (Last place I remember Ian's loop.c and des patches for Linux was on
> > ftp.csua.berkeley.edu, /pub/cypherpunks/<somewhere>)
> > 
> 
> ftp.csua.berkeley.edu:/pub/cypherpunks/filesystems/linux. 

Anyone had any luck with ftp.csua.berkeley.edu? My ftp client says
that "client not responding to commands, hanging up".

What is wrong?

igor

> I haven't looked through the code very hard yet, but I do wonder how the
> passphrase and such is stored. If I run losetup and setup
> /root/stego_file.au as a filesystem on /dev/loop0, does that get stored
> anywhere that isn't secure from non-root processes, or that is kept after
> the filesystem is unmounted? I figure the passphrase definately is removed
> as soon as the filesystem is unmounted, and that this is stored in
> protected kernel memory. 
> 



	- Igor.





From ericm at lne.com  Wed Aug 28 11:53:42 1996
From: ericm at lne.com (Eric Murray)
Date: Thu, 29 Aug 1996 02:53:42 +0800
Subject: Real or Not ?
In-Reply-To: <199608281157.EAA04520@jobe.shell.portal.com>
Message-ID: <199608281530.IAA20721@slack.lne.com>


anonymous-remailer at shell.portal.com writes:
> 
> I snagged this off a news group this AM.. comments??

> 
> NSA/FBI/CIA/MJ12...Craig Steingold......Trilateral Commission....
> Bilderberg Committee


Heh.  They forgot the Black Heliocopters manned by agents of
the UN/New World Order, and the Greys from Zeta Reticuli..

It's a hoax, with several clues that it is a hoax in it.

Of course you're welcome to prove me wrong by disassembling
a PGP binary.  Examination of the random numnber generator, IDEA
key setup, or RSA key setup vs what's in the source code
should show if something fishy is going on.


-- 
Eric Murray  ericm at lne.com  ericm at motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF





From ericm at lne.com  Wed Aug 28 12:11:27 1996
From: ericm at lne.com (Eric Murray)
Date: Thu, 29 Aug 1996 03:11:27 +0800
Subject: SCO giving free licenses to UNIX OpenServer
In-Reply-To: <960828080524_511466918@emout19.mail.aol.com>
Message-ID: <199608281537.IAA20774@slack.lne.com>


Scottauge at aol.com writes:
> 
> Hit www.sco.com
> 
> Pick What's New
> 
> Look for UNIX Unbound.
> 
> Read, Understand, and Delight... Microsoft maybe in trouble at last.


I doubt it.  People don't use Microsoft products because
of their quality or functionality.


> This is for single user home based UNIX systems.


Single-user UNIX isn't all that useful.


Linux and FreeBSD are both free, and come with source code.
You can get "commercial" versions of Linux for around $30
(that's on CDROM).  You can get support for Linux, and probably
for FreeBSD.



-- 
Eric Murray  ericm at lne.com  ericm at motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF





From dfloyd at io.com  Wed Aug 28 12:35:46 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Thu, 29 Aug 1996 03:35:46 +0800
Subject: File System Encryption
In-Reply-To: <199608281505.KAA03928@manifold.algebra.com>
Message-ID: <199608281536.KAA07426@bermuda.io.com>


> 
> Jason Burrell wrote:
> > 
> > On Wed, 28 Aug 1996, Douglas R. Floyd wrote:
> > 
> > > > I may have to consider this approach. I'll have to look into Ian's system.
> > > > Does it pass muster with the crypto gods? (that's meant as a compliment
> > > > guys :)
> > > 
> > > It uses IDEA in a decently secure manner, as well as TDES.  You can also
> > > mount .au files as filesystems, and the data will be hidden in the sound
> > > file.
> > > 
> > > (Last place I remember Ian's loop.c and des patches for Linux was on
> > > ftp.csua.berkeley.edu, /pub/cypherpunks/<somewhere>)
> > > 
> > 
> > ftp.csua.berkeley.edu:/pub/cypherpunks/filesystems/linux. 
> 
> Anyone had any luck with ftp.csua.berkeley.edu? My ftp client says
> that "client not responding to commands, hanging up".
> 
> What is wrong?
> 
> igor

Try a mirror.  ftp.funet.fi,
/pub/crypt/mirrors/soda/cypherpunks/filesystems/linux.







From salgak at dcez.nicom.com  Wed Aug 28 12:42:22 1996
From: salgak at dcez.nicom.com (Keith Glass)
Date: Thu, 29 Aug 1996 03:42:22 +0800
Subject: Scoring Politicians on Digital Liberty Issues (Re: Net Politics)
In-Reply-To: <v02140b01ae49f4f77a33@[204.157.127.4]>
Message-ID: <Pine.BSI.3.91.960828120051.16596A-100000@dcez.nicom.com>


On Wed, 28 Aug 1996, Jonah Seiger wrote:

> >or an enemy, etc., why not a *ratings system*?
 
> A very solid suggestion.
 
> This idea could help to change that attitude if it is done right.

Suggestions, based on the successful ratings concept I've seen in 
Virginia elections, and a mainstay of groups like the Borg, excuse me, 
the Christian Coalition <g>

Pick 10-20 issues/votes.  Rate each congresscritter AND THEIR OPPONENTS 
based on "our" stand on the issues. Give a numerical score, based on 
percentage of "correct" positions.

Obvious issues are:

digital telephony   the CDA  Encryption/PRO-CODE  copyright, etc. . .

*   Keith A. Glass, Annandale, Virginia, USA, Filker/punster at large   *
*           "Specialization is for insects"   -  Lazarus Long           *
* Worlds saved, virgins converted, bongos taught - special group rates  *






From gary at systemics.com  Wed Aug 28 12:45:51 1996
From: gary at systemics.com (Gary Howland)
Date: Thu, 29 Aug 1996 03:45:51 +0800
Subject: A _REALLY_ Interesting Bet
In-Reply-To: <199608272002.OAA27298@zifi.genetics.utah.edu>
Message-ID: <32246E57.7D55368C@systemics.com>


Anonymous wrote:
> 
> Betting on football is one thing, but some of us would be very
> interested in the odds on US presidential election outcomes as
> November approaches. This kind of betting is illegal here, and
> I haven't looked lately for a "Ladbroke's" type site, but it is
> interesting because the betting odds from across the Atlantic
> more closely match eventual election results than the annoying
> calls from Gallup & Roper during suppertime. I have posted here,
> anonymously, on this topic before, but some of you are aware of
> who I am. I'll thank you to keep that a secret. ;}

Thinking about this some more - what would people want to see in such a
betting system.  Would you be happy with two choices?:

	(Clinton/Dole) or Other

or three choices?:

	Clinton, Dole or Other

or would you want more choices than this?  I'm asking, since we've been
tossing around this presidential election idea for a few days now, but
since we're not Americans, we're not too sure what is a suitable set
(bearing in mind that our idea for this will get more difficult as the
number of choices increases).

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06





From jfricker at vertexgroup.com  Wed Aug 28 12:51:13 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Thu, 29 Aug 1996 03:51:13 +0800
Subject: [Noise] Re: SCO giving free licenses to UNIX OpenServer
Message-ID: <2.2.32.19960828163200.00707ea8@vertexgroup.com>


Free evaluation is hardly a threat.

"SCO today announced plans to provide a free license
to use its popular UNIX systems, including SCO OpenServer and SCO UnixWare,
to anyone in the world who wants to use them for
educational and non-commercial use to enable the evaluation and
understanding of UNIX systems."

Hmmmmm. I don't even think that could qualify as a threat to Linux let alone
Microsoft.

The rest of "Unix Unbound" reads like an overpriced, underexperienced
marketeer wetdream filled with empowering bold moves, 20 years of this and
60 billion of that. The comparison with AT&T's similar move 25 years ago is
essential market-speak. Any student of posturing should study this. 

At 08:05 AM 8/28/96 -0400, you wrote:
>Hit www.sco.com
>
>Pick What's New
>
>Look for UNIX Unbound.
>
>Read, Understand, and Delight... Microsoft maybe in trouble at last.
>
>This is for single user home based UNIX systems.
>
>Was announced August 19, don't know how long this is to happen.
>






From zachb at netcom.com  Wed Aug 28 13:09:49 1996
From: zachb at netcom.com (Z.B.)
Date: Thu, 29 Aug 1996 04:09:49 +0800
Subject: Real or Not ?
In-Reply-To: <199608281157.EAA04520@jobe.shell.portal.com>
Message-ID: <Pine.3.89.9608280946.A18534-0100000@netcom>


On Wed, 28 Aug 1996 anonymous-remailer at shell.portal.com wrote:

> I snagged this off a news group this AM.. comments??
> 
[snip]
> 
>  Since version 2.1, PGP ("Pretty Good Privacy") has been rigged to 
> allow the NSA to easily break encoded messages. Early in 1992, the author, 
> Paul Zimmerman, was arrested by Government agents. He was told that he 

The author of PGP is PHILLIP Zimmermannm not Paul.

This file has been making the rounds for a few years now...it was first 
posted to one of the humor newsgroups, but pops up every now and then on 
one of the more serious places, like here.  It's bogus.

---

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127







From Adamsc at io-online.com  Wed Aug 28 13:22:09 1996
From: Adamsc at io-online.com (Adamsc)
Date: Thu, 29 Aug 1996 04:22:09 +0800
Subject: File System Encryption
Message-ID: <19960828165105171.AAA175@IO-ONLINE.COM>


On Tue, 27 Aug 1996 09:01:03 -0500 (CDT), Douglas R. Floyd wrote:

>> I'm aware of the three main disk encryption programs SFS, SECDRV, and
>> SECDEV, but I need to find a solution that works with Windows 95 32bit
>> or Windows NT 4.0.
>> 
>> I'm currently using SFS 1.17 and Secure Drive under Win-95, but am
>> unable to continue to work in dos compatability mode due to severe
>> performance hits.  I am open to commercial products that have passed
>> peer review, but know of none.
>> 
>> If anyone could suggest a solution (outside of switching OS's), I
>> would be *most* gratefull.
>> 
>> Please respond to the list, as I am a subscriber under another
>> account.
>
>If you have another 386 or 486 lying around, you could install Linux and
>Ian's encrypted loopback code on a remote box, then NFS or Samba the
>filesystem over.  For protection, you could modify the vlock command to
>lock the console (and not unlock it), and disable inetd.  Then, unless

Better yet, patch some stuff onto a spare power supply cable so that a small
siren would go off on a reboot and then use those security bolts to hold the
case on.  That would probably discourage someone from rebooting off a floppy.

>someone has the permissions to access the files through the network, the
>files are inaccessable ;-).

Neat idea, and a great use for all the linux security patches we've heard
about.

/ If you think education is expensive, try ignorance.
/ Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
/ Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
/ Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
/ Member in good standing of the GNU whirled hors d'oeuvre






From jeremey at veriweb.com  Wed Aug 28 13:42:38 1996
From: jeremey at veriweb.com (Jeremey Barrett)
Date: Thu, 29 Aug 1996 04:42:38 +0800
Subject: SCO giving free licenses to UNIX OpenServer
In-Reply-To: <960828080524_511466918@emout19.mail.aol.com>
Message-ID: <Pine.BSI.3.93.960828095701.26350A-100000@descartes.veriweb.com>


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 28 Aug 1996 Scottauge at aol.com wrote:

> Hit www.sco.com
> 
> Pick What's New
> 
> Look for UNIX Unbound.
> 
> Read, Understand, and Delight... Microsoft maybe in trouble at last.
> 

Oh so carefully worded PR BS:

"It also represents the first time in more than 20 years that the owner of 
UNIX technology has provided the operating system free of charge to the 
public"

Note "owner of UNIX technology"

They make it sound like noone without a multimillion dollar budget could
ever get UNIX before. What a crock.

It's good to see them making it free, but there are far better free
system already IMO (Linux, FreeBSD, etc).

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Jeremey Barrett
Senior Software Engineer                        jeremey at forequest.com
The ForeQuest Company                           http://www.forequest.com/

PGP Key fingerprint =  3B 42 1E D4 4B 17 0D 80  DC 59 6F 59 04 C3 83 64
PGP Public Key: http://www.forequest.com/people/jeremey/pgpkey.html
                
		"less is more."  -- Mies van de Rohe.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMiR7gy/fy+vkqMxNAQFPegP/fDvA1APnMMDvOYh2aI/cXBQZQrkQMnT8
rAIB239qzZVbvFPY3iqNvHMlb3M3j+8BkDm+7QkYi5fepPwKgmMsslQy6HAzdAzX
KKPX38zfrPnqmGsrESSJElyKFXrk76w0NGme0UDPAAvPv3uPFZCueZzY/siHiRLe
2d4IEJCIQ0Q=
=yLBM
-----END PGP SIGNATURE-----






From cmefford at avwashington.com  Wed Aug 28 13:52:21 1996
From: cmefford at avwashington.com (Chip Mefford)
Date: Thu, 29 Aug 1996 04:52:21 +0800
Subject: Real or Not ?
In-Reply-To: <199608281157.EAA04520@jobe.shell.portal.com>
Message-ID: <v03007800ae4a3360faa4@[207.79.65.35]>


>I snagged this off a news group this AM.. comments??
>
>A lot of people think that PGP encryption is unbreakable and that the
>NSA/FBI/CIA/MJ12 cannot read their mail. This is wrong, and it can be a
>deadly mistake. In Idaho, a left-wing activist by the name of Craig Steingold
>was arrested  _one day_ before he and others where to stage a protest at
>government buildings; the police had a copy of a message sent by Steingold
>to another activist, a message which had been encrypted with PGP and sent
>through E-mail.


I suppose this part could be true.
>
> Since version 2.1, PGP ("Pretty Good Privacy") has been rigged to
>allow the NSA to easily break encoded messages. Early in 1992, the author,
>Paul Zimmerman, was arrested by Government agents. He was told that he
>would be set up for trafficking narcotics unless he complied. The Government
>agency's demands were simple: He was to put a virtually undetectable
>trapdoor, designed by the NSA, into all future releases of PGP, and to
>tell no-one.

Phil Zimmerman has been shown to be a person of remarkable personal
integrity and
since he was up on and beat charges of illegally exporting munitions, I
some how find a
lame threat of a frame up for narcotic trafficking as making him cave to
the "shadowy" government
wishes a bit hard to swallow.


>
> snip<
> Members of the boards of Novell, Microsoft,
>Borland, AT&T and other companies were persuaded into giving the order for
>the modification (each ot these companies' boards contains at least one
>Trilateral Commission member or Bilderberg Committee attendant).

Oh yeah, sorry, I forgot that the all powerful TC was behind it all, so of
course its true.

>
> It took the agency more to modify GNU C, but eventually they did it.
>The Free Software Foundation was threatened with "an IRS investigation",
>in other words, with being forced out of business, unless they complied. The
>result is that all versions of GCC on the FTP sites and all versions above
>2.2.3, contain code to modify PGP and insert the trapdoor. Recompiling GCC
>with itself will not help; the code is inserted by the compiler into
>itself. Recompiling with another compiler may help, as long as the compiler
>is older than from 1992.

Somehow, I just don't see the FSF collaborating and caveing to threats.
Also please note that
all of this code under discussion has been and is constantly being reviewed
by some of these here fine folks
and thus far, ain't no one found this often rumored secret back door, but
then again, I am quite sure the TC is behind the coverup.

have a day
in fact,
they're cheap, have 2

chipper









From hua at chromatic.com  Wed Aug 28 13:52:52 1996
From: hua at chromatic.com (Ernest Hua)
Date: Thu, 29 Aug 1996 04:52:52 +0800
Subject: Other nations' bad laws and crypto/GAK ...
Message-ID: <199608281734.KAA29678@ohio.chromatic.com>


A legal concern about GAK ...

What would be the basis for each and every request for GAK keys from
other nations?  What sort of process would decide which purposes are
okay for which to grant access to GAK keys?

What if it is to enforce this new Malaysian law against Karaoke (say,
because someone was importing karaoke equipment to Malaysia)?  It
seems like we should not be supporting other nations' repressive laws.
Is each and every GAK key to be granted to be carefully reviewed for
concerns on national security/foreign policy/repressive law/stupid
law?  If so, then it seems like a huge government beaurocracy will
have to be created just to handle proper review of GAK requests.

Ern

-------- From Nando Times ...

 CONCERNED MALAYSIAN STATE RULES AGAINST KARAOKE
 
 Copyright � 1996 Nando.net
 Copyright � 1996 Reuter Information Service 
 
 KUALA LUMPUR (Aug 28, 1996 10:35 a.m. EDT) - Citing concerns about
 moral decay, the central Malaysian state of Selangor will close all
 illegal video games outlets and karaoke lounges from September 1, the
 national Bernama news agency reported on Wednesday.
 
 Licensed video games arcades will also be closed on expiry of their
 licences while the licensing conditions for karaoke lounges have been
 tightened, Bernama quoted Selangor's Chief Minister Muhammad Muhamad
 Taib as saying.
 
 As in many Asian countries, karaoke has become a popular recreation,
 resulting the mushrooming of lounges in many of Malaysia's
 cities. Officially Moslem Malaysia is vigilant for any erosion of
 moral standards among its youth.
 
  ... [ SNIP ] ...





From unicorn at schloss.li  Wed Aug 28 14:12:23 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Thu, 29 Aug 1996 05:12:23 +0800
Subject: Key Exchange Request
In-Reply-To: <199608280446.AAA01992@spirit.hks.net>
Message-ID: <Pine.SUN.3.94.960828132147.10485A-100000@polaris>



This really does not belong on the list.
We have enough bandwidth problems without unsolicited key blocks being
forwarded to the list.


On Wed, 28 Aug 1996, Michael T. Babcock wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Type Bits/KeyID    Date       User ID
> pub  1280/FA4C5DB1 1996/06/13 Michael T. Babcock <mbabcock at tyenet.com>
>                               Michael T. Babcock <mbabcock at cyberbeach.net>

[...]

> - -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: 2.6.3i
> Comment: http://www.cyberbeach.net/~mbabcock/PGP/
> 
> mQCtAzHAhC8AAAEFAMG+C+yN8q7KDT5TUSdyQNZlDDlTGuF4vUzPEq52lrqx7NAA

[...]

> qd98jWjPf38BgLOldtanlYiYfSBcVIdO
> =N34I
> - -----END PGP PUBLIC KEY BLOCK-----

> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> Comment: Gratis auto-signing service

[...]

> -----END PGP SIGNATURE-----
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From skeeve at skeeve.net  Wed Aug 28 14:12:26 1996
From: skeeve at skeeve.net (Skeeve Stevens)
Date: Thu, 29 Aug 1996 05:12:26 +0800
Subject: DoJ is poking around
Message-ID: <199608281742.DAA30588@heaven.myinternet.net>



Im running a mirror of the DoJ site on http://www.skeeve.net/doj/

It has had some 14000 hits or so since I put it up.. so I installed a stats
package to see where they were coming from...

low and behold!

US Government
wdcsun1.usdoj.gov 
       09:07:07 /doj/ 

wdcsun1.usdoj.gov unknown - [28/Aug/1996:09:07:07 +1000] "GET /doj/ HTTP/1.0" 20
0 8416

also

US Military
palisade.spacecom.af.mil 
       07:21:50 /doj/ 
       08:30:51 /doj/ 


looks like the DoJ have been looking around at the mirrors.. maybe to 
legally hassle people about them....

Well since Im not in the US.. good luck DoJ

anyone else been probed by the Doj?


--------------------------------------------------------------------
Skeeve Stevens                              Email: skeeve at skeeve.net
CEO/The Big Boss/All round nice guy      URL: http://www.skeeve.net/
MyInternet                               Australian Anglicans Online
http://www.myinternet.net/               http://www.anglican.asn.au/
Phone: (+612) 869-3334        Mobile: (0414) SKEEVE [+61414-753-383]
Key fingerprint  =  D2 7E 91 53 19 FE D0 5C  DE 34 EA AF 7A 5C 4D 3E





From dfloyd at io.com  Wed Aug 28 14:17:58 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Thu, 29 Aug 1996 05:17:58 +0800
Subject: Real or Not ?
In-Reply-To: <199608281157.EAA04520@jobe.shell.portal.com>
Message-ID: <199608281655.LAA10957@bermuda.io.com>


[deletia -- PGP being Trojanized since 2.2]

>From what I heard, it was bad key distrubtion and infiltration which did
the person in, rather than pgp being broken.

If PGP was broken, it would be definitely found by now.






From alano at teleport.com  Wed Aug 28 14:25:13 1996
From: alano at teleport.com (Alan Olsen)
Date: Thu, 29 Aug 1996 05:25:13 +0800
Subject: Bullshit or Not ?
Message-ID: <3.0b11.32.19960828102326.00a7a45c@mail.teleport.com>


At 04:57 AM 8/28/96 -0700, anonymous-remailer at shell.portal.com wrote:
>I snagged this off a news group this AM.. comments??
>
>A lot of people think that PGP encryption is unbreakable and that the
>NSA/FBI/CIA/MJ12 cannot read their mail. This is wrong, and it can be a
>deadly mistake. In Idaho, a left-wing activist by the name of Craig Steingold
>was arrested  _one day_ before he and others where to stage a protest at
>government buildings; the police had a copy of a message sent by Steingold
>to another activist, a message which had been encrypted with PGP and sent
>through E-mail.

This is quite bogus.  The first clue is the mention of "Craig Stiengold".  A
variation of "Craig Shergold" a widely known (and misspelled) urban legend.

This has been debunked a number of times.
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From dfloyd at io.com  Wed Aug 28 15:33:51 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Thu, 29 Aug 1996 06:33:51 +0800
Subject: File System Encryption
In-Reply-To: <19960828165105171.AAA175@IO-ONLINE.COM>
Message-ID: <199608281823.NAA14144@bermuda.io.com>


> 
> On Tue, 27 Aug 1996 09:01:03 -0500 (CDT), Douglas R. Floyd wrote:

> 
> Better yet, patch some stuff onto a spare power supply cable so that a small
> siren would go off on a reboot and then use those security bolts to hold the
> case on.  That would probably discourage someone from rebooting off a floppy.

I just unplugged the floppy drive power cable, and disabled it in the
BIOS.  Even if they reboot the box, the drive will be inaccessable... all
they will have is a file called bigrandseed which holds the data in it.

As for case protection, the best thing to do is have a tamper switch which
shuts the box off if opened.

> 
> >someone has the permissions to access the files through the network, the
> >files are inaccessable ;-).
> 
> Neat idea, and a great use for all the linux security patches we've heard
> about.

One thing I think I can use this for is making a "lock box" for holding a
PGP key for signing/decrypting stuff.  Attach a keyboard, and on boot,
have the PGP key decrypted into a RAM drive.  Then, have a key switch on
the case and a wrapper on PGP to detect this.  E-mail what you want
signed, turn the key, and it emails the signed/decoded file back.  Someone
opens the machine, tamper switch turns the box off.  Box off?  Key is now
left in encrypted state, most likely hidden in one of the many sound
files...

Sounds like a nice saturday afternoon project.

OBSecurityAlert:

Have people updated their Sendmail yet?  Another security alert went out
on it yesterday...






From vipul at pobox.com  Wed Aug 28 17:05:52 1996
From: vipul at pobox.com (Vipul Ved Prakash)
Date: Thu, 29 Aug 1996 08:05:52 +0800
Subject: Cypherpunks Home Page
Message-ID: <199608260735.HAA19388@fountainhead.net>



Can't get to the cypherpunks web page. Have been trying for last 
two daz, seems that the WWW server has decided not to respond.

- Vipul
 

-- 

Vipul Ved Prakash                       Voice   91 11 2247802
<vipul at pobox.com>                       Fax     91 11 3328849

Web Development, PERL Scripting, Cognitive Comuting, TCP/IP,
Linux, Cryptography and Internet Security







From Adamsc at io-online.com  Wed Aug 28 17:19:19 1996
From: Adamsc at io-online.com (Adamsc)
Date: Thu, 29 Aug 1996 08:19:19 +0800
Subject: SCO giving free licenses to UNIX OpenServer
Message-ID: <19960828203549890.AAA88@IO-ONLINE.COM>


On Wed, 28 Aug 1996 08:37:26 -0700 (PDT), Eric Murray wrote:

>> Hit www.sco.com

>> Pick What's New
>> 
>> Look for UNIX Unbound.
>> 
>> Read, Understand, and Delight... Microsoft maybe in trouble at last.

>I doubt it.  People don't use Microsoft products because
>of their quality or functionality.

OTOH, it might get people to play around with another alternative to NT.

>> This is for single user home based UNIX systems.


>Single-user UNIX isn't all that useful.


>Linux and FreeBSD are both free, and come with source code.
>You can get "commercial" versions of Linux for around $30
>(that's on CDROM).  You can get support for Linux, and probably
>for FreeBSD.

True.  However, if you have odd-ball hardware (like my RAID controller) it
*will* come with an SCO driver.  I'd have to write my own to use it under
Linux.

/ If you think education is expensive, try ignorance.
/ Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
/ Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
/ Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
/ Member in good standing of the GNU whirled hors d'oeuvre






From jya at pipeline.com  Wed Aug 28 17:25:55 1996
From: jya at pipeline.com (John Young)
Date: Thu, 29 Aug 1996 08:25:55 +0800
Subject: Real or Not ?
Message-ID: <199608281949.TAA19170@pipe2.t2.usa.pipeline.com>


As a vulture investor in pgp.com I heartily endorse Paul's aggressive
cooperation with the Feds. Would not have trusted him with my tax-haven
wealth had he not had the balls to fight the gov to build his rep and then
wisely get in bed for the loving.   
 
 
That's how we gonna leverage PGP's worldwide trust to make lotsa dough like
all the patriotic giants of computer boom-boom-boom -- fake-fight the gov
and betray, betray, betray the stupes.  
 
 
Don't waste your life being a principled, poor outsider. Dive deep into the
shit with the titanic buzzards of the industry. It'll make your drooling
alma mater and yo sweet juicy momma call you a genius.  
 
 
 





From isi at hooked.net  Wed Aug 28 17:31:06 1996
From: isi at hooked.net (Barry C. Collin)
Date: Thu, 29 Aug 1996 08:31:06 +0800
Subject: In reference to comments made to me and to the Group
Message-ID: <3224A412.D05@hooked.net>


This message was in response to comments made by E. Allen Smith on my recent remarks on cyberterrorism.

Dear Mr. Smith:

Thank you for your perspectives.  Save for the irrelevant flaming, I appreciated your taking time.  
Following are my comments.
  
>>Terrorism to CyberTerrorism
>
>>   The face of terrorism is changing. While the motivations remain the
>>   same, we are now facing new and unfamiliar weapons. The intelligence
>>   systems, tactics, security procedures and equipment that were once
>>   expected to protect people, systems, and nations, are powerless
>>   against this new, and very devastating weapon. Moreover, the methods
>>   of counter-terrorism that our world's specialists have honed over the
>>   years are ineffectual against this enemy. Because, this enemy does not
>>   attack us with truckloads of explosives, nor with briefcases of Sarin
>>   gas, nor with dynamite strapped to the bodies of fanatics. This enemy
>>   attacks us with one's and zero's, at a place we are most vulnerable:
>>   the point at which the _physical _and _virtual _worlds converge. Let
>>   us first define theses two domains.
>
>	Ever since the dawn of technological civilization, we've been vulnerable
>to terrorism inflicted by those with technological knowledge and intelligence.
>Ever since someone discovered how to produce poisonous gases, we've been
>vulnerable to attacks such as those in the Japanese subways. Ever since the
>electrification of countries, we've been vulnerable to attacks on power
>production and distribution systems. Ever since most vehicles became
>petroleum-powered, we've been vulnerable to attacks on petroleum production and
>distribution systems. Ever since we found out how to cultivate anthrax, we've
>been vulnerable to any competent bacteriologist.

These are all different tools.  Some are simple to create and deploy, some are not.  While the definition 
of classical terrorism (and its motivations) remain the same, we must study each of these tools separately 
if we are to understand how to detect, prevent, and respond to the threats.

>	All the above is is Information Super-Highway hype.

Thank you for your opinion.

>[...]
>
>>Achieving CyberTerrorist Goals
>
>>   So how does a CyberTerrorist achieve his mission? Like any terrorist,
>>   a CyberTerrorist actively exploits the goals of the target population
>>   in areas in which they take for granted.
>   
>>   There are three potential acts in CyberTerrorism at the point of
>>   convergence:
>>     * 1.Destruction;
>>     * 2.Alteration; and
>>     * 3.Acquisition and retransmission (these are a unit).
>       
>   I would point out that many instances of the last (I would guess you refer to
>the getting and distribution of, say, ITAR-restricted information - you do
>accuse crackers of complicity in "CyberTerrorism" by breaking military
>security) are not, properly speaking, terrorism; they are instead the
>distribution of information that should not be restricted.

You guessed incorrectly; I'm not talking ITAR.  Test yourself:  Can you think of any sensitive or personal 
information, that if exposed or utilized, could cause terror -- or destabilization?  If you can't, you are 
not trying; you should know more than most the value of privacy, whether it be military, corporate, or 
personal.

>One person's
>terrorist is another person's freedom fighter (I'd call both sides in
>Nicaragua's Sandanista-Contra conflict terrorists).

This nifty statement frequently comes from people who've never seen a child blown up, seen people 
disfigured, seen property damaged beyond all recognition.  Perhaps it is a safe place in your office, Mr. 
Smith, behind your terminal judging other's thoughts.  I don't have that luxury.  I've spent more than 
anyone's fair share of time going through rubble, identifying pieces of what were once people, and telling 
their families.

Freedom fighters who kill random and innocent victims are terrorists and cowards.  If you feel otherwise, 
Mr. Smith, perhaps it is time to step out into harm's way, and then perhaps you too will waken in the 
night with the images that haunt me.  *Then* you can talk to me about such matters.  Until then, stick to 
coding.

>   
>[...]
>   
>>Potential CyberTerrorist Acts
>
>[...]
>
>>     * A CyberTerrorist will attack the next generation of air traffic
>>       control systems, and collide two large civilian aircraft. This is
>>       a realistic scenario, since the CyberTerrorist will also crack the
>>       aircraft's in-cockpit sensors. Much of the same can be done to the
>>       rail lines.
>
>	Only a bloody utter idiot would build such systems without enough
>backups to avoid these problems; they could come about through computer bugs
>or component failures as well. Networked systems are notorious for going down
>(see the recent happenings with AOL, for instance); they're _going_ to have
>backups if anyone intelligent is running them. Of course, you may have a point
>with a government-controlled air traffic controller systems.
>	The same can be said of most of your other scenarios.

These require more than once person be involved.  Do not kid yourself, we are not dealing with stupid 
people here.  And bloody utter idiots we have a-plenty -- too many administrators more concerned with 
their balance sheets to provide the tools people like you need to build safe systems.  You'd be surprised 
of the amount of criminally-inadequate systems out there.  That's why it _is_ important that folks like 
you push the envelope to better the systems.  The goal here, Mr. Smith, is to put me out of business, not 
by flames, but by helping to build better systems.  I think we share that goal.

>
>>CyberTerrorists: Who, Where, and Why?
>
>>   The purpose of this paper is to help you understand the threats that
>>   exist, and hopefully, to help you prevent these types of atrocities.
>>   But know this - there are people out there with very different goals,
>>   who are our real threats, and who are, or will be, attacking us. Make
>>   no mistake, _the threats are real, today___.__
>
>	Most people with technical knowledge have a pretty large motivation to
>keep the technical society going. One, the loss of it would make our knowledge
>useless. Two, we have enough contact with technology and science to want it to
>continue - how many neo-Luddite engineers do you know? The Unabomber is the
>main exception... and even he didn't use his main area of knowledge in his
>bombings.

We are not concerned with engineers.  We are concerned with fanatics, and fanatics are fanatics whether 
they are engineers or gardeners.  Do not be so naive to believe that everyone shares the morals you have. 
Mr. Smith, there are people out there who want you dead, and will use all the techniques you pointed out 
above to accomplish their goal.  As I said before, technology is just another tool.


>>   Who are the CyberTerrorists? There a great many poor movies and too
>>   many works of fiction about the hacker and cracker communities. In the
>>   popular media, there recently was the Kevin Mitnick incident, where
>>   one cracker broke into another cracker's systems. This spawned endless
>>   press and at least two best selling books. While this incident
>>   received much attention, the events amounted to meaningless children's
>>   games.
>
>	I'd agree with that, from what I know of the Mitnick incident(s). I'm
>not sure if Shinomura (sp?) should be called a cracker; others with more
>knowledge can comment on this.

Agreed.

   
>>   By and large, the cracker community, based primarily in the United
>>   States, Europe, the Middle East, Asia, and in the nations of the
>>   former Soviet Union, is composed of individuals who see the cracking
>>   process merely as a challenge, a brain teaser, a puzzle. They view
>>   themselves as not only being innocent of any crime, but perhaps even
>>   doing something righteous, something to counter the dark monoliths of
>>   the corporate and government worlds. They believe they are being
>>   persecuted. These individuals believe that what they are doing is not
>>   doing any true damage. At its least harmful, these crackers just look
>>   at information. However, privacy issues and military secrecy can
>>   render such infiltrations acts of terror.
>
>	Often, military secrecy is just an excuse to not allow information
>damaging to governments, etcetera from getting out. With NSC involvement, how
>deeply do you think the Iran-Contra dealings were classified? I would, however,
>agree with you about privacy issues... but governments are far greater threats
>in this regard than all the crackers in the world. Much of the information in
>question would not be around in so many places (such as notoriously accessible 
>government databanks) except for governments gathering information they
>shouldn't have in the first place.

Whether you are right or wrong about what governments have locked away is not in my work area.  As I've 
said, my work is in fanatics, the disenfranchised, etc.  People are people, and some turn rogue.  It 
happens.  And people are purchased.  My work keeps me entrenched in such mire regularly.
> 
>[...]
>  
>>Crackers as Facilitators
>
>[...]
>
>>   Historically, individuals engaged in the practice of terror tended not
>>   to be people working upon a computer 20 hours per day. Terrorists have
>>   not been in the business of tracking the latest holes found in UNIX or
>>   an obscure government telnet opportunity. There _are _people, however,
>>   who are in that business - for illicit as well as good cause. As
>>   stated, just as indigenous people may be turned into soldiers, so can
>>   crackers be turned into CyberTerrorists. Sometimes such a transition
>>   may be motivated by money or prestige. Usually, this transition will
>>   occur without the cracker's cognizance. The potential threat from such
>>   transitions is mind boggling, considering the damage even one
>>   mis-directed cracker can cause.
>
>	The first statement is correct... and is likely to continue to be the
>case. We would appreciate some evidence for such transitions occurring without
>cognizance, or indeed being at all likelyLet me know what you do for a living, and then we can share more.  Not trying to be "spooky", but 
understand that my piece of the world rests in the violent world, and I need to watch my own back.
>   
>>   Further, as young, educated people are brought into the folds of
>>   terrorist groups, this new generation will have the talent to execute
>>   the acts of CyberTerrorism of which we have spoken.
>
>	Unlikely. For state-sponsored terrorism, for instance, countries with
>the motivation for such are also ones that tend to block people from computer
>experience. Getting on the Internet is rather likely to expose the people in
>such countries to information that will destabilize them... including programs
>such as PGP that are restricted by ITAR in the name of (among other things)
>decreasing terrorism.

You might be interested in the number of "students" attending our universities that have solid terrorism 
backgrounds.  The ones I spoke to made their purpose very clear.

>   
>>   We are going to see increasing levels of in-house expertise, and
>>   concomitant exponential increases CyberTerrorism. Unlike other methods
>>   of terrorism, CyberTerrorism is safe and profitable, and difficult to
>>   counter without the right expertise and understanding of the
>>   CyberTerrorist's mind. Combine our increasing vulnerability, with the
>>   explosive increases in the level of violence, and increasing expertise
>>   available inside terrorist organizations through new blood popular
>>   media, there recently was the Kevin Mitnick incident, where one
>>   cracker broke into another cracker's systems. This spawned endless
>>   press and at least two best selling books. While this incident
>>   received much attention, the events amounted to meaningless children's
>>   games.
>
>	You appear not to be making much sense here, but I'll put it down to
>misformatting.

Yes, there is a block of text missing.  If you have any interest, I can resend.

Exactly how is CyberTerrorism profitable? Certainly, it's
>_possible_ for people to be _hired_ to do things that may enable some form of
>terrorism... but that doesn't make the _terrorism_ any more profitable than
>before.It's more profitable since the cost of entry, and continued operations, are less.  In addition, access to 
financial resources (computer crime) is readily available.  And you don't lose someone after they've been 
blown up.

>
>[...]
>
>>   If a computer security advisor states that you, your organization, and
>>   your country are safe behind firewalls, behind a system put into place
>>   by people who have never fought cyberbattles, behind audit trails,
>>   passwords, and encryption, then a great and dangerous fallacy (or
>>   fantasy) is being perpetrated upon you. The only solution is the quick
>>   deployment of a counter-CyberTerrorist - someone who knows what you
>>   are up against today, someone who lives in the world of the people who
>>   are, and will be, attacking - someone who can train the people who
>>   must fight the battles.
>
>	Passwords and encryption can do a very good job of stopping crackers,
>thank you - that's one major concern for which they're developed.It's all in the implementation, Mr. Smith.  You know that.

>Economic and
>other espionage are very much already on the minds of those suggesting using
>firewalls, passwords, and encryption; they're a lot more experienced, when
>the computer community's expertise is summed up, than you are.Again, just because the tools for protection are there, doesn't mean they are properly implemented.  You 
could not possibly be telling me that everything is locked down safely at this point.  Bottom line, if you 
can make it, someone can break it.  Always has been, always will be.

>	In other words, the above just translates into "give us money." Have some idea of what you speak before you speak, Mr. Smith.  We do not accept funding from the private 
or public sector.  We are all volunteers who research high-intensity crime and low-intensity conflict.  
When I am not volunteering, my job is to make sure you can safely send out your emails without getting 
blown away or blown up.

>  
>>Ex Post Facto
>   
>>   An effective auditing system will only inform the target manager that
>>   they have taken a hit; perhaps a fatal hit. By that point, it is too
>>   late. _Now _is the time to take action. Unfortunately, due to this
>>   open nature of this document, specific counter-CyberTerrorism measures
>>   cannot be discussed. Those discussions must be reserved for secured
>>   facilities.
>
>	Nobody disagrees with that auditing isn't the _only_ method needed;
>_everyone_ uses other methods.Watch your generalizations.  You'd better tune in to how bad things really are.

Remember that old saying about prevention and
>cure?
>	Your claim that you can't discuss security in the open is laughable.
>Quite simply, security by obscurity doesn't work; in cryptography, it's one of
>the signs of "silicon snake-oil" - which is what this document looks like in
>any event. First, making a system obscure motivates a lot of people to try to
>find out how it works; intelligent people are curious, and don't like
>unnecessary secrets unless they're authoritarians. Second, the less people
>know about a system, the less people can spot bugs to be _fixed_ in that
>system. I prefer a system that has been tested by as many people as possible,
>thank you, particularly if my life may depend on it.Again, I'm not worried about you at your keyboard clicking away and offering opinions.  There's more to 
this than encryption.  Take off the blinders, Mr. Smith: encyrption is just one little piece of this 
puzzle.  It comes down to psychology, far more than technology.  I appreciate your curiousity, your wish 
for totally open systems.  In a perfect world, or even a sane world, that would be ideal.  I would love 
society to be filled with people like you who believe in improving the state of the art, the pushing of 
the envelope, etc.

But you are not who I deal with every day.  Unfortunately, just because you don't see these folks, doesn't 
mean they are not there.  They are not the ones with cutesy handles and who send messages to usenets and 
such.  It's the people off the radar screen, the one's that know better than to go public.  I've spent way 
too much time with these nutcases, and I assure you, Mr. Smith, they are very real.

>	In other words, go back to the drawing board and find something else to
>try to sound a tocsin over.
>	-AllenOpen up your world, Mr. Smith.  There is a whole parallel universe of garbage that exists with yours.    
Whether or not you believe or understand that is frankly irrelevant to me or my work.  But hopefully this 
will open your eyes to the fact that this is not about evil governments, nor military spookery, nor 
commercialization, nor fear of crackers.  The next time I have to travel to a bomb site, and as I try and 
figure out what cause could justify the death of someone who just happens to be in the wrong place at the 
wrong time, I will not be thinking of you in your office lecturing me on the computer world.

Barry C. Collin
-- 
Institute for Security and Intelligence
A Non-Profit Research Institution
P.O. Box 9877
Stanford, California  94309-9877  USA





From rodger at interramp.com  Wed Aug 28 17:32:21 1996
From: rodger at interramp.com (Will Rodger)
Date: Thu, 29 Aug 1996 08:32:21 +0800
Subject: DoJ is poking around
Message-ID: <1.5.4.32.19960828192508.0067abc4@pop3.interramp.com>


-----BEGIN PGP SIGNED MESSAGE-----

At 03:42 AM 8/29/96 +1000, Skeeve Stevens wrote:
>
>Im running a mirror of the DoJ site on http://www.skeeve.net/doj/
>
>It has had some 14000 hits or so since I put it up.. so I installed a stats
>package to see where they were coming from...
>
>low and behold!
>
>US Government
>wdcsun1.usdoj.gov 
>       09:07:07 /doj/ 
>
>wdcsun1.usdoj.gov unknown - [28/Aug/1996:09:07:07 +1000] "GET /doj/
HTTP/1.0" 20
>0 8416
>
>also
>
>US Military
>palisade.spacecom.af.mil 
>       07:21:50 /doj/ 
>       08:30:51 /doj/ 
>
>
>looks like the DoJ have been looking around at the mirrors.. maybe to 
>legally hassle people about them....
>

Or, just maybe, some DoJ employees wanted to see what folks on the outside
were doing to tweek their bosses:-)? Reminds me of the *thousands* of hits
the "Intel Secrets Page"(http://www.x86.org/) has gotten from users at
intel.com since it went up. True, Intel was considering legal action against
the site, but there's almost no way all those hits are from Mr. Grove's
investigators....

Will Rodger

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMiTHI0cByjT5n+LZAQFObAf9G1fBFETkuWL5mlTmKb2RwLTs/HyTGML7
c8nSdpS+Hsj/I+ofvqUHn07ahulsr+kDLWQmmR3JHFKlT0KCsfydmAn0CvjTVRw+
dyeRTFzxW5fbcmwLBpzmijKllQjoEa7GiM3kUgaGb7MYqssnDoa5YDIA9jYtFvTY
3cKymCiyqNUGWTsskLLAS8zjClIH9q9yF6qq+unY66PyRo44dUGkDH6L1Jd4AOZ6
b/Mgphj3oW59veX/scfxKcLlMAnxvJoLpdlLysJHeU2jhVB/tjRneAxNxZqCTFi8
uVXpPbL568V1xR9uyxmaZbbQqG7+0PgEj+kW5r99zvTZfd0fMd6irA==
=EwSd
-----END PGP SIGNATURE-----






From OSBORRI at msmail.northgrum.com  Wed Aug 28 17:32:44 1996
From: OSBORRI at msmail.northgrum.com (Osborne, Rick)
Date: Thu, 29 Aug 1996 08:32:44 +0800
Subject: Real or Not ?
Message-ID: <3224A9B8@smtpmmp2.northgrum.com>



I think we all know this is fake.  I saw the original web page out there 
(search lycos for "pgp crack" to find it) and it originally had an extra 
line at the end (tactfully ommitted, I see) which said something to the 
effect of "In case you couldn't tell, this is a joke!"

 -oz
 ----------
Subject: Real or Not ?
Date: Wednesday, August 28, 1996 7:57AM

I snagged this off a news group this AM.. comments??

A lot of people think that PGP encryption is unbreakable and that the
[...]





From rah at shipwright.com  Wed Aug 28 17:39:28 1996
From: rah at shipwright.com (Robert Hettinga)
Date: Thu, 29 Aug 1996 08:39:28 +0800
Subject: Reg E changes
Message-ID: <v03007809ae4a16f27053@[206.119.69.46]>



--- begin forwarded text


Mime-Version: 1.0
Date: Wed, 28 Aug 1996 11:21:09 -0700
To: rah at shipwright.com
From: Somebody
Subject: Reg E changes

Bob,

If you have not already done so, please submit a public comment re: the
proposed Reg E changes [Docket No. R-0919]. The deadline is September 7th.
You may want to announce this to other fans of bearer certs. 

Thanks to my friends at the Fed, I am in possession of comments already
submitted. The opposition is trying to get the Fed to not make the proposed
account/non-account based distinction when deciding what is covered under
Reg E, but instead use a $ cap. The logic is that there is an account
anyway, be it on the card (such as the record of the total on a prepaid card
that is used for paying subway fares) or be it at the bank.

We need to make sure that the supporters of non-book entry systems make
their voices heard.

When writing the comment, please include a request to do away with the hard
copy signature requirements for opening accounts. If the Fed gets enough
requests, they will include it in the next round of proposals.



-- Somebody

--- end forwarded text



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"'Bart Bucks' are not legal tender."
                -- Punishment, 100 times on a chalkboard,
                       for Bart Simpson
The e$ Home Page: http://www.vmeng.com/rah/







From wclerke at emirates.net.ae  Wed Aug 28 17:45:17 1996
From: wclerke at emirates.net.ae (Wayne Clerke)
Date: Thu, 29 Aug 1996 08:45:17 +0800
Subject: File System Encryption
Message-ID: <01BB9543.4F6CD2E0@csa088.emirates.net.ae>


The Drifter[SMTP:drifter at c2.net] wrote:
    On Wed, 28 Aug 1996 02:55:20 +0400, Wayne Clerke <wclerke at emirates.net.ae>
    wrote:
    
    >Tried secdev? Edgar Swank (author of secdrv) recently posted
    >that secdev (note, not secdrv) does, in fact, uses 32 bit disk 
    >access with win95. Win95 reports that the secure device is in 
    >compatibility mode, but the host disk (and therefore the secure 
    >volume file) is being accessed in 32 bit (disk) mode. Not sure 
    >what issues there are with '32 bit FILE access' mode here. 
    >
    >Sounds worth a try though. Please post the results if 
    >you try this.
    >
    
    I have actually had Secure File System, Secure Drive, and Secure Device
    all installed with mounted volumes at the same time under Win95.  However,
    32bit file access is not the problem.  When you load a TSR in Win95, the
    operating system forces you into 16bit DOS compatability mode.  I'm not a
    kernal guru so I can't explain all the specifics, but it basically makes
    95 act as Win-3.11 and looses multithreading (as it were) and creates
    serious memory paging problems if you have >32mb installed.

You've got this all wrong. Only certain types of TSRs cause 
this. I'll leave it to an expert and just quote the author of secdrv:

Edgar Swank wrote:
>For those users of Win95 and SecureDrive who are concerned about loss
>of 32-bit disk access, I've recently learned that use of Secure Device
>
>  ftp.demon.co.uk:/pub/ibmpc/secdev/secdev14.arj
>
>instead avoids this requirement. Although the Secure Device virtual
>drive is listed as in compatibility mode, the real drives are not so
>affected.  And since the virtual drive is mapped to a dos file on one
>of the real drives, I believe you get 32-bit phyical drive access
>there as well, although access is still slowed by CPU time necessary
>to encrypt and decrypt.
    
    Thanks for the reply though .. and if you need assitance with getting
    SECDEV working under 95, just drop me a note.

Thanks for the offer ... 

    Drifter

Regards,


EMail: wclerke at emirates.net.ae
PGP key ID: AEB2546D		FP: D663D11E DA19D74F 5032DC7E E001B702
PGP mail welcome.		Voice: +971 506 43 48 53
<a href=mailto:wclerke at emirates.net.ae>Wayne Clerke</a>
If you're not living on the edge, you're taking up too much space.






From jims at MPGN.COM  Wed Aug 28 18:08:45 1996
From: jims at MPGN.COM (James C. Sewell)
Date: Thu, 29 Aug 1996 09:08:45 +0800
Subject: libelous action
Message-ID: <3.0b11.32.19960828165224.006a27ec@central.tansoft.com>

A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 1341 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/19960829/b6053849/attachment.bin>

From youssefy at ucla.edu  Wed Aug 28 18:25:28 1996
From: youssefy at ucla.edu (youssefy at ucla.edu)
Date: Thu, 29 Aug 1996 09:25:28 +0800
Subject: Cypherpunks Lite
Message-ID: <2.2.32.19960828225105.006ccc74@pop.ben2.ucla.edu>


There was a posting by someone about three weeks ago that gave the address
for a person who ran a filtered version of the cypherpunks list, can someone
please repost that information?






From stewarts at ix.netcom.com  Wed Aug 28 18:28:44 1996
From: stewarts at ix.netcom.com (stewarts at ix.netcom.com)
Date: Thu, 29 Aug 1996 09:28:44 +0800
Subject: Today's Dilbert
Message-ID: <199608282111.RAA17084@cbig1.att.att.com>


At 12:12 AM 8/22/96 -0400, you wrote:
>I can't believe nobody mentioned wednesday's dilbert cartoon..

Because we missed it in the papers and were waiting for it to
show up on the web site?

http://www.unitedmedia.com/comics/dilbert/archive/dilbert960821-9577.gif

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From charley at clark.net  Wed Aug 28 18:29:06 1996
From: charley at clark.net (Charley Sparks)
Date: Thu, 29 Aug 1996 09:29:06 +0800
Subject: SCO giving free licenses to UNIX OpenServer
Message-ID: <199608282125.RAA16547@clark.net>


When SCO is as good as Linux with all the free support I'll waste the 
bandwidth or the $15 for the CD





From rich at c2.org  Wed Aug 28 18:53:48 1996
From: rich at c2.org (Rich Graves)
Date: Thu, 29 Aug 1996 09:53:48 +0800
Subject: Scoring Politicians on Digital Liberty Issues (Re: Net Politics)
In-Reply-To: <Pine.BSI.3.91.960828120051.16596A-100000@dcez.nicom.com>
Message-ID: <Pine.GUL.3.95.960828142934.7901C-100000@Networking.Stanford.EDU>


On Wed, 28 Aug 1996, Keith Glass wrote:

> Pick 10-20 issues/votes.  Rate each congresscritter AND THEIR OPPONENTS 
> based on "our" stand on the issues. Give a numerical score, based on 
> percentage of "correct" positions.

I don't think an overall numerical score would be very useful, given the
inevitable squabbling over how to weight different questions. Leahy voted
for DT and against CDA; Burns voted for CDA and against DT. Who is worse?

NOTE: The above is intended as a rhetorical question!

-rich






From hag at ai.mit.edu  Wed Aug 28 18:55:23 1996
From: hag at ai.mit.edu (Daniel Hagerty)
Date: Thu, 29 Aug 1996 09:55:23 +0800
Subject: Real or Not ?
In-Reply-To: <199608281157.EAA04520@jobe.shell.portal.com>
Message-ID: <199608282125.RAA26272@galapas.ai.mit.edu>


 > > It took the agency more to modify GNU C, but eventually they did it.
 > >The Free Software Foundation was threatened with "an IRS investigation",
 > >in other words, with being forced out of business, unless they complied. The
 > >result is that all versions of GCC on the FTP sites and all versions above
 > >2.2.3, contain code to modify PGP and insert the trapdoor. Recompiling GCC
 > >with itself will not help; the code is inserted by the compiler into
 > >itself. Recompiling with another compiler may help, as long as the compiler
 > >is older than from 1992.

    Umm, no.  I work for the Foundation in my copious free time.  This
has never happened.  And I just asked Richard about it to be sure.  He
was amused.
    It would be *very* difficult to pass this by anyone.  People at
FSF diff the source code a lot, and we're far from the only ones.





From moroni at scranton.com  Wed Aug 28 19:21:38 1996
From: moroni at scranton.com (Moroni)
Date: Thu, 29 Aug 1996 10:21:38 +0800
Subject: stego virus
Message-ID: <Pine.LNX.3.95.960828195159.3614A-100000@user1.scranton.com>


   If a virus is embedded into a giff ,is it executed when the giff is or
does it require the usual overwriting etc methods to execute it?
                      TIA






From llurch at networking.stanford.edu  Wed Aug 28 19:39:02 1996
From: llurch at networking.stanford.edu (Richard Charles Graves)
Date: Thu, 29 Aug 1996 10:39:02 +0800
Subject: There is no Agent Toby Tyler at the FBI [UK Observer Story]
Message-ID: <199608282217.PAA08317@Networking.Stanford.EDU>


...two different sources, both of whom are anonymous because they work for
competing newspapers, tell me.

Could someone else with contacts/time to kill/attributability please confirm
this?

Kinda puts a dent in the whole story, don't you think.

-rich





From cminter at mipos2.intel.com  Wed Aug 28 19:55:27 1996
From: cminter at mipos2.intel.com (Corey Minter)
Date: Thu, 29 Aug 1996 10:55:27 +0800
Subject: DoJ is poking around
Message-ID: <199608290016.RAA26240@zws379.sc.intel.com>


Forwarded message:
> >looks like the DoJ have been looking around at the mirrors.. maybe to
> >legally hassle people about them....
> 
> Or, just maybe, some DoJ employees wanted to see what folks on the outside
> were doing to tweek their bosses:-)? Reminds me of the *thousands* of hits
> the "Intel Secrets Page"(http://www.x86.org/) has gotten from users at
> intel.com 

exactly.  watch out, some DoJ revisionist might get into your mirror
site and get you back for trying to keep a history of the incident :).
well... maybe not.

-- 
______________________________________________________________________
Corey Minter | cminter at mipos2.intel.com 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I wish I had a dollar for every time I spent a dollar, because then,
Yahoo!, I'd have all my money back.  --Jack Handy





From stewarts at ix.netcom.com  Wed Aug 28 20:33:22 1996
From: stewarts at ix.netcom.com (stewarts at ix.netcom.com)
Date: Thu, 29 Aug 1996 11:33:22 +0800
Subject: Mimic Function Stego Programs?
Message-ID: <199608282111.RAA17052@cbig1.att.att.com>


Does anybody have a stego program along the lines of Peter Wayner's
Mimic Functions?  I'm looking for something that you can hand a grammar
and a set of bits that will produce sentences in the grammar,
plus a decoder that can take the sentences and reconstruct the bits.
I have a friend who lives in a kleptocratic country where the local
bureaucrats have made it clear they'll confiscate the main email node
in his town if they catch traffic they recognize as encrypted,
and text in some non-popular language may be less obvious than, say,
Mandelbrot sets with stego-bits or other artwork.


-----
PHB would work ok...
http://www.unitedmedia.com/comics/dilbert/archive/dilbert960821-9577.gif
-----


#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From Adamsc at io-online.com  Wed Aug 28 20:33:41 1996
From: Adamsc at io-online.com (Adamsc)
Date: Thu, 29 Aug 1996 11:33:41 +0800
Subject: Edited Edupage, 18 Aug 1996 [SATELLITES]
Message-ID: <19960828221039187.AAA43@IO-ONLINE.COM>


On Tue, 27 Aug 1996 15:46:13 -0500 (CDT), Igor Chudov @ home wrote:

>> >I'd worry far more about the stresses of launch bothering
>> >the drives.
>> 
>> That's not a problem at all.  Most modern drives are rated for 10's 
>> of G's, non-operating.  Satellite launches are probably a breeze 
>> compared to this.

>I remember reading that Russian satellite launches with people aboard
>had acceleration of about 9-10G.

Since when do satellites have people on board? (Or was this some new way of
silencing politcal prisoners?)

/ If you think education is expensive, try ignorance.
/ Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
/ Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
/ Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
/ Member in good standing of the GNU whirled hors d'oeuvre






From declan at eff.org  Wed Aug 28 20:36:28 1996
From: declan at eff.org (Declan McCullagh)
Date: Thu, 29 Aug 1996 11:36:28 +0800
Subject: Real or Not ?
In-Reply-To: <199608281530.IAA20721@slack.lne.com>
Message-ID: <Pine.SUN.3.91.960828150721.9155B-100000@eff.org>


On Wed, 28 Aug 1996, Eric Murray wrote:

> Heh.  They forgot the Black Heliocopters manned by agents of
> the UN/New World Order, and the Greys from Zeta Reticuli..
> 
> It's a hoax, with several clues that it is a hoax in it.
> 
> Of course you're welcome to prove me wrong by disassembling
> a PGP binary.  Examination of the random numnber generator, IDEA
> key setup, or RSA key setup vs what's in the source code
> should show if something fishy is going on.

Unless of course the program you're using to view the disassembled 
instructions has also been altered by the TriLats. And make sure you use 
any pre-1992 compiler on a pre-1992 operating system on a computer that's 
not hooked up to the Net or even located where NSA agents can get to it.

"Steingold" was a nice touch.

-Declan


// declan at eff.org // I do not represent the EFF // declan at well.com //







From unicorn at schloss.li  Wed Aug 28 20:46:36 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Thu, 29 Aug 1996 11:46:36 +0800
Subject: A _REALLY_ Interesting Bet
In-Reply-To: <32246E57.7D55368C@systemics.com>
Message-ID: <Pine.SUN.3.94.960828175406.25479A-100000@polaris>


On Wed, 28 Aug 1996, Gary Howland wrote:

> Anonymous wrote:
> > 
> > Betting on football is one thing, but some of us would be very
> > interested in the odds on US presidential election outcomes as
> > November approaches. This kind of betting is illegal here, and
> > I haven't looked lately for a "Ladbroke's" type site, but it is
> > interesting because the betting odds from across the Atlantic
> > more closely match eventual election results than the annoying
> > calls from Gallup & Roper during suppertime. I have posted here,
> > anonymously, on this topic before, but some of you are aware of
> > who I am. I'll thank you to keep that a secret. ;}
> 
> Thinking about this some more - what would people want to see in such a
> betting system.  Would you be happy with two choices?:
> 
> 	(Clinton/Dole) or Other
> 
> or three choices?:
> 
> 	Clinton, Dole or Other
> 
> or would you want more choices than this?  I'm asking, since we've been
> tossing around this presidential election idea for a few days now, but
> since we're not Americans, we're not too sure what is a suitable set
> (bearing in mind that our idea for this will get more difficult as the
> number of choices increases).

Are these issues not listed currently on the IDEA FUTURES exchange?

Anyone have the URL?

> 
> Gary
> --
> pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
> Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From EALLENSMITH at ocelot.Rutgers.EDU  Wed Aug 28 20:49:36 1996
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 29 Aug 1996 11:49:36 +0800
Subject: (flatulence): Reply-to loops
Message-ID: <01I8TLQPNVKG9JDG1J@mbcl.rutgers.edu>


From:	IN%"rah at shipwright.com"  "Robert Hettinga" 28-AUG-1996 02:44:31.09

>We don't do it because of reply-to loops.

>Only idiots, or charitably, those with very low traffic, run their mail
>lists any other way.

>Accidentally sending private e-mail to the list is bad enough without
>bringing the listserver to its knees...

	Umm... only one other list I'm on does reply-to to something other than
the list, and some of those lists are running majordomo. Reply-to to the list
doesn't have to cause problems; only a few domains (compuserve.com, wow.com,
and one other that I can't remember offhand) cause error problems to reply-to
addresses. The point about low volume mailing lists vs high volume ones is,
however, a good point; the other list with reply-to to other than the list
that I'm on is one designed for low traffic.
	-Allen





From kooltek at iol.ie  Wed Aug 28 21:02:28 1996
From: kooltek at iol.ie (Hack Watch News)
Date: Thu, 29 Aug 1996 12:02:28 +0800
Subject: stego virus
In-Reply-To: <Pine.LNX.3.95.960828195159.3614A-100000@user1.scranton.com>
Message-ID: <Pine.sol.3.90.960829020001.746C-100000@joyce.iol.ie>


On Wed, 28 Aug 1996, Moroni wrote:

>    If a virus is embedded into a giff ,is it executed when the giff is or
> does it require the usual overwriting etc methods to execute it?
>                       

The GIF would contain the operational data and the viewer would contain 
the engine. Both would be inert until mixed just like binary nerve 
gasses. The problem would be detecting the data in the GIF or indeed any 
other form of file. Theoretically it could even be part of a text file 
using the high bits.

Regards...jmcc 





From root at HellSpawn  Wed Aug 28 21:14:02 1996
From: root at HellSpawn (Damien Lucifer)
Date: Thu, 29 Aug 1996 12:14:02 +0800
Subject: Mimic Function Stego Programs?
In-Reply-To: <199608282111.RAA17052@cbig1.att.att.com>
Message-ID: <Pine.LNX.3.91.960828213126.4972A-100000@HellSpawn>


On Wed, 28 Aug 1996 stewarts at ix.netcom.com wrote:

> Mimic Functions?  I'm looking for something that you can hand a grammar
> and a set of bits that will produce sentences in the grammar,
> plus a decoder that can take the sentences and reconstruct the bits.


I think Texto is what you are looking for, and it is available from the 
cypherpunks archive in the steganography directory. If you can't find it, 
drop me a private note and I'll mail it to you...

A quick outline of its function:

It uses a file full of Mad-Lib type sentence blanks, and a dictionary 
full of words arranged by type (person, place, thing, verb, etc). 
There are 64 words of each type which correspond to the 64 ascii symbols 
used in pgp ascii armor, or alternately, the 64 symbols used by standard 
uuencode.

The sentence structures look like:

The _THING _VERBs to the _PLACE.

It selects an appropriate word type for the particular blank it needs to 
fill, and inserts the word corresponding to the symbol in the data to be 
hidden.

Extracting the data from the resulting text is pretty straightforward:
All words that don't appear in the dictionary file are discarded. The 
words that remain are mapped back to their corresponding sybols. 

You can expect your data to grow to 10 times its original size in the 
process of steg'ing, and you'll have to ascii armor or uuencode the data 
before it can be stegged by this program, but its clever, and might fool 
a simple filter-bot or other program, although its doubtful it would ever 
fool a person. 



ciao






From unicorn at schloss.li  Wed Aug 28 21:37:18 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Thu, 29 Aug 1996 12:37:18 +0800
Subject: libelous action
In-Reply-To: <3.0b11.32.19960828165224.006a27ec@central.tansoft.com>
Message-ID: <Pine.SUN.3.94.960828175519.25479B-100000@polaris>


On Wed, 28 Aug 1996, James C. Sewell wrote:

> At 02:57 AM 8/27/96 -0400, Black Unicorn wrote:
> 
> >I would remind you that each and every sale you make of this product, when
> 
> >based on material misrepresentation, constitutes a fraud.  If made by
> 
> >wire, as these sales seem they may, they represent wire fraud.  That's one
> 
> >count of fraud and one count of wire fraud.  If a check is sent to you via
> 
> >mail, that's a count of mail fraud to boot.
> 
> >
> 
> 
>  Wow, imagine what would happen if a bunch of "in-the-know" folks bought
> 
> a product like this under the claims to strong crypto and then found out 
> 
> they were fooled!  With charges like these a guy could get into real trouble.
> 
> 
>  I sure hope Mr. Holt isn't personally accountable.  He sounds like a
> 
> real swell guy.  It would be a shame for him to go to prison for what is
> 
> obviously his misunderstanding of what is cryptographically strong and 
> 
> what is a pitiful excuse for a product.

This would depend on whether Mr. Holt had made a reasonable assessment of
the claims made by the author of the product before claiming that the
product was exceptional or "unbreakable."

I might note that the FTC is showing increased interest in cryptography
products and the claims of their marketers.

> 
> 
>   Of course I've never seen his product so I don't know which category it 
> 
> falls into, but it would be a shame.
> 
> 
> Disclaimer:  I may or may not be serious.  I have made no direct claims
> 
>              so whose to say what my intentions are in posting this ;\)
> 
> 
> 
> 
>   Jim Sewell - Programmer               Tantalus Inc.
> 
>      jims at tansoft.com               Key West, FL  33040
> 
>   Amateur Radio:  KD4CKQ            801 Eisenhower Drive
> 
>   Compu$erve: 71061,1027         Multi-player computer games
> 
> 
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From markm at voicenet.com  Wed Aug 28 21:41:20 1996
From: markm at voicenet.com (Mark M.)
Date: Thu, 29 Aug 1996 12:41:20 +0800
Subject: File System Encryption
In-Reply-To: <199608281536.KAA07426@bermuda.io.com>
Message-ID: <Pine.LNX.3.95.960828183758.773A-100000@gak>


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 28 Aug 1996, Douglas R. Floyd wrote:

> Try a mirror.  ftp.funet.fi,
> /pub/crypt/mirrors/soda/cypherpunks/filesystems/linux.

Unfortunately, funet is down also.  csclub.uwaterloo.ca/pub/linux-stego seems
to work right now.

- -- Mark

PGP encrypted mail prefered.
Key fingerprint = d61734f2800486ae6f79bfeb70f95348
http://www.voicenet.com/~markm/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQEVAwUBMiTKpizIPc7jvyFpAQHIfAgAzHhGF4Krei/QeaOL85TyqfMQVvCcCLsM
qs+3y2NqTSzoNAq4loV3B4foWSL6UsVjzNYVCVKnDZHC48FAA1uS1yNuW/k/Jx8c
2/2BEd4kkCDOqIT5dqg+EhQWGoJgKw265OP9YrmAOux+DWjznPXeiUsZYRtPKGFG
CKrt7Om9Knz3Gb0Yli8gYBZahtXfN6/lmfyViCmYvbc5INOupVfL+X4koxQRoVAe
f5uwiknaVaDYf5kc/Hr/xO1/UZvVXofJTInkdqP/D4ThCaCoH6m5c4TvMJBhU/3M
pTXYL6iU/lpa1bVfF1jmgilzsufJo0GmDtjdx2toKETBycaSOyQmDg==
=LecO
-----END PGP SIGNATURE-----






From tcmay at got.net  Wed Aug 28 21:45:49 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 29 Aug 1996 12:45:49 +0800
Subject: stego virus
Message-ID: <ae4a444102021004477c@[205.199.118.202]>


At 11:56 PM 8/28/96, Moroni wrote:
>   If a virus is embedded into a giff ,is it executed when the giff is or
>does it require the usual overwriting etc methods to execute it?
>                      TIA

The virus is activated when the GIF is _viewed_.

The viewing of the GIF activates the cerebro-visual processing centers of
the brain, activating the ancient Sumerian meme complex. I assume, of
course, you are referring to the deadly Snow Crash Good Times virus.

If infected, the only solution is to unsubscribe from the Cypherpunks list
before others are similarly infected.

Hey, Moroni, we've missed your particular slant these last few months.

--Klaus

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From remailer at cypherpunks.ca  Wed Aug 28 21:47:57 1996
From: remailer at cypherpunks.ca (John Anonymous MacDonald)
Date: Thu, 29 Aug 1996 12:47:57 +0800
Subject: Not PGP, PGPfone!
In-Reply-To: <199608281157.EAA04520@jobe.shell.portal.com>
Message-ID: <199608290102.SAA07316@abraham.cs.berkeley.edu>


>  Since version 2.1, PGP ("Pretty Good Privacy") has been rigged to 
> allow the NSA to easily break encoded messages. Early in 1992, the author, 
> Paul Zimmerman, was arrested by Government agents. He was told that he 
> would be set up for trafficking narcotics unless he complied. The Government 
> agency's demands were simple: He was to put a virtually undetectable 
> trapdoor, designed by the NSA, into all future releases of PGP, and to
> tell no-one.

This is wrong, and easily disproven.  There was no way to put a trap
door in PGP because the source code was made publically available.
Modifying every C compiler in the world is just not realistic.

However, the situation has become considerably different with PGPfone.
Source code to PGPfone is kept extremely secret.  A few outsiders may
be given the source to review, but they will not be allowed to compile
and distribute it.  Only binaries of PGPfone compiled by the authors
will be available.  Some interesting portions of the program have even
been intentionally obfuscated to make them extremely difficult to
disassemble and analyze.

With PGPfone, a back would be considerably easier to install...





From backdraft at earthlink.net  Wed Aug 28 21:53:33 1996
From: backdraft at earthlink.net (Back Draft)
Date: Thu, 29 Aug 1996 12:53:33 +0800
Subject: desubscribe
Message-ID: <v01530500ae4aadf67f28@[206.149.196.100]>


I would like you to desubscribe me from you mailing list







From jfricker at vertexgroup.com  Wed Aug 28 22:30:52 1996
From: jfricker at vertexgroup.com (John F. Fricker)
Date: Thu, 29 Aug 1996 13:30:52 +0800
Subject: [NOISE]Re: stego virus aka Intro to Computers 101
Message-ID: <2.2.32.19960829025715.006ae4c0@vertexgroup.com>


trying not to be technical

Excecuting a program involves putting commands into the CPU. Move data such
as a GIF or a JPEG is not anywhere near the same.

GIF, JPEGs, TIFFs, WAVs, AUs, MPEGs are data. Not executables.

At 07:56 PM 8/28/96 -0400, you wrote:
>   If a virus is embedded into a giff ,is it executed when the giff is or
>does it require the usual overwriting etc methods to execute it?
>                      TIA
>
>






From jim at ACM.ORG  Wed Aug 28 22:38:44 1996
From: jim at ACM.ORG (Jim Gillogly)
Date: Thu, 29 Aug 1996 13:38:44 +0800
Subject: A _REALLY_ Interesting Bet
In-Reply-To: <Pine.SUN.3.94.960828175406.25479A-100000@polaris>
Message-ID: <199608290229.TAA10523@mycroft.rand.org>



Black Unicorn <unicorn at schloss.li> writes:
>Are these issues not listed currently on the IDEA FUTURES exchange?

>Anyone have the URL?

Idea Futures is dead, and the torch has passed to Foresight Exchange (FX),
which is at http://www.ideosphere.com/ideosphere/ .  You can bet on a number
of political issues (US and other), though not (yet) for real money.

Bill Clinton re-elected last sold at 89 (out of 100), and
Dole beats Clinton      last sold at 15.

This doesn't track the polls, which typically ask who the potential voter
would vote for rather than who they think will win the election.
Other issues:

Percentage of popular vote to Dem candidate: 47
"               "             Rep    "     : 44
"               "             Other  "     : 12

Note that there may be an opportunity for arbitrage when numbers don't add
up to 100; but I'm simplifying, since there are separate buy and sell bids.

Third party candidate gets the most votes  :  4
Clinton landslide                            20
Dole landslide                                4
Democrats retake the House in 96             45
Democrats retake the Senate in 96            30
Percent electoral votes to Democrats         70
President without popular majority           55
Clinton resigns or impeached by end of 96     1

And so on...

	Jim Gillogly
	Hevensday, 7 Halimath S.R. 1996, 02:29





From tcmay at got.net  Wed Aug 28 22:45:40 1996
From: tcmay at got.net (Timothy C. May)
Date: Thu, 29 Aug 1996 13:45:40 +0800
Subject: Real or Not ?
Message-ID: <ae4a4d480302100466a2@[205.199.118.202]>


At 10:09 PM 8/28/96, Declan McCullagh wrote:
>On Wed, 28 Aug 1996, Eric Murray wrote:
>
>> Heh.  They forgot the Black Heliocopters manned by agents of
>> the UN/New World Order, and the Greys from Zeta Reticuli..
>>
>> It's a hoax, with several clues that it is a hoax in it.
>>
>> Of course you're welcome to prove me wrong by disassembling
>> a PGP binary.  Examination of the random numnber generator, IDEA
>> key setup, or RSA key setup vs what's in the source code
>> should show if something fishy is going on.
>
>Unless of course the program you're using to view the disassembled
>instructions has also been altered by the TriLats. And make sure you use
>any pre-1992 compiler on a pre-1992 operating system on a computer that's
>not hooked up to the Net or even located where NSA agents can get to it.

Ha! You think a pre-1992 compiler and OS wil fix this? What about the processor?

I can assure you, as a longterm Intel employee during these formative
years, that Intel was pressured into including the famous "NSA
instructions" into the 8080, in 1974. These instructions are well-known,
and the Cray had them as well.

Inasmuch as the 8080 instructions live on in every x86 processor--like the
reptilian brain inside all of us--this gives the NSA instant access to all
contents of the processor.

This is why I use a Mac, of course.

--Perry Noyd

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From declan at eff.org  Wed Aug 28 22:46:29 1996
From: declan at eff.org (Declan McCullagh)
Date: Thu, 29 Aug 1996 13:46:29 +0800
Subject: NSF yanks Iran's Internet connection, from HotWired
Message-ID: <Pine.SUN.3.91.960828201016.9155O-100000@eff.org>




---------- Forwarded message ----------
Date: Wed, 28 Aug 1996 20:08:06 -0700 (PDT)
From: Declan McCullagh <declan at eff.org>
To: fight-censorship at vorlon.mit.edu
Subject: NSF yanks Iran's Internet connection, from HotWired

Attached is my column on the NSF and Iran. After I filed it, I received an
unconfirmed note from the NSF saying that they removed the restriction in
response to my calls earlier today. I'll verify tomorrow. 

I have some original documents on the Iran sanctions law and executive 
order at:
  http://www.eff.org/~declan/global/

-Declan


// declan at eff.org // I do not represent the EFF // declan at well.com //



http://www.netizen.com/netizen/96/35/special3a.html

HotWired
The Netizen

Banning Iran
by Declan McCullagh (declan at well.com)
Washington, DC, 28 August
   

   The US government has quietly pulled the plug on Iran's Internet
   connection. The catch? No one gave it permission.
   
   Earlier this month, a National Science Foundation official blocked
   crucial international links to Iran, apparently in response to an Iran
   and Libya Sanctions Act that became law on 5 August. The move prevents
   people in the United States from connecting to Iranian computers by
   cutting off access to the country's only permanent Net connection - a
   single, achingly slow 9600 bps modem.
   
   The link joins the Internet at Austria's Vienna University, which
   received a letter from an NSF employee - who the foundation claims
   acted without authority - asking their network gurus to cease
   forwarding Iranian data to American networks. The NSF employee, Steve
   Goldstein, told the university that the United States embargoed such
   exchanges with Iran.
   
   From Austria, packets travel across the Atlantic through links funded
   in part by US taxpayers, which Goldstein claims gives the NSF control
   over them. Goldstein works in the agency's Networking and
   Communications Research and Infrastructure division.
   
   The NSF's action, however, tramples on the First Amendment. The
   Supreme Court has upheld the right of Americans to receive a wide
   range of information from abroad. An existing executive order
   explicitly allows the import and export of Iranian informational
   materials regardless of medium of transmission, according to Solveig
   Bernstein, a lawyer with the Cato Institute. "Congress intended any
   sanctions the president took to be directed at money and weapons
   production, not communications," she said.
   
   The NSF isn't accepting responsibility. The agency claims Goldstein
   acted on his own volition. Although Goldstein declined comment, the
   agency's lawyers say he was not authorized to block the line. "We were
   not asked by Dr. Goldstein for any opinions, so I'm not sure on what
   basis we're doing it," said John Chester, NSF legal counsel. Other NSF
   officials did not return repeated phone calls.
   
   Many Iranians in the United States are outraged at losing access to
   friends, family, and educational links in Iran. Farhad Shakeri, a
   software engineer at Stanford University who operates the Iranian
   Cultural and Information Center, says: "Lots of people in Iran are
   confused. They can't talk to any university in the world.... We just
   want the problem fixed." Anoosh Hosseini, a webmaster at the Global
   Publishing Group, says: "It affects me as a person. I want to visit my
   cousin's homepage, and my brother's homepage. The University of Texas
   has a Middle Eastern research center, but now they can't research Iran
   [on the Net]."

###






From qut at netcom.com  Wed Aug 28 23:07:22 1996
From: qut at netcom.com (Dave Harman OBC)
Date: Thu, 29 Aug 1996 14:07:22 +0800
Subject: Real or Not ?
In-Reply-To: <199608281157.EAA04520@jobe.shell.portal.com>
Message-ID: <199608290321.UAA15144@netcom.netcom.com>


! I snagged this off a news group this AM.. comments??
! 
! A lot of people think that PGP encryption is unbreakable and that the
! NSA/FBI/CIA/MJ12 cannot read their mail. This is wrong, and it can be a
! deadly mistake. In Idaho, a left-wing activist by the name of Craig Steingold
! was arrested  _one day_ before he and others where to stage a protest at
! government buildings; the police had a copy of a message sent by Steingold
! to another activist, a message which had been encrypted with PGP and sent
! through E-mail.
! 
!  Since version 2.1, PGP ("Pretty Good Privacy") has been rigged to 
! allow the NSA to easily break encoded messages. Early in 1992, the author, 
! Paul Zimmerman, was arrested by Government agents. He was told that he 
! would be set up for trafficking narcotics unless he complied. The Government 
! agency's demands were simple: He was to put a virtually undetectable 
! trapdoor, designed by the NSA, into all future releases of PGP, and to
! tell no-one.
! 
!  After reading this, you may think of using an earlier version of 
! PGP. However, any version found on an FTP site or bulletin board has been 
! doctored. Only use copies acquired before 1992, and do NOT use a recent 
! compiler to compile them. Virtually ALL popular compilers have been 
! modified to insert the trapdoor (consisting of a few trivial changes) into 
! any version of PGP prior to 2.1. Members of the boards of Novell, Microsoft, 
! Borland, AT&T and other companies were persuaded into giving the order for
! the modification (each ot these companies' boards contains at least one
! Trilateral Commission member or Bilderberg Committee attendant).

The only true part in this hoax is the extent of corporate and political 
membership in international capitalist organizations like the Council of 
Foreign Relations, Trilateral Commission, Bilderbergers, and hundreds of 
other redundent alike organizations dedicated to making the whole world 
the same.

!  It took the agency more to modify GNU C, but eventually they did it.
! The Free Software Foundation was threatened with "an IRS investigation",
! in other words, with being forced out of business, unless they complied. The
! result is that all versions of GCC on the FTP sites and all versions above 
! 2.2.3, contain code to modify PGP and insert the trapdoor. Recompiling GCC
! with itself will not help; the code is inserted by the compiler into
! itself. Recompiling with another compiler may help, as long as the compiler
! is older than from 1992.

This identical post was included in an issue of Phrack about three or four 
years ago.  So this bogus post is already pretty old.  With all the real 
creepy stuff happening in the world, who needs to make up lies?





From Adamsc at io-online.com  Wed Aug 28 23:09:07 1996
From: Adamsc at io-online.com (Adamsc)
Date: Thu, 29 Aug 1996 14:09:07 +0800
Subject: DoJ is poking around
Message-ID: <19960829032231781.AAA184@IO-ONLINE.COM>


>> >looks like the DoJ have been looking around at the mirrors.. maybe to
>> >legally hassle people about them....

>> Or, just maybe, some DoJ employees wanted to see what folks on the outside
>> were doing to tweek their bosses:-)? Reminds me of the *thousands* of hits
>> the "Intel Secrets Page"(http://www.x86.org/) has gotten from users at
>> intel.com 

Out of curiosity, has anyone used a decompiler to check if any of the
undocumented stuff is getting used in shipping programs?

- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said.
* Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
* Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
* Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
* Member in good standing of the GNU whirled hors d'oeuvre






From andrew_loewenstern at il.us.swissbank.com  Wed Aug 28 23:24:59 1996
From: andrew_loewenstern at il.us.swissbank.com (Andrew Loewenstern)
Date: Thu, 29 Aug 1996 14:24:59 +0800
Subject: SUN_pak
In-Reply-To: <199608281900.TAA15017@pipe2.t2.usa.pipeline.com>
Message-ID: <9608282355.AA00745@ch1d157nwk>


I was looking at the description of this patent (thanks to JYA for providing  
easy access to this article...), and I can't believe Sun got a patent for  
this.  Tunneling encrypted IP sessions over regular IP by using a gateway  
router is hardly a novel idea and is immediately obvious to anyone who is  
knowledgable in networking and crypto.  Aren't there already products out  
there (hardware and software) that implement this sort of thing?  I seem to  
remember Cisco producing a router and MorningStar producing software that did  
this.  I also seem to remember the concept being discussed on this very list  
several years back (can't check the archives from work though...)  I believe  
there is even a name for it:  VPN (Virtual Private Networks)  John Gilmore  
is currently putting together a project to do much the same thing in  
software...

Did I miss something innovative in this patent, or is this another example  
of clueless patent examiners granting patents for things that don't deserve  
patent protection?


andrew





From alanh at infi.net  Wed Aug 28 23:26:58 1996
From: alanh at infi.net (Alan Horowitz)
Date: Thu, 29 Aug 1996 14:26:58 +0800
Subject: DoJ is poking around
In-Reply-To: <199608281742.DAA30588@heaven.myinternet.net>
Message-ID: <Pine.SV4.3.91.960828233140.7966D-100000@larry.infi.net>


I have a military account. Not all govt or military accounts belong to 
black-helicopter pilots.





From dfloyd at io.com  Wed Aug 28 23:30:19 1996
From: dfloyd at io.com (Douglas R. Floyd)
Date: Thu, 29 Aug 1996 14:30:19 +0800
Subject: Real or Not ?
In-Reply-To: <199608282125.RAA26272@galapas.ai.mit.edu>
Message-ID: <199608290317.WAA04148@xanadu.io.com>


> 
>  > > It took the agency more to modify GNU C, but eventually they did it.
>  > >The Free Software Foundation was threatened with "an IRS investigation",
>  > >in other words, with being forced out of business, unless they complied. The
>  > >result is that all versions of GCC on the FTP sites and all versions above
>  > >2.2.3, contain code to modify PGP and insert the trapdoor. Recompiling GCC
>  > >with itself will not help; the code is inserted by the compiler into
>  > >itself. Recompiling with another compiler may help, as long as the compiler
>  > >is older than from 1992.
> 
>     Umm, no.  I work for the Foundation in my copious free time.  This
> has never happened.  And I just asked Richard about it to be sure.  He
> was amused.
>     It would be *very* difficult to pass this by anyone.  People at
> FSF diff the source code a lot, and we're far from the only ones.
> 

This has been a common joke for years now, the gcc "virus".  Its nothing
more than a troll.

(Its getting boring, however)







From dlv at bwalk.dm.com  Wed Aug 28 23:36:50 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Thu, 29 Aug 1996 14:36:50 +0800
Subject: Hayek (was: Cato Institute conference on Net-regulation)
In-Reply-To: <ae492e2b01021004ff49@[205.199.118.202]>
Message-ID: <8a0DTD20w165w@bwalk.dm.com>


Senile tcmay at got.net (Timothy C. May) (fart) rants:

> At 4:26 AM 8/28/96, Dr.Dimitri Vulis KOTM wrote:
> >Senile tcmay at got.net (Timothy C. May) rants:
> >> Indeed, Hayek has had a _lot_ to do with the Cypherpunks! From "The Road t
> >> Serfdom" to "Law, Legislation, and Liberty," his works have exerted a
> >> profound influence on me, and on many others.
> >
> >But he's fucking unreadable.  I plan to teach economic this semester and
> >make every student read Hazlitt (economics in 1 lesson). I can't force them
> >to read hayek (or Rothbard) because they're fucking unreadable. Shit.
>
> Well, to one who inserts "(spit)" after nearly every name he cites, and
> critiques Hayek as "fucking unreadable. Shit.," I suppose Hayek must indeed
> seem unreadable. Shit.

Are you jealous, Tim )fart)? You're just a senile old fart, not worth my
spittle. I make you feel better I'll put (fart) after you stupid name. Shit.

> After all, Hayek rarely writes things like: "The senile Von Mises (spit)
> and his Sovok Cabal plotters...."

Senile Tim May (fart) exposes himself as a liar by attributing to me shit
I've never said (Pidor Vorobiev's forgeries). Please stop polluting this
mailing list with your lies and personal attacks.

> As to "forcing" your students to read Hayek, just who is in charge? If
> you're the instructor, they can choose to read what you tell them to read,
> or be unprepared on the exams you give and possibly flunk the class. What
> part of "Required Reading" do you or your students not understand?

It's been many years since Tim May (spit) has been to college, hasn't it?
I don't blackmail my students into doing the work they don't want to do
by blackmailing them with grades. When I taught comp.sec., I said from the
start that everyone gets an A, and I trust tgen to be motivated enough to
read everything I _suggest_ they read. And they all did a great job and
earn3d their A's.

Senile Tim May (fart) is a fucking statist asshole.

Fuck you and fuck your criminal Arm*nian grandparents.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From dsmith at prairienet.org  Thu Aug 29 00:20:37 1996
From: dsmith at prairienet.org (David E. Smith)
Date: Thu, 29 Aug 1996 15:20:37 +0800
Subject: Clinton follies ideas?
Message-ID: <199608290308.WAA11904@bluestem.prairienet.org>


-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: cypherpunks at toad.com
Date: Wed Aug 28 21:57:52 1996
Our esteemed figurehead, Bill Clinton, will be doing
the first stop of his "Road to Victory Tour" campaign
this Friday, just a few blocks from my apartment.  Does
anybody have any cool suggestions on things to do to
harass, heckle, or maybe get taken down by the Secret
Service?  (Or should I just yell, 'Clinton, you suck!'? :)

dave

Special P.S. to all FBI wiretappers: This is a joke.



- ----- David Smith, Thinker of Deep Thoughts  :)
http://www.prairienet.org/bureau42/library.html
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMiUHMzVTwUKWHSsJAQE4ygf9F5ihhla2NguUFEFEgqDEb97haqqIv2ak
MQ07CRohP+QHYBsMnsnqjMvZslVnQCkr+mJWa8DC22dEPvGQ58+8NdsuykspIgEE
jegvZuQqGBmHex3fz6NLcYBQXFuyF8fbGEaXuHJjmvszkZDBqe3Fo95ywuMJPklZ
TIpZjE2xbX7T+H6yK2itIi/cmyPHN7zTfHKpdvjWcAY6hMVXuQwLx5g/cg3AErA4
R7MhDTnL2uH/16ccYQKPnpyBqxZ/DYg/DzrwO0Jj1RzeXBllTyALXMt5pQRKrbuy
xl8IJJ4j1cFIjeiOvg/tTBpOoFP1f3tj8iDLBYrzqxCytelyWxgQnw==
=LK29
-----END PGP SIGNATURE-----






From jimbell at pacifier.com  Thu Aug 29 00:39:45 1996
From: jimbell at pacifier.com (jim bell)
Date: Thu, 29 Aug 1996 15:39:45 +0800
Subject: MUD anyone?
Message-ID: <199608290508.WAA00670@mail.pacifier.com>


At 09:47 AM 8/27/96 -0700, Jon Leonard wrote:
>> Would anyone out there be interested in helping set up a 
>> crypto-anarcho-capitalist MUD to play around with some of the social 
>> aspects of crypto-anarchy and anarcho-capitalism? I can probably hack 
>> together a basic lpmud in a month or two if someone has a machine which 
>> it could run on and which could run a mailing list for those involved. 
>
>I've been planning to run a MUD like that, at mud.umop-ap.com port 2121.
>I just don't have enough coded to be worth announcing yet.
>Which cryptographic primitives should be coded in initially?
>Obvious choices are:
>Pseudonyms
>Anonymous digital cash (issued by any pseudonym, not just "banks")
>Public and private keys
>Secret sharing
>Anonymous broadcast & message pools
>Anonymous markets
>
>What am I missing?  Should there be direct support for Jim Bell's
>assasination markets?  It'd provide a means of demonstrating its
>ineffectiveness as a means of social control.

Aren't you writing up the results of the experiment before you even take the 
data?  That's called "dry-labbing."  

In any case, I'd welcome such a simulation, but there are a number of 
caveats.  To me, the most obvious one is GIGO:  Simulations, especially 
political/social ones, might depend heavily on assumptions that are 
programmed into them.   A trivial, yet interesting example is the computer 
game "Sim City" which allowed you to adjust the "tax rate" but problems 
always cropped up the further away you were from 7%.   The libertarians were 
frustrated that we were unable to drop the tax rate and still get a 
well-functioning, happy society.  It is unlikely, obviously, that there is 
anything magical to a society about a tax rate of 7%   The answer is likely 
that the people who wrote the program simply hard-coded it into the game, 
either directly or as a consequence of various political/social assumptions 
that they didn't realize they were making.

Another problem was demonstrated a few weeks ago when a "game theory"-type 
problem was proposed on CP, the one where 20 thieves sequentially are given 
the task to propose the disbursement of $20 million in loot, with a vote on 
the proposal and death for the proposer of a rejected proposal.  I pointed 
out that the difficulty with an _exact_  (game-theoretical) solution to such 
a problem is that the "cost" of death in this problem is undefined.  A 
person might be willing to take a risk of death for $20 million that he's 
unwilling to take for $20 THOUSAND,  and certainly not $20 DOLLARS.

AP (Assassination Politics), at least the initial "government-eliminating" 
function of it, should work on a financially-sound principle:  Actuarially, 
the value of a continuing $1/year obligation is $20 if the real interest 
rate is 5%.  This means that if a randomly-selected government employee is 
paid $40K per year including benefits (money which is stolen from 
taxpayers), it would be worth a one-time cost (actuarially speaking) of 
20x40K, or $800,000 to see him dead and not replaced.   Assuming his death 
can be purchased for less than this, you are dollars ahead to buy it.  If 
you can buy his death for, say, $20,000 (half his yearly salary) you have, 
in effect, profited by $800,000-$20,000 or $780,000 to do this.

(Technically, the amount _society_ would benefit is actually the amount of 
salary cost eliminated, minus the ordinary benefit  of that government 
employee doing his usual job.  A person (statist?) might try to conclude 
from this that getting rid of them won't save much.  That's the collectivist 
point of view.   However, the people who (unwillingly) finance these 
salaries with their tax dollars, and the people who arguably benefit from 
these employees are, in my estimation, two separate and distinct groups of 
individuals, so my analysis is still valid for the former group.) 

It gets even better.  If most of these employees decide that discretion is 
the better part of valor, and 90% of them resign rather than (almost 
literally!) get the ax  then the average cost of getting rid of a given 
employee is reduced by another factor of 10, perhaps to $2,000.   And 
obviously, the system feeds on itself:  Once the average cost of getting rid 
of them drops to $2,000, their fate is so certain that the resignation rate 
would probably skyrocket to well over 99%, which would further reduce the 
average cost to perhaps $200, and so on.  The overall effect is somewhat 
akin of "falling off a cliff," or perhaps the collapse of a star destined to 
become a black hole:  Once a certain point it reached return is impossible 
or impractical. 

Now you should understand why I'd be quite pleased to see such a system 
modelled:  It would be great to be able  to vary the initial conditions, and 
see that the outcome turns out almost identically each time.  Such an 
outcome would make you very nervous:  It would show that I am correct!

(BTW, a similar analysis will probably suggest that the amount of money 
traditionally spent on US national defense would drop from the current 
figure of about $250 billion to no more than 1/1000th of this, or maybe even 
far less, and for similar reasons.)


Jim Bell
jimbell at pacifier.com





From unicorn at schloss.li  Thu Aug 29 01:19:07 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Thu, 29 Aug 1996 16:19:07 +0800
Subject: Annoucing LivePGP - content security for web (fwd)
Message-ID: <Pine.SUN.3.94.960829012524.10577B-100000@polaris>




--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li

---------- Forwarded message ----------
> From ssl-lists-owner at minbne.mincom.oz.au Thu Aug 29 01:00:59 1996
> Message-Id: <01BB9594.5E8FC740 at minuet>
> From: Ming-Ching Tiew <mctiew at csi.po.my>
> Subject: Annoucing LivePGP - content security for web
> Date: Thu, 29 Aug 1996 10:25:07 +-800
> Encoding: 54 TEXT
> Sender: ssl-lists-owner at mincom.com
> Precedence: bulk
> 
> Inspired by Adam Cain's write-up ( and others ) on comparison on the using of PGP, 
> SSL/HTTPS, SHTTP and others on Web technologies, I have written a LivePGP 
> plugin for Navigator 3.x and is available for evaluation for anybody who cares to 
> send me a email ( as I don't have  a leased line connection to internet ).
> 
> See below for a summary.
> 
> Thank you, 
> Regards,
> Ming-Ching
> mctiew at csi.po.my
> 
> ------------------------------------------------------------------------------------------------------
> As a summary, this is a plugin for Navigator 3.x which I developed it
> myself, and which I called it LivePGP because it uses LiveConnect and
> PGP.
> 
> LivePGP is a plugin to be loaded on Navigator machine; it secures the
> content before transmittion to the network. Therefore, it doesn't matter
> what network or what's or ever.
> 
> With absolutely no intention to compete with SSL and SHTTP, LivePGP 
> attempts to address some issues with existing security products :-
> 
> 1. 1024-bit key length of PGP in comparison with 40-bit for SSL ( due to 
>     international export limitation ). PGP is a well-known product which   
>     has survived years to testing.
> 
> 2. Extended security vs point-to-point security provided by SSL. Content 
>     coming out of SSL client and server are plain text, which may
>     be subjected to system administrator's tempering with the data. Using 
>     LivePGP, the decryption of data can be relayed as late as (operationally) possible. 
> 
>     More important practical reason is that the signed content can be logged
>     on the client and server; it is very useful to addresss non-repudiation.
>     The client cannot argue that he didnot submit the transaction, because
>     the content which contains the client's signature can be logged and printed out.
>   
>     Similary, system administrator's tempering the data could be checked against
>     with.
> 
> 3. Even thought the plugin is developed using C/C++ and Java,
>    deployment for any scenerio need only standard HTML/Javascript. 
> 
> 4. Client is Win95/NT. Server can be anything. Win3.11 is unknown.
> 
> 5. Every part introduced by me is source code available.
> 
> 6. Can use it together with SSL to make use of the high transparency
>     of SSL.
> 
> 7. Can use it to upload ( signed and encrypted ) local files, in addition
>     to uploading ( signed and encrypted ) web content.






From isi at hooked.net  Thu Aug 29 01:32:02 1996
From: isi at hooked.net (Institute for Security and Intelligence)
Date: Thu, 29 Aug 1996 16:32:02 +0800
Subject: In reference to comments made to me and to the Group
Message-ID: <199608290618.XAA12301@mom.hooked.net>


Mr. Geiger:

I do not have interest in nor time for a flame war.  But I do appreciate 
your perspective, whether or not I agree.

Rather than flaming, I propose that all interested readers post their 
*CONSTRUCTIVE* ideas on the CyberTerrorism issue.  If you feel it is 
not an issue, then don't respond.  

I'm not looking for opinions on politicians, the government, etc., 
nor do  I care what you think of me or my views.  However, if you can 
put  some _solid_ thoughts into bullet items, or any other format you 
deem useful, perhaps we can move forward.

Ideas.  Actions.  No commentary, raves, rants, flames, or other bandwidth wasters.

Let's see what we come up with.

Barry C. Collin
Institute for Security and Intelligence





From minow at apple.com  Thu Aug 29 01:47:04 1996
From: minow at apple.com (Martin Minow)
Date: Thu, 29 Aug 1996 16:47:04 +0800
Subject: libelous action
In-Reply-To: <3.0b11.32.19960828165224.006a27ec@central.tansoft.com>
Message-ID: <v03007801ae4ae9bb0f36@[17.219.103.237]>


Black Unicorn <unicorn at schloss.li> comments,
>
>I might note that the FTC is showing increased interest in cryptography
>products and the claims of their marketers.
>

Hmm, can we get FTC and NSA to fight: if NSA says that a product may be
exported, maybe FTC won't let the seller claim it is capable of protecting
data.

Intresting.

Martin Minow
minow at apple.com







From whgiii at amaranth.com  Thu Aug 29 01:50:21 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Thu, 29 Aug 1996 16:50:21 +0800
Subject: In reference to comments made to me and to the Group
In-Reply-To: <3224A412.D05@hooked.net>
Message-ID: <199608290528.AAA08702@mailhub.amaranth.com>


In <3224A412.D05 at hooked.net>, on 08/28/96 at 12:54 PM,
   "Barry C. Collin" <isi at hooked.net> said:

Well folks,

I am not in the habit of jumping into flame wars, but......


>This message was in response to comments made by E. Allen Smith on my recent remarks on cyberterrorism.

>Dear Mr. Smith:

>Thank you for your perspectives.  Save for the irrelevant flaming, I appreciated your taking time.  
>Following are my comments.
>  
>>>Terrorism to CyberTerrorism
>>
>>>   The face of terrorism is changing. While the motivations remain the
>>>   same, we are now facing new and unfamiliar weapons. The intelligence
>>>   systems, tactics, security procedures and equipment that were once
>>>   expected to protect people, systems, and nations, are powerless
>>>   against this new, and very devastating weapon. Moreover, the methods
>>>   of counter-terrorism that our world's specialists have honed over the
>>>   years are ineffectual against this enemy. Because, this enemy does not
>>>   attack us with truckloads of explosives, nor with briefcases of Sarin
>>>   gas, nor with dynamite strapped to the bodies of fanatics. This enemy
>>>   attacks us with one's and zero's, at a place we are most vulnerable:
>>>   the point at which the _physical _and _virtual _worlds converge. Let
>>>   us first define theses two domains.
>>
>>	Ever since the dawn of technological civilization, we've been vulnerable
>>to terrorism inflicted by those with technological knowledge and intelligence.
>>Ever since someone discovered how to produce poisonous gases, we've been
>>vulnerable to attacks such as those in the Japanese subways. Ever since the
>>electrification of countries, we've been vulnerable to attacks on power
>>production and distribution systems. Ever since most vehicles became
>>petroleum-powered, we've been vulnerable to attacks on petroleum production and
>>distribution systems. Ever since we found out how to cultivate anthrax, we've
>>been vulnerable to any competent bacteriologist.

>These are all different tools.  Some are simple to create and deploy, some are not.  While the 
>definition of classical terrorism (and its motivations) remain the same, we must study each of 
>these tools separately if we are to understand how to detect, prevent, and respond to the 
>threats.

>>	All the above is is Information Super-Highway hype.

>Thank you for your opinion.

I beleive the concern of Mr. Smith and my others concerning myself is that the methods used to "protect" us from such events are more harmfull than the initial threat.

It is all too often that a minor threat receives massive publicity in the press. Then politions jump in with knee-jerk reactions to add "new and improved" restrictions to ones liberties & give law-enforcement sweeping new powers, Consitution be damed. If you paied any attention to the Senate hearing after Oklahoma and TWA 800 you could such behaviour of our polititions even though such laws will not help 1% to prevent such acts in the future.


>>[...]
>>
>>>Achieving CyberTerrorist Goals
>>
>>>   So how does a CyberTerrorist achieve his mission? Like any terrorist,
>>>   a CyberTerrorist actively exploits the goals of the target population
>>>   in areas in which they take for granted.
>>   
>>>   There are three potential acts in CyberTerrorism at the point of
>>>   convergence:
>>>     * 1.Destruction;
>>>     * 2.Alteration; and
>>>     * 3.Acquisition and retransmission (these are a unit).
>>       
>>   I would point out that many instances of the last (I would guess you refer to
>>the getting and distribution of, say, ITAR-restricted information - you do
>>accuse crackers of complicity in "CyberTerrorism" by breaking military
>>security) are not, properly speaking, terrorism; they are instead the
>>distribution of information that should not be restricted.

>You guessed incorrectly; I'm not talking ITAR.  Test yourself:  Can you think of any sensitive or personal 
>information, that if exposed or utilized, could cause terror -- or destabilization?  If you can't, you are 
>not trying; you should know more than most the value of privacy, whether it be military, corporate, or 
>personal.

I think what we have here is the all to common practice of grouping all criminal activities under the heading of "terrorism".While this may be advantagious for the Federal Government to do so placing what was once the juristiction of the States into the hand of the Feds. It does make nice splashy headlines for the newsmedia so they can sell more newspapers. It has no place in a rational disscusion of the security issues of Computers, Networks, and the Internet.

If someone aquires personal information about myself and at worst steels all the money out of my bank account. That is a crime, it is theft, and their are plenty of laws on the books to handle such a crime. It is NOT terrorism. 

While I agree that there is potential for harm being caused by a sofisticated, well orginised, state sponcered terrorist orginization, I for one am not going to lose any sleep over it. Yes there is a "threat" but No the sky is not falling.


>>One person's
>>terrorist is another person's freedom fighter (I'd call both sides in
>>Nicaragua's Sandanista-Contra conflict terrorists).

>This nifty statement frequently comes from people who've never seen a child blown up, seen people 
>disfigured, seen property damaged beyond all recognition.  Perhaps it is a safe place in your office, Mr. 
>Smith, behind your terminal judging other's thoughts.  I don't have that luxury.  I've spent more than 
>anyone's fair share of time going through rubble, identifying pieces of what were once people, and telling 
>their families.

>Freedom fighters who kill random and innocent victims are terrorists and cowards.  If you feel otherwise, 
>Mr. Smith, perhaps it is time to step out into harm's way, and then perhaps you too will waken in the 
>night with the images that haunt me.  *Then* you can talk to me about such matters.  Until then, stick to 
>coding.


<SIGH> Pulling at ones hartstrings in such a debate only shows the wekness and emptyness of your argument. I am unaware of you location but between growing up in the MiddleEast & my service in the military I have seen my fair share of the "better" side of Man. You by no means have a monopoly on this.

Mr. Smith bring up a vailid point. It is one of perspective. Who you consider terrorist and who you consider heros depends on what side of an issue you stand. The American saw no problem with the 10's of thousands who died in the fire bombing of Dresdin or the Atomic Blasts over Japan. The populations Germany & Japan were supportive of their leadership in the murder of millions durring their campaines of expantion. Look at Ireland; if you are Prodistant or British the IRA are the terrorist while
if you are Catholic then it is the British & Prodistant that are the "terrorist". The Jews in Israel had no problem with blowing up the British but don't like it too much now that the Palisinians are doing the same thing to them.

The whole issue of "Terrorist" vs. "Freedom-Fighter" is one of perspective.

>>   
>>[...]
>>   
>>>Potential CyberTerrorist Acts
>>
>>[...]
>>
>>>     * A CyberTerrorist will attack the next generation of air traffic
>>>       control systems, and collide two large civilian aircraft. This is
>>>       a realistic scenario, since the CyberTerrorist will also crack the
>>>       aircraft's in-cockpit sensors. Much of the same can be done to the
>>>       rail lines.
>>
>>	Only a bloody utter idiot would build such systems without enough
>>backups to avoid these problems; they could come about through computer bugs
>>or component failures as well. Networked systems are notorious for going down
>>(see the recent happenings with AOL, for instance); they're _going_ to have
>>backups if anyone intelligent is running them. Of course, you may have a point
>>with a government-controlled air traffic controller systems.
>>	The same can be said of most of your other scenarios.

>These require more than once person be involved.  Do not kid yourself, we are not dealing with stupid 
>people here.  And bloody utter idiots we have a-plenty -- too many administrators more concerned with 
>their balance sheets to provide the tools people like you need to build safe systems.  You'd be surprised 
>of the amount of criminally-inadequate systems out there.  That's why it _is_ important that folks like 
>you push the envelope to better the systems.  The goal here, Mr. Smith, is to put me out of business, not 
>by flames, but by helping to build better systems.  I think we share that goal.


>>
>>>CyberTerrorists: Who, Where, and Why?
>>
>>>   The purpose of this paper is to help you understand the threats that
>>>   exist, and hopefully, to help you prevent these types of atrocities.
>>>   But know this - there are people out there with very different goals,
>>>   who are our real threats, and who are, or will be, attacking us. Make
>>>   no mistake, _the threats are real, today___.__
>>
>>	Most people with technical knowledge have a pretty large motivation to
>>keep the technical society going. One, the loss of it would make our knowledge
>>useless. Two, we have enough contact with technology and science to want it to
>>continue - how many neo-Luddite engineers do you know? The Unabomber is the
>>main exception... and even he didn't use his main area of knowledge in his
>>bombings.

>We are not concerned with engineers.  We are concerned with fanatics, and fanatics are fanatics whether 
>they are engineers or gardeners.  Do not be so naive to believe that everyone shares the morals you have. 
>Mr. Smith, there are people out there who want you dead, and will use all the techniques you pointed out 
>above to accomplish their goal.  As I said before, technology is just another tool.


>>>   Who are the CyberTerrorists? There a great many poor movies and too
>>>   many works of fiction about the hacker and cracker communities. In the
>>>   popular media, there recently was the Kevin Mitnick incident, where
>>>   one cracker broke into another cracker's systems. This spawned endless
>>>   press and at least two best selling books. While this incident
>>>   received much attention, the events amounted to meaningless children's
>>>   games.
>>
>>	I'd agree with that, from what I know of the Mitnick incident(s). I'm
>>not sure if Shinomura (sp?) should be called a cracker; others with more
>>knowledge can comment on this.

>Agreed.

>   
>>>   By and large, the cracker community, based primarily in the United
>>>   States, Europe, the Middle East, Asia, and in the nations of the
>>>   former Soviet Union, is composed of individuals who see the cracking
>>>   process merely as a challenge, a brain teaser, a puzzle. They view
>>>   themselves as not only being innocent of any crime, but perhaps even
>>>   doing something righteous, something to counter the dark monoliths of
>>>   the corporate and government worlds. They believe they are being
>>>   persecuted. These individuals believe that what they are doing is not
>>>   doing any true damage. At its least harmful, these crackers just look
>>>   at information. However, privacy issues and military secrecy can
>>>   render such infiltrations acts of terror.
>>
>>	Often, military secrecy is just an excuse to not allow information
>>damaging to governments, etcetera from getting out. With NSC involvement, how
>>deeply do you think the Iran-Contra dealings were classified? I would, however,
>>agree with you about privacy issues... but governments are far greater threats
>>in this regard than all the crackers in the world. Much of the information in
>>question would not be around in so many places (such as notoriously accessible 
>>government databanks) except for governments gathering information they
>>shouldn't have in the first place.

>Whether you are right or wrong about what governments have locked away is not in my work area.  As I've 
>said, my work is in fanatics, the disenfranchised, etc.  People are people, and some turn rogue.  It 
>happens.  And people are purchased.  My work keeps me entrenched in such mire regularly.



<SIGH> More unwarrented use of "acts of terror" and "terrorism". Unauthorised access to information is not an act of terror. PEROID. Someone looked at somthing they shouldn't have. that's it. Put that at the criminal level of a mistamener <sp?>. Could someone use that information for a more serious criminal act at some later point in time. Yes. Is this likely, eh mabye, mabye not. If it is illegal for me to carry a knife then I am only guilty of carring a knife I am not guilty of commiting
murder even though it is possiable for me to commit murder with a knife.


>> 
>>[...]
>>  
>>>Crackers as Facilitators
>>
>>[...]
>>
>>>   Historically, individuals engaged in the practice of terror tended not
>>>   to be people working upon a computer 20 hours per day. Terrorists have
>>>   not been in the business of tracking the latest holes found in UNIX or
>>>   an obscure government telnet opportunity. There _are _people, however,
>>>   who are in that business - for illicit as well as good cause. As
>>>   stated, just as indigenous people may be turned into soldiers, so can
>>>   crackers be turned into CyberTerrorists. Sometimes such a transition
>>>   may be motivated by money or prestige. Usually, this transition will
>>>   occur without the cracker's cognizance. The potential threat from such
>>>   transitions is mind boggling, considering the damage even one
>>>   mis-directed cracker can cause.
>>
>>	The first statement is correct... and is likely to continue to be the
>>case. We would appreciate some evidence for such transitions occurring without
>>cognizance, or indeed being at all likelyLet me know what you do for a living, and then we can share more.  

>Not trying to be "spooky", but understand that my piece of the world rests in the violent 
>world, and I need to watch my own back.

We all live in a "violent" world. Alway have and alway will. Just the nature of the beast.

>>   
>>>   Further, as young, educated people are brought into the folds of
>>>   terrorist groups, this new generation will have the talent to execute
>>>   the acts of CyberTerrorism of which we have spoken.
>>
>>	Unlikely. For state-sponsored terrorism, for instance, countries with
>>the motivation for such are also ones that tend to block people from computer
>>experience. Getting on the Internet is rather likely to expose the people in
>>such countries to information that will destabilize them... including programs
>>such as PGP that are restricted by ITAR in the name of (among other things)
>>decreasing terrorism.

>You might be interested in the number of "students" attending our universities that have solid 
>terrorism backgrounds.  The ones I spoke to made their purpose very clear.

And what did you do after speaking the these "students"? As a concerned citizen did you bother to report this information to the State Department, FBI, Immigration? Or did you just walk away with all kinds of warm fuzzies because you got dirty talking to potential "terrorist".

[more bloated rehash of media-catch phrases]  


>>>Ex Post Facto
>>   
>>>   An effective auditing system will only inform the target manager that
>>>   they have taken a hit; perhaps a fatal hit. By that point, it is too
>>>   late. _Now _is the time to take action. Unfortunately, due to this
>>>   open nature of this document, specific counter-CyberTerrorism measures
>>>   cannot be discussed. Those discussions must be reserved for secured
>>>   facilities.
>>

>>	Nobody disagrees with that auditing isn't the _only_ method needed;
>> _everyone_ uses other methods.

>Watch your generalizations.  You'd better tune in to how bad things really are.

>Remember that old saying about prevention and cure?

>>	Your claim that you can't discuss security in the open is laughable.
>>Quite simply, security by obscurity doesn't work; in cryptography, it's one of
>>the signs of "silicon snake-oil" - which is what this document looks like in
>>any event. First, making a system obscure motivates a lot of people to try to
>>find out how it works; intelligent people are curious, and don't like
>>unnecessary secrets unless they're authoritarians. Second, the less people
>>know about a system, the less people can spot bugs to be _fixed_ in that
>>system. I prefer a system that has been tested by as many people as possible,
>>thank you, particularly if my life may depend on it.

>Again, I'm not worried about you at your keyboard clicking away and offering opinions.
>There's more to this than encryption.  Take off the blinders, Mr. Smith: encyrption is just one 
>little piece of this puzzle.  It comes down to psychology, far more than technology.  I 
>appreciate your curiousity, your wish for totally open systems.  In a perfect world, or even a 
>sane world, that would be ideal.  I would love society to be filled with people like you who 
>believe in improving the state of the art, the pushing of the envelope, etc.

>But you are not who I deal with every day.  Unfortunately, just because you don't see these 
>folks, doesn't mean they are not there.  They are not the ones with cutesy handles and who send 
>messages to usenets and such.  It's the people off the radar screen, the one's that know better 
>than to go public.  I've spent way too much time with these nutcases, and I assure you, Mr. 
>Smith, they are very real.

>>	In other words, go back to the drawing board and find something else to
>>try to sound a tocsin over.
>>	-Allen

>Open up your world, Mr. Smith.  There is a whole parallel universe of garbage that exists with
>yours. Whether or not you believe or understand that is frankly irrelevant to me or my work.
>But hopefully this will open your eyes to the fact that this is not about evil governments, nor 
>military spookery, nor commercialization, nor fear of crackers.  The next time I have to travel 
>to a bomb site, and as I try and figure out what cause could justify the death of someone who 
>just happens to be in the wrong place at the wrong time, I will not be thinking of you in your 
>office lecturing me on the computer world.

>Barry C. Collin


Well you have artfully side-steped the issue with a rather self-indulgend tear jerker. The issue presented was that security by obsecurity DOES NOT WORK! If you are that conserned about stoping the dreaded "Cyberterrorest" then you should present your solutions in a open forum for peer review. Ofcource sense we are not part of your elite "counter-cyberterrorest" force I imagine that you do not consider anyone else your peer. Or could it be you inability to debate and defend your ideas in a
public forum with those who have more experiance and better comprehention of the security issues we face at the dawn of the 21st century.

Hiding away is closed groups disscussing solutions to "THE THREAT" where you are the only voice on security may be a big bost to your ego but does little to improve security on a significant scale.


--
-----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
Get Work Place Shell for Windows!!
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
-----------------------------------------------------------
 
MR/2 Tag->You're throwing it all out the Windows!






From alano at teleport.com  Thu Aug 29 02:53:35 1996
From: alano at teleport.com (Alan Olsen)
Date: Thu, 29 Aug 1996 17:53:35 +0800
Subject: DoJ is poking around
Message-ID: <3.0b11.32.19960828235710.01192e4c@mail.teleport.com>


At 08:21 PM 8/28/96 -0800, Adamsc wrote:
>>> >looks like the DoJ have been looking around at the mirrors.. maybe to
>>> >legally hassle people about them....
>
>>> Or, just maybe, some DoJ employees wanted to see what folks on the outside
>>> were doing to tweek their bosses:-)? Reminds me of the *thousands* of hits
>>> the "Intel Secrets Page"(http://www.x86.org/) has gotten from users at
>>> intel.com 
>
>Out of curiosity, has anyone used a decompiler to check if any of the
>undocumented stuff is getting used in shipping programs?

I have not heard of anyone doing this with the Intel code, but I have seen
info on the "Secret APIs of Bill" (Undocumented Windows API calls) being
used in various programs.  (For more info on this, check out "Undocumented
Windows" by Schulman, Maxey, and Pietrek.)

I am sure that the people who produce SoftIce could give you more info on
this.  (Either that or talk with whoever is doing the undocumented feature
column for Dr. Dobbs.)
---
Alan Olsen -- alano at teleport.com -- Contract Web Design & Instruction
        `finger -l alano at teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon
                "Microsoft -- Nothing but NT promises."







From whgiii at amaranth.com  Thu Aug 29 03:16:27 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Thu, 29 Aug 1996 18:16:27 +0800
Subject: DoJ is poking around
In-Reply-To: <Pine.SV4.3.91.960828233140.7966D-100000@larry.infi.net>
Message-ID: <199608290802.DAA09847@mailhub.amaranth.com>


In <Pine.SV4.3.91.960828233140.7966D-100000 at larry.infi.net>, on 08/28/96 at 11:32 PM,
   Alan Horowitz <alanh at infi.net> said:

>I have a military account. Not all govt or military accounts belong to 
>black-helicopter pilots.


Hey!

Wern't ya the one who buzzed my trailer park while I was talking to Elvis the other night? :)

--
-----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
Get Work Place Shell for Windows!!
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
-----------------------------------------------------------
 
MR/2 Tag->How do you make Windows faster?  Throw it harder!






From rwright at adnetsol.com  Thu Aug 29 03:33:42 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Thu, 29 Aug 1996 18:33:42 +0800
Subject: In reference to comments made to me and to the Group
Message-ID: <199608290752.AAA18432@adnetsol.adnetsol.com>


Sir,

Please get a spell checker before you post any more thousand word 
flame-outs

On Or About: 29 Aug 96, 0:05, William H. Geiger III wrote, jumping into a flame
war before he learned how to spell

 polititions
orginised,
> campaines
 Prodistant
Prodistant 
Palisinians
> Unauthorised  mistamener <sp?>. 
mabye, mabye possiable
> obsecurity 
conserned .
 Ofcource
experiance
 comprehention 
 big bost

These are just a few of the spelling errors in a huge rant!!!!!

===========
Ross Wright
King Media: Bulk Sales of Software Media and Duplication Services
http://www.slip.net/~cdr/kingmedia
Voice: 415-206-9906





From whgiii at amaranth.com  Thu Aug 29 05:41:29 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Thu, 29 Aug 1996 20:41:29 +0800
Subject: Thoughts on CyberTerrorism {per request}
In-Reply-To: <199608290618.XAA12301@mom.hooked.net>
Message-ID: <199608291012.FAA10548@mailhub.amaranth.com>


In <199608290618.XAA12301 at mom.hooked.net>, on 08/28/96 at 10:55 PM,
   "Institute for Security and Intelligence" <isi at hooked.net> said:


My opinions on the topic of CyberTerrorism:


The issue of cyberterrorism can be divided into 3 main parts:

-What is the threat.
-Who is the threat.
-How to respond to the threat.


What is the threat?
===================

This can be subdivided into 3 classifications:

Catastrophic Terrorist Attack
-----------------------------

This type of attack results in the loss of life, or major disruption of society.

Examples:

   - A cyberterrorist cause the major economic disruption by infiltrating international banking systems.

   - A cyberterrorist causes loss of life by infiltrating mass transit system.
        - Air Traffic Control
        - Train systems
        - Subway systems

   - A cyberterrorist causes loss of life/major economic disruption by infiltrating public utility systems.

        - Meltdown of Nuclear Power Station
        - Shutdown of Major Power Grids
        - Oil/Gas Spills

   - A cyberterrorist causes loss of life/major economic disruption by infiltrating military systems and gaining access to military weapons.


Major Criminal Attack
---------------------

This type of attack results in a financial loss or civil liberty infringement but is not of the scale of a Catastrophic Attack.

Examples:

    - A criminal infiltrates a bank computer and illegally transfers funds.

    - A criminal obtains credit card information and uses fraudulently.

    - A criminal obtains personal information and uses illegally.
         - Blackmail
         - Job discrimination
         - credit denials
         - insurance denials


Minor Hacker Attacks
----------------------

This type of attack results in little or no financial loss.

Examples:

    - A hacker breaks into the DOJ webserver and changes the webpages.

    - A hacker breaks into a system and snoops around.

    - A hacker breaks into the school computer and changes his grades.



Who is the Threat?
==================

The CyberTerrorist
------------------

This is a sophisticated, well organized, State sponsored Terrorist.

His goals are the same as any other terrorist. He wishes to reak havok on society to further his political agenda.


The CyberTerrorist/Mad Scientist
--------------------------------

Though his means are the same as the CyberTerrorist his goals are different. He is just a nutcase. Out for the thrill or for his 5min. of fame.


The Computer Criminal
---------------------

These will come in varying levels of sophistication and ability. They will range from the petty thief to the super-hacker that can hack banking systems.

The Hacker
----------

Average age: 15-25 Above average intellegence.

Basically he is in it for the challenge. To brake in a system no one else has broke into. For the most part harmless.



How to Respond to the Threat?
=============================
      
This all depends on which threat you are responding to.

CyberTerrorist
--------------

This one is a tough one. Outside of standard security measures including redundancy & isolation of critical systems the weakest link is going to be the personnel running the systems {what is known as an inside job}.

Deterrents could play a BIG factor in this. If every time a country supported a terrorist attack we turned one of their cities into a glass bowl there would be allot less of this type of thing going on. This would not help with the true diehards/nutcases.

Computer Criminal
-----------------

The best way to defend against the computer criminal is information & training.

System administrators must be aware of potential security risks to their systems.

Software vendors should be open and forthcoming about security holes when they are found.

End users should be familiar with what types of risks are involved when "on-line".
      - what type of information is covertly being gathered about them. {Thank-You NetScape}
      - what type of information should and should not be transmitted in the "open"
      - what is PGP, how to use it, when to use it. Every user should have a copy.

The Hacker
----------

The same as above. If sys-admins are sloppy about security they have much more to worry about than some school kids pranks. Most of the Hackers activities are harmless and can be a mixed blessing in disguise to a sys-admin. A Hackers prank may awaken him to the sad shape of his security and move him to make changes before he gets hit by the Computer Criminal or Cyber Terrorist.



Well that's my basic thoughts on the matter. I restrained from going too indepth as I did want to keep this under 1000 lines (bad spelling and all). :)

I am willing to discuss this more indepth on a point by point basis.


--
-----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
Get Work Place Shell for Windows!!
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
-----------------------------------------------------------
 
MR/2 Tag->2.0 is better than 1; 3.0 is better than 2.






From rp at rpini.com  Thu Aug 29 05:43:02 1996
From: rp at rpini.com (Remo Pini)
Date: Thu, 29 Aug 1996 20:43:02 +0800
Subject: In reference to comments made to me and to the Group
Message-ID: <9608290955.AA28509@srzts100.alcatel.ch>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com, whgiii at amaranth.com
Date: Thu Aug 29 11:53:46 1996
I kind of like this valid discussion going on. PERIOD. But I believe that 
although there's something (maybe, maybe not) politicians (be they 
Protestant, Palestinians or from Dresden) might find a misdemeanor, one 
shouldn't boast with possible unwarranted encryption.

No, seriously, your arguments tend to be belittled by your spelling. (Maybe 
you should get Pronto Secure, it has a spellchecker included)

BTW, I don't get paid by Commtouch for writing that (SNIF!).


A quick overview: beleive, politions, disscusion, orginised,
                  sponcered, orginization, wekness, vailid, Dresdin,
                  durring, expantion, Prodistant, Palisinians, 
                  unwarrented, PEROID, somthing, mistamener, mabye,
                  mabye not, possiable, encyrption, disscussing, bost

I hate teachers and people who show of with their spelling (and I'm a split 
personality). Yeah, me too.

- ------< fate favors the prepared mind >------
Remo Pini                        rp at rpini.com
PGP:  http://www.rpini.com/crypto/crypto.html
- ----< words are what reality is made of >----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMiVoqxFhy5sz+bTpAQFYUgf/eu+dQvQALz7Of3DCWLoBWVICY2fmnDJB
tQcHTNbuPXybjACVq8+LxdKT2wjXzuU401/rv4dW5+LgrMRlKMIhjx8xAIKSKBOg
VBb2ruV9SG2/+sY0iYzJY1Dz4opf5c9aCLgN5ptM2LeWyWOtK71VtV8ASDaoGBP7
HIs9jVJ3sbyQaf8CPfR+pEQSjGLHCm8QshazSjPvuUdIRxB5f9Etpy+45vK4FVPP
EXWYaN3jTBOPC24Qe8qGs+Dn/9C5ZR9y0Y2edv/XzWDZrdg951lSdQKxca4wtCbD
nyKQ/R86wvfy65uwrBDzUSFupuA1M8TcF63ncybQ/316cHl8x/z0rA==
=musf
-----END PGP SIGNATURE-----






From frissell at panix.com  Thu Aug 29 05:46:39 1996
From: frissell at panix.com (Duncan Frissell)
Date: Thu, 29 Aug 1996 20:46:39 +0800
Subject: There is no Agent Toby Tyler at the FBI [UK Observer Story]
Message-ID: <2.2.32.19960829095805.00abc538@panix.com>


At 03:17 PM 8/28/96 -0700, Richard Charles Graves wrote:
>...two different sources, both of whom are anonymous because they work for
>competing newspapers, tell me.
>
>Could someone else with contacts/time to kill/attributability please confirm
>this?

When I first saw the name, I remembered my misspent youth:
 
Toby Tyler, or Ten Weeks with a Circus (1960)

USA 1960 Color 

Produced by: 
               Walt Disney Productions 
Genre/keyword: 
               Children's / Drama 
     Language: 
               English 
      Runtime: 
               96 

Also Known As: 
     Toby Tyler (1960) 

Directed by
      Charles Barton

Cast (in alphabetical order)
      Henry Calvin
      Kevin Corcoran  ....  Toby Tyler
      James Drury
      Gene Sheldon
      Bob Sweeney

Written by
      Lillie Hayward
      James Otis Kaler (novel) 
      Bill Walsh

DCF






From whgiii at amaranth.com  Thu Aug 29 05:55:01 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Thu, 29 Aug 1996 20:55:01 +0800
Subject: In reference to comments made to me and to the Group
In-Reply-To: <9608290955.AA28509@srzts100.alcatel.ch>
Message-ID: <199608291022.FAA10662@mailhub.amaranth.com>


In <9608290955.AA28509 at srzts100.alcatel.ch>, on 08/29/96 at 11:55 AM,
   Remo Pini <rp at rpini.com> said:

>No, seriously, your arguments tend to be belittled by your spelling. (Maybe 
>you should get Pronto Secure, it has a spellchecker included)

<sigh> second message I received on this. :(

Well, I ran the spell checker on my follow up posting.

And on this one too. :)

--
-----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
Get Work Place Shell for Windows!!
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
-----------------------------------------------------------
 
MR/2 Tag->DOS=HIGH? I knew it was on something...






From frissell at panix.com  Thu Aug 29 05:55:34 1996
From: frissell at panix.com (Duncan Frissell)
Date: Thu, 29 Aug 1996 20:55:34 +0800
Subject: Simulations
Message-ID: <2.2.32.19960829102802.00addc90@panix.com>


At 10:05 PM 8/28/96 -0800, jim bell wrote:

>To me, the most obvious one is GIGO:  Simulations, especially 
>political/social ones, might depend heavily on assumptions that are 
>programmed into them.   A trivial, yet interesting example is the computer 
>game "Sim City" which allowed you to adjust the "tax rate" but problems 
>always cropped up the further away you were from 7%.   The libertarians were 
>frustrated that we were unable to drop the tax rate and still get a 
>well-functioning, happy society.  

I was taking economics back in the Armonk Iron days and we played around with
an economic simulation program written in Fortran.  One was supposed to
adjust government spending and taxes to find an optimum level.  I set both
taxes and spending to zero.  We got a lot of economic growth and a lot of
inflation (this was not a monetarist simulation).  But we were happier.

DCF






From ben at edelweb.fr  Thu Aug 29 06:35:17 1996
From: ben at edelweb.fr (Ben)
Date: Thu, 29 Aug 1996 21:35:17 +0800
Subject: Real or Not ?
In-Reply-To: <Pine.SUN.3.91.960828150721.9155B-100000@eff.org>
Message-ID: <Pine.SUN.3.95.960829104532.4855z-100000@mercier.gctech.edelweb.fr>


> Unless of course the program you're using to view the disassembled 
> instructions has also been altered by the TriLats. And make sure you use 
> any pre-1992 compiler on a pre-1992 operating system on a computer that's 
> not hooked up to the Net or even located where NSA agents can get to it.

For what its worth I have a copy of DOS 3.3 running Borland Turbo C 1.0
with the original Turbo Debugger/Assembler on an IBM Model 30 that has
never been hooked up to the Net.

Any takers? :)

Ben.
____
Ben Samman.................................................ben at edelweb.fr
Paris, France                      Illudium Q36 Explosive Space Modulator







From MrAdvent at aol.com  Thu Aug 29 07:19:44 1996
From: MrAdvent at aol.com (MrAdvent at aol.com)
Date: Thu, 29 Aug 1996 22:19:44 +0800
Subject: Desubscribe
Message-ID: <960829074816_512217624@emout15.mail.aol.com>


I would like you to desubscribe me from you mailing list







From enzo at ima.com  Thu Aug 29 07:25:44 1996
From: enzo at ima.com (Enzo Michelangeli)
Date: Thu, 29 Aug 1996 22:25:44 +0800
Subject: Mimic Function Stego Programs?
In-Reply-To: <199608282111.RAA17052@cbig1.att.att.com>
Message-ID: <Pine.LNX.3.91.960829194606.14794L-100000@ima.net>


If sociobabble (as opposed to manager babble) can do, try with the Dada 
Engine shown at 
 http://www.cs.monash.edu.au/cgi-bin/postmodern
and replace the PRNG with cyphertext. The kleptocrats will probably 
invite the sender to hold a seminar :-)

Enzo

On Wed, 28 Aug 1996 stewarts at ix.netcom.com wrote:

> Does anybody have a stego program along the lines of Peter Wayner's
> Mimic Functions?  I'm looking for something that you can hand a grammar
> and a set of bits that will produce sentences in the grammar,
> plus a decoder that can take the sentences and reconstruct the bits.
> I have a friend who lives in a kleptocratic country where the local
> bureaucrats have made it clear they'll confiscate the main email node
> in his town if they catch traffic they recognize as encrypted,
> and text in some non-popular language may be less obvious than, say,
> Mandelbrot sets with stego-bits or other artwork.
> 
> 
> -----
> PHB would work ok...
> http://www.unitedmedia.com/comics/dilbert/archive/dilbert960821-9577.gif
> -----
> 
> 
> #			Thanks;  Bill
> # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
> # <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!
> 





From johnhemming at mkn.co.uk  Thu Aug 29 08:24:38 1996
From: johnhemming at mkn.co.uk (John Hemming - CEO MarketNet)
Date: Thu, 29 Aug 1996 23:24:38 +0800
Subject: Hmmm MSIE V2.0
Message-ID: <1996-Aug29-122751.1>


It seems to be that MSIE V2.0 transmits its data in the clear once it has
transmitted the client hello and received the server hello SSL records
in some limited circumstance or other.

I don't know how widely this bug exists.  Neither do I know which versions
other than the French one has it.  However, if you point your version
of MSIE at

https://beta.mkn.co.uk/help/system/msie

and it indicates that the client has encryption problems.
Then you have that problem as well.  I would watch this one.

Anyone feeling like tracing the packets will find it easier to crack than
2 bit SSL. (let alone 40 bit or 128 bit).

Any thoughts?







From pstira at escape.com  Thu Aug 29 08:54:33 1996
From: pstira at escape.com (pstira at escape.com)
Date: Thu, 29 Aug 1996 23:54:33 +0800
Subject: A _REALLY_ Interesting Bet -[parallels]-
In-Reply-To: <199608290229.TAA10523@mycroft.rand.org>
Message-ID: <Pine.BSI.3.91.960829092057.14767A-100000@escape.com>


Am I the only one who is seeing more and more parallels to Brunner's book
"The Shockwave Rider" in the world?  I thought we were getting close 
enough, but this clinches it.  Welcome to the Delphi Oracle.

Enjoy your stay.

Milie
sfuze at tiac.net





From qut at netcom.com  Thu Aug 29 09:11:31 1996
From: qut at netcom.com (Dave Harman OBC)
Date: Fri, 30 Aug 1996 00:11:31 +0800
Subject: Hayek (was: Cato Institute conference on Net-regulation)
In-Reply-To: <8a0DTD20w165w@bwalk.dm.com>
Message-ID: <199608291251.FAA28208@netcom9.netcom.com>


! Senile tcmay at got.net (Timothy C. May) (fart) rants:
! 
! > At 4:26 AM 8/28/96, Dr.Dimitri Vulis KOTM wrote:
! > >Senile tcmay at got.net (Timothy C. May) rants:
! > >> Indeed, Hayek has had a _lot_ to do with the Cypherpunks! From "The Road t
! > >> Serfdom" to "Law, Legislation, and Liberty," his works have exerted a
! > >> profound influence on me, and on many others.
! > >
! > >But he's fucking unreadable.  I plan to teach economic this semester and
! > >make every student read Hazlitt (economics in 1 lesson). I can't force them
! > >to read hayek (or Rothbard) because they're fucking unreadable. Shit.
! >
! > Well, to one who inserts "(spit)" after nearly every name he cites, and
! > critiques Hayek as "fucking unreadable. Shit.," I suppose Hayek must indeed
! > seem unreadable. Shit.
! 
! Are you jealous, Tim )fart)? You're just a senile old fart, not worth my
! spittle. I make you feel better I'll put (fart) after you stupid name. Shit.
! 
! > After all, Hayek rarely writes things like: "The senile Von Mises (spit)
! > and his Sovok Cabal plotters...."
! 
! Senile Tim May (fart) exposes himself as a liar by attributing to me shit
! I've never said (Pidor Vorobiev's forgeries). Please stop polluting this
! mailing list with your lies and personal attacks.
! 
! > As to "forcing" your students to read Hayek, just who is in charge? If
! > you're the instructor, they can choose to read what you tell them to read,
! > or be unprepared on the exams you give and possibly flunk the class. What
! > part of "Required Reading" do you or your students not understand?
! 
! It's been many years since Tim May (spit) has been to college, hasn't it?
! I don't blackmail my students into doing the work they don't want to do
! by blackmailing them with grades. When I taught comp.sec., I said from the
! start that everyone gets an A, and I trust tgen to be motivated enough to
! read everything I _suggest_ they read. And they all did a great job and
! earn3d their A's.
! 
! Senile Tim May (fart) is a fucking statist asshole.
! 
! Fuck you and fuck your criminal Arm*nian grandparents.
! 
! ---
! 
! Dr.Dimitri Vulis KOTM
! Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps
Fuckhead.





From trei at process.com  Thu Aug 29 09:11:37 1996
From: trei at process.com (Peter Trei)
Date: Fri, 30 Aug 1996 00:11:37 +0800
Subject: There is no Agent Toby Tyler at the FBI [UK Observer St
Message-ID: <199608291312.GAA18305@toad.com>



Duncan Frissell <frissell at panix.com> writes:
> At 03:17 PM 8/28/96 -0700, Richard Charles Graves wrote:
> >...two different sources, both of whom are anonymous because they work for
> >competing newspapers, tell me.
> >
> >Could someone else with contacts/time to kill/attributability please confirm
> >this?
> 
> When I first saw the name, I remembered my misspent youth:
> Toby Tyler, or Ten Weeks with a Circus (1960)
> USA 1960 Color 
> Produced by Walt Disney Productions 

     Which proves little (though it is suggestive). People get names for
a variety of reasons, and before 1960, there would have been little
reason *not* to use the name. Back in the 70's I remember hearing
many reports from a news announcer at the BBC World Service named
Dick Tracy.

Peter Trei
trei at process.com





From johnhemming at mkn.co.uk  Thu Aug 29 09:19:13 1996
From: johnhemming at mkn.co.uk (John Hemming - CEO MarketNet)
Date: Fri, 30 Aug 1996 00:19:13 +0800
Subject: MSIE cryptography
Message-ID: <1996-Aug29-132502.1>


Just downloaded the most recent English Version 2.1 for Windows 3.1.
This does appear to do the same in terms of no encryption at all after
the server hello.

To be fair to Microsoft the number of cycles performed for the private key
echange is quite high.  Therefore, not having any key and not doing the
RSA calculations makes the access quite a bit faster.

The older versions (and some Win95 versions) that we have found around
seem to just crash our server.  I am not really feeling like debugging that.








From rp at rpini.com  Thu Aug 29 09:52:04 1996
From: rp at rpini.com (Remo Pini)
Date: Fri, 30 Aug 1996 00:52:04 +0800
Subject: Thoughts on CyberTerrorism {per request}
Message-ID: <9608291347.AA06964@srzts100.alcatel.ch>


-----BEGIN PGP SIGNED MESSAGE-----

To: whgiii at amaranth.com, cypherpunks at toad.com
Date: Thu Aug 29 15:45:06 1996
> The issue of cyberterrorism can be divided into 3 main parts:
> Catastrophic Terrorist Attack
> Major Criminal Attack
> Minor Hacker Attacks
 
> The CyberTerrorist
> The CyberTerrorist/Mad Scientist
> The Computer Criminal
> The Hacker

It seems that you have a very broad view as to what constitutes terrorism. 
According to you, somebody who hacks into a system is a cyberterrorist. It 
seems, that would make a burglar a real life terrorist, too.

So, to state my point: you use the word cyberterrorism in conjunction with 
ALL possible attacks on a system. Did I get that definition right? If not, 
why not?

Greetings,

Remo Pini
- ------< fate favors the prepared mind >------
Remo Pini                        rp at rpini.com
PGP:  http://www.rpini.com/crypto/crypto.html
- ----< words are what reality is made of >----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMiWe5BFhy5sz+bTpAQGf5gf+L6Mkx4rqvdvsWe84j2TzLYaeOpbO7VCe
S1Ia3EC9rByfXK71zmDCWRd7bTdmRULq297dD/Aqr7KWSEEtsBpQCLs8tGiPCV3I
S+M613ud6Uy9QXtIyw14Ao7XILijWUDU2Hdwb5xfmJ/GIIQiZyDjMVLDXABM7rgb
4d+5AP+gh6VTRNqd2LmhwcvhUoupeJ40QxlRyOJ2A4ZNT7xaS7shUPnbS5kcuSrF
z27nRmnaPkRmh3VD870OIoTRsWUOIQ9lwUkXrPdly9w8E23FyuXGPEMkW+KdUCNZ
6hI7YYsBnCJjM+aUzq3Ypt/N/iUcbPvKO4T+FtbKJHB15IbtDTUr4A==
=pg+4
-----END PGP SIGNATURE-----






From OSBORRI at msmail.northgrum.com  Thu Aug 29 10:00:02 1996
From: OSBORRI at msmail.northgrum.com (Osborne, Rick)
Date: Fri, 30 Aug 1996 01:00:02 +0800
Subject: Realtime Keyserver update
Message-ID: <3225A380@smtpmmp2.northgrum.com>



First off, let me say thank you to all of those who responded to my first 
message, I gained alot of useful information.

Mark Rogaski <wendigo at pobox.com> and I have decided to write up a RFC on it 
and are going through the initial stages of deciding on its functionality. 
 We would appreciate any and all useful input on the subject.  All ideas are 
welcome.

You can email my autoresponder (at this same address) to get the latest 
information on what we've decided.  Just make the subject GET KEYSERVER INFO 
for the response.

Thank you for your interest and help.
Rick Osborne






From root at HellSpawn  Thu Aug 29 10:00:39 1996
From: root at HellSpawn (Damien Lucifer)
Date: Fri, 30 Aug 1996 01:00:39 +0800
Subject: List owner named in law suit (fwd)
Message-ID: <Pine.LNX.3.91.960829095059.6013A-100000@HellSpawn>


---------- Forwarded message ----------
Date: Wed, 28 Aug 1996 16:52:36 -0400 (EDT)
From: Clay Irving <clay at panix.com>
Subject: List owner named in law suit

I can't believe this one!

Peter Laws, a recent graduate of the University of Arkansas, maintains
an
electronic mailing list called "SCAN-L". The list is provided for
radio
scanning enthusiasts. There are a few hundred subscribers to the list.
Recently, in a thread about scanning publications, an employee of
publication
"A" apparently wrote something to offend someone at publication "B".
Lo and
behold, next thing you know, Peter is named in a lawsuit because he is
the
maintainer of the list.

Something seems very, very wrong with this. I've never heard of
anything 
like this before. Can a Email list maintainer be held liable for
something
someone else writes?

Peter *just* graduated, and he needs all the help he can get. Thanks,
in
advance.

-- 
Clay Irving N2VKG 
clay at panix.com
http://www.panix.com/~clay/









From trei at process.com  Thu Aug 29 10:17:22 1996
From: trei at process.com (Peter Trei)
Date: Fri, 30 Aug 1996 01:17:22 +0800
Subject: MSIE cryptography
Message-ID: <199608291427.HAA18951@toad.com>


John Hemming - CEO MarketNet"  <johnhemming at mkn.co.uk> writes:

> Just downloaded the most recent English Version 2.1 for Windows 3.1.
> This does appear to do the same in terms of no encryption at all after
> the server hello.
> 
> To be fair to Microsoft the number of cycles performed for the private key
> echange is quite high.  Therefore, not having any key and not doing the
> RSA calculations makes the access quite a bit faster.
> 
> The older versions (and some Win95 versions) that we have found around
> seem to just crash our server.  I am not really feeling like debugging that.

I understand that some versions of MSIE support SSL level 3. SSL3 includes a
capability to switch 'cipher suites' in mid-session, or pick one at the start of the
session. One of the standard cipher suites performs authentication, but not 
encryption. This is consistant with your description.

Please ensure that the server you are connecting to is not configured for
authenticate-only. It would be a pity to raise a big ruckus over what may be
just a mis-configured server.

Peter Trei
trei at process.com







From reagle at rpcp.mit.edu  Thu Aug 29 10:33:55 1996
From: reagle at rpcp.mit.edu (Joseph M. Reagle Jr.)
Date: Fri, 30 Aug 1996 01:33:55 +0800
Subject: Small German bank claims first with online service
Message-ID: <2.2.32.19960829141734.00746308@206.33.128.129>


		 
>	 FRANKFURT, Aug 28 (Reuter) - German private bank Gries &  
>Heissel Bankiers on Wednesday launched an Internet banking 
>service -- the first comprehensive service of its kind in a 
>country where online bank options are gradually taking off. 
>	 The small Berlin-based bank linked up with U.S. computer  
>firm Hewlett Packard Co to develop the system, which Internet 
>users can access using a high-security personal code. 
>	 Clients will be able to view detailed balances on their  
>deposit, current and securities accounts and transact all normal 
>banking business on the World Wide Web. 
>	 Although online banking is a developing trend on the German  
>financial services market, larger banks with far broader 
>customer bases are working on more selective Internet packages. 
>	 Thomas Gries, one of Gries & Heissel's personally-liable  
>directors, said he regarded Internet banking as a logical 
>supplement to the bank's existing services. 
>	 ``We have had an Internet home page since October 1995. This  
>move from a pure information medium to an interactive one was a 
>logical one,'' Gries said. 
>	 Banking officials attending the CEBIT electronics conference  
>in Hanover this week said German online banking business was 
>poised to grow dramatically. 
>   ``In the next six months, five to ten German banks will be on  
>the Internet,'' said Stefan Schoeller, board member at Bayerische 
>Vereinsbank AG unit Vereins- und West Bank. 
>	 Vereinsbank plans to launch Internet services within about  
>six months via its Advance Bank direct unit, pending a review of 
>security options. 
>	 Rival discount broker Direkt Anlage Bank, a unit of  
>Bayerische Hypotheken- und Wechsel Bank AG, on Tuesday launched 
>an Internet service for its securities account holders at half 
>the cost of its telephone banking service. 
>	 Meanwhile market leader Deutsche Bank AG is to test  
>electronic cash on the Internet this autumn in a joint 
>initiative with Dutch electronic payments group Digicash NV. 
>	 Vereinsbank officials at CEBIT said they planned a steady  
>expansion of the bank's online options over the coming years, 
>predicting 10 to 15 percent of its current account clients would 
>be online by the year 2000. Around 12 million Germans would rely 
>on home banking by that date, the bank predicted. 
>	 At the moment, around 3.7 percent of the bank's clients, or  
>45,000 individuals, handle their banking via PC alone, Stefan 
>Schoeller said. 
>	 Hewlett-Packard's German sales manager Michael Lindner said  
>his company, which last year helped set up the world's first 
>Internet bank, Security First Network Bank, had spoken to 
>several other German banks about some kind of Internet venture. 
>	 ``We certainly do not plan to limit our involvement to a  
>small exclusive bank,'' he said. 
>	 Lindner said there were about two million Internet users in  
>Germany and 35 million worldwide. He admitted that the amount of 
>bank business transacted on the Net -- about $200 million -- was 
>``very limited'' but predicted a dramatic rise in volume. 
>	 Vereinsbank's Schoeller said the cost advantage alone made  
>it worthwhile for customers to go online. A normal current 
>account incurred charges of 8.40 marks a month, while the same 
>account online would cost just 5.40 marks, he said. 
>	 All banks are stressing the security of the Internet.  
>  	   	
>
>
_______________________
Regards,            Boredom is the feeling that everything is a waste of time; 
                    serenity, that nothing is. -Thomas Szasz
Joseph  Reagle      http://rpcp.mit.edu/~reagle/home.html
reagle at mit.edu      E0 D5 B2 05 B6 12 DA 65  BE 4D E3 C1 6A 66 25 4E






From adam at homeport.org  Thu Aug 29 10:35:22 1996
From: adam at homeport.org (Adam Shostack)
Date: Fri, 30 Aug 1996 01:35:22 +0800
Subject: Code Review Guidelines (draft)
In-Reply-To: <199608271620.LAA10933@manifold.algebra.com>
Message-ID: <199608291548.KAA07041@homeport.org>


Igor, and many others who commented on the fact that many characters
are legal in email are correct.  However, with the exception of '-'
and '+', I'm not sure if I'll be changing the body of the guidelines.
My issue is that dealing with a wide variety of characters that are
legitamate, such as "cat ../../../etc/passwd"@foo.com is more
dangerous than only accepting the common case of user at host.net.

The number of addresses such as harvard!adam is dropping as the number
of 'normal' addresses grows.


Igor Chudov @ home wrote:
| Adam Shostack wrote:
| > http://www.homeport.org/~adam/review.html

| In part " V.Code (Security Issues)/3.Data Checking" you say the following:
| 
| `` Data coming in to Acme Widgets should be checked very carefully for
|         appropriateness. This check should be to see if the data is what
|         is expected (length, characters). Making a list of bad
|         characters is not the way to go; the lists are rarely complete.
|         A secure program should know what it expects, and reject other
|         input. (For example, if you are looking for an email address,
|         don't check to see if it contains a semi-colon or a newline,
|         check to see if it contains anything other than a [A-Za-z0-9._]
|         followed by an @, followed by a hostname [A-Za-z0-9._].)''
| END QUOTE
| 
| That is not entirely correct. An email address is much more than
| that, it can contain "!", several "@" characters (not next to each other
| though), "%", and so on. x400 mail addresses (?) can contain "/", "=",
| and all emails can have "+" and "-" and "_" in them. 
| 
| Some of the valid email addresses are
| 
| user_name at company.com
| alex+ at pitt.edu
| mi%aldan.UUCP at algebra.com
| user%host.domain at anon.penet.fi
| host1!host2!user
| 
| Look at your sendmail.cf file for a humongous amount of 
| email parsing rules.
| 
| Thanks for an excellent document though, I put a link to it from my
| intranet page.

	You're welcome.

| 	- Igor "Code Obscurity Creates Job Security" Chudov.
| 

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From perry at piermont.com  Thu Aug 29 10:36:13 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 30 Aug 1996 01:36:13 +0800
Subject: Desubscribe
In-Reply-To: <960829074816_512217624@emout15.mail.aol.com>
Message-ID: <199608291436.KAA02444@jekyll.piermont.com>



MrAdvent at aol.com writes:
> I would like you to desubscribe me from you mailing list

I refuse.

.pm





From johnhemming at mkn.co.uk  Thu Aug 29 11:00:15 1996
From: johnhemming at mkn.co.uk (John Hemming - CEO MarketNet)
Date: Fri, 30 Aug 1996 02:00:15 +0800
Subject: MSIE cryptography
Message-ID: <1996-Aug29-150212.1>


>> Just downloaded the most recent English Version 2.1 for Windows 3.1.
>> This does appear to do the same in terms of no encryption at all after
>> the server hello.
>I understand that some versions of MSIE support SSL level 3. SSL3 includes a
>capability to switch 'cipher suites' in mid-session, or pick one at the start of the
>session. One of the standard cipher suites performs authentication, but not 
>encryption. This is consistant with your description.

>Please ensure that the server you are connecting to is not configured for
>authenticate-only. It would be a pity to raise a big ruckus over what may be
>just a mis-configured server.

The server is one which interoperates correctly with Netscape and my
own routines.  It does strike me that this change is potentially the source of 
the bug.  However, to have a "locked" symbol on the bottom right hand
of the display would indicate to me as a user that a secure session has 
occurred.

For SSL devotees the records sent are:

1.  Client hello (from the client)
2.  Server hello (from the server).
3.  Plaintext data packaged up in SSL records from the client.
4.  The client then accepts plaintext data packaged up in SSL records.

SERVER_VERSION_MSB and
SERVER_VERSION_LSB 
indicate version 2 of SSL.

I have not changed the code in any way to deal with version 3 of
SSL making I think the valid presumption that browsers using 3 and
2 should be able to cope with a server using 2.

I shall reboot my system, trace a bit of a session and post that.









From johnhemming at mkn.co.uk  Thu Aug 29 11:14:30 1996
From: johnhemming at mkn.co.uk (John Hemming - CEO MarketNet)
Date: Fri, 30 Aug 1996 02:14:30 +0800
Subject: MSIE cryptography
Message-ID: <1996-Aug29-152004.1>


For the real SSL devotees here are the first three transmissions.

Client Hello
  16.8 1025->443 seq 00000001 ack 00000001 PSH ACK  wind 4096 data 30
80 1C 01 00 02 00 03 00 00 00 10 02 00 80 69 AE
0E F0 FA 2E 01 63 BC 59 AF 0F 1C C1 B1 7B

  16.8 443->1025 seq 00000001 ack 0000001F PSH ACK  wind 5640 data 590
Server Hello
82 4C 04 00 01 00 02 02 2E 00 03 00 10 (cert starts) 30 82 02
2A 30 82 01 93 02 05 26 FB 85 54 3F 30 0D 06 09
big snip of server hello (of the certificate)
CC 1F BC A8 9C D7 47 41 D2 33 27 (cert has ended) 02 00 80 4A E7
13 36 E4 4B F9 BF 79 D2 75 2E 23 48 18 A5

  16.9 1025->443 seq 0000001F ack 0000024F PSH ACK  wind 4096 data 333
Client Master Key should be here, but instead we get
81 4B 47 45 54 20 2F 20 48 54 54 50 2F 31 2E 30
          G   E   T   sp  /  sp  H   T  T  P  /    1   .     0

0D 0A 41 63 63 65 70 74 3A 20 2A 2F 2A 2C 20 71


Server Hello
82 4C 04 00 01 00 02 02 2E 00 03 00 10 (cert starts) 30 82 02
82 4C - SSL RECORD 
04 - Server Hello
00 - Session ID Hit (no prior session)
01 - Certificate Type
00 - Server Version MSB 
02 - Server Verson LSB  (ie server version of SSL is 2)
02 2E - Certificate length (mainly snipped)
00 03 - Cipher specs length
00 10 - Connection ID length


I think the probability is that the unusual circumstance that causes
what seems clear to me as an error is that the cert is signed by
a CA other than Verisign.

Essentially, however, I do not think it is right for a program to display a
locked key regardless of any other issues if the data being transferred
is not encrypted.








From adam at homeport.org  Thu Aug 29 11:23:57 1996
From: adam at homeport.org (Adam Shostack)
Date: Fri, 30 Aug 1996 02:23:57 +0800
Subject: Code Review Guidelines (draft)
In-Reply-To: <m0uvZT1-0004kIC@lina>
Message-ID: <199608291601.LAA07092@homeport.org>


Bernd Eckenfels wrote:

| >     Much better, look at rfc822.  (I wouldn't consider *anything* that
| > has the word "sendmail" in it a good reference).
| 
| its much better if you dont rely on the content of the string at all. Dont
| use sh -c or system and you will be save. Simply asume that all characters
| are valid in user suplied strings and treat them exactly that way... If they
| need to be exporeted then unfortunately they need to be 'untainted' and this
| should be done by positive not negative lists as mentioned in the
| guidelines.

	Not passing untainted data to system is clearly a very good
idea.

	Less clear is how much other parsing should be done.  I like
extreme parsing (when its cheap; as Marcus Watts pointed out,
verifying remote hostnames & usernames can be expensive).  If you
don't strongly verify data on the way in, it can get to other places
not so careful about its contents.  This is why I chose to recommend
against accepting a wide variety of legit email address formats;
because they will be passed back to a database that assumes that the
addresses have been sanitized, and are in user at foo.net format, and not
treat them with the care they deserve.

	In an ideal world, programmers would be careful with the data
they get, but we don't live in an ideal world.  I choose to suggest
paranoia over inclusiveness, but am adding an appendix discussing
issues of mail addressing.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From Robb at SpeakOut.org  Thu Aug 29 11:37:08 1996
From: Robb at SpeakOut.org (Robb Hill)
Date: Fri, 30 Aug 1996 02:37:08 +0800
Subject: Stego Virus
Message-ID: <v01540b00ae4b7512cc3d@[206.66.171.67]>


For a virus (a program) embedded in a .gif file to affect you, it would
have to unsteg and then run.  Just dont run it it you unsteg it.


Robb Hill
National Association for Home Care
228 7th Street SE
Washington DC 20003

202-547-7424
202-547-9312 fax
robb at speakout.org







From adam at homeport.org  Thu Aug 29 11:43:31 1996
From: adam at homeport.org (Adam Shostack)
Date: Fri, 30 Aug 1996 02:43:31 +0800
Subject: Code Review Guidelines (draft)
In-Reply-To: <199608291458.JAA28369@manifold.algebra.com>
Message-ID: <199608291624.LAA07221@homeport.org>


Igor Chudov @ home wrote:

| The decision that have just made is not a technical decision, it is 
| a business decision. You just decided that the needs of security 
| outweight the need to be able to deal with 100% of potential customers.

	You're mostly right.  (I happen to know that we're expecting
all customers to have IP based connectivity for the suite of
applications these guidelines are being written for, but you're right
that this is a business decision).

| For example, suppose that you wrote your report for Gizmo International, 
| a company that sells a variety of widgets and gadgets to users in the
| world. Their current setup is that the users can visit www.gizmo.com
| and ask the server to send them notifications about new products.
| 
| Based on your report's suggestions, Gizmo will have to cut off
| all users with x.400 mail addresses, all UUCP users with bangs in their
| addresses, all people with funky addresses provided by SPRINT, 
| and so on. For example, my moderation bot received a message
| from the following person:
| 
| From: /G=JAMBYL/S=KIWANIS/O=CUSTOMER/ADMD=KAZMAIL/C=KZ/@gateway.sprint.com
| 
| (my eyes just popped when I saw such address)
| 
| There are a lot of international people using this sprint gateway.
| 
| This would potentially represent a loss of s significant number of 
| customers who will be bitching about gizmo.com to all their friends.
| This is a bad decision from the marketing standpoint.
| 
| I see this as a compelling reason to allow all possible email addresses
| to be processed correctly, even if it means that there is more work
| for code proofreading. At least the management responsible for
| marketing must understand and approve your email handling guidelines. A
| computer programmer cannot make such decisions himself.

	You're again correct; the document is undergoing review
internally.  May I have permission to quote you?  I'm a big advocate
of open debate when things are in a draft stage.

	Also, there are issues of what happens if an unusual address
gets past the firewall and mishandled by some legacy code.

Adam

| igor
| 
| 
| Adam Shostack wrote:
| > 
| > Igor, and many others who commented on the fact that many characters
| > are legal in email are correct.  However, with the exception of '-'
| > and '+', I'm not sure if I'll be changing the body of the guidelines.
| > My issue is that dealing with a wide variety of characters that are
| > legitamate, such as "cat ../../../etc/passwd"@foo.com is more
| > dangerous than only accepting the common case of user at host.net.
| > 
| > The number of addresses such as harvard!adam is dropping as the number
| > of 'normal' addresses grows.
| > 
| > 
| > Igor Chudov @ home wrote:
| > | Adam Shostack wrote:
| > | > http://www.homeport.org/~adam/review.html
| > 
| > | In part " V.Code (Security Issues)/3.Data Checking" you say the following:
| > | 
| > | `` Data coming in to Acme Widgets should be checked very carefully for
| > |         appropriateness. This check should be to see if the data is what
| > |         is expected (length, characters). Making a list of bad
| > |         characters is not the way to go; the lists are rarely complete.
| > |         A secure program should know what it expects, and reject other
| > |         input. (For example, if you are looking for an email address,
| > |         don't check to see if it contains a semi-colon or a newline,
| > |         check to see if it contains anything other than a [A-Za-z0-9._]
| > |         followed by an @, followed by a hostname [A-Za-z0-9._].)''
| > | END QUOTE
| > | 
| > | That is not entirely correct. An email address is much more than
| > | that, it can contain "!", several "@" characters (not next to each other
| > | though), "%", and so on. x400 mail addresses (?) can contain "/", "=",
| > | and all emails can have "+" and "-" and "_" in them. 
| > | 
| > | Some of the valid email addresses are
| > | 
| > | user_name at company.com
| > | alex+ at pitt.edu
| > | mi%aldan.UUCP at algebra.com
| > | user%host.domain at anon.penet.fi
| > | host1!host2!user
| > | 
| > | Look at your sendmail.cf file for a humongous amount of 
| > | email parsing rules.
| > | 
| > | Thanks for an excellent document though, I put a link to it from my
| > | intranet page.
| > 
| > 	You're welcome.
| > 
| > | 	- Igor "Code Obscurity Creates Job Security" Chudov.
| > | 
| > 
| > Adam
| > 
| > -- 
| > "It is seldom that liberty of any kind is lost all at once."
| > 					               -Hume
| > 
| 
| 
| 
| 	- Igor.
| 


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From robbhill at southwestpaper.com  Thu Aug 29 11:44:49 1996
From: robbhill at southwestpaper.com (Robb Hill)
Date: Fri, 30 Aug 1996 02:44:49 +0800
Subject: see you guys later
Message-ID: <v01540b02ae4b77865fbf@[206.66.171.67]>


This list used to focus on privacy issues, crypto protocols, algorithms,
national crypto policy, etc.  I saw the Netscape cracks announced here, I
saw squeamish ossifrage here, now I see nothing of the sort.  Now I see
that people are discussing heckling the pres., black helicopters???.  I
have heard Phil Zimmerman frequently call Paul Zimmerman.

See you guys later.


Robb Hill
National Association for Home Care
228 7th Street SE
Washington DC 20003

202-547-7424
202-547-9312 fax
robb at speakout.org







From ericm at lne.com  Thu Aug 29 11:54:34 1996
From: ericm at lne.com (Eric Murray)
Date: Fri, 30 Aug 1996 02:54:34 +0800
Subject: MSIE cryptography
In-Reply-To: <199608291427.HAA18951@toad.com>
Message-ID: <199608291536.IAA31494@slack.lne.com>


Peter Trei writes:
> 
> John Hemming - CEO MarketNet"  <johnhemming at mkn.co.uk> writes:
> 
> > Just downloaded the most recent English Version 2.1 for Windows 3.1.
> > This does appear to do the same in terms of no encryption at all after
> > the server hello.
[..]

 
> I understand that some versions of MSIE support SSL level 3. SSL3 includes a
> capability to switch 'cipher suites' in mid-session, or pick one at the start of the
> session. One of the standard cipher suites performs authentication, but not 
> encryption. This is consistant with your description.
> 
> Please ensure that the server you are connecting to is not configured for
> authenticate-only. It would be a pity to raise a big ruckus over what may be
> just a mis-configured server.

In addition, encryption isn't performed until after the ClientFinished
and ServerFinished messages, no matter which CipherSuites are negotiated.


I don't know what MSIE looks like, but I'd guess that somewhere in
it there is a screen similar to Netscape's for configuring SSL.
In Netscape you can select which CipherSuites to use, including
"No encryption with an MD5 MAC".  If you turn off the "No encryption.."
CipherSuites in MSIE, you should get an encrypted connection.

-- 
Eric Murray  ericm at lne.com  ericm at motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF





From ichudov at algebra.com  Thu Aug 29 11:55:56 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Fri, 30 Aug 1996 02:55:56 +0800
Subject: Code Review Guidelines (draft)
In-Reply-To: <199608291548.KAA07041@homeport.org>
Message-ID: <199608291458.JAA28369@manifold.algebra.com>


Adam,

The decision that have just made is not a technical decision, it is 
a business decision. You just decided that the needs of security 
outweight the need to be able to deal with 100% of potential customers.

For example, suppose that you wrote your report for Gizmo International, 
a company that sells a variety of widgets and gadgets to users in the
world. Their current setup is that the users can visit www.gizmo.com
and ask the server to send them notifications about new products.

Based on your report's suggestions, Gizmo will have to cut off
all users with x.400 mail addresses, all UUCP users with bangs in their
addresses, all people with funky addresses provided by SPRINT, 
and so on. For example, my moderation bot received a message
from the following person:

From: /G=JAMBYL/S=KIWANIS/O=CUSTOMER/ADMD=KAZMAIL/C=KZ/@gateway.sprint.com

(my eyes just popped when I saw such address)

There are a lot of international people using this sprint gateway.

This would potentially represent a loss of s significant number of 
customers who will be bitching about gizmo.com to all their friends.
This is a bad decision from the marketing standpoint.

I see this as a compelling reason to allow all possible email addresses
to be processed correctly, even if it means that there is more work
for code proofreading. At least the management responsible for
marketing must understand and approve your email handling guidelines. A
computer programmer cannot make such decisions himself.

igor


Adam Shostack wrote:
> 
> Igor, and many others who commented on the fact that many characters
> are legal in email are correct.  However, with the exception of '-'
> and '+', I'm not sure if I'll be changing the body of the guidelines.
> My issue is that dealing with a wide variety of characters that are
> legitamate, such as "cat ../../../etc/passwd"@foo.com is more
> dangerous than only accepting the common case of user at host.net.
> 
> The number of addresses such as harvard!adam is dropping as the number
> of 'normal' addresses grows.
> 
> 
> Igor Chudov @ home wrote:
> | Adam Shostack wrote:
> | > http://www.homeport.org/~adam/review.html
> 
> | In part " V.Code (Security Issues)/3.Data Checking" you say the following:
> | 
> | `` Data coming in to Acme Widgets should be checked very carefully for
> |         appropriateness. This check should be to see if the data is what
> |         is expected (length, characters). Making a list of bad
> |         characters is not the way to go; the lists are rarely complete.
> |         A secure program should know what it expects, and reject other
> |         input. (For example, if you are looking for an email address,
> |         don't check to see if it contains a semi-colon or a newline,
> |         check to see if it contains anything other than a [A-Za-z0-9._]
> |         followed by an @, followed by a hostname [A-Za-z0-9._].)''
> | END QUOTE
> | 
> | That is not entirely correct. An email address is much more than
> | that, it can contain "!", several "@" characters (not next to each other
> | though), "%", and so on. x400 mail addresses (?) can contain "/", "=",
> | and all emails can have "+" and "-" and "_" in them. 
> | 
> | Some of the valid email addresses are
> | 
> | user_name at company.com
> | alex+ at pitt.edu
> | mi%aldan.UUCP at algebra.com
> | user%host.domain at anon.penet.fi
> | host1!host2!user
> | 
> | Look at your sendmail.cf file for a humongous amount of 
> | email parsing rules.
> | 
> | Thanks for an excellent document though, I put a link to it from my
> | intranet page.
> 
> 	You're welcome.
> 
> | 	- Igor "Code Obscurity Creates Job Security" Chudov.
> | 
> 
> Adam
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume
> 



	- Igor.





From qut at netcom.com  Thu Aug 29 12:24:58 1996
From: qut at netcom.com (Dave Harman OBC)
Date: Fri, 30 Aug 1996 03:24:58 +0800
Subject: Anti-Racist Laws Stifle Political Liberty
Message-ID: <199608291601.JAA14884@netcom9.netcom.com>


llurch at stanford.edu (Rich Graves) writes:

> Incidentally, [don't college speech codes] belong in the past
> tense? Stanford hardly lifted a finger to defend the Grey
> Amendment, which was designed and widely regarded to be the most
> carefully tailored speech code around. I don't know of any
> universities that have tried to enact a speech code since. The
> attempt would be futile. (Background: Grey applied only to
> "fighting words" directed at individuals. It was fine, under the
> [overturned] Stanford policy [which I voted against], to create a
> "hostile environment" by screaming hostile verbiage at nobody in
> particular; but you couldn't say the same thing to someone's face.)

The mere lack of enforcement of an unjust law does not justify the 
continued extancy of that law.  That very "dead letter" law can be fired 
up at any time to harass critics of the university's anti-racist 
administration.

Some examples of dangerous dead letter laws:

* Abortion

Most people presume that abortion is legal in the USA, wrong.  
Most states make abortion very illegal, our whole abortion freedom as 
currently exists rests entirely on a few federal court decisions.  If 
the previous Supreme Court decisions are overturned, most states will 
suddenly start enforcing their fascist anti-abortion laws.

* Hate Crime

Denmark used to be presumed by racists to be the only country in Europe 
where racism was legal.  Denmark's anti-racist laws were not enforced in 
ages.  Yet, the anti-racist laws sprung into action to persecute Gerhard 
Lauck, an American Nazi who desired to move to Denmark on the account of 
a provocateur that his organization would not be harrassed in Denmark.
Mr. Lauck was deported to Germany where he was sentenced to four years in 
prison to the outrage of professional anti-racists of the "moderation" of 
his punishment for merely speaking in pro-Nazi terms in Germany, where 
politics that challenge the ruling order is strictly illegal.

* Racism In Other Countries

Racist politics are explicitly illegal in every "white country" in the 
world except, so far, the USA.  The mere lack of enforcement in many of the 
countries such as South Africa, Canada, Denmark, Russian Federation, 
Malaysia, Australia, etc., does not exonerate that country from the 
charge of censorship as political intrigue.

* "We Will Take Power"

A lot of fake anti-censorship activists insist they are for free speech 
in the sense of allowing such political purposes as "we don't like your 
policies and we want you to change," but desiring to make illegal such 
political goals as "we don't like your power and we're going to try to 
take it away from you."  Yet there is no purpose, no purpose whatsoever 
in political speech, if there is no threat allowed to the ruling order 
expressed in idealogical terms and organizational forms.  Thomas 
Jefferson, Thomas Paine and all the nationalist founders of the American 
nation would approve of radicals organizing and expressing their goals of 
seizing power legally, or if denied the means of a republic for 
succession, illegally. 

* Unfree Nations

Germany is an example of a nation that prohibits any type of Nazi 
political party.  Therefore, Germany is not a free country, not an honest 
republic, in fact, less free even than Wilhelmian Germany in allowing 
radical parties to challenge the power structure.


--
I marvel at the resilience of the white people.
Their best characteristic is their desire to learn.
No other people has such an obsession with the intellect.





From tcmay at got.net  Thu Aug 29 13:20:55 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 30 Aug 1996 04:20:55 +0800
Subject: MUD anyone?
Message-ID: <ae4b16e901021004256d@[205.199.118.202]>



I second many of the comments about the difficulties in coding a reasonably
plausible game or MUD for exploring list ideas.

Just about four years ago exactly, at the first meeting of what was to
become the Cypherpunks group, we "played" the "Crypto Anarchy Game." Based
solely on paper tokens, like Monopoly, the idea was to introduce people to
concepts like digital money, anonymous remailers, information markets, and
so on. Sealed envelopes represented remailed messages, with "mixing" done
by hand.

Lots of imperfections, lots of stalls and dead ends, lots of confusion.
Protocols were imperfectly enforced, messages got lost (literally "dropped
on the floor"), and the game eventually ended in laughter, confusion, and
silliness. But it was deemed useful by most present, as it made more real
the abstractions talked about in the morning session.

Coding nearly any of the core cryptographic concepts for use in an online
game, even without a real crypto core (e.g., using other trust mechanisms)
is likely to be almost as big a job as actually coding the concepts for
real-world use. Could be very educational, and a useful dry run for later
real-world reification of concepts, but by no means easy.

I'm not trying to discourage anyone. Go for it! But it's a _big_ project.

And as Jim Bell noted, there are all sorts of costs which are not properly
accounted for. I would not, for example, expect anything interesting to
emerge out of the simulation of "assassination politics" in such a game, as
the costs, dangers, moral issues, and whatnot are not properly
accounted-for in such a MUD-type simulation. (No more so than in a fantasy
role-playing game, where characters die routinely...)

And as a last note, we had a couple of "hits" bought anonymously back then,
during the game, in '92.

(Hint: One doesn't need a Bell-style infrastructure for bidding on the
death of politicians to raise the money for a hit....many interested
parties would surely pay the $5000 (or less, say some) to buy a hit if the
risks were lowered. And to paraphrase Bell, "I know a way to lower the
risks.")

--Tim May


We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From nobody at zifi.genetics.utah.edu  Thu Aug 29 13:21:28 1996
From: nobody at zifi.genetics.utah.edu (Anonymous)
Date: Fri, 30 Aug 1996 04:21:28 +0800
Subject: A _REALLY_ Interesting Bet [2]
Message-ID: <199608291709.LAA07068@zifi.genetics.utah.edu>


Jim Gillogly <jim at ACM.ORG> wrote:

<snip>

>Idea Futures is dead, and the torch has passed to Foresight Exchange (FX),
>which is at http://www.ideosphere.com/ideosphere/ .  You can bet on a number
>of political issues (US and other), though not (yet) for real money.

IMO, a good cypherpunk goal would be to get that "yet" in, with Chaum's
Digicash, before the election. Perhaps Mr. Cate has some ideas in this
regard...;) When talking to lawyers one finds the justification for the
prohibition to be something like, "it would demean the process." IMNSHO,
the nest has already been soiled, and the only effect would be to kill
the unwanted phonecalls around suppertime, as I said before. The media
would eventually flock to the more-accurate poll, even if it involved
the dreaded crass freemarket capitalism of people willingly gambling.

<snip>

>This doesn't track the polls, which typically ask who the potential voter
>would vote for rather than who they think will win the election.

Indeed. Also, a prominent candidate (this time) told devotees (last time)
to give wrong answers to pollsters when called. While it's still possible,
this behavior is much less likely with real money (though with his kinda
dough, distortions would be possible for him -- & profitable for others).

>Other issues:
>
>Percentage of popular vote to Dem candidate: 47
>"               "             Rep    "     : 44
>"               "             Other  "     : 12
>
>Note that there may be an opportunity for arbitrage when numbers don't add
>up to 100;

Last time there was supposedly an arbitrage opportunity between odds in
Moscow and those in London [Now THAT'S my kind of bet;) -- I can't lose]
according to a W$J article on the subject from years ago. 20 minutes on
Alta Vista this morning reveals nothing like this available, Ladbroke's
links are hardly there, and I don't know the names of any other bookies
in London, or any at all in Moscow. The closest thing was a (braindead)
"George" magazine article and a few sites lamenting the lack of possible
Presidential gambling. AV didn't even reveal the confusing US university
site where some gambling is (or was) going on. Perhaps English c-punks
can help us on the odds for all candidates, including the longshots. I
think publicity from freeing up this information might be more favorable
than publicity about things like porn or Assasination Politics, and the
process of setting up a site that reveals the odds in semi-realtime from
London/Moscow should not be too difficult, especially if actual gambling
is not conducted on the site.









From bkmarsh at feist.com  Thu Aug 29 13:24:30 1996
From: bkmarsh at feist.com (Bruce M.)
Date: Fri, 30 Aug 1996 04:24:30 +0800
Subject: In reference to comments made to me and to the Group
In-Reply-To: <199608290618.XAA12301@mom.hooked.net>
Message-ID: <Pine.BSI.3.91.960829122154.25708A-100000@wichita.fn.net>


On Wed, 28 Aug 1996, Institute for Security and Intelligence wrote:

> I'm not looking for opinions on politicians, the government, etc., 
> nor do  I care what you think of me or my views.  However, if you can 
> put  some _solid_ thoughts into bullet items, or any other format you 
> deem useful, perhaps we can move forward.
> 
> Ideas.  Actions.  No commentary, raves, rants, flames, or other bandwidth wasters.
> 
> Let's see what we come up with.

    So what you're saying is that you now realize what a bunch of garbage 
you were spouting and want people to let you know the facts?

                       ________________________________
                      [ Bruce M. - Feist Systems, Inc. ]
                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     "Official estimates show that more than 120 countries have or are 
      developing [information warfare] capabilities." -GAO/AIMD-96-84
                         So, what is your excuse now?






From tcmay at got.net  Thu Aug 29 13:37:33 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 30 Aug 1996 04:37:33 +0800
Subject: "Undocumented Features"
Message-ID: <ae4b14ea00021004ad67@[205.199.118.202]>


At 4:21 AM 8/29/96, Adamsc wrote:
>>> >looks like the DoJ have been looking around at the mirrors.. maybe to
>>> >legally hassle people about them....
>
>>> Or, just maybe, some DoJ employees wanted to see what folks on the outside
>>> were doing to tweek their bosses:-)? Reminds me of the *thousands* of hits
>>> the "Intel Secrets Page"(http://www.x86.org/) has gotten from users at
>>> intel.com
>
>Out of curiosity, has anyone used a decompiler to check if any of the
>undocumented stuff is getting used in shipping programs?

This has only marginal relevance to the list, but I'll mention in case it
helps a crypto coder out there: be wary of _ever_ using undocumented
features of a processor, compiler, or other system.

Why? Because "undocumented features" are not promises made by the vendor,
and may vanish in the next release (or, worse, change behavior in strange
and hard-to-detect ways).

We witnessed this several times at Intel with the x86 line. Various
customers discovered "undocumented features," made the mistake of
exploiting them, and then came crying to us when iterations of the
processor (what we call "steppings") took out the "features" or altered
their behavior. (And for a while there was even a rift between the Intel
versions and the NEC versions, which copied some Intel processors and
copied the undocumented features....when Intel was no longer supporting
them, the two processor families diverged, causing chaos.)

So, beware.

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From acain at ncsa.uiuc.edu  Thu Aug 29 14:12:38 1996
From: acain at ncsa.uiuc.edu (Adam Cain)
Date: Fri, 30 Aug 1996 05:12:38 +0800
Subject: Announce: NCSA HTTPd 1.6b1 and XMosaic 2.6s_b1
Message-ID: <9608291727.AA20511@void.ncsa.uiuc.edu>



Hiya!

This is to announce the availability of NCSA HTTPd version 1.6b1.
It is accompanied by a version of XMosaic (2.6s_b1) which can be 
used for testing the security features.

To participate in the beta testing effort, please see

   http://hoohoo.ncsa.uiuc.edu/beta-1.6/


What's New:
----------

The main difference between 1.6b1 and 1.5.2 is the addition of
support for the following security protocols:

-- Secure-HTTP (version 1.1)
-- SSL versions 2.0 and 3.0

XMosaic 2.6s_b1 supports these protocols as well.


Motivation:
----------

We recognize that there are many fine web servers availble on the 
Internet, some even for free.  In releasing NCSA HTTPd 1.6b1, we are 
niether trying to 'outdo' other server development efforts, nor are we 
expecting to provide a server which will meet all possible needs.  
Rather, we wish to follow through on our commitment to making novel 
features available for experimentation and testing.  The capability
of performing digital signature-based authentication (via S-HTTP in
1.6b1) is an example of a feature we see lacking in the Web today.


Obtaining HTTPd 1.6b1:
-----------------------

Currently, HTTPd 1.6b1 is available in binary form to registered,
domestic users.  An exportable version will be available eventually,
and we will announce its availability by the same means.  To register
for beta testing 1.6b1, please go to the URL given above, and select 
the "register here" link after reading the page.

The documentation (under construction) for this release is available at

   http://hoohoo.ncsa.uiuc.edu/docs-1.6/

The HyperNews page (good for bug reports, questions, discussion) is at

   http://union.ncsa.uiuc.edu/HyperNews/get/www/ncsa-httpd/1.6/beta.html

Administrative requests may be directed to httpd-beta at ncsa.uiuc.edu.


Thanks,

	Adam Cain
	acain at ncsa.uiuc.edu





From jbugden at smtplink.alis.ca  Thu Aug 29 14:12:52 1996
From: jbugden at smtplink.alis.ca (jbugden at smtplink.alis.ca)
Date: Fri, 30 Aug 1996 05:12:52 +0800
Subject: Desubscribe
Message-ID: <9607298413.AA841352799@smtplink.alis.ca>



perry at piermont.com wrote:
>MrAdvent at aol.com writes:
>> I would like you to desubscribe me from you mailing list
>
>I refuse.
>
>.pm

Lets face it. It's not a lack of volition, it is a lack of ability. Perry
couldn't desubscribe MrAdvent at aol.com even if he wanted to.

I can't unsubscribe myself even when I follow the instructions.

When I send an e-mail, the header contains two equivalent addresses:
jbugden at smtplink.alis.ca and jbugden at alis.com.

Unfortunately, there is some logic in majordomo that is not symmetric so that
while I can subscribe as jbugden at alis.com, I can not unsubscribe since majordomo
notices jbugden at smtplink.alis.ca in the header and treats the attempt to
unsubscribe as a forgery.

So get used to it MrAdvent. After a few months you may even enjoy the ramblings
of the many too pale souls swimming in this communal cesspool. 

You can unsubscribe any time you like, but you can never leave.

James







From frantz at netcom.com  Thu Aug 29 14:46:45 1996
From: frantz at netcom.com (Bill Frantz)
Date: Fri, 30 Aug 1996 05:46:45 +0800
Subject: MSIE cryptography
Message-ID: <199608291838.LAA27579@netcom8.netcom.com>


At  3:20 PM 8/29/96 +0000, John Hemming - CEO MarketNet wrote:
>Essentially, however, I do not think it is right for a program to display a
>locked key regardless of any other issues if the data being transferred
>is not encrypted.

I fully agree.  I wonder if the FTC is interested.


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius lebri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From declan at eff.org  Thu Aug 29 14:49:57 1996
From: declan at eff.org (Declan McCullagh)
Date: Fri, 30 Aug 1996 05:49:57 +0800
Subject: Singapore Global Action Alert (8/29/96)
Message-ID: <Pine.SUN.3.91.960829113101.14221C-100000@eff.org>





August 29, 1996

                          *** GLOBAL ACTION BRIEF ***

*	Please redistribute this document widely with this banner intact
*	Redistribute only in appropriate places & only until 30 September 1996

Singapore Government Curtails Online Freedoms

The government of Singapore recently established strict controls on all
Internet Service Providers and many World Wide Web pages. ISPs and content
providers will be licensed, and required to adhere to a rigid set of content
guidelines which apply to political speech, ethnic and religious remarks
including satire, and public morals including "contents which propagate
permissiveness or promiscuity."

We believe that the licensing policy and broad content guidelines will
effectively chill the free flow of information not only in Singapore, but
worldwide.  Because the Internet is global, transcending geographical
bounds, we are convinced that censorship within any nation or state, whether
implicit or explicit, poses a threat to all users of the global network.  We
therefore encourage the government of Singapore, and other governments
implementing or considering policies of content control, to stress education
rather than regulation.

Singapore's approach, like the Communications Decency Act that was passed
but quickly rescinded in the U.S., applies a broadcast regulatory standard
to the Internet.

The application of broadcast-inspired, "one-to-many" regulation to this new
*many-to-many* medium indicates a fundamental misunderstanding of the nature
of the Internet.

Unlike television and radio broadcasting, the Internet does not push
material at the viewer, but simply makes material available on demand - not
unlike a rapid inter-library loan.  And unlike broadcasting, the Internet
does not present the views of a limited few privileged speakers, but allows
all participants to publish, comment on, and even refute, what they read.

Recognizing that every culture has its own standards regarding what is or is
not appropriate, the undersigned organizations recommend that Singapore's
government allow its citizens to use Internet filtering  tools, with which
they can block out any material that is offensive to them, rather than
embark upon a closed-border approach that will cut Singapore off from the
new global online library.

Support of individually customizable filtration services, instead of a broad
top-down censorship effort, would enable Singapore to participate in a  more
positive and effective way in the evolution of this new open medium, and
would indicate trust in the ability of Singaporeans to choose what is right
for Singapore and for themselves.

***

WHERE TO FIND MORE INFORMATION

For more information on the Singapore censorship situation, and other global
efforts to abridge the flow of information over the net, see these web sites:

http://www.eff.org/~declan/global/index.html
and
http://www.io.org/~sherlock/doom/threat.html

Human Rights Watch's letter to George Yeo, Singapore Minister for
Information and the arts, is located on HRW's gopher, at
gopher://gopher.igc.apc.org:5000/00/int/hrw/asia/asia/4

WHO TO CONTACT

The following organizations have issued this advisory:

ALCEI - Electronic Frontiers Italy * 
   http://www.nexus.it/alcei.html
American Civil Liberties Union (ACLU) *
   http://www.aclu.org
Center for Democracy and Technology (CDT) *
   http://www.cdt.org
CITADEL-Electronic Frontier France * 
   http://www.imaginet.fr/~mose/citadel
EFF-Austin * 
   http://www.eff-austin.org
Electronic Frontiers Australia * 
   http://www.efa.org.au
Electronic Frontier Canada * 
   http://www.efc.ca/
Elektronisk Forpost Norge (Electronic Frontier  Norway) * 
   http://www.sn.no/~efn
Electronic Frontier Foundation * 
   http://www.eff.org
Electronic Privacy Information Center (EPIC) *
   http://www.epic.org
HotWired * 
   http://www.hotwired.com
Voters Telecommunication Watch (VTW) * 
   http://www.vtw.org

Please choose an organization above and visit their web site for contact
information.

A copy of this advisory is available on the World Wide Web, at
http://www.well.com/~jonl/singapore.html.







From isi at hooked.net  Thu Aug 29 15:41:52 1996
From: isi at hooked.net (Barry C. Collin)
Date: Fri, 30 Aug 1996 06:41:52 +0800
Subject: CyberTerrorism Thoughts
Message-ID: <3225F0D7.3337@hooked.net>


Dear Mr. Geiger:

Thank you for your very well-thought-out presentation.  That is 
precisely the kind of material we need to see more of in this forum.  
It's tough to write, but it's worth it.

>From the feedback I've received, I should make this clear: regardless of 
criminality issues, I do not consider hacking in to a system to view 
things an act of terrorism (by classical or other definition).  My 
concern, by far, is the fragility I've found with systems connected to 
physical processes -- processes that affect the physical world.

Your segmentation of motivation and actions was excellent.  I look 
forward to your future commentary and postings.

Also, although it is sometimes difficult (myself no exception), I think 
you'd agree that this factual, non-flame approach gets far more work 
done.  Your response in that manner was appreciated.

Regards,
Barry C. Collin
-- 
Institute for Security and Intelligence
A Non-Profit Research Institution
P.O. Box 9877
Stanford, California  94309-9877  USA





From johnhemming at mkn.co.uk  Thu Aug 29 16:10:50 1996
From: johnhemming at mkn.co.uk (John Hemming - CEO MarketNet)
Date: Fri, 30 Aug 1996 07:10:50 +0800
Subject: MSIE cryptography
Message-ID: <1996-Aug29-194210.1>


Eric Murray writes:

>Peter Trei writes:
>> 
>> John Hemming - CEO MarketNet"  <johnhemming at mkn.co.uk> writes:
> 
>> > Just downloaded the most recent English Version 2.1 for Windows 3.1.
>> > This does appear to do the same in terms of no encryption at all after
>> > the server hello.
>> Please ensure that the server you are connecting to is not configured for
>> authenticate-only. It would be a pity to raise a big ruckus over what may be
>> just a mis-configured server.

>In addition, encryption isn't performed until after the ClientFinished
>and ServerFinished messages, no matter which CipherSuites are negotiated.

Actually the server verify message should be encrypted (to verify the
key negotiation).  Also the server and client finished should be encrypted.
I don't actually get the client finished record or client master key record.

However, I don't get those all I get is the cleartext data in packets of
SSL record format.   I have done a little more experimentation and it does
appear quite clear that this happens with a non standard (ie not
Verisign and a few others) X509 Certificate.

In the trace that I have posted it is clear that cypher 02 00 80 has
in theory been negotiated.







From trollins at interactive.visa.com  Thu Aug 29 16:13:53 1996
From: trollins at interactive.visa.com (Tom Rollins)
Date: Fri, 30 Aug 1996 07:13:53 +0800
Subject: Elliptic Curve Y**2 = x**3 + a * x**2 + b
Message-ID: <199608291905.PAA16350@rootboy.interactive.visa.com>


Hello all,

I have a math question concerning implementation of elliptic
curve systems. In coding some elliptic curve source, I
need to pick a random point on the following elliptic
curve in field F_p where p is a prime number.

       Y**2 = x**3 + a * x**2 + b
       where 4a**3 + 27b**2 is not equal to 0 mod p

In selecting a random point, I pick a random value for
x in the range 0 < x < p, compute the right hand side
of the equation and find myself needing to take the
square root for the two solutions.

Questions are:

  1: How can I take the suqare root mod p ?

  2: How to determine if a solution exists for a
     selected value of x ?

  3: Is the a simpler method than find a square root ?

Thanks for any ideas you may have about this...
-tom






From weidai at eskimo.com  Thu Aug 29 16:37:26 1996
From: weidai at eskimo.com (Wei Dai)
Date: Fri, 30 Aug 1996 07:37:26 +0800
Subject: Elliptic Curve Y**2 = x**3 + a * x**2 + b
In-Reply-To: <199608291905.PAA16350@rootboy.interactive.visa.com>
Message-ID: <Pine.SUN.3.95.960829124919.16763B-100000@eskimo.com>


On Thu, 29 Aug 1996, Tom Rollins wrote:

> Questions are:
> 
>   1: How can I take the suqare root mod p ?

Here's some C++ code for taking modular square roots:

Integer ModularSquareRoot(const Integer &a, const Integer &p)
{
	if (p%4 == 3)
		return a_exp_b_mod_c(a, (p+1)/4, p);

	Integer q=p-1;
	unsigned int r=0;
	while (q%2==0)   // while q is even
	{
		r++;
		q >>= 1;
	}

	Integer n=2;
	while (Jacobi(n, p) != -1)
		++n;

	Integer y = a_exp_b_mod_c(n, q, p);
	Integer x = a_exp_b_mod_c(a, (q-1)/2, p);
	Integer b = (x.Square()%p)*a%p;
	x = a*x%p;
	Integer tempb, t;

	while (b != 1)
	{
		unsigned m=0;
		tempb = b;
		do
		{
			m++;
			b = b.Square()%p;
			if (m==r)
				return Integer::ZERO;
		}
		while (b != 1);

		t = y;
		for (unsigned i=0; i<r-m-1; i++)
			t = t.Square()%p;
		y = t.Square()%p;
		r = m;
		x = x*t%p;
		b = tempb*y%p;
	}

	assert(x.Square()%p == a);
	return x;
}

>   2: How to determine if a solution exists for a
>      selected value of x ?

The Jacobi symbol tells you whether x has a square root mod p:

// if b is prime, then Jacobi(a, b) returns 0 if a%b==0, 1 if a is
// quadratic residue mod b, -1 otherwise
// check a number theory book for what Jacobi symbol means when b is not
// prime

int Jacobi(const Integer &aIn, const Integer &bIn)
{
    assert(bIn[0]==1);

    Integer b = bIn, a = aIn%bIn;
    int result = 1;

    while (!!a)
    {
	unsigned i=0;
	while (a[i]==0)
		i++;
	a>>=i;

	if (i%2==1 && (b%8==3 || b%8==5))
		result = -result;

        if (a%4==3 && b%4==3)
            result = -result;

        swap(a, b);
        a %= b;
    }

    return (b==1) ? result : 0;
}

>   3: Is the a simpler method than find a square root ?

I don't think so.  Let me know if you do find one.

Wei Dai






From root at HellSpawn  Thu Aug 29 16:50:21 1996
From: root at HellSpawn (Damien Lucifer)
Date: Fri, 30 Aug 1996 07:50:21 +0800
Subject: Mimic Function Stego Programs?
Message-ID: <Pine.LNX.3.91.960829163251.6291B-100000@HellSpawn>


---------- Forwarded message ----------
Date: Thu, 29 Aug 1996 16:32:40 -0400 (EDT)
Subject: RE: Mimic Function Stego Programs?

On Thu, 29 Aug 1996, * wrote:

> better than the 64 word ones I've used. I'd like to get a hold of these 
> (or the program, if it's not texto). I mailed DJ about it, but he said 
> he picked it up from a newsgroup he couldn't remember. If you follow up 
> please let me know any results. Fascinating stuff ...


Donno, the next hop from 64 words per type is 4096 words per type, a very 
tall order.

I've been working on a text steg'ing program for a while that operates 
under a different premise, however. It keeps a dictionary of word pairs, 
with each word in the pair being a synonym for the other.  It will read 
through a donor file, swapping words based on whether we need to hide a 1 
or a 0.  The encoder is working right now but the decoder is not.
 
A quick example:

dictionary: 1=sofa 0=couch
input: The couch is very comfortable
output (0): The sofa is very comfortable.
output (1): The couch is very comfortable.

The output text is virtually identical to the input text, and would (in 
most cases) easily fool the average human reader, as well as fooling 
simple mail filters. 

The main problem is that very little can be hidden in a text file in this 
manner.  I have one peice of text that is 50k, and can conceal about 64 
characters of data.  More typical numbers are around 15-25 characters/50k, 
which is why I never finished the decoder. Once i started encoding things, 
and realizing how little could be hidden in this manner, I stopped working 
on it. 

At the moment the dictionary is very small; nearly all of the words are 
relevant to only pornographic text (since porno is both predictable, and 
repetitive, i thought it would be a good place to start). :) 

I have the source code around, if you care to take a look at it.











From bf578 at scn.org  Thu Aug 29 16:58:51 1996
From: bf578 at scn.org (SCN User)
Date: Fri, 30 Aug 1996 07:58:51 +0800
Subject: the anonymizer
Message-ID: <199608292124.OAA07621@scn.org>



Does anybody know if there are any other services like the one at
   http://www.anonymizer.com

  That anonymize your surfing?


--
------------------------------------------
There are no facts, only interpretations.

I always wanted to be somebody, 





From bf578 at scn.org  Thu Aug 29 17:08:16 1996
From: bf578 at scn.org (SCN User)
Date: Fri, 30 Aug 1996 08:08:16 +0800
Subject: Small German bank claims first with online service
Message-ID: <199608292121.OAA06520@scn.org>


>
>		 
>>	 FRANKFURT, Aug 28 (Reuter) - German private bank Gries &  
>>Heissel Bankiers on Wednesday launched an Internet banking 
>>service -- the first comprehensive service of its kind in a 
>>country where online bank options are gradually taking off. 
>>	 The small Berlin-based bank linked up with U.S. computer  
>>firm Hewlett Packard Co to develop the system, which Internet 
>>users can access using a high-security personal code. 

   Sounds scarey and like a challenge!


>>	 Clients will be able to view detailed balances on their  
>>deposit, current and securities accounts and transact all normal 
>>banking business on the World Wide Web. 



--
------------------------------------------
There are no facts, only interpretations.

I always wanted to be somebody, 





From jf_avon at citenet.net  Thu Aug 29 17:08:20 1996
From: jf_avon at citenet.net (Jean-Francois Avon)
Date: Fri, 30 Aug 1996 08:08:20 +0800
Subject: Singapore Global Action Alert (8/29/96)
Message-ID: <9608292122.AA25332@cti02.citenet.net>


-----BEGIN PGP SIGNED MESSAGE-----

To: Cypherpunks at toad.com
29/08/96
Subject: Re: Singapore Global Action Alert (8/29/96)

On 29 Aug 96 at 11:31, Declan McCullagh forwarded:

> The application (...in Singapore) of broadcast-inspired,
> "one-to-many"
regulation to
> this new *many-to-many* medium (...the internet) indicates a
> fundamental misunderstanding of the nature of the Internet.

I completely disagree here!

Taking into account the philosophico-political context there, it
*obviously* indicate a *complete* understanding of the nature of the
net.  It is you (the writer of the forwarded article) who did not
either dare to state or simply recognize the true nature of a govt
pushing such measures. 

I am fed up of seing net users giving every would-be dictator the
benefit of the doubt.  There is no tolerance to be applied to that. 
There is no such thing as being tolerent to poison.

Why don't we start naming things by their true names?

JFA
- -- 
Jean-Francois Avon
DePompadour, Societe d'Importation Ltee
    Limoges porcelain, silverware and crystal
JFA Technologies
    R&D consultants: physicists technologists and engineers.
Montreal, QC, Canada
PGP keys at: http://w3.citenet.net/users/jf_avon
ID# C58ADD0D : 529645E8205A8A5E F87CC86FAEFEF891


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQEVAgUBMiWnB8iycyXFit0NAQGvaAf9HHTGYk/MAg/uX3uP87sOd6mWrVLw8J8u
4XFp83YV1MPBkqZ5xIxmxBNR6bF2RyqFIiD/go3x3nbfX5YkdF9jXW4iOnYNK6Ji
DzrlWTDNGFwTnbUnUbPraSjULU/0x3YdKAVmcxqr6KYBBLR2NVEtiqzbVQK2exHU
DZUG6oamV4sK5QFRA5gj0L+oB+qEdveZJrTK13rZT3UC21GXuOBGRPpHQStfU5nK
3v7ajP4IdlxxHZutL/S1LmPJw1iSf9eDtn76J7Y8UxrgknNavavs9rxte3mUjns1
TneE7zz2g9VMS6cqGttncp/Cwc7AkeURi7nu0tnr7jCvwlo4GhGSoA==
=4R7n
-----END PGP SIGNATURE-----





From charley at clark.net  Thu Aug 29 17:25:48 1996
From: charley at clark.net (Charley Sparks)
Date: Fri, 30 Aug 1996 08:25:48 +0800
Subject: New Microsoft Product! ! ! (fwd)
Message-ID: <Pine.GSO.3.95.960829175805.25199D-100000@clark.net>




---------- Forwarded message ----------
Date: Thu, 29 Aug 1996 11:11:00 -0400
From: ICSHAB at aol.com
Subject: New Microsoft Product! ! !

Microsoft Panhandler v1.0 (Beta)
 
 Redmond, WA -- Microsoft Corporation chair, CEO and all-around babe magnet
Bill Gates announced yesterday the introduction of a new product for Windows
95: Microsoft Panhandling.
 
 "The idea came to me the other day when a homeless man asked me for
money,"recalls Gates. "I suddenly realized that we were missing a golden
opportunity.  Here was a chance to make a profit without any initial monetary
investment. Naturally, this man then became my competition, so I had my limo
driver run over him several times."
 
 Microsoft engineers have been working around the clock to complete Gates'
vision of panhandling for the 21st century.
 
"We feel that our program designers really understand how the poor and needy
situation works," says Microsoft Homeless product leader Bernard Liu. "Except
for the fact that they're stinking rich."
 
 Microsoft Panhandling will be automatically installed with Windows 95. At
random intervals, a dialog box pops up, asking the user if they could spare
any change so that Microsoft has enough money to get a hot meal. ("This is a
little lie," admits software engineer Adam Miller, "since our diet consists
of Coke and Twinkies, but what panhandler doesn't embellish a little?") The
user can click Yes, in which case a random amount of change between $.05 and
$142.50 is transferred from the user's bank account to Microsoft's. The user
can also respond No, in which case the program politely tells the user to
have a nice day. The "No" button has not yet been implemented.
 
 "We're experiencing a little trouble programming the No button," Bernard Liu
says, "but we should definitely have it up and running within the next couple
of years. Or at least by the time Windows 2014 comes out. Maybe."
 
 Gates says this is just the start of an entire line of products. 
 "Be on the lookout for products like Microsoft Mugging, which either takes
$50 or erases your hard drive, and Microsoft Squegee Guy, which will clean up
your Windows for a dollar." (When Microsoft Squegee Guy ships, Windows 95
will no longer automatically refresh your windows.)  But there are
competitors on the horizon. Sun Microsystems and Oracle Corporation are
introducing panhandling products of their own.

 "Gates is a few tacos short of a combination platter, if you get my drift,"
says Oracle Head Honcho and 3rd degree black belt Larry Ellison. "I mean, in
the future, we won't need laptop computers asking you for change. You'll have
an entire network of machines asking you for money."
 
Gates responded with, "I know what you are, but what am I?"  General
pandemonium then ensued.







From alanh at infi.net  Thu Aug 29 18:21:00 1996
From: alanh at infi.net (Alan Horowitz)
Date: Fri, 30 Aug 1996 09:21:00 +0800
Subject: The few, the proud, the under-quota'd-mailbox US Marine Corps
Message-ID: <Pine.SV4.3.91.960829185728.23148D-100000@larry.infi.net>




---------- Forwarded message ----------
Date: Thu, 29 Aug 96 3:46:15 -24000
From: MAILER-DAEMON at mqg-smtp3.usmc.mil
To: alanh at infi.net
Subject: Undeliverable Message

To:            "Skeeve Stevens" <skeeve at skeeve.net>
Cc:            <cypherpunks at toad.com>
Subject:       Re: DoJ is poking around

Message not delivered to recipients below.  Press F1 for help with VNM
error codes.               

	VNM3043:  BANYAN SERVER at MAG26@2DMAW NEW RIVER


VNM3043 -- MAILBOX IS FULL

   The message cannot be delivered because the
   recipient's mailbox contains the maximum number of 
   messages, as set by the system administrator.  The
   recipient must delete some messages before any
   other messages can be delivered.
    The maximum message limit for a user's mailbox is 
   10,000.  The default message limit is 1000 messages.  
   Administrators can set message limits using the 
   Mailbox  Settings function available in the 
   Manage User menu  (MUSER). 

   When a user's mailbox reaches the limit, the 
   user must delete some of the messages before 
   the mailbox can accept any more incoming messages.

UNDEFINEDI have a military account. Not all govt or military accounts belong to 
black-helicopter pilots.







From frantz at netcom.com  Thu Aug 29 18:25:29 1996
From: frantz at netcom.com (Bill Frantz)
Date: Fri, 30 Aug 1996 09:25:29 +0800
Subject: www.anonymizer.com
Message-ID: <199608292255.PAA08976@netcom7.netcom.com>


www.anonymizer.com got a nice plug in David Plotnikoff's column in today's
San Jose Mercury News.  He quotes Community ConneXion's motto, "Because on
today's Internet, people do know you're a dog."  He also mentions its
similarity to anonymous remailers.  His capsule review:

"On the upside, it's very easy to use and it supports gopher and FTP
transfers as well as Web pages.  On the downside, it's predictable slow and
pages, bracketed top and bottom with Anonymizer banners, often don't
display quite right."


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius libri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From alanh at infi.net  Thu Aug 29 18:25:44 1996
From: alanh at infi.net (Alan Horowitz)
Date: Fri, 30 Aug 1996 09:25:44 +0800
Subject: DoJ is poking around
In-Reply-To: <199608290802.DAA09847@mailhub.amaranth.com>
Message-ID: <Pine.SV4.3.91.960829185336.23148B-100000@larry.infi.net>


> >I have a military account. Not all govt or military accounts belong to 
> >black-helicopter pilots.

> Wern't ya the one who buzzed my trailer park while I was talking to Elvis the other night? :)


     I actually live in a single-wide. Heaven's acre, as it were.





From jimbell at pacifier.com  Thu Aug 29 18:37:33 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 30 Aug 1996 09:37:33 +0800
Subject: Simulations
Message-ID: <199608292256.PAA27056@mail.pacifier.com>


At 06:28 AM 8/29/96 -0400, Duncan Frissell wrote:
>At 10:05 PM 8/28/96 -0800, jim bell wrote:
>
>>To me, the most obvious one is GIGO:  Simulations, especially 
>>political/social ones, might depend heavily on assumptions that are 
>>programmed into them.   A trivial, yet interesting example is the computer 
>>game "Sim City" which allowed you to adjust the "tax rate" but problems 
>>always cropped up the further away you were from 7%.   The libertarians were 
>>frustrated that we were unable to drop the tax rate and still get a 
>>well-functioning, happy society.  
>
>I was taking economics back in the Armonk Iron days and we played around with
>an economic simulation program written in Fortran.  One was supposed to
>adjust government spending and taxes to find an optimum level.  I set both
>taxes and spending to zero.  We got a lot of economic growth and a lot of
>inflation (this was not a monetarist simulation).

Yes, it does sound a bit inaccurate.  Let's see, while I only took one 
economics course in college (macroeconomics) as I recall inflation is 
generally the product of either the monetarization of the deficit or an 
increase in wages unmatched by productivity increases.  The latter is 
unlikely to be caused extensively by government policy or spending 
(Davis-Bacon is an obvious exception to this in the private sector), and if 
the government spending and taxes are zero then obviously the former can't 
be the cause.  


> But we were happier.

That reminds me of a related flaw in Sim City.  When the program is queried as to
what the public's main complaints are, the information is presented by the program as 
the percentage of the population considering various problems to be the 
"most important."  However, it did not explicitly rank the SERIOUSNESS of 
these problems in absolute terms.  Since it is practically an axiom of human 
nature that we'll FIND something to complain about if nothing comes 
immediately to mind, the danger is that you'll over-react to a non-problem 
with a "solution" (often involving more government spending) that is even 
worse.

Another bias was the fact that the program seemed to lump all 
infrastructure-type spending into government, as opposed to a privatized 
solution.   In reality, if you drop government spending very low problems 
will begin to be solved by private means.  In Sim City, however, the system 
did not compensate in this way,  leading to low or even negative growth, and 
extreme dissatisfaction, etc.

Jim Bell
jimbell at pacifier.com





From alanh at infi.net  Thu Aug 29 19:11:14 1996
From: alanh at infi.net (Alan Horowitz)
Date: Fri, 30 Aug 1996 10:11:14 +0800
Subject: see you guys later
In-Reply-To: <v01540b02ae4b77865fbf@[206.66.171.67]>
Message-ID: <Pine.SV4.3.91.960829191132.23148L-100000@larry.infi.net>


<< See you guys later >>


Oh my God, I've been rejected by a beltway bandit.

Tim M, could you hand me a double dose of my Lithium this time.





From frantz at netcom.com  Thu Aug 29 19:26:20 1996
From: frantz at netcom.com (Bill Frantz)
Date: Fri, 30 Aug 1996 10:26:20 +0800
Subject: Singapore Global Action Alert (8/29/96)
Message-ID: <199608292303.QAA09504@netcom7.netcom.com>


At  5:21 PM 8/29/96 -0500, Jean-Francois Avon wrote:
>I am fed up of seing net users giving every would-be dictator the
>benefit of the doubt.  There is no tolerance to be applied to that. 
>There is no such thing as being tolerent to poison.

I don't think this is giving Singapore's rulers the benefit of the doubt. 
Rather, it is a case of asking politely the first time.  Since it is asking
him to change a policy of his, it is merely avoiding calling him a shithead
in the process.  When you want someone to do something voluntarily, it is
usually better to start by being polite.

It is up to other net-forces to make sure that censorship is ineffective
for technical reasons.


-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius libri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From dlv at bwalk.dm.com  Thu Aug 29 19:36:01 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Fri, 30 Aug 1996 10:36:01 +0800
Subject: Desubscribe
In-Reply-To: <9607298413.AA841352799@smtplink.alis.ca>
Message-ID: <XDXFTD1w165w@bwalk.dm.com>


jbugden at smtplink.alis.ca writes:
> When I send an e-mail, the header contains two equivalent addresses:
> jbugden at smtplink.alis.ca and jbugden at alis.com.
> 
> Unfortunately, there is some logic in majordomo that is not symmetric so th=
> at
> while I can subscribe as jbugden at alis.com, I can not unsubscribe since majo=
> rdomo
> notices jbugden at smtplink.alis.ca in the header and treats the attempt to
> unsubscribe as a forgery.
If you don't have the brains to forge the From:, then you have no business
being subscribed to any mailing list.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From mekdam at link.com.eg  Thu Aug 29 20:31:53 1996
From: mekdam at link.com.eg (Sherif  Mekdam)
Date: Fri, 30 Aug 1996 11:31:53 +0800
Subject: Desubscribe
In-Reply-To: <960829074816_512217624@emout15.mail.aol.com>
Message-ID: <32262333.4006@link.com.eg>


> I would like you to desubscribe me from you mailing list






From rwright at adnetsol.com  Thu Aug 29 20:53:51 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Fri, 30 Aug 1996 11:53:51 +0800
Subject: Desubscribe
Message-ID: <199608300026.RAA08325@adnetsol.adnetsol.com>




> On Or About: 29 Aug 96, 16:57, Dr.Dimitri Vulis KOTM wrote:
> 
> > jbugden at smtplink.alis.ca writes:
> 
> > > can not unsubscribe since majo= rdomo notices
> > > jbugden at smtplink.alis.ca in the header and treats the attempt to
> > > unsubscribe as a forgery.
> >
> > If you don't have the brains to forge the From:, then you have no
> > business being subscribed to any mailing list.
> > 
> 

 What's worse?  Losers who can't unsubscribe from a mailing list they
 subscribed to OR spammers?   ;-)
 
 Ross
 





From tcmay at got.net  Thu Aug 29 21:07:19 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 30 Aug 1996 12:07:19 +0800
Subject: Nuke Singapore Back into the Stone Age
Message-ID: <ae4b87a502021004a21e@[205.199.118.202]>


At 10:21 PM 8/29/96, Jean-Francois Avon wrote:

>I completely disagree here!
>
>Taking into account the philosophico-political context there, it
>*obviously* indicate a *complete* understanding of the nature of the
>net.  It is you (the writer of the forwarded article) who did not
>either dare to state or simply recognize the true nature of a govt
>pushing such measures.
>
>I am fed up of seing net users giving every would-be dictator the
>benefit of the doubt.  There is no tolerance to be applied to that.
>There is no such thing as being tolerent to poison.
>
>Why don't we start naming things by their true names?

I agree with Jean-Francois--most of the recent announcements by governments
about the Internet actually indicate *full awareness* of what their actions
could mean for the propagation of articles, the extradition of
Net.criminals, and the development of a Global New World Computer Order.

The United States knew what the CDA would mean, the government of Bavaria
knew what the crackdown on "racist" Web sites and newsgroups would mean,
the government of Singapore understands full well what their actions could
mean, and so on.

And it is likely that the "control" advocates in each of these countries
(and others) are pleased when one of their brother countries announces new
crackdowns on the Net and Web. Very few governments actually like free
speech in all of its forms, and certainly the U.S. government does not.
Sure, there is lip service paid to "free speech" in the U.S., but the list
of illegal things to say keeps getting longer (just last week Clinton
illegalized many forms of speech involving cigarettes--what part of
"Congress shall make no law" is not being understood here?).

As to why so many of the criticisms of such crackdowns use "weasel
language," such as the example Jean-Francois disagrees with, well, this is
the way the game is played. The alternative to "The government of Singapore
fails to understand the nature of the Net and could do grievous harm to it"
is not quite so diplomatic:

"Fucking statists. Time to nuke 'em back to the stone age."

Personally, if this crackdown in Singapore happens, I intend to post
various anti-Singapore and anti-Lee Kwan Yew & Sons screeds to various
newsgroups that Singaporans might like to read. Then, if the Yew Dynasty
decides to pull the plug, it'll be to more and more groups.

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From 74740.670 at CompuServe.COM  Thu Aug 29 21:25:45 1996
From: 74740.670 at CompuServe.COM (Brian Pecic)
Date: Fri, 30 Aug 1996 12:25:45 +0800
Subject: Mail to sbinkley@atitech.ca
Message-ID: <960829230902_74740.670_EHB101-2@CompuServe.COM>


You are continualy sending to Scott Binkley (sbinkley at atitech.ca). Scott is no
longer at ATI so please stop sending to this invalid address.
Brian Pecic
bpecic at atitech.ca






From jimbell at pacifier.com  Thu Aug 29 21:32:53 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 30 Aug 1996 12:32:53 +0800
Subject: Clinton follies ideas?
Message-ID: <199608300141.SAA08320@mail.pacifier.com>


At 10:08 PM 8/28/96 -0500, David E. Smith wrote:

>Our esteemed figurehead, Bill Clinton, will be doing
>the first stop of his "Road to Victory Tour" campaign
>this Friday, just a few blocks from my apartment.  Does
>anybody have any cool suggestions on things to do to
>harass, heckle, or maybe get taken down by the Secret
>Service?  (Or should I just yell, 'Clinton, you suck!'? :)

It's too bad that somebody can't fiddle with his speech tonight, at the end 
of a page inserting the text,

"I'm really sorry that my friend and advisor Dick Morris was caught..."
    
and then replacing the rest of the speech with blank pages...

Jim Bell
jimbell at pacifier.com





From nobody at replay.com  Thu Aug 29 21:33:30 1996
From: nobody at replay.com (Anonymous)
Date: Fri, 30 Aug 1996 12:33:30 +0800
Subject: PGP & Default
Message-ID: <199608300152.DAA18622@basement.replay.com>



   I created a nym with a public key.  Now, it's become the default so
when I go to send an encrypted message, I get prompted to enter the
password for my nym key.
   So, for the $64,000 question: How I can get my *original* public key (the one with my
"real" email address) to again be the default.
   Thx.







From snow at smoke.suba.com  Thu Aug 29 21:33:39 1996
From: snow at smoke.suba.com (snow)
Date: Fri, 30 Aug 1996 12:33:39 +0800
Subject: A _REALLY_ Interesting Bet [2]
In-Reply-To: <199608291709.LAA07068@zifi.genetics.utah.edu>
Message-ID: <Pine.LNX.3.93.960829193441.177B-100000@smoke.suba.com>


On Thu, 29 Aug 1996, Anonymous wrote:
> the unwanted phonecalls around suppertime, as I said before. The media
> would eventually flock to the more-accurate poll, even if it involved
> the dreaded crass freemarket capitalism of people willingly gambling.

     This presumes a media that desires an accurate poll. 

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From ichudov at algebra.com  Thu Aug 29 22:54:55 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Fri, 30 Aug 1996 13:54:55 +0800
Subject: Errors-To: for cypherpunks
Message-ID: <199608300121.UAA31369@manifold.algebra.com>


Hi,

Whoever is in charge of maintaining this mailnig list, PLEASE
add header 

Errors-To: cypherpunks-errors at toad.com

I am flooded by stupid "Mailbox is full" messages from Banyan and 
CC-mail gateways.

	- Igor.





From jimbell at pacifier.com  Thu Aug 29 23:11:56 1996
From: jimbell at pacifier.com (jim bell)
Date: Fri, 30 Aug 1996 14:11:56 +0800
Subject: Intel to rule the basic crypto engine market?
Message-ID: <199608300330.UAA14539@mail.pacifier.com>


At 03:56 AM 8/24/96 -0500, William H. Geiger III wrote:

>Intresting but..., In the era of ITAR, GAK, Key Escrows,Clipper,& FileGate 
>do we really want to put all our eggs in one basket? And that basket being 
>based on hardware? IMHO I don't see Intell standing up to the government any 
>more than Netscape, Mircosoft, IBM, or Lotus has. I have serious doubts that 
>our "beloved" goverment will alow any standard to be adopted that does not 
>allow them access whenever they please. I personally do not run any security 
>code on my machines that I do not have the
>source for & have instpected.


The one kind of standardization in the crypto market that we truly need, 
NOW, is a standard format/protocol so that crypto telephones from all 
manufacturers can talk to each other.  The last thing we need is a 
tower-of-Babel situation, which would be even worse than the VHS/Beta wars 
of 20-10 years ago.

Jim Bell
jimbell at pacifier.com





From shamrock at netcom.com  Thu Aug 29 23:39:51 1996
From: shamrock at netcom.com (Lucky Green)
Date: Fri, 30 Aug 1996 14:39:51 +0800
Subject: Win95 HD encryption?
Message-ID: <Pine.3.89.9608292135.A15229-0100000@netcom14>


My main machine is in the shop and with it are the recently posted 
instructions how to do file system encryption under Win95.

Somebody please email them to me.

TIA,

--Lucky







From declan at eff.org  Fri Aug 30 00:03:40 1996
From: declan at eff.org (Declan McCullagh)
Date: Fri, 30 Aug 1996 15:03:40 +0800
Subject: Singapore Global Action Alert (8/29/96)
In-Reply-To: <199608292303.QAA09504@netcom7.netcom.com>
Message-ID: <Pine.SUN.3.91.960829190641.678B-100000@eff.org>


Bill speaks sooth. Personally, I agree with Jean-Francois in that the
Singapore government *does* understand the Net, and is using that
knowledge to control it within their borders reasonably well. Remember the
next phase of restrictions goes into effect on September 15. 

But I don't see a problem in being polite the first time. 

-Declan



On Thu, 29 Aug 1996, Bill Frantz wrote:

> At  5:21 PM 8/29/96 -0500, Jean-Francois Avon wrote:
> >I am fed up of seing net users giving every would-be dictator the
> >benefit of the doubt.  There is no tolerance to be applied to that. 
> >There is no such thing as being tolerent to poison.
> 
> I don't think this is giving Singapore's rulers the benefit of the doubt. 
> Rather, it is a case of asking politely the first time.  Since it is asking
> him to change a policy of his, it is merely avoiding calling him a shithead
> in the process.  When you want someone to do something voluntarily, it is
> usually better to start by being polite.
> 
> It is up to other net-forces to make sure that censorship is ineffective
> for technical reasons.
> 
> 
> -------------------------------------------------------------------------
> Bill Frantz       | Cave ab homine unius libri | Periwinkle -- Consulting
> (408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
> frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA
> 
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From Scottauge at aol.com  Fri Aug 30 00:21:19 1996
From: Scottauge at aol.com (Scottauge at aol.com)
Date: Fri, 30 Aug 1996 15:21:19 +0800
Subject: Exploring (RSA (001)
Message-ID: <960829223938_397314410@emout12.mail.aol.com>


Exploring Rivest, Shamir, Adelman algorithm, but hoping someone out there is
interested in very large number manipulations.

RSA suggests choosing two prime 100 digit numbers p and q for beginning of
key generation.

These numbers are obviously beyond the long type of a C program.

Other than using Mathematica or Maple, I would like to use C or perferrably
C++.

Just some basics such as multiplication, addition, subtraction, division,
mod, etc over the Z set.






From bf578 at scn.org  Fri Aug 30 00:42:23 1996
From: bf578 at scn.org (SCN User)
Date: Fri, 30 Aug 1996 15:42:23 +0800
Subject: www.anonymizer.com
Message-ID: <199608300319.UAA00645@scn.org>


>
>www.anonymizer.com got a nice plug in David Plotnikoff's column in today's
>San Jose Mercury News.  He quotes Community ConneXion's motto, "Because on
>today's Internet, people do know you're a dog."  He also mentions its
>similarity to anonymous remailers.  His capsule review:
>
>"On the upside, it's very easy to use and it supports gopher and FTP
>transfers as well as Web pages.  On the downside, it's predictable slow and
>pages, bracketed top and bottom with Anonymizer banners, often don't
>display quite right."

 mailto: links take you to a anonymous remailer web page that lets
          you choose among remailers.
 news: can be read anonymously but posting doesn't seem to work yet.
 If converts all links in a page to use the service.

 Some info does get through , such as your broswer type.
 Soon, i guess browsers programmers will start passing info there!

 Don't know what happens with shttp:? anybody tried?

 Slowness is probably because the "service" is free and they don't
  have the funds for more horsepower.

 They do claim that they cache documents, so if one person gets
  a page from a slow server then everyone else can get it faster.
  (of course they'd have to be faster!)


--
------------------------------------------
There are no facts, only interpretations.

I always wanted to be somebody, 





From snow at smoke.suba.com  Fri Aug 30 00:51:08 1996
From: snow at smoke.suba.com (snow)
Date: Fri, 30 Aug 1996 15:51:08 +0800
Subject: The few, the proud, the under-quota'd-mailbox US Marine Corps
In-Reply-To: <Pine.SV4.3.91.960829185728.23148D-100000@larry.infi.net>
Message-ID: <Pine.LNX.3.93.960829203002.305A-100000@smoke.suba.com>


On Thu, 29 Aug 1996, Alan Horowitz wrote:
> ---------- Forwarded message ----------
> 	VNM3043:  BANYAN SERVER at MAG26@2DMAW NEW RIVER
                                      ^^^^^^^^^^^^^^^
     See this part? 
               
> 
> UNDEFINEDI have a military account. Not all govt or military accounts belong to 
> black-helicopter pilots.

     Stands for 2nd Marine Air Wing, MCAS New River, N.C. 

     New River is a helicopter base. I served their as a crispy critter for 
three and a half years. 

     He just might pilot a black helicopter. 

Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From frissell at panix.com  Fri Aug 30 00:58:33 1996
From: frissell at panix.com (Duncan Frissell)
Date: Fri, 30 Aug 1996 15:58:33 +0800
Subject: Nuke Singapore Back into the Stone Age
Message-ID: <2.2.32.19960830031445.00ac0c80@panix.com>


At 05:55 PM 8/29/96 -0700, Timothy C. May wrote:

>As to why so many of the criticisms of such crackdowns use "weasel
>language," such as the example Jean-Francois disagrees with, well, this is
>the way the game is played. The alternative to "The government of Singapore
>fails to understand the nature of the Net and could do grievous harm to it"
>is not quite so diplomatic:
>
>"Fucking statists. Time to nuke 'em back to the stone age."

Additionally, such statements are not actually directed at the fascists they
are addressed to.  We are well aware that they won't pay any attention to
them.  They are addressed to private readers.  In that case a good mix of
polite argumentation by EFF-type groups and "nuke 'em 'till they glow then
shoot 'em in the dark" rhetoric from the rest of us is probably the optimal
mix.  The goal is to convince a critical mass of people to choose to
exercise the freedoms they possess because of all our toys here on the Net.
Since people are different, a broad spectrum of argumentation is indicated.

DCF

"What we seek is not the overthrow of the government but a situation in
which it gets lost in the shuffle."   






From jya at pipeline.com  Fri Aug 30 01:00:49 1996
From: jya at pipeline.com (John Young)
Date: Fri, 30 Aug 1996 16:00:49 +0800
Subject: LAT_ice
Message-ID: <199608300139.BAA03404@pipe6.t1.usa.pipeline.com>


   8-23-96. Science: 
 
   "Lattices May Put Security Codes on a Firmer Footing." 
 
      Miklos Ajtai, a mathematician at IBM Almaden, has 
      provided the kind of guarantee of hardness that 
      cryptographers are looking for. He has proved that 
      examples picked at random from a particular class of 
      problems are, with exceedingly rare exceptions, as 
      hard to solve as the hardest ones imaginable. A code 
      that embedded messages in these problems so that only 
      someone equipped with the answers could decode them 
      would provide something close to a guarantee of 
      security. 
 
   8-29-96. WaJo: 
 
   "Cybersleuths Help Make Java Safe for Browsers." 
 
      Over the past year, Wallach, Dean, Felten and Balfanz  
      have become self-styled policemen for some of the 
      hottest Internet software around. Like many fellow 
      hackers, they find thrills in the search for others' 
      mistakes. But unlike some of their brethren, they're 
      using their skills to make the software better by 
      informing the companies of their findings, rather than 
      exploiting the errors maliciously. 
 
   ----- 
 
   http://pwp.usa.pipeline.com/~jya/latice.txt  (13kb for 2) 
 
   LAT_ice 
 
---------- 
 
   Seth Lloyd, MIT, has a 5-page report on "Universal  
   Quantum Simulators" in Science of 23 August, which  
   confirms Feynman's 1982 conjecture that quantum  
   computers can be programmed to simulate any local  
   quantum system. 
 
   There are quite a few equations so we have not scanned  
   it to .txt. However, we will scan as JPEG images for  
   those who are interested. 
 
   Send us a blank message with subject UQS_fey. 
    
   There will be a delay to honor knothead labor, me. 
 
 
 
 





From vagab0nd at sd.cybernex.net  Fri Aug 30 01:58:46 1996
From: vagab0nd at sd.cybernex.net (Erle Greer)
Date: Fri, 30 Aug 1996 16:58:46 +0800
Subject: Elliptic Curve Y**2 = x**3 + a * x**2 + b
Message-ID: <2.2.32.19960830023856.0075c734@mail.sd.cybernex.net>


> 1: How can I take the suqare root mod p ?

This has what to do with CP?






From mix-admin at nym.alias.net  Fri Aug 30 02:13:51 1996
From: mix-admin at nym.alias.net (lcs Remailer Administrator)
Date: Fri, 30 Aug 1996 17:13:51 +0800
Subject: PGP & Default
In-Reply-To: <199608300152.DAA18622@basement.replay.com>
Message-ID: <199608300513.BAA04332@anon.lcs.mit.edu>

nobody at replay.com (Anonymous) writes:

>    I created a nym with a public key.  Now, it's become the default so
> when I go to send an encrypted message, I get prompted to enter the
> password for my nym key.
>    So, for the $64,000 question: How I can get my *original* public key (the one with my
> "real" email address) to again be the default.
>    Thx.

I assume you are talking about a nym.alias.net account, and that the
problem is when you want to sign a message with a key other than your
nym key?

Add a line like this

	MYNAME = <you at your.email.address>

to the file $HOME/.pgp/config.txt.  (Or wherever the equivalent is
under DOS.  Perhaps someone can tell me where the config.txt file
lives under DOS and I will add that to the help file.)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: pgp00000.pgp
Type: application/octet-stream
Size: 288 bytes
Desc: "PGP signature"
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/19960830/1a8b742c/attachment.obj>

From markm at voicenet.com  Fri Aug 30 02:26:06 1996
From: markm at voicenet.com (Mark M.)
Date: Fri, 30 Aug 1996 17:26:06 +0800
Subject: Elliptic Curve Y**2 = x**3 + a * x**2 + b
In-Reply-To: <2.2.32.19960830023856.0075c734@mail.sd.cybernex.net>
Message-ID: <Pine.LNX.3.95.960830001224.623B-100000@gak>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 29 Aug 1996, Erle Greer wrote:

> This has what to do with CP?

Elliptic curves have plenty to do with cryptography.  A web search should
turn up some useful information.  It's really quite fascinating if you can get
past some of the heavy math.  A tad more relevant to cpunks than black
helicopters, conspiracy theories, and such. 

- -- Mark

PGP encrypted mail prefered.
Key fingerprint = d61734f2800486ae6f79bfeb70f95348
http://www.voicenet.com/~markm/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQEVAwUBMiZrbizIPc7jvyFpAQGBzAf/dzSV77vAkJBHUM07PM0eErOeBW7tka5R
OMBr7fVsOkfQcFoHuZtJDawEumbuMmcOCsU45D4zRuwvMCmT+YTxU0ZMEf2n2oVk
ga/1hHJibyueZ5KHF4FgeX2dQJtodxA2mPxXA3j8lGPS7qoHy92oHHztjXF2LHQK
6wIqgqZS7LX2X6VPhL4DZ+xZ00CRquw/Ug7nk8M/KK3FmHyL6iAoGNhBryKMSva5
3WwKLxjbutK6BKN7JvAZOE7n/UGnNKXob1KV/vOl7oDeWacZoR84q0c+wOa6cM8R
uzXUEkw2C1oFTTqdBPE6AI+qtfUQQ1Tm2nwCTOLK5QpyIKQakY9ICg==
=s2ef
-----END PGP SIGNATURE-----






From furballs at netcom.com  Fri Aug 30 02:27:04 1996
From: furballs at netcom.com (Paul S. Penrod)
Date: Fri, 30 Aug 1996 17:27:04 +0800
Subject: Exploring (RSA (001)
In-Reply-To: <960829223938_397314410@emout12.mail.aol.com>
Message-ID: <Pine.3.89.9608292351.A23180-0100000@netcom>




On Thu, 29 Aug 1996 Scottauge at aol.com wrote:

> Exploring Rivest, Shamir, Adelman algorithm, but hoping someone out there is
> interested in very large number manipulations.
> 
> RSA suggests choosing two prime 100 digit numbers p and q for beginning of
> key generation.
> 
> These numbers are obviously beyond the long type of a C program.

Don't just assume that the long type is too small. For most compilers 
this is true, but the long data type (at least as I have seen the 
definition from ANSI 1991) is twice the base word (INT) length, where the 
word size is generally defined to be the size of the register length of the 
CPU in question to which the compiler has been developed for. Intel blurs 
this distinction by still supporting 8,16,32 and now 64 bit registers in 
the same CPU, and there are various flavors of the same C compiler that 
accomodate both 16 and 32 bit word sizes (read INT).

Just for the sake of arugment, an unsigned long in a 64 bit compiler 
represents integers from 0 to 2^128-1. This is fairly large. However, 
Fred Gruenburg (a RAND fellow) and some of his cohorts back in 1957 came 
up with a method of bit ticking that allowed them to calculated 
astronomically large prime numbers very quickly. It had something to do 
with a known mathematical progression of primes in the set of integer 
numbers as X -> 00. If I can find the information, I will post how he 
did it.

One other method involves using character strings to manipulate large 
numbers "long hand". This method is fairly slow compared to bit ticking, 
but it works and was used in some of the old style 8 bit systems I worked 
on many moons ago. You set up at least 3 long strings and use them as 
registers for all mathematical operations, plus allow for an overflow flag. 
This simulates some of the old style decimal machine in their operations.

> 
> Other than using Mathematica or Maple, I would like to use C or perferrably
> C++.
> 
> Just some basics such as multiplication, addition, subtraction, division,
> mod, etc over the Z set.
> 
> 

...Paul






From stewarts at ix.netcom.com  Fri Aug 30 02:28:51 1996
From: stewarts at ix.netcom.com (stewarts at ix.netcom.com)
Date: Fri, 30 Aug 1996 17:28:51 +0800
Subject: [NOISE] Re: Elliptic Curve Y**2 = x**3 + a * x**2 + b
Message-ID: <199608300707.AAA09423@toad.com>


At 09:38 PM 8/29/96 -0500, you wrote:
>> 1: How can I take the suqare root mod p ?
>
>This has what to do with CP?

Talking about actual implementation details for actual
cryptographic algorithms?  Very little these days*,
though I suppose Jim Bell has a solution for that....

[*Not that I'm necessarily in a position to bitch,
given the code-to-ranting ratio of my own postings :-)]

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From WlkngOwl at unix.asb.com  Fri Aug 30 02:28:52 1996
From: WlkngOwl at unix.asb.com (Deranged Mutant)
Date: Fri, 30 Aug 1996 17:28:52 +0800
Subject: (Fwd) Re: New file system
Message-ID: <199608300642.CAA16656@unix.asb.com>


I'm not on the list currently, but I this person is looking for info on 
putting filesystems in other files and I no longer have the refs to 
what some members of the list were doing.

------- Forwarded Message Follows -------

At 12:38 PM 7/26/96 +0000, you wrote:
>On 26 Jul 96 at 3:07, free-dos at vpro.nl wrote:
>
>> I ask this here since I can't find anywhere else to ask this.
>
>> I'm looking for / thinking about writing a library that allows 
>> for a file system to exist inside of a single file (much 
>> like the microsoft OLE document).  This is needed for a project 
>> of mine.
>
>Check the Linux 2.0 distribution. I believe it allows this.  There's 
>also some cypherpunks talk recently about hiding encrypted 
>filesystems in other files, so you may want to check the archives in 
>hks.net.
>

Could you give me a good site to look into this? I tried coast.net with
no luck since the source is spread over a good number of directorys.



>> Requirements:   
>> 
>>    Mulitiple files and a hiarchial directory reside in a single
>> file.
>> 
>>    The file starts out as small as possible then it becomes 
>> bigger as more files and directorys are added to it.
>> 
>>    The files inside the file system can be added, renamed, 
>> delete, moved, fragged.  (there must be a way to defrag the 
>> files)
>> 
>>    Each file in the file system can have mulitiple streams much
>> like the NTFS file system.
>> 
>> End of requirements.
>> 
>>    Does anyone know of a library like this and if so where 
>> if not does anyone have any ideas on how this could work.  
>> Currently i'm looking at modiling the system after the 
>> UNIX file system.
>> 
>> Any ideas / comments please respond by email to:
>> hawk at idir.net.  
>> 
>> Use subject: 'Re: New file system'
>> 
>> 
>> e-mail: hawk at inf.net
> 

---
No-frills sig. Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl at unix.asb.com (root at magneto)
Send a message with the subject "send pgp-key" for a copy of my key.





From Adamsc at io-online.com  Fri Aug 30 02:30:07 1996
From: Adamsc at io-online.com (Adamsc)
Date: Fri, 30 Aug 1996 17:30:07 +0800
Subject: Mimic Function Stego Programs?
Message-ID: <19960830062418937.AAA214@IO-ONLINE.COM>


On Thu, 29 Aug 1996 16:34:05 -0400 (EDT), Damien Lucifer wrote:

>I've been working on a text steg'ing program for a while that operates 
>under a different premise, however. It keeps a dictionary of word pairs, 
>with each word in the pair being a synonym for the other.  It will read 
>which is why I never finished the decoder. Once i started encoding things, 
>and realizing how little could be hidden in this manner, I stopped working 

>At the moment the dictionary is very small; nearly all of the words are 
>relevant to only pornographic text (since porno is both predictable, and 
>repetitive, i thought it would be a good place to start). :) 
And it would let you hide stuff using a flood of Usenet alt.sex.stories posts
that could be forwarded somewhere....


It sounds mainly like your program is limited by the small dictionary size. 
Perhaps you could work up a front end that would make it very easy to extend
the dictionary?

- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said.
* Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
* Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
* Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
* Member in good standing of the GNU whirled hors d'oeuvre






From Wyntermute at worldnet.att.net  Fri Aug 30 02:30:09 1996
From: Wyntermute at worldnet.att.net (Justin Card)
Date: Fri, 30 Aug 1996 17:30:09 +0800
Subject: Elliptic Curve Y**2 = x**3 + a * x**2 + b
In-Reply-To: <199608291905.PAA16350@rootboy.interactive.visa.com>
Message-ID: <3225228C.4290@worldnet.att.net>


Tom Rollins wrote:
> 
> Hello all,
> 
> I have a math question concerning implementation of elliptic
> curve systems. In coding some elliptic curve source, I
> need to pick a random point on the following elliptic
> curve in field F_p where p is a prime number.
> 
>        Y**2 = x**3 + a * x**2 + b
>        where 4a**3 + 27b**2 is not equal to 0 mod p
> 
> In selecting a random point, I pick a random value for
> x in the range 0 < x < p, compute the right hand side
> of the equation and find myself needing to take the
> square root for the two solutions.

I can't remember the elliptic curve system well, but if the parameters
of the curve are not standard for everyone (which I am afraid they are)
one method is to pick the point first, then solve for the a & b.

If this is not the case, finding the square root may be nice or tricky.

if p=3 mod 4, then the sqrt is
X^(P+1) mod P, where X is the number you are trying to find the sqrt
of.  It can be extended to X=5(mod 8) and a few others, but I'm not sure
how.  There is also a form for X=1 mod 4,but I can't find reference to
it. Hope this helps

-- 
  Wyntermute   
     -----BEGIN GEEK CODE BLOCK-----
     Version: 3.1
     GE d@ s++:+ a? C++++ UL++ P+ L++ E W+++ N+++ o? K--? w !O M-- V?
PS+++
     PE++ Y+ PGP++ t+++ !5 X+++ R++* tv++ b+++ DI++ D++ G++ e h r- !y 
     ------END GEEK CODE BLOCK------





From attila at primenet.com  Fri Aug 30 02:33:05 1996
From: attila at primenet.com (attila)
Date: Fri, 30 Aug 1996 17:33:05 +0800
Subject: Selling your sole to DOJ ...err, devil   Zimmermann?
Message-ID: <199608300621.AAA29460@InfoWest.COM>


= This is a bit much, if not off the wall. Any glimmer of
= truth..?  
= 
        [snip]  
=   
= A lot of people think that PGP encryption is unbreakable and that the  
= NSA/FBI/CIA/MJ12 cannot read their mail. This is wrong, 
=
        [snip]
= Since version 2.1, PGP ("Pretty Good Privacy") has been rigged
= to allow the NSA to easily break encoded messages. Early in
= 1992, the author, Paul Zimmerman, was arrested by Government
= agents. He was told that he would be set up for trafficking
= narcotics unless he complied. The Government agency's demands
= were simple: He was to put a virtually undetectable trapdoor,
= designed by the NSA, into all future releases of PGP, and to
= tell no-one. 

        well, as to the methodology of threatening (and 
    actually prosecuting) narcotics complicity or conspiracy
    under Title 18 861(a), I can vouch for the method...   all
    "they" need is a judge like Peck in El Paso (assassinated on
    the bench) or Foley in Vegas (retired and gone --a hero)
    --both were better known as "Judge Ray Bean, law west of the
    Pecos"  and just about as knowledgeable and reliable....

        First, let me state: this is not a frontal attack on 
    Zimmermann himself, but a question given some of the 
    historical precedents and circumstances, and their 
    implications on the basis of human behavior 

            --particularly the act of saving one's ass.
        
        Zimmermann is a political flake, a warmed over 60s
    liberal. 

        I would find it difficult, despite his apparent altruism
    and left-over 60s need for redress, to believe that
    Zimmermann's coding of PGP was other than a commercial
    stepping stone (judging from both his prior and later 
    actions); and,

        Zimmermann is nothing but the true liberal he always 
    was --most of the 60s liberals were against the government
    for one thing only: Vietnam --a morality issue as they saw 
    it --but they are *still* liberals with liberal morality and 
    a 'government solves all' outlook on life.

        I won't go into chain of command and discipline, but I 
    consider my service to have been *wasted* by a government 
    interested more in a weapons testing playground far more than 
    any ideology or righteous need of the free world (but we sure 
    used the ordinance; after all, the difference between men 
    and boys is the price of their toys!).

        --but the 60s liberal was inflamed by a sense of 
    (im)morality.
    
        therefore, we are back to the same old question: does the
    leopard ever really change his spots?  have you ever seen a
    liberal who would not sell his soul to the devil?  

        I do not wish to blow a conservative horn, but given:

                "the ax and the firing squad are merely stones 
            on the road to freedom."
                    --attila

    the sacrificial lamb is certainly not your average
    warmed-over 60s liberal who is generally no better than the
    Stalinist "socialist" sympathizers which dominated both the
    State Department and the White House during FDR's reign, as 
    their cadres gave the Manhattan project and Eastern Europe to
    Old Joe.   

        FDR's fiasco was also the first perfect example of
    OSI/NSA not willing to prosecute since they were cracking
    Russian crypto.  For instance, I always WANTED to believe 
    Alger Hiss was innocent in so much as his son, Tony, was a 
    classmate at Harvard and we were on the editorial board of 
    the Harvard Crimson at the same time  --but he certainly
    wasn't innocent with the recent release of 50 year old NSA 
    files.

        therefore, I would not even hesitate to say in relation 
    to the accusations against Zimmermann: QUITE POSSIBLE; and I 
    would certainly expect our sleazy government to make the 
    offer.

        I am not interested in sitting in judgement of Phil 
    Zimmermann --let his conscience be his judge. 

        however:

        ***  WE WOULD BE FOOLS NOT TO EXAMINE WITH A FINE ***
        ***  TOOTH COMB PGP's IMPLEMENTATION OF THE RSA   ***
        ***  ALGORITHMS                                   ***

        secondly, there is nothing to prevent us, as a group, 
    from building a universal RSA application with a portable GUI
    (I think we can all afford Zinc (yuk...  but it covers the
    platforms cheaply --and this is not an exotic interface 
    requirement), and we can leave open hooks and interfaces for 
    mail, streaming, and every other purpose with a single 
    structure call.

            ANYONE WISH TO VOLUNTEER?  --for both problems.

        and, if no-one else has the guts to post the new PGP key 
    server compliant system software as freeware source code, I
    do!  "Their" only solution for me is murder, which is
    certainly not below their dignity; but I am old enough not to
    care.

        NOW, given that Zimmermann was supposedly insolvent at 
    the time of the "their" investigation, where did the money
    come for PGP, Inc. and where did the money come for the
    acquisition of ViaCrypt (the commercial licensee)?  

        Zimmermann was NOT funded prior to the acquisition and 
    PGP, Inc. was announced virtually the same day the DOJ 
    dropped the case.  

        not intending to slander Phil, but these are types of
    prosecution deals our "government of whores" (O'Rourke) is 
    famous for proposing  --in other words: the premise is
    open for interpretation.

        I've always believed it is not only to be clean, but to 
    appear clean in that there is no reason for suspicion of 
    anything but clean...   does Zimmermann make the test?

        HOWEVER, I do think the RSA algorithm (for instance,
    the freebie RSA routines used in mixmaster) and its
    associated code are safe to a given bit level which 
    theoretically can be incremented indefinitely as hardware
    performance advances accordingly. 

        --I seriously question "they" can break the algorithm
    itself except by brute force. The question is how far up the
    bitstream are "they?"  

        and, we should never be so complacent as to presume
    "they" will not land on an algorithmic method to create the
    primes from the bit stream --after all, they have two of the 
    four numbers and the products...

        just playing a hypothetical game on "their" fears,
    "their" pronoucements, "their" tolerance of low number
    bit encryption, and NSAs use of hardware at least a
    generation ahead, I would gamble NSA's brute force methods
    can probably break 1024 bits currently, and in a "reasonable"
    time.

        NSA is a game --they will grant the public 64 bits based
    on their estimate of the time required with a given level of
    hardware to break EVERY message in a finite number of
    sub-seconds --leaving the heavy hardware for the good
    stuff,

        at this point Thomas Scheling's theories come into play
    --I took Scheling's first course in "Game Theory" at Harvard
    in '60 --he was extremely ignorant on number theory and
    related statistical analysis --we called the course: "War
    Games."

        secondly, NSA, and the rest of "them," will play the game 
    of appeasement, fighting the good guys with delaying tactics
    as they surrender 64, then 128, then 256, etc. --talk, talk,
    talk...  and Nero is still fiddling...

        meanwhile NSA's capability to crack the good stuff is
    increasing rapidly enough to keep up with the directive that
    they must be able to decode EVERYTHING.  

        there are routines to eliminate brute force as a means of
    decryption, but they are painful and cumbersome in a public 
    key system.   plus, publication will bring the morning after
    visit from two or more spooks in raincoats...   who are not
    your friends.

        the game of appeasement depends on enough people WANTING
    (not necessarily willing) to believe that what they hear from
    big brother is the truth, or maybe better expressed as that
    old "Faith in America, land of our fathers" routine.

        anyone around here with insufficient cynicism to buy into
    NWO appeasement?

                attila,   29 Aug 96


--
Now, with a black jack mule you wish to harness, you walk up,
look him in the eye, and hit him with a 2X4 over the left eye.  
If he blinks, hit him over the right eye! He'll cooperate 
    --so will politicians.






From unicorn at schloss.li  Fri Aug 30 02:48:25 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Fri, 30 Aug 1996 17:48:25 +0800
Subject: Errors-To: for cypherpunks
In-Reply-To: <199608300121.UAA31369@manifold.algebra.com>
Message-ID: <Pine.SUN.3.94.960830021207.14685D-100000@polaris>


On Thu, 29 Aug 1996, Igor Chudov @ home wrote:

> Hi,
> 
> Whoever is in charge of maintaining this mailnig list, PLEASE
> add header 
> 
> Errors-To: cypherpunks-errors at toad.com
> 
> I am flooded by stupid "Mailbox is full" messages from Banyan and 
> CC-mail gateways.

Concur.

> 
> 	- Igor.
> 

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From stewarts at ix.netcom.com  Fri Aug 30 02:56:18 1996
From: stewarts at ix.netcom.com (stewarts at ix.netcom.com)
Date: Fri, 30 Aug 1996 17:56:18 +0800
Subject: Code Review Guidelines (draft)
Message-ID: <199608300700.AAA09287@toad.com>


At 09:58 AM 8/29/96 -0500, Igor wrote:
>The decision that have just made is not a technical decision, it is 
>a business decision. You just decided that the needs of security 
>outweight the need to be able to deal with 100% of potential customers.

I strongly agree.  You've also potentially annoyed a bunch of Europeans,
Unicode-speakers, and other users of non-ASCII alphabets.
Just because the domain name in somebody's address is case-insensitive 
(and culturally-insensitive :-) ASCII, that doesn't mean their user
name will be also, especially if their _real_ mail system is some
ugly proprietary thing like Microso-Cc:PR0FS-HS.400 or if their
name is Swedish or Chinese.

> ..... X.400 ..... /OU=foo/O=bar/C=KREV/
(X.400 may be evil, but it does exist :-)

> [ ! is almost dead ]
! is still around, especially for gateways to proprietary mail systems.

You also need to add colon : and maybe comma , .



#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From gnu at toad.com  Fri Aug 30 03:03:46 1996
From: gnu at toad.com (John Gilmore)
Date: Fri, 30 Aug 1996 18:03:46 +0800
Subject: Errors-To: for cypherpunks
Message-ID: <199608300729.AAA09606@toad.com>


> I am flooded by stupid "Mailbox is full" messages from Banyan and
> CC-mail gateways.

I suggest forwarding each and every one to the tech-support address at
Banyan or at CCMail.  If that doesn't work, send them to the president
of each company, until they fix their products to adhere to Internet
standards for where to send bounce messages.

You have to keep pushing each problem back to its source; that's the
only way they get fixed.

I had good luck at this with Microsoft; I reported their bogus Win95
email software that would, by default, insert gibberish at the bottom
of each message, to their tech support folks.  When that got no useful
response, I forwarded a copy of the bug report to
<billg at microsoft.com>, with a suggestion that having numerous
gibberish messages appearing daily in popular mailing list was making
Microsoft look like unresponsive novices in the Internet market.  Hmm,
the problem went away...

	John Gilmore
	postmaster at toad.com





From dlv at bwalk.dm.com  Fri Aug 30 03:10:01 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Fri, 30 Aug 1996 18:10:01 +0800
Subject: Desubscribe
In-Reply-To: <199608300019.RAA08156@adnetsol.adnetsol.com>
Message-ID: <mPogTD29w165w@bwalk.dm.com>


"Ross Wright" <rwright at adnetsol.com> writes:

> On Or About: 29 Aug 96, 16:57, Dr.Dimitri Vulis KOTM wrote:
>
> > jbugden at smtplink.alis.ca writes:
>
> > > can not unsubscribe since majo= rdomo notices
> > > jbugden at smtplink.alis.ca in the header and treats the attempt to
> > > unsubscribe as a forgery.
> >
> > If you don't have the brains to forge the From:, then you have no
> > business being subscribed to any mailing list.
> >
>
> What's worse?  Losers who can't unsubscribe from a mailing list they
> subscribed to OR spammers?   ;-)

Whoever uses the term "spam" in derogatory manner, opposes free
speech and deserves to be caned.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From vagab0nd at sd.cybernex.net  Fri Aug 30 03:12:04 1996
From: vagab0nd at sd.cybernex.net (Erle Greer)
Date: Fri, 30 Aug 1996 18:12:04 +0800
Subject: Elliptic Curve Y**2 = x**3 + a * x**2 + b
Message-ID: <2.2.32.19960830073415.00750208@mail.sd.cybernex.net>


At 12:18 AM 8/30/96 -0400, you wrote:
>On Thu, 29 Aug 1996, Erle Greer wrote:
>
>> This has what to do with CP?
>
>Elliptic curves have plenty to do with cryptography.  A web search should
>turn up some useful information.  It's really quite fascinating if you can get
>past some of the heavy math.  A tad more relevant to cpunks than black
>helicopters, conspiracy theories, and such. 
>
>- -- Mark
>
Sorry, I guessed I jumped the gun.  I hate off-topic subjects that make this
list so huge.  Some of the off-topics indeed are interesting, but aren't
relevant.  My apologies to you, Tom.






From rp at rpini.com  Fri Aug 30 03:39:37 1996
From: rp at rpini.com (Remo Pini)
Date: Fri, 30 Aug 1996 18:39:37 +0800
Subject: Crypto CD will be produced
Message-ID: <9608300754.AA20036@srzts100.alcatel.ch>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Fri Aug 30 09:52:35 1996
Enough requests for the CryptoCD have been made. It will definitely be 
produced (guys out there, send me those archives!!!). For details check:

http://www.rpini.com/crypto/cryptocd.html

Thanks to all who requested the CD. 

- ------< fate favors the prepared mind >------
Remo Pini                        rp at rpini.com
PGP:  http://www.rpini.com/crypto/crypto.html
- ----< words are what reality is made of >----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBMiadxhFhy5sz+bTpAQHYAggA0Yiz/pP3CAhHx6h5K+t92bXgoadjN+Wn
nJrKwHWhEs2KOwjZqfSM+AXHw/YURqGl1+wN1SJiKpZqPpoo8cM2fPWOEYg97xSG
yAs7a6o9iCqCeOrRxKIAO8fuByOUpgCbYQg2ITkRpoE2isfyex+O4LqpdHfWR08h
TlqpAEnVU9aO9EXUYpNUzByEs/qZ3xhIL0+F8q1fcVIOn1XscgiJ5gZpkGQSnGAn
8FJAEgjHl35MEx8RDxTVa5XqF9/qI0IDQMQC7pgsvq3/hOSfdGlpvhVv5jLzP5le
IZNe0mKC7eKS2LpgNpwvJFCZ34HnbQGEuFbThVuZI6fzfvl941p4jA==
=ttLh
-----END PGP SIGNATURE-----






From a.brown at nexor.co.uk  Fri Aug 30 03:58:00 1996
From: a.brown at nexor.co.uk (Andy Brown)
Date: Fri, 30 Aug 1996 18:58:00 +0800
Subject: Mimic Function Stego Programs?
Message-ID: <01BB9656.479128F0@mirage.nexor.co.uk>


On 29 August 1996 21:34, Damien Lucifer[SMTP:root at HellSpawn] wrote:

> A quick example:
> 
> dictionary: 1=sofa 0=couch
> input: The couch is very comfortable
> output (0): The sofa is very comfortable.
> output (1): The couch is very comfortable.

This idea generalises well from human to computer assembly languages.
You often have a choice of which instruction to use to achieve your goal,
and a stego assembler could quite easily be constructed.


- Andy






From tcmay at got.net  Fri Aug 30 04:37:47 1996
From: tcmay at got.net (Timothy C. May)
Date: Fri, 30 Aug 1996 19:37:47 +0800
Subject: Elliptic Curve Y**2 = x**3 + a * x**2 + b
Message-ID: <ae4bfb5c03021004898e@[205.199.118.202]>


At 2:38 AM 8/30/96, Erle Greer wrote:
>> 1: How can I take the suqare root mod p ?
>
>This has what to do with CP?

Quite a lot, actually.

Elliptic curves closely describe the trajectories followed by Dark
Helicopters (known as "D-H" in cryptographic circles^H^H^H^H^H^Hellipses).
I observed Clinton's Dark Helicopter tracing an ellipse over my home just a
few weeks ago. (And the connections between the White House and the Ellipse
are too well known to comment upon.)

Speaking darkly, the leading algorithm is RSA, named after the Republic of
South Africa. Ellipses within ellipses form mandalas, so the connection
with RSA is all too obvious, even to a Sovok Bilderberger.

Ellipses also show up on the CP list in other ways...as when people elide
material and mark the elided material with "..."

For an alternate view of reality, look at Neal Koblitz's book "A Course in
Number Theory and Cryptography."


--Klaus








From jf_avon at citenet.net  Fri Aug 30 04:39:57 1996
From: jf_avon at citenet.net (Jean-Francois Avon)
Date: Fri, 30 Aug 1996 19:39:57 +0800
Subject: Singapore Global Action Alert (8/29/96)
Message-ID: <9608300819.AA22874@cti02.citenet.net>


On 29 Aug 96 at 19:25, Declan McCullagh wrote:

> Bill speaks sooth. Personally, I agree with Jean-Francois in that
> the Singapore government *does* understand the Net, and is using
> that knowledge to control it within their borders reasonably well.
> Remember the next phase of restrictions goes into effect on
> September 15. 
> 
> But I don't see a problem in being polite the first time. 



Dear Declan.  This post is not personnally against you Declan.  I
like your posts.  Only, I don't agree with you last post.  And permit 
me to advance this: it is through an honnest error of yours that you 
have this opinion.

So, here it is:

I don't agree with you.  The world is being stangulated and
bloodsucked dry by peoples who are nothing but cheap shots.  It is
not a matter of being polite or not, it is a matter of saying things
as they really are.  It is a matter of acknowledging reality.  It is
a matter of integrity.

The best way to blow up their cheap littles looting schemes is to 
simply *say* the truth.  We live in an age where everybody is 
terrified of stating what everybody damn well know but tries as hard 
as they can to blank out.

By giving a simulacre (english word?), a make believe of moral 
sanction, you permit them to commit their crimes against human mind 
and life.  It is *us*, the producers, who grant them a recognition by 
being polite to them while they propose to eat us alive.  You 
wouldn't let a hiway robber to mug you without trying everything you 
can to prevent it, yet, you permit thoses statists leeches to 
confiscate an enormous part of your life, to rule an enormous part of 
your life, to define an enormous part of your life rules.

I grant much more respect to a bank robber than to a politician: the 
bank robber puts his own ass on the line, takes his own risks, and 
doesn't pretend he's doing it for you.  He is a robber but he makes 
no bones about it and he accepts the risks of the "trade".  Ask 
yourself if your friendly neighboorhood politician fits this 
definition.

My famnily owned a land.  The city expropriated us at around 
1.85$/sq.ft. while they evaluated, "for taxation purposes", the land 
at 4.85$/sq.ft.  They sold the land to a local "silicon-valley-style" 
project who went bankrupt so the city could repossess it.  We fighted 
the provincial govt (and won partially) because they planned to have 
the capacity to re-sell the land for housing projects, therefore 
speculating on expropriated land.  Hey, I'd rather have the 10$ it is 
worth that let them have them.  We damn worked this land for 50 years.

And all of this was done in the name of "for the good of science",
technology and high-tech employement, all with the full moral
sanction of our universities most famous universities, provincial, 
federal and municipal govt.  Only, there is not a damn business that 
came to establish itself there.  Finally, one big pharmaceutical did 
but there is probably a lot of corruption underneath.  It stinks.

The way they could perform that extortion was with the aid of 
hundreds of half baked semi truths and fallacies, all in the name of 
some "unknown but all desserving" fucking "public".  If we would have 
simply stood up and named their fallacies in the first place, they 
would have had a much harder time doing what they did to us.  but our 
modern lawyers and "counsellors" said that we should "play along".  

Since the land had 9 co-owners, FUD worked well and most owners were
convinced to play the game, therefore granting them the moral
sanction of acknowledging realism and legitimacy.  It was *all* done
in the name of "tolerance" and of being "open minded".  But as I
said, a little poison is still poison.  In retrospect, by granting
them the semblance of reason, *WE* forged reality for them, *WE* gave
them a moral sanction.  I am not one of the owner.  My mom's family
is.  I watched the scene with rage but I couldn't do anything. Try
to make theses peoples understand after being told for all their
life that "being polite" and "being tolerant" is a must...

There is no such thing as being tolerant to being killed.  You don't 
just "die only a little".  In the same way, you don't loose "only a 
little" taxed dollars or free speech.

I am not a Randian, but I agree with many ideas of Ayn Rand.  I don't 
recite half-memorized paragraph out of her books, I fought and still 
fight as I can the govt in their looting schemes.  I was there, 
sitting with ministers and arguing with them.  I saw the leeches in 
action.  

So, if you persist at advocating politeness in thoses situations,
next time a mugger try to beat you, try to remain polite in the first 
time... 

Many friends of many politicians will get rich on it.  Our layers
will get rich on it.  We worked the damn place for 50 years and
*owned* it.  Land, not that far from there was sold at around 16$. 
Land behind ours was sold 7$.  We got 1.85$.

If anybody wants to argue with me, first send a check for the
difference between 10$ and 1.85$, times the sq.ft. surface of the
land. (e-mail me by PGP to have the figures :)  Then, we could
*start* discussing the virtues of statism.

Regards.

JFA
Who is John Galt?  :)
 DePompadour, Societe d'Importation Ltee; Limoges porcelain, silverware and crystal
 JFA Technologies, R&D consultants: physicists, technologists and engineers.

 PGP keys at: http://w3.citenet.net/users/jf_avon
 ID# C58ADD0D : 529645E8205A8A5E F87CC86FAEFEF891 
 





From frantz at netcom.com  Fri Aug 30 04:40:27 1996
From: frantz at netcom.com (Bill Frantz)
Date: Fri, 30 Aug 1996 19:40:27 +0800
Subject: Exploring (RSA (001)
Message-ID: <199608300605.XAA20594@netcom7.netcom.com>


At 10:39 PM 8/29/96 -0400, Scottauge at aol.com wrote:
>Exploring Rivest, Shamir, Adelman algorithm, but hoping someone out there is
>interested in very large number manipulations.
>
>...
>
>Other than using Mathematica or Maple, I would like to use C or perferrably
>C++.
>
>Just some basics such as multiplication, addition, subtraction, division,
>mod, etc over the Z set.

I have been collecting information about crypto libraries for the Mac
Crypto conference next week.  Here is what a quick AltaVista search came up
with.  Since you want C++, I would particularly look at Wei Dai's Crypto++
library.  If anyone has other strongly recommended libraries, please let me
know.


Crypto Libraries
 
  http://www.clark.net/pub/cme/ has source for MD5
 
  http://www.homeport.org/~adam/crypto/ for a comparison of crypto
  libraries
 
  http://www.enter.net/~chronos/cryptolog1.html has a collection of
  links to crypto resources
 
  http://www.openmarket.com/techinfo/applied.htm - Internet Locations 
  for Materials on the Disks for Applied Cryptography
 
  Crypto++ in C++ by Wei Dai. -  Has been tested under Codewarrior
  2.0. 
 
    ftp://ftp.csn.net/mpj/README  - in the USA
 
  Cryptolib in C by Jack Lacy - No Mac version, C, Sparc, SGI, i486
  assembler  
 
    To obtain, send email to cryptolib at research.att.com with a
    statement of the following�
    form: �
    �
           "I am a U.S. or Canadian citizen or a legal permanent
    resident of the�
            U.S. and am aware that some parts of CryptoLib may be
    restricted under�
            United States Export regulations.  I have read and
    understand the�
            CryptoLib license."�
    �
    �
            Name:�
            Location:�
            E-mail:�
            Are you licensed to use the RSA patent?�
               If yes, give name of licensed organization:�
 
  RSAref 2.0, by RSA Data Security Inc. - Tested with Mac
 
    ftp://ftp.rsa.com:/rsaref/README  - In the USA
 
    http://www.consensus.com/RSAREF/rsaref_toc.html - in the USA
 
  SSLeay in C by Eric Young - C, gcc and system cc for Solaris 2.[34] 
  (sparc and x86), SunOS 4.1.3, DGUX, OSF1 Alpha, HPUX 9, AIX 3.5,
  IRIX 5.[23], LINUX, NeXT (intel) 
 
    ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/
 
  The Systemics Cryptix Cryptography Library in Java or Perl by Gary
  Howland - Java on Win95, WinNT, Solaris, Linux, Irix.
 
    http://www.systemics.com/software/
 
  The Cryptlib free Encryption Library in C by Peter Gutmann - Unix,
  DOS, windows (16 & 32 bit DLL available), Amiga
 
    http://www.cs.auckland.ac.nz/~pgut001/cryptlib.html
 

-------------------------------------------------------------------------
Bill Frantz       | Cave ab homine unius libri | Periwinkle -- Consulting
(408)356-8506     |  [Beware the man of one    | 16345 Englewood Ave.
frantz at netcom.com |   book]  - Anonymous Latin | Los Gatos, CA 95032, USA







From dthorn at gte.net  Fri Aug 30 05:10:51 1996
From: dthorn at gte.net (Dale Thorn)
Date: Fri, 30 Aug 1996 20:10:51 +0800
Subject: Encryption
Message-ID: <3226ADC6.6C87@gte.net>

It appears to me that PGP encryption et al is really 1940's technology, 
albeit fancied up by 1990's computers.  Why use keys and cyphers when 
all you should have to do is maximize the randomization of bits in a 
script?  Big computers should not be able to de-randomize such encoding, 
since the permutations/combinations would be astronomical after just a 
half-dozen or so random number initializations, as well as the fact that 
the bits are relatively undifferentiated (just ones and zeros) and are 
not maintained with their original bytes, words, paragraphs, or pages?


DALE THORN ON CRYPTOGRAPHY: ABSTRACT                            23 August 1996
------------------------------------------------------------------------------

Algorithm: Select bit-groups of random length from the file until the file is
           completely processed.  Shuffle the bits in each group randomly and
           save each group back to the file. Repeat if needed using different
           key-strings for each successive encryption, for increased security.

"If a high-speed computer could perform 'a trillion processor ops per second',
and it took just one millionth of a second to 'crack' my test file on such a
machine (i.e., a million ops), it would still require 10^36 ops to 'crack' 6
consecutive encodings, which translates to 10^24 seconds, or 3 x 10^16 years."

"Due to the nature of compounded bit-shuffling, no algorithm ever developed
or proposed could 'crack' multi-pass encoding with a single decryption pass.
In plain English, if a file were encoded six times (in six passes, with six
different password phrases), you'd have to decode all six passes before you
would know whether even the first decryption pass was successful or not."

"Since each byte in the encrypted file may contain bits from other 'original'
bytes, multi-pass encoding moves you rapidly in the direction of true-random
distribution of the source bits (note the 'Intelligent User' comment below)."

"My desktop computer (a 90 mhz Pentium) can encrypt a 12 kb file in less than
one second (in a single pass) using 'C', and takes less than two seconds with
the PDQ version of Basic I use, hence, the six passes that I normally perform
on such a file require nine seconds or less total computer time."

"One of the difficulties in breaking this type of encryption (other than the
numerical time factors) is the fact that you might have to deal with several
unknown random number generators from different compiled executable programs.
Add to this another factor, the 'Intelligent User' who adds their own tweaks
to the source code. The tweak is added, the program is compiled, the file(s)
are encrypted, and then the modified source code is destroyed along with the
executable file.  This type of modification, together with the fact that the
individual bits in the encrypted text file are scattered very effectively in
normal encoding, yields the ultimate level of security for concerned persons."

------------------------------------------------------------------------------
A SIMPLIFIED EXAMPLE FOR ENCRYPTION/DECRYPTION
------------------------------------------------------------------------------

We're going to encrypt the following 25-character text string:

   when_it_rains_it's_a_bath

The unencrypted string (in bit form, least significant bit at left) is:

   11101110000101101010011001110110111110101001011000
   10111011111010010011101000011010010110011101101100
   11101111101010010110001011101110010011001110111110
   10100001101111101001000110100001100010111000010110

We now generate 200 random numbers, and sort them in ascending order.
The following list represents the original physical positions of the
numbers, and we move the bits as shown above from these positions in
the 25-byte text string to bit positions 0, 1, 2, etc. (move bit #4
to the first position, move bit #179 to the second position, etc.).

     4 179  67 127  46  76 136  74  92  54
    88 121 134 192  77  36  47  26  45 144
   111 141 150  58 110  12  94  13 161 177
    18 155 153 175  91  95  86 195  79  20
    23 172  51  96 126  93  64   3 125  81
   166 131  71  63 170  78 140  87 107 147
    15  35  10 168  33 149 189 118  42  90
     6  85 120  68 102 173 103 104 138  83
    53  43 182 139  29  60 146 184 176 114
   123  44 191  56  70 185  73 137 148 199
   196  27  65  62  37 181  28   0 106 158
   100   1 190   2  25 194   8  30 174 101
   105 135 162  61  75  32 115 142  14  49
   186  50 183  21 119  52  69  99  11  89
    72  34  98 188  82  17 163   9 167 109
   113 171  38 157  84   5  59 178  22  57
   151 122 160 130  39 116 133 156 164  66
   159  40 124 193 108 180 152  41  97   7
   197 145 132 169  55  16  24 165 198 112
    19 129 187  31 154  48  80 128 117 143

The text string (in bit form) following the first encryption is now:

   10001010010000110111011110111010001011000001110010
   10000110110100101101110111010111101110100001100110
   01110101111111100111101001111011010110111101001000
   00110110110111001010011010101011010100110100001110

At this point, it's obvious (with a sufficient length of text to analyze) that
we could restore the original text using an algorithm equivalent to the pseudo-
random number generator we used above.  However, we're going to encrypt again:

Generate another 200 random numbers and sort them in ascending order.
The following list represents the original physical positions of the
numbers, so move the bits the same way we moved them above (move bit
#41 to the first position, move bit #9 to the second position, etc.).

    41   9  38  86  67 108   8  99 157  69
    91   6  15 150  28 192  56  98  54  72
   145  19  48  64 183 147 102   7 138 177
   167  29 164 176  97  82  83 168 181  95
   185  22  21  30  93 182 109  39 197  14
    96  40  84 137 155 143  16 126  58  33
   149 144 140 159  88 189   4 190 153  90
    68 114 129  45  53 112 119 125 127 124
    20 141 142  77 188 115 175 105  60 194
   106  80  31  49  51 116   1 113 151  94
     2 199 161 146  71 101  62  66 154 166
     3 128   5 118  10  61 110 165  43 122
    42  47 184  46 133  85  74 173  36  44
   111 171  89  35 163 136 162 198  17  23
    78 152 121  37  12 186  55 169 103  24
    34  26 178  87  81 123 132 195  65  11
   174 191 193 172  18  25 196 107 120 187
    27 100 180 134  59 135 179  57 148   0
    63  13 158 130  70 131 117 139  32 104
    92 170  50  76  73  79  75 160  52 156

The text string (in bit form) following the second encryption is now:

   01011100010110101100011110101000011101101111101011
   00101101100011111010010101111001011001000100000101
   00111101010101011011000011101111001111110101001011
   11101000001101101110101011000100111111000010111001

Now that we've doubly-encrypted the text string, try to describe an algorithm
that will restore the original string in a single decryption step, i.e., move
directly from the last-encoded text to the original text without the need for
an intermediate decryption step.

Text parsers and lexical analyzers won't do you any good in intermediate steps
as described above, since all intermediate encodings will be garbage text (not
only will the bits in each character be scrambled, but bits will be scrambled
across characters, words, and paragraphs as well.

Multi-step decryption could be facilitated where text can be analyzed a few
characters or words at a time, assuming the analysis engine could determine
from where to get the appropriate bits when processing a large text stream.

In the above examples of bit-level encryption, the individual bits migrate to
various places in the text string rather than remain within each set of eight
bits which DOS arbitrarily designates as character bytes. Therefore, the ONLY
tenable (but not necessarily viable) methods for decoding such text are:

   1. Try rearranging the bits randomly.  The disadvantages are:

      a. You could come up with "Mary had a little lamb...", etc., given
         that the bits are minimally differentiated (just ones and zeros).

      b. Decryption would require eons of time (an exponential factor of the
         number of bits processed, divided by the cycle time of the computer).

   2. Decrypt the text one step at a time, in the reverse order of the
      encryption steps.  The disadvantages are:

      a. You can't be sure you've decrypted any step correctly until decryption
         is completed (until all steps are performed and the text is readable).

      b. Passwords/phrases, algorithms, code routines, and even whole programs
         might change from step to step, thereby invalidating any 'single-pass'
         decryption scheme that's likely to be proposed.




From sparks at bah.com  Fri Aug 30 05:51:09 1996
From: sparks at bah.com (Charley Sparks)
Date: Fri, 30 Aug 1996 20:51:09 +0800
Subject: Nuke Singapore Back into the Stone Age
Message-ID: <199608300938.FAA08698@booz.bah.com>


-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: tcmay at got.net, cypherpunks at toad.com
Date: Fri Aug 30 05:45:44 1996
We could launch a mail-bomb campaign.. I am looking for the source for a mail bomb 
program. WinTel would be nice but I could use Linux
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCXAwUBMia4SeJ+JZd/Y4yVAQGlpgQMCuPtwANs1N4JbQDyUsNEpib2rR2CNrsY
lRIQ1gVNHNZhptnDaHxu69R0dLhBF/hjbnQwhINGYZcuCVfE7kxRdgwVVmU+G7Bw
ods0qCVe2CFddD0cxxQ8mdURnnTQGkN2nz4wA2zx1DHN/pKqzrCYxlLLllzGb+MH
50BM7K2Wj6BShQ==
=wB2W
-----END PGP SIGNATURE-----






From sparks at bah.com  Fri Aug 30 05:58:52 1996
From: sparks at bah.com (Charley Sparks)
Date: Fri, 30 Aug 1996 20:58:52 +0800
Subject: see you guys later
Message-ID: <199608300942.FAA08865@booz.bah.com>


You might want to reconsider the 2x Lithium.... too much really does make you feel 
like shit ! Actually the lobotimizing effects of stellazine (sp) aren't too bad for 
a short time





From mixmaster at remail.obscura.com  Fri Aug 30 06:41:09 1996
From: mixmaster at remail.obscura.com (Mixmaster)
Date: Fri, 30 Aug 1996 21:41:09 +0800
Subject: Ian's Linux Filesystem Patches
Message-ID: <199608300740.AAA05386@sirius.infonex.com>


I installed Ian's filesystem patches for Linux 2.0.11, and then patched the
kernel up to 2.0.15. Unfortunately I soon realized that the entire system 
grinds to a halt as the kernel performs cryptographic operations on a block
of data. 

I lack enough crypto expertise to fix this, but I believe it just needs to
be made preemptable, however that works. The filesystem patch, while a
definite step in the right direction, is all but useless in its present form.

For an idea of what I'm talking about, kill your turbo switch, or install on
a slow machine so that this is a bit more noticable. Users may want to kill
their internal chip cache. Patch the kernel up to 2.0.15, and install the 
kernel. Setup the loopback device as the README file states. Then make a 
filesystem on that device. The system will slow to a halt about the time that 
it actually needs to write some data to the filesystem, probably during the 
superblock write in mke2fs. Then, mount the filesystem and try to write a 
large block of data to the device. Again, it dies.

This will need to be fixed if everyone wants to install such a patch into
their kernel to reduce suspicion, or if it is to be included as standard in
the kernel source tree. I would fix this if I knew more about the way the
kernel is set up. I do fear making it preemptable may open a large can of
worms, at which point it may be more useful to implement this in userspace,
maybe by the creation of a seperate entry in the device hierarchy.





From droelke at rdxsunhost.aud.alcatel.com  Fri Aug 30 09:03:11 1996
From: droelke at rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Sat, 31 Aug 1996 00:03:11 +0800
Subject: Errors-To: for cypherpunks
Message-ID: <9608301245.AA05091@spirit.aud.alcatel.com>



> Hi,
>
> Whoever is in charge of maintaining this mailnig list, PLEASE
> add header
>
> Errors-To: cypherpunks-errors at toad.com
>
> I am flooded by stupid "Mailbox is full" messages from Banyan and
> CC-mail gateways.
>
>       - Igor.
>
 
While an Errors-To: field can't hurt, it shouldn't be
needed.  The problem is *broken* gateways.  There are
plenty of properly set up and running Banyan and CC-mail
gateways, we just need to harass the admins into
running the broken ones properly.
 
Let me quote from "scripture" (RFC-822) below in a typical message
I send to such idiots.  This particular person had neither
the use Sender: set up correctly, or a postmaster address.
<sigh>
 
----- included message ----
 
Your SMTP to Banyan gateway is broken and missing a postmaster address.
 
I sent a message to cypherpunks at toad.com, to which someone
at your site is apparently subscribed.  The listserver at toad.com
correctly puts a "Sender:" field in the header of all outgoing
messages, and according to RFC-822 all SMTP handleing agents
must send any bounces to that address.
 
RFC-822 specifically states (starting at line #1430 in rfc-822.txt)
 
     4.4.4.  AUTOMATIC USE OF FROM / SENDER / REPLY-TO
 
        For systems which automatically  generate  address  lists  for
        replies to messages, the following recommendations are made:
 
            o   The "Sender" field mailbox should be sent  notices  of
                any  problems in transport or delivery of the original
                messages.  If there is no  "Sender"  field,  then  the
                "From" field mailbox should be used.
 
Also, RFC-822 states that you must have an address of postmaster
that people can send email to  (starting at line #2046 in rfc-822.txt)
 
 
     6.3.  RESERVED ADDRESS
 
          It often is necessary to send mail to a site, without  know-
     ing  any  of its valid addresses.  For example, there may be mail
     system dysfunctions, or a user may wish to find  out  a  person's
     correct address, at that site.

          This standard specifies a single, reserved  mailbox  address
     (local-part)  which  is  to  be valid at each site.  Mail sent to
     that address is to be routed to  a  person  responsible  for  the
     site's mail system or to a person with responsibility for general
     site operation.  The name of the reserved local-part address is:
 
                                Postmaster
 
     so that "Postmaster at domain" is required to be valid.
 
     Note:  This reserved local-part must be  matched  without  sensi-
            tivity to alphabetic case, so that "POSTMASTER", "postmas-
            ter", and even "poStmASteR" is to be accepted.
 
 
So, please fix your gateway, or contact Banyan on how to
correctly configure it.
 
Thank-you,
 
----- end included message ----
 
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke at aud.alcatel.com                             Richardson, TX






From trollins at interactive.visa.com  Fri Aug 30 10:14:47 1996
From: trollins at interactive.visa.com (Tom Rollins)
Date: Sat, 31 Aug 1996 01:14:47 +0800
Subject: Elliptic Curve Y**2 = x**3 + a * x**2 + b
In-Reply-To: <3225228C.4290@worldnet.att.net>
Message-ID: <199608301402.KAA25385@rootboy.interactive.visa.com>


Justin Card wrote:
> I can't remember the elliptic curve system well, but if the parameters
> of the curve are not standard for everyone (which I am afraid they are)
> one method is to pick the point first, then solve for the a & b.
> 
> If this is not the case, finding the square root may be nice or tricky.
> 
> if p=3 mod 4, then the sqrt is
> X^(P+1) mod P, where X is the number you are trying to find the sqrt
> of.  It can be extended to X=5(mod 8) and a few others, but I'm not sure
> how.  There is also a form for X=1 mod 4,but I can't find reference to
> it. Hope this helps

A security issue is selecting an elliptic curve whose order (number
of points on the elliptic curve) is divisible by a large prime number.

I still have to implement this selection process and thus will have
my a and b selections driven by this analysis.

There also could be some bandwidth savings when transmitting an
elliptic curve point to transmitt just the x and the sign bit of y
and let the receiver reconstruct the actual y value.

The choice for prime p could have overall speed benefits by selecting
a p=3 mod 4 that makes the math simpler. This was also in Wei Dai's
ModularSquareRoot C++ code "if(p%4 == 3) return a_exp_b_mod_c(a, (p+1)/4, p);"

-tom
                




-- 
Tom Rollins   <trollins at interactive.visa.com>






From liam at webspan.net  Fri Aug 30 10:22:08 1996
From: liam at webspan.net (William F. Towey)
Date: Sat, 31 Aug 1996 01:22:08 +0800
Subject: Reprogramming Beepers?
Message-ID: <3226F6E1.2333@webspan.net>


Does anyone know how to reprogram a beeper to a new number. Please
Help Brendan





From perry at piermont.com  Fri Aug 30 10:53:31 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 31 Aug 1996 01:53:31 +0800
Subject: PGP & Default
In-Reply-To: <199608300152.DAA18622@basement.replay.com>
Message-ID: <199608301446.KAA04448@jekyll.piermont.com>



Anonymous writes:
>    I created a nym with a public key.  Now, it's become the default so
> when I go to send an encrypted message, I get prompted to enter the
> password for my nym key.
>    So, for the $64,000 question: How I can get my *original* public key (the 
> one with my
> "real" email address) to again be the default.

I presume you are using PGP.

There is a configuration file option to do what you want.

Perry





From ichudov at algebra.com  Fri Aug 30 11:02:15 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Sat, 31 Aug 1996 02:02:15 +0800
Subject: Encryption
In-Reply-To: <3226ADC6.6C87@gte.net>
Message-ID: <199608301351.IAA09141@manifold.algebra.com>


Khm, am I being trolled?

The purpose of encryption is to make decryption easy for designated
parties and hard for all others. The proposed algorithm simply destroys
the original text that you had. How you plan to decrypt your encrypted
messages?

It is not an encryption method, it is "data destruction" method.

igor

Dale Thorn wrote:
> 
> This is a multi-part message in MIME format.
> 
> --------------5E91F122B2E
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: 7bit
> 
> It appears to me that PGP encryption et al is really 1940's technology, 
> albeit fancied up by 1990's computers.  Why use keys and cyphers when 
> all you should have to do is maximize the randomization of bits in a 
> script?  Big computers should not be able to de-randomize such encoding, 
> since the permutations/combinations would be astronomical after just a 
> half-dozen or so random number initializations, as well as the fact that 
> the bits are relatively undifferentiated (just ones and zeros) and are 
> not maintained with their original bytes, words, paragraphs, or pages?
> 
> --------------5E91F122B2E
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline; filename="readme.1st"
> 
> DALE THORN ON CRYPTOGRAPHY: ABSTRACT                            23 August 1996
> ------------------------------------------------------------------------------
> 
> Algorithm: Select bit-groups of random length from the file until the file is
>            completely processed.  Shuffle the bits in each group randomly and
>            save each group back to the file. Repeat if needed using different
>            key-strings for each successive encryption, for increased security.
> 
> "If a high-speed computer could perform 'a trillion processor ops per second',
> and it took just one millionth of a second to 'crack' my test file on such a
> machine (i.e., a million ops), it would still require 10^36 ops to 'crack' 6
> consecutive encodings, which translates to 10^24 seconds, or 3 x 10^16 years."
> 
> "Due to the nature of compounded bit-shuffling, no algorithm ever developed
> or proposed could 'crack' multi-pass encoding with a single decryption pass.
> In plain English, if a file were encoded six times (in six passes, with six
> different password phrases), you'd have to decode all six passes before you
> would know whether even the first decryption pass was successful or not."
> 
> "Since each byte in the encrypted file may contain bits from other 'original'
> bytes, multi-pass encoding moves you rapidly in the direction of true-random
> distribution of the source bits (note the 'Intelligent User' comment below)."
> 
> "My desktop computer (a 90 mhz Pentium) can encrypt a 12 kb file in less than
> one second (in a single pass) using 'C', and takes less than two seconds with
> the PDQ version of Basic I use, hence, the six passes that I normally perform
> on such a file require nine seconds or less total computer time."
> 
> "One of the difficulties in breaking this type of encryption (other than the
> numerical time factors) is the fact that you might have to deal with several
> unknown random number generators from different compiled executable programs.
> Add to this another factor, the 'Intelligent User' who adds their own tweaks
> to the source code. The tweak is added, the program is compiled, the file(s)
> are encrypted, and then the modified source code is destroyed along with the
> executable file.  This type of modification, together with the fact that the
> individual bits in the encrypted text file are scattered very effectively in
> normal encoding, yields the ultimate level of security for concerned persons."
> 
> ------------------------------------------------------------------------------
> A SIMPLIFIED EXAMPLE FOR ENCRYPTION/DECRYPTION
> ------------------------------------------------------------------------------
> 
> We're going to encrypt the following 25-character text string:
> 
>    when_it_rains_it's_a_bath
> 
> The unencrypted string (in bit form, least significant bit at left) is:
> 
>    11101110000101101010011001110110111110101001011000
>    10111011111010010011101000011010010110011101101100
>    11101111101010010110001011101110010011001110111110
>    10100001101111101001000110100001100010111000010110
> 
> We now generate 200 random numbers, and sort them in ascending order.
> The following list represents the original physical positions of the
> numbers, and we move the bits as shown above from these positions in
> the 25-byte text string to bit positions 0, 1, 2, etc. (move bit #4
> to the first position, move bit #179 to the second position, etc.).
> 
>      4 179  67 127  46  76 136  74  92  54
>     88 121 134 192  77  36  47  26  45 144
>    111 141 150  58 110  12  94  13 161 177
>     18 155 153 175  91  95  86 195  79  20
>     23 172  51  96 126  93  64   3 125  81
>    166 131  71  63 170  78 140  87 107 147
>     15  35  10 168  33 149 189 118  42  90
>      6  85 120  68 102 173 103 104 138  83
>     53  43 182 139  29  60 146 184 176 114
>    123  44 191  56  70 185  73 137 148 199
>    196  27  65  62  37 181  28   0 106 158
>    100   1 190   2  25 194   8  30 174 101
>    105 135 162  61  75  32 115 142  14  49
>    186  50 183  21 119  52  69  99  11  89
>     72  34  98 188  82  17 163   9 167 109
>    113 171  38 157  84   5  59 178  22  57
>    151 122 160 130  39 116 133 156 164  66
>    159  40 124 193 108 180 152  41  97   7
>    197 145 132 169  55  16  24 165 198 112
>     19 129 187  31 154  48  80 128 117 143
> 
> The text string (in bit form) following the first encryption is now:
> 
>    10001010010000110111011110111010001011000001110010
>    10000110110100101101110111010111101110100001100110
>    01110101111111100111101001111011010110111101001000
>    00110110110111001010011010101011010100110100001110
> 
> At this point, it's obvious (with a sufficient length of text to analyze) that
> we could restore the original text using an algorithm equivalent to the pseudo-
> random number generator we used above.  However, we're going to encrypt again:
> 
> Generate another 200 random numbers and sort them in ascending order.
> The following list represents the original physical positions of the
> numbers, so move the bits the same way we moved them above (move bit
> #41 to the first position, move bit #9 to the second position, etc.).
> 
>     41   9  38  86  67 108   8  99 157  69
>     91   6  15 150  28 192  56  98  54  72
>    145  19  48  64 183 147 102   7 138 177
>    167  29 164 176  97  82  83 168 181  95
>    185  22  21  30  93 182 109  39 197  14
>     96  40  84 137 155 143  16 126  58  33
>    149 144 140 159  88 189   4 190 153  90
>     68 114 129  45  53 112 119 125 127 124
>     20 141 142  77 188 115 175 105  60 194
>    106  80  31  49  51 116   1 113 151  94
>      2 199 161 146  71 101  62  66 154 166
>      3 128   5 118  10  61 110 165  43 122
>     42  47 184  46 133  85  74 173  36  44
>    111 171  89  35 163 136 162 198  17  23
>     78 152 121  37  12 186  55 169 103  24
>     34  26 178  87  81 123 132 195  65  11
>    174 191 193 172  18  25 196 107 120 187
>     27 100 180 134  59 135 179  57 148   0
>     63  13 158 130  70 131 117 139  32 104
>     92 170  50  76  73  79  75 160  52 156
> 
> The text string (in bit form) following the second encryption is now:
> 
>    01011100010110101100011110101000011101101111101011
>    00101101100011111010010101111001011001000100000101
>    00111101010101011011000011101111001111110101001011
>    11101000001101101110101011000100111111000010111001
> 
> Now that we've doubly-encrypted the text string, try to describe an algorithm
> that will restore the original string in a single decryption step, i.e., move
> directly from the last-encoded text to the original text without the need for
> an intermediate decryption step.
> 
> Text parsers and lexical analyzers won't do you any good in intermediate steps
> as described above, since all intermediate encodings will be garbage text (not
> only will the bits in each character be scrambled, but bits will be scrambled
> across characters, words, and paragraphs as well.
> 
> Multi-step decryption could be facilitated where text can be analyzed a few
> characters or words at a time, assuming the analysis engine could determine
> from where to get the appropriate bits when processing a large text stream.
> 
> In the above examples of bit-level encryption, the individual bits migrate to
> various places in the text string rather than remain within each set of eight
> bits which DOS arbitrarily designates as character bytes. Therefore, the ONLY
> tenable (but not necessarily viable) methods for decoding such text are:
> 
>    1. Try rearranging the bits randomly.  The disadvantages are:
> 
>       a. You could come up with "Mary had a little lamb...", etc., given
>          that the bits are minimally differentiated (just ones and zeros).
> 
>       b. Decryption would require eons of time (an exponential factor of the
>          number of bits processed, divided by the cycle time of the computer).
> 
>    2. Decrypt the text one step at a time, in the reverse order of the
>       encryption steps.  The disadvantages are:
> 
>       a. You can't be sure you've decrypted any step correctly until decryption
>          is completed (until all steps are performed and the text is readable).
> 
>       b. Passwords/phrases, algorithms, code routines, and even whole programs
>          might change from step to step, thereby invalidating any 'single-pass'
>          decryption scheme that's likely to be proposed.
> 
> --------------5E91F122B2E--
> 



	- Igor.





From perry at piermont.com  Fri Aug 30 11:03:05 1996
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 31 Aug 1996 02:03:05 +0800
Subject: Elliptic Curve Y**2 = x**3 + a * x**2 + b
In-Reply-To: <2.2.32.19960830023856.0075c734@mail.sd.cybernex.net>
Message-ID: <199608301450.KAA04467@jekyll.piermont.com>



Erle Greer writes:
> > 1: How can I take the suqare root mod p ?
> 
> This has what to do with CP?

Yeah, horrible seeing people talk about cryptography on Cyphercesspit.

Perry





From mwohler at ix.netcom.com  Fri Aug 30 11:46:13 1996
From: mwohler at ix.netcom.com (Marc J. Wohler)
Date: Sat, 31 Aug 1996 02:46:13 +0800
Subject: Selling your sole to DOJ ...err, devil   Zimmermann?
Message-ID: <199608301539.IAA16829@dfw-ix4.ix.netcom.com>


At 06:20 AM 8/30/96 GMT, attila at primenet.com ranted:
>        
>        Zimmermann is a political flake, a warmed over 60s
>    liberal. 
>      <snip>
>        I would find it difficult, despite his apparent altruism
>    and left-over 60s need for redress, to believe that
>    Zimmermann's coding of PGP was other than a commercial
>    stepping stone (judging from both his prior and later 
>    actions); and,
>

I guess that according to the Code of Attila, us left over 60's liberals are
prohibited
from any commercial commerce.

mjw






From caronni at tik.ee.ethz.ch  Fri Aug 30 11:46:13 1996
From: caronni at tik.ee.ethz.ch (Germano Caronni)
Date: Sat, 31 Aug 1996 02:46:13 +0800
Subject: Encryption
In-Reply-To: <3226ADC6.6C87@gte.net>
Message-ID: <199608301540.RAA06793@kom30.ethz.ch>


Dale Thorn wrote:
> It appears to me that PGP encryption et al is really 1940's technology, 
> albeit fancied up by 1990's computers.  Why use keys and cyphers when 
> all you should have to do is maximize the randomization of bits in a 
[...]
> Algorithm: Select bit-groups of random length from the file until the file is
>            completely processed.  Shuffle the bits in each group randomly and
>            save each group back to the file. Repeat if needed using different
>            key-strings for each successive encryption, for increased security.


Very nice. There are just two little issues:

a) How do you generate the random bytes?
b) How do you transmit them to the other side, without having a secure channel?

In 1940, you needed airplanes to solve b), now you can use PGP (or any 
other combined strong asymmetric & symmetric crypto) to solve b) and
partially even a), saving you a lot of fuel ;-)

BTW: In my opinion, your 'randomization of bits' corresponds to cyphers, 
and the way you randomize them corresponds to 'keys'.


My 0.2 cents worth.

Gec





From frissell at panix.com  Fri Aug 30 12:06:46 1996
From: frissell at panix.com (Duncan Frissell)
Date: Sat, 31 Aug 1996 03:06:46 +0800
Subject: Why I Pay Too Much in Taxes
Message-ID: <2.2.32.19960830155849.00895228@panix.com>


Better late than never:

At 08:43 AM 5/7/96 -0400, Clay Olbon II wrote:
>There are a couple of main reasons that the poor spend more than their
>reported income.  First, many of the elderly are included in the "poorest
>20%", since this is based on income alone and not net worth.  Many of the
>elderly are spending down their retirement savings.

Also students living on loans, grants, and gifts.  Also members of the
retail pharmaceutical trade living on their markup.

>Another factor, of
>course, is that welfare, food stamps, free/subsidized housing and other
>transfer payments are not included in income calculations.  I have seen
>reports that show that in many states, this is equivalent to a full-time
>job paying ~$9/hr.

The Cato Institute Study.  AFDC+Food Stamps+Housing Assistance+Medicaid+WIC
= a fair chunk of change when compared to the taxed earnings from work.
Equivalent to the take-home pay from a $16/hour job in NYC (mostly because
of health insurance).  The commies complained that the study didn't account
for the fact that the working poor can also get food stamps and Earned
Income Tax Credit.  Of course, if you just establish the value of welfare
benefits, you are doing a lot.  

>Not showing these as income helps keep the "official"
>poverty rate high.  I'm not sure if social security is included in income
>calculations for "poverty rate" purposes, anyone know?

The poverty rate calculations (how many people below the poverty level?) do
not include SS or welfare cash or non-cash benefits.  Thus people are not as
poor as claimed even ignoring unreported income from legal and illegal
employment.

Adding everything up, we find that poor households spend twice what they
officially report taking in.  Hardly surprising since if one has a low
income, one unreported job in the household can double that income.  It is
also likely that a higher proportion of the income and assets of the poor
are not recorded (as against the rich) because most of the assets are
personalty rather than realty and they are less likely to be audited, etc.

So the level of income and asset inequality in America is less than you will
have heard.

DCF






From netsurf at pixi.com  Fri Aug 30 12:08:17 1996
From: netsurf at pixi.com (NetSurfer)
Date: Sat, 31 Aug 1996 03:08:17 +0800
Subject: www.anonymizer.com
In-Reply-To: <199608292255.PAA08976@netcom7.netcom.com>
Message-ID: <Pine.SV4.3.91.960830060820.3076F-100000@netsurfer>



I have found and reported to the anonymizer that it does not 
always protect you against perl-based cgi scripts.  I did this by 
accessing a form-based email page (based on Matt's script) which includes 
environment variable values in the msg to the recipient.  I didn't 
receive any response back from them after I emailed them the info.

On Thu, 29 Aug 1996, Bill Frantz wrote:

> www.anonymizer.com got a nice plug in David Plotnikoff's column in today's
> San Jose Mercury News.  He quotes Community ConneXion's motto, "Because on
> today's Internet, people do know you're a dog."  He also mentions its
> similarity to anonymous remailers.  His capsule review:
> 

#include <standard.disclaimer>
                    _   __     __  _____            ____
                   / | / /__  / /_/ ___/__  _______/ __/__  _____
                  /  |/ / _ \/ __/\__ \/ / / / ___/ /_/ _ \/ ___/
                 / /|  /  __/ /_ ___/ / /_/ / /  / __/  __/ /
================/_/=|_/\___/\__//____/\__,_/_/==/_/==\___/_/===============







From jleonard at divcom.umop-ap.com  Fri Aug 30 12:56:14 1996
From: jleonard at divcom.umop-ap.com (Jon Leonard)
Date: Sat, 31 Aug 1996 03:56:14 +0800
Subject: MUD anyone?
In-Reply-To: <ae4b16e901021004256d@[205.199.118.202]>
Message-ID: <9608301627.AA09337@divcom.umop-ap.com>


Tim May wrote:
> I second many of the comments about the difficulties in coding a reasonably
> plausible game or MUD for exploring list ideas.

["Crypto Anarchy Game." value and difficulties stuff snipped]

> Coding nearly any of the core cryptographic concepts for use in an online
> game, even without a real crypto core (e.g., using other trust mechanisms)
> is likely to be almost as big a job as actually coding the concepts for
> real-world use. Could be very educational, and a useful dry run for later
> real-world reification of concepts, but by no means easy.

I don't think it's quite that hard, so I tried to implement asymetric key
cryptography:

20 minutes, to write and debug:

(d encrypt (l (message key)
              (l (n) (if (= key n) message))))

(d makekey (l () (d dkey ())
                 (l (n) (if (!= dkey ()) (encrypt n dkey)
                                         (set dkey n)))))

(d keypair (l () (d a (makekey)) (d b (makekey)) (a b) (b a) (list a b)))

(d keys (keypair))

(d p "Squeamish Ossifrage")
(d c ((car keys) p))
(c (cadr keys))
"Squeamish Ossifrage"
(c (car keys))
()

It relies on a few features of my MUD language, namely that functions
are opaque datatypes, and that any two calls to l (short for lambda)
return objects distinct to !=.

> I'm not trying to discourage anyone. Go for it! But it's a _big_ project.

It is a big project, but the big part is writing the MUD, not adding the
crypto-anarchy stuff to it.  I'm writing a MUD anyway, and have been off
and on for over a year.  Mark Grant's message made me think about what it
would take to add the features I wasn't already planning on.

I'm still interested in ideas as to what primitives I should fake.

> And as Jim Bell noted, there are all sorts of costs which are not properly
> accounted for. I would not, for example, expect anything interesting to
> emerge out of the simulation of "assassination politics" in such a game, as
> the costs, dangers, moral issues, and whatnot are not properly
> accounted-for in such a MUD-type simulation. (No more so than in a fantasy
> role-playing game, where characters die routinely...)

After I think about it more, I realize that a MUD simulation can't show
that something like "assassination politics" wouldn't work.  At best it
can show that it does or doesn't work in that particular environment,
leaving open the question of what key difference between MUD and reality
might change the result.  Still, it would be interesting to see how it
worked, or why it didn't.

I apologize for my earlier comment that presupposed that it would fail.

[snip]

> --Tim May

Jon Leonard





From claborne at CYBERTHOUGHT.com  Fri Aug 30 13:38:48 1996
From: claborne at CYBERTHOUGHT.com (Christian Claborne)
Date: Sat, 31 Aug 1996 04:38:48 +0800
Subject: San Diego CPunk Physical meeting
Message-ID: <2.2.32.19960830173157.002b9cc4@cyberthought.com>


-----BEGIN PGP SIGNED MESSAGE-----


<<<<< NOTE! I have a new address!!! >>>>>>

San Diego Area CPUNKS symposium  Thursday, Sep. 21, 1996.

   Invitation to all Cypherpunks to join the San Diego crowd at "The Mission
Cafe & Coffee Shop".  We discuss cryptography and other related subjects, have
the special cypherpunk dinner, and unwind after a long day at the grind stone.

   Don't forget to bring your public key  fingerprint.  If you can figure out
how to get it on the back of a business card, that would be cool.  If you want
the suspicious crowd there to sign your key, bring two forms of ID.

Hopefully Lance Cottrell will give us an update on Mixmaster and what's going
on at San Diego's best ISP.  You can also get the scoop on why I resigned from
NCR.  It wouldn't of course be because someone freaked out when I forwarded the
cypherpunk e-mail titled "How to become in international Arms trafficker"...

Place: The Mission Cafe & Coffee Shop
       3795 Mission Bl in Mission Beach.
       488-9060


Time:1800

Their Directions:
	8 west to Mission Beach Ingram Exit
	Take west mission bay drive
	Go right on Mission Blvd.

	On the corner of San Jose and mission blvd.
	It is located between roller coaster and garnett.
	It's kind of 40s looking building...  funky looking 
        (their description, not mine)

They serve stuff to eat, coffee stuff, and beer.

See you there!

New guy, bring your fingerprint.

Drop me a note if you plan to attend... 

NOTE: My primary e-mail address has changed to use my own domain.  You can 
reach me at "claborne at cyberthought.com". Permanently replace any other address
that you may have for me.  I am currently not subscribed to the CP list since
my current internet connection is slow (I can't afford anything right now :)

     2
 -- C  --


-----BEGIN PGP SIGNATURE-----
Version: 4.0 Personal Edition

iQEVAgUBMicd5IP1MBWQ+9udAQHH8gf+IRwyVgQ1SO9ktTnT1St7g9HUM0HwvZZJ
IxSQxJ57wVfgwcaCaYvUxnrtkhq6fhW77WTrv/IT2rHMlKJGwX6xN3sF24CUKQ5s
Hl3Pxxuqp/HVkXqsQsCdzAGVqrK+DXqbLLJMUSKDLzZUqqfqYA6di8GrB17vNDxT
V6LkTVwZsERlofvlA9d+3aEPlSdxgOP47H9TRtqd/XwVuP3C1h+1QPzq9+uzImkG
/J51rAzh69U8Kt7R/6RF2qMSKw2FwUEWZa5iN4L7RzVyEly68DkWHedu32iAEdoT
v1xqhCnjya457rYvigUEOMZ/Skeb1rOfrdr5UPLY6l/+fwticMbk1Q==
=I4Mj
-----END PGP SIGNATURE-----
                              ...  __o
                             ..   -\<,
Claborne at CYBERTHOUGHT.com    ...(*)/(*)._ Providing thoughts on 
					  your computing problems.
http://www.CYBERTHOUGHT.com/cyberthought/
PGP Pub Key fingerprint =  7E BF 38 3F 24 A7 D1 B0  54 44 96 AA 10 D0 5D 51
Avail on Pub Key server.  PGP-encrypted e-mail welcome!
Dreams.  They are just a "screen saver" for the brain.






From stewarts at ix.netcom.com  Fri Aug 30 13:47:45 1996
From: stewarts at ix.netcom.com (stewarts at ix.netcom.com)
Date: Sat, 31 Aug 1996 04:47:45 +0800
Subject: Intel to rule the basic crypto engine market?
Message-ID: <199608301806.LAA22022@toad.com>


At 08:27 PM 8/29/96 -0800, jim bell <jimbell at pacifier.com> wrote:
>The one kind of standardization in the crypto market that we truly need, 
>NOW, is a standard format/protocol so that crypto telephones from all 
>manufacturers can talk to each other.  The last thing we need is a 
>tower-of-Babel situation, which would be even worse than the VHS/Beta wars 
>of 20-10 years ago.

I think it'll be a while before we're at that point - there's too much
experimenting to do, and too many different options of crypto and
voice compression that are useful in different situations.
Simple issues like Internet vs. modem vs. frame relay vs. cellphone
make a radical difference in performance.

A standardized _option_negotiation_ method would be valuable;
that would at least let systems figure out if they can talk
as well as exchanging keys.   You can use PGPtalk if you want
a single standard program that will often work - for now the best
approach for non-hardware-based systems is probably to have
several popular encrypted phone programs, and negotiate by
voice which ones to use :-)

The non-crypto-internet-phone business has been in a similar bind,
but Intel's announcement that H.323 shall be the One True Standard
may get enough support to cut through that.  Is there some hook
in their system that could make it easy to add encryption,
or do we need to design Internet-Crypto-Phones that recycle the
H.323 from Intel but add several layers of wrapper around them?

(ITU standards being what they are, I haven't yet found an on-line
source of the document, and the ITU itself has a badly organized web
site that lets you order paper copies of the documents by mailing paper
Swiss Francs to them, which is annoying.  (It could at least do
SSL web forms and Visa cards or something.)  And Intel's free reference
implementation needs Win95, which I'm not running.)

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From peter.allan at aeat.co.uk  Fri Aug 30 13:48:06 1996
From: peter.allan at aeat.co.uk (Peter M Allan)
Date: Sat, 31 Aug 1996 04:48:06 +0800
Subject: Encryption (shuffling proposal)
Message-ID: <9608301715.AA11990@clare.risley.aeat.co.uk>



>  DALE THORN ON CRYPTOGRAPHY: (edited for brevity)

>  It appears to me that PGP encryption et al is really 1940's technology, 
>  albeit fancied up by 1990's computers.  Why use keys and cyphers when 
>  all you should have to do is maximize the randomization of bits in a 
>  script?

>  Algorithm: Select bit-groups of random length from the file until the file is
>             completely processed.  Shuffle the bits in each group randomly and
>             save each group back to the file. Repeat if needed using different
>             key-strings for each successive encryption, for increased security.

>  "Due to the nature of compounded bit-shuffling, no algorithm ever developed
>  or proposed could 'crack' multi-pass encoding with a single decryption pass.


You are producing a permutation table.  Repeat passes just get you
a new table, no different in principle.


>  [Time calc for 12kb file....]


>  "One of the difficulties in breaking this type of encryption (other than the
>  numerical time factors) is the fact that you might have to deal with several
>  unknown random number generators from different compiled executable programs.
>  Add to this another factor, the 'Intelligent User' who adds their own tweaks
>  to the source code. The tweak is added, the program is compiled, the file(s)
>  are encrypted, and then the modified source code is destroyed along with the
>  executable file.

But the internet worm of 1988 was captured, decompiled and analysed in days.
Self-modifying viruses get analysed (by single stepping).  Your programs will
go the same way as soon as there is (financial ?) motivation.

So the users have to know the algorithms, including "tweaks" in order
to communicate ?  Not the most convenient key.


>  EXAMPLE    when_it_rains_it's_a_bath   (least significant bit at left):

>     11101110000101101010011001110110111110101001011000
>     10111011111010010011101000011010010110011101101100
>     11101111101010010110001011101110010011001110111110
>     10100001101111101001000110100001100010111000010110

becomes

>     01011100010110101100011110101000011101101111101011
>     00101101100011111010010101111001011001000100000101
>     00111101010101011011000011101111001111110101001011
>     11101000001101101110101011000100111111000010111001


>From this known plaintext-cyphertext pair the enemy can list
all the possible sources and destinations of each bit.

EG  first bit of plaintext (position 0, value 1) can move to 1,3,4,5,....,199
   second bit of plaintext (position 1, value 1) can move to 1,3,4,5,....,199

Given a number of pairs of the same length, produced with the
same key details each of these lists of possibilities shrinks
by around half.  Your 12kb file is well on the way to being
cracked after 4+10+3=17 pairs are discovered.

If the intention is never to reuse keys, then this scheme gets
you nothing you couldn't have with a normal stream cipher.
And they, don't reveal the number of 1-bits and 0-bits in the
message.  Different messages will be recognisable different.

A chosen plaintext attack (where these are possible) becomes a breeze.

>        b. Passwords/phrases, algorithms, code routines, and even whole programs
>           might change from step to step, thereby invalidating any 'single-pass'
>           decryption scheme that's likely to be proposed.

How are the above remarks invalidated ?

I don't want to stifle creativity.  If you keep thinking you may
come up with a good idea.  But this isn't it.

I encourage you to read about existing systems.  There have been
bright people before, and things are done (or not done) for a reason.





 -- Peter Allan    peter.allan at aeat.co.uk





From stewarts at ix.netcom.com  Fri Aug 30 14:00:24 1996
From: stewarts at ix.netcom.com (stewarts at ix.netcom.com)
Date: Sat, 31 Aug 1996 05:00:24 +0800
Subject: Encryption
Message-ID: <199608301753.KAA21913@toad.com>


At 05:40 PM 8/30/96 +0200, Germano Caronni <caronni at tik.ee.ethz.ch> wrote:
>Dale Thorn wrote:
>> Algorithm: Select bit-groups of random length from the file until the file is
>>            completely processed.  Shuffle the bits in each group randomly and
>>            save each group back to the file. Repeat if needed using different
>>            key-strings for each successive encryption, for increased
security.
>Very nice. There are just two little issues:
>a) How do you generate the random bytes?
>b) How do you transmit them to the other side, without having a secure channel?

I agree.   This method can be looked at as two parts:
1) Generate a stream of random numbers
2) Use the stream to transform the plaintext into cyphertext by shuffling.

Generating a stream of random numbers can be done by cryptographically
strong methods, or by physical methods such as throwing dice or counting 
gamma rays, or by cryptographically weak methods such as using the RANDOM
function provided by your BASIC compiler.  If you're using strong crypto,
the method is strong if the transform is strong.   If you're using physical
randomness, that's also true, and you'll definitely need to use 
agents with briefcases handcuffed to their arms to haul the randoms around,
which doesn't gain you much operational security, since the random stream
needs to be longer than the plaintext.  If you're using weak crypto,
we can use those fast computers you're so impressed with to try
all 32767 or 2**32 random streams on your input to see what works -
brute force isn't that hard when you've got a small keyspace,
even if you don't take advantage of the special forms (e.g. there are
good methods for reversing linear congruential multiplicative generators.)

How long a stream of random numbers do you need to do the transform?
And how secure _is_ the transform?  For a simple XOR, you know that
each bit in the stream will diddle one bit in the plaintext,
so you're fine (as long as you only use the random stream once.)
But for your shuffling method, you'd have to shuffle much longer
to make sure that the "random" selection of bitgroups hits all the bits,
and hits them often enough that adjacent bits will be separated.
For instance, if your message is a 3000-word set of instructions
to your fellow plotters, you need to be sure that the phrases
"gunpowder", "Parliament", and "November 5th" get shredded, not merely
moved to different places in the document.  This takes much longer
than deterministic methods, and risks not being as good.

There are some advantages with the shuffling method - assuming you've 
cranked the system long enough to really shred everything,
it's hard to take cyphertext and reconstruct plaintext, and 
brute force is a bit more work than with a deterministic method
that uses one pass.  But you can get that effect by using
stronger methods, such as the
        des | tran | des | tran | des
where "tran" is a simple key-or-input-driven shuffle that
doesn't need to be totally strong.  (Is Carl Ellison the person
who proposed this?  I've forgotten.)  


#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From zachb at netcom.com  Fri Aug 30 14:09:56 1996
From: zachb at netcom.com (Z.B.)
Date: Sat, 31 Aug 1996 05:09:56 +0800
Subject: Helsingius shuts down anon.penet.fi server in Finland (fwd)
Message-ID: <Pine.3.89.9608301041.A7465-0100000@netcom>


This just came over the fight-censorship list.  

---

Zach Babayco
zachb at netcom.com  <----- finger for PGP public key

---------- Forwarded message ----------
Date: Fri, 30 Aug 1996 13:11:56 -0500
From: Declan McCullagh <declan at well.com>
To: fight-censorship at vorlon.mit.edu
Cc: azeem at dial.pipex.com, jseiger at cdt.org
Subject: Helsingius shuts down anon.penet.fi server in Finland

This is a sad day in the history of the Net. Hundreds of thousands of
people had accounts on Julf's pseudonmyous server and many netizens relied
on it daily to preserve their privacy online. (Unlike cypherpunk remailers,
it's not truly anonymous since Julf keeps records of what anon id maps to
what email address.) From Azeem's report and the press release below,
Julf's move seems to be in response to a Finnish court's preliminary
decision that the privacy remailers could be violated by court order --
something the Scientologists have been pushing.

Still, I'd be surprised if Julf's decision wasn't prompted in part by the
hideous London Observer article that falsely accused him of being a
middleman in the distribution of child porn -- check out a scan of the
Sunday cover at:
  http://scallywag.com/

-Declan


---------- Forwarded message ----------
Date: Fri, 30 Aug 1996 17:11:51 +0100
From: Azeem Azhar <azeem at dial.pipex.com>
To: azeem at ivision.co.uk
Subject: [ALERT] Penet is dead

Hello all,

I just got off the phone with Johann Helsingius who runs the
anon.penet.fi anonymous e-mail service.

1. He has decided to close the service.

2. This is not related to the article in The Observer. It is, in fact,
due to a decision of a lower Finnish court on petition from the Church
of Scientology. Penet went to court last week and made the decision
today. The implication of the decision is that e-mail over the Internet
is not protect by the usual Finnish privacy laws.

3. The server is currently down while Julf re-writes the software. Once
it runs again, it will be phased out for private use, but groups such as
the Samaritans and human rights agencies should be able to use it.

4. They are appealing against the decision.

5. Julf expects that revisions in Finnish law to provide a safe legal
status for anonymous remailers will be in place at the earliest in
Spring next year.

6. Once again: this is unrelated to The Observer's scandalous reporting.


Your faithful furry friend,

Azeem


---------- Forwarded message ----------

Date: Fri, 30 Aug 1996 17:15:41 +0100
From: Azeem Azhar <azeem at dial.pipex.com>
To: azeem at ivision.co.uk
Subject: [ALERT} Penet is dead (correction)

Sorry . . . a slight error:

> 2. This is not related to the article in The Observer. It is, in fact,
> due to a decision of a lower Finnish court on petition from the Church
> of Scientology. Penet went to court last week and made the decision
> today. The implication of the decision is that e-mail over the Internet
> is not protect by the usual Finnish privacy laws.

The implication of the court's decision (rather than Penet's to shut the
server) is that e-mail over the Internet is not protected by the usual
Finnish privacy laws.

Sorry!
--

[Julf's press release. -Declan]

                                PRESS RELEASE
                                30.8.1996


Johan Helsingius closes his Internet remailer

Johan Helsingius from Helsinki has decided to close his Internet
remailer. The so-called anonymous remailer is the most popular
remailer in the world, with over half a million users.

"I will close down the remailer for the time being because the legal
issues governing the whole Internet in Finland are yet undefined. The
legal protection of the users needs to be clarified. At the moment the
privacy of Internet messages is judicially unclear."

The idea of an anonymous remailer is to protect the confidentiality of it�s
users� identity. The remailer itself does not store messages but serves as a
channel for message transmission. The remailer forwards messages
without the identity of the original sender.

Finland is one of the leading countries in Internet usage. Therefore all
decisions and changes made in Finland arouse wide international interest.

"I have developed and maintained the remailer in my free time for over
three years now. It has taken up a lot of time and energy. Internet has
changed a lot in these three years - now there are dozens of remailers in
the world, which offer similar services."

"I have also personally been a target because of the remailer for three
years. Unjustified accusations affect both my job and my private life"
says Johan Helsingius.

He surmises that the closing of the remailer will raise a lot of discussion
among the Internet community. "These remailers have made it possible
for people to discuss very sensitive matters, such as domestic violence,
school bullying or human rights issues anonymously and confidentially
on the Internet. To them the closing of the remailer is a serious problem",
says Helsingius.

Child porn claims proven false

Last Sunday�s issue of the English newspaper Observer claimed that the
remailer has been used for transmitting child pornography pictures. The
claims have been investigated by the Finnish police. Observer�s claims
have been found groundless.

Police sergeant Kaj Malmberg from the Helsinki Police Crime Squad is
specialized in investigating computer crimes. He confirms that already a
year ago Johan Helsingius restricted the operations of his remailer so that
it cannot transmit pictures.

"The true amount of child pornography in Internet is difficult to assess,
but one thing is clear: We have not found any cases where child porn
pictures were transmitted from Finland", Kaj Malmberg says.

Ground rules need to be clarified

There are several large network projects going on in Finland at the
moment, such as the TIVEKE project run by the Ministry of
Communications and the Information Society Forum project run by the
Ministry of Finance. Johan Helsingius is participating the work of these
projects. Projects assess the political and social issues of networks and
the impact of these issues in the long run. These projects also need the
support of daily, practical work to help short-term decision-making.

Johan Helsingius is now taking an initiative in the development of the
daily network rules. He wants to set up a task force to discuss the
practical problems related to ethical and civil rights issues in connection
with the Internet.

"I will try to set up a task force which will include Internet
experts together with representatives of civic organizations and
authorities. The task force could take a stand on issues such as the
network�s practical operation methods and the misuse of the network. I
hope that the results of this task force will support the development of
the network", he says.

For further information, please contact

Johan Helsingius
Oy Penetic Ab
tel. +358 0400 2605
e-mail: julf at penet.fi









From apteryx at super.zippo.com  Fri Aug 30 14:26:06 1996
From: apteryx at super.zippo.com (Mark Heaney)
Date: Sat, 31 Aug 1996 05:26:06 +0800
Subject: PGP & Default
Message-ID: <32272d82.348928496@super.zippo.com>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 30 Aug 1996 01:13:23 -0400 (EDT), lcs Remailer Administrator
<mix-admin at nym.alias.net> wrote:

[snip]

>to the file $HOME/.pgp/config.txt.  (Or wherever the equivalent is
>under DOS.  Perhaps someone can tell me where the config.txt file
>lives under DOS and I will add that to the help file.)

It's in the same directory as PGP, which will be the directory
referenced by the SET PGPPATH statement in the autoexec.bat file if
PGP is installed and configured correctly. At least with version
2.6.2. You can use MyName="any string of characters that is specific
enough to identify one and only one key". I have mine set as my name,
so that no matter what e-mail address I use, PGP uses the right key.

Mark


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMicvtN36bir1/qfZAQFnzgMAxTk55pldFWgysbjOj1Tqt/KAfB4Ty2WA
EmTLRMziw8QglZSDzRxKcfvU3XjefNM7kA8YYPaKcgOlEhDiKB+Z9WDGMwwSJePk
CFgTRPtuZS4kpjGsTZIvQN31ZqB5Ko0f
=kSuW
-----END PGP SIGNATURE-----

-----------------------------------------------------------------
Mark Heaney    finger snipe at starburst.cbl.cees.edu for public key
PGP Fingerprint= BB D8 9B 07 51 87 05 AC  47 7B F2 4F A6 AB 1A CD   
-----------------------------------------------------------------
You keep using that word, I dunna think it means what you think it means.





From massmail at aol.com  Fri Aug 30 14:28:29 1996
From: massmail at aol.com (~~ SECRETS ~~)
Date: Sat, 31 Aug 1996 05:28:29 +0800
Subject: ~~ Bankers' Secrets ~~
Message-ID: <199608291833.OAA17573@smtp2.interramp.com>


=======> BANKING SECRETS REVEALED!! <=======

====> SAVE $100,000 & EARN 7% to 10% INTEREST <====

Dear Friend, 

Did you know that you can save up to $100,000 on the 
biggest investment in your life? For MANY Americans they
have a dream to one day own their home. When that dream is
reached, they spend the rest of their life paying that dream
off. You are being ripped off everyday by Banks, Financing
Companies, Mortgage Companies etc. Did you know that by the
time you pay off your home you will pay FIVE TIMES what it
is worth? Is that fair to you and your dream? We don't think
so and we bet you don't either. That's why we are going to
show you how to save up to $100,000 and pay off your home up
to 7 years faster! Sound too good to be true? Believe us, we
will show you step by step how the mortgage game is played
with the Banks, Financing Companies and Mortgage Companies
and how to beat them at their own game. Everything we show
you is 100% LEGAL and anybody can do it. It's just very few
people know about it. These are very LOW-KEY SECRETS that
you will learn. The reason the Banks never tell you is
because if everyone knew the Banks' secrets they would be
put out of business. If you ever heard someone say " My Bank
is getting rich off my money, " they are absolutely RIGHT!
Banks do get rich off your money because they lend it to
other people and charge them 9% interest and only pay you up
to 3% interest, if you're lucky! So that means Banks are
getting 6% interest on YOUR MONEY! Many Mortgage Companies
are being and have been sued for OVERCHARGING homeowners.
This is your chance to become Financially Independent. Can
you imagine if you saved $80 or $50 THOUSAND DOLLARS and
made that American Dream come true by paying your house off
7 years faster? What could you do with that extra money?
We're sure you could think of something, RIGHT? Maybe a
family vacation or a new car? There are other companies
charging $250 to $500 DOLLARS to show you everything that we
are going to. But, we are not even asking a fraction of that
cost. For the COMPLETE 25 page step-by- step manual, we are
only asking $24.95. Plus, we are going to give 2 SPECIAL
BONUSES to the next 50 people who order our great package
and are determined to make a change. Our first SPECIAL BONUS
to you is called a " MORTGAGE & LOAN CALCULATOR. " This
is a Windows Based program that will keep track of every Loan and
Mortgage that you have!  You won't ever have to worry about
being OVERCHARGED because you will have all your personal
information right at your fingertips and you can keep track
of all your Loans and Mortgages! Our SECOND SPECIAL BONUS
is: "HOW TO EARN 7 TO 10% INTEREST ON YOUR MONEY."
This is too good of a deal to just pass by, and we don't think there
is anybody in the industry who will ever offer an
opportunity like this! You will have everything you need to
put your financial life right on track with your dreams. We
all have dreams and this is your chance to make yours come
true. You owe it to yourself and your family to take FULL
advantage of this unique opportunity. Look at it this way,
you go to work day in and day out, just to pay off your
home. With our program, it will be up to 7 years LESS that
you have to work to pay off your home and up to $100,000
MORE into your bank account instead of giving it to the
BANK! The BEST part is you don't even have to refinance! You
can even use this as a business opportunity. You can easily
place ads in your local newspapers offering to save people
money using the SECRETS you will know. You can even save
your family members THOUSANDS off their mortgage. We look
forward to getting you this tremendous package right away.

Here's how you can place you order:

Program is $21.95 + $3.05 Shipping & Handling a Total of
$25.00

Send Check or Money Order made
payable to: Creative Financial Alternatives 

Creative Financial Alternatives
Banking Secrets
14837 Detroit Ave. Suite 135
Lakewood, Ohio
44107 

** For Faster Processing you can FAX your check to:
1-216-226-3225 How this works is pretty simple, just tape
your check to a piece of paper and fax it. After faxing your
check simply void it out and keep it for your own records.
Please do not mail it to us if you fax it.

Sincerely,
Creative Financial Alternatives

( c ) Copyrighted 1996 

Under no circumstances may any of this material be
reproduced in any form without the author's written
permission. 





From byrd at ACM.ORG  Fri Aug 30 14:35:09 1996
From: byrd at ACM.ORG (Jim Byrd)
Date: Sat, 31 Aug 1996 05:35:09 +0800
Subject: anon.penet.fi closing down
Message-ID: <2.2.32.19960830182343.006b93a8@super.zippo.com>


This was just posted:
---------
Path:
szdc-e!imci3!newsfeed.internetmci.com!newsxfer2.itd.umich.edu!agate!news.Sta
nford.EDU!not-for-mail
From: rcgraves at ix.netcom.com (Rich Graves)
Newsgroups: comp.org.eff.talk,alt.religion.scientology,alt.privacy.anon-server
Subject: penet.fi closing down
Followup-To: alt.privacy.anon-server
Date: 30 Aug 1996 09:49:40 -0700
Organization: Unaffiliated Fans of Nizkor, http://www.nizkor.org/
Lines: 87
Sender: llurch at Networking.Stanford.EDU
Distribution: inet
Message-ID: <507634$kj8 at Networking.Stanford.EDU>
NNTP-Posting-Host: networking.stanford.edu
Xref: szdc-e comp.org.eff.talk:16082 alt.religion.scientology:115080
alt.privacy.anon-server:2691

Attributions deleted on request.

-rich

				PRESS RELEASE
				30.8.1996     


Johan Helsingius closes his Internet remailer

Johan Helsingius from Helsinki has decided to close his Internet 
remailer. The so-called anonymous remailer is the most popular 
remailer in the world, with over half a million users. 

"I will close down the remailer for the time being because the legal 
issues governing the whole Internet in Finland are yet undefined. The 
legal protection of the users needs to be clarified. At the moment the 
privacy of Internet messages is judicially unclear."

The idea of an anonymous remailer is to protect the confidentiality of its
users' identity. The remailer itself does not store messages but serves as a 
channel for message transmission. The remailer forwards messages 
without the identity of the original sender.

Finland is one of the leading countries in Internet usage. Therefore all 
decisions and changes made in Finland arouse wide international interest.

"I have developed and maintained the remailer in my free time for over 
three years now. It has taken up a lot of time and energy. Internet has 
changed a lot in these three years - now there are dozens of remailers in 
the world, which offer similar services."

"I have also personally been a target because of the remailer for three 
years. Unjustified accusations affect both my job and my private life"
says Johan Helsingius.

He surmises that the closing of the remailer will raise a lot of discussion 
among the Internet community. "These remailers have made it possible 
for people to discuss very sensitive matters, such as domestic violence, 
school bullying or human rights issues anonymously and confidentially 
on the Internet. To them the closing of the remailer is a serious problem",
says Helsingius.

Child porn claims proven false

Last Sunday�s issue of the English newspaper Observer claimed that the 
remailer has been used for transmitting child pornography pictures. The 
claims have been investigated by the Finnish police. Observer�s claims 
have been found groundless.

Police sergeant Kaj Malmberg from the Helsinki Police Crime Squad is 
specialized in investigating computer crimes. He confirms that already a 
year ago Johan Helsingius restricted the operations of his remailer so that 
it cannot transmit pictures.

"The true amount of child pornography in Internet is difficult to assess, 
but one thing is clear: We have not found any cases where child porn 
pictures were transmitted from Finland", Kaj Malmberg says.

Ground rules need to be clarified

There are several large network projects going on in Finland at the 
moment, such as the TIVEKE project run by the Ministry of 
Communications and the Information Society Forum project run by the 
Ministry of Finance. Johan Helsingius is participating the work of these 
projects. Projects assess the political and social issues of networks and 
the impact of these issues in the long run. These projects also need the 
support of daily, practical work to help short-term decision-making.

Johan Helsingius is now taking an initiative in the development of the 
daily network rules. He wants to set up a task force to discuss the 
practical problems related to ethical and civil rights issues in connection 
with the Internet.

"I will try to set up a task force which will include Internet 
experts together with representatives of civic organizations and 
authorities. The task force could take a stand on issues such as the 
network�s practical operation methods and the misuse of the network. I 
hope that the results of this task force will support the development of 
the network", he says. 

For further information, please contact

Johan Helsingius
Oy Penetic Ab
tel. +358 0400 2605
e-mail: julf at penet.fi






From claborne at CYBERTHOUGHT.com  Fri Aug 30 15:02:57 1996
From: claborne at CYBERTHOUGHT.com (Christian Claborne)
Date: Sat, 31 Aug 1996 06:02:57 +0800
Subject: San Diego CPunk Physical meeting!!!!!
Message-ID: <2.2.32.19960830190803.002b4df4@cyberthought.com>


-----BEGIN PGP SIGNED MESSAGE-----


<<<<< NOTE! I have a new address!!! >>>>>>

Change in DATE.  sorry ------> Sep 5, Next Thursday!!!

San Diego Area CPUNKS symposium  Thursday, Sep. 5, 1996.

   Invitation to all Cypherpunks to join the San Diego crowd at "The Mission
Cafe & Coffee Shop".  We discuss cryptography and other related subjects, have
the special cypherpunk dinner, and unwind after a long day at the grind stone.

   Don't forget to bring your public key  fingerprint.  If you can figure out
how to get it on the back of a business card, that would be cool.  If you want
the suspicious crowd there to sign your key, bring two forms of ID.

Hopefully Lance Cottrell will give us an update on Mixmaster and what's going
on at San Diego's best ISP.  You can also get the scoop on why I resigned from
NCR.  It wouldn't of course be because someone freaked out when I forwarded the
cypherpunk e-mail titled "How to become in international Arms trafficker"...

Place: The Mission Cafe & Coffee Shop
       3795 Mission Bl in Mission Beach.
       488-9060


Time:1800

Their Directions:
	8 west to Mission Beach Ingram Exit
	Take west mission bay drive
	Go right on Mission Blvd.

	On the corner of San Jose and mission blvd.
	It is located between roller coaster and garnett.
	It's kind of 40s looking building...  funky looking 
        (their description, not mine)

They serve stuff to eat, coffee stuff, and beer.

See you there!

New guy, bring your fingerprint.

Drop me a note if you plan to attend... 

NOTE: My primary e-mail address has changed to use my own domain.  You can 
reach me at "claborne at cyberthought.com". Permanently replace any other address
that you may have for me.  I am currently not subscribed to the CP list since
my current internet connection is slow (I can't afford anything right now :)

     2
 -- C  --

-----BEGIN PGP SIGNATURE-----
Version: 4.0 Personal Edition

iQEVAgUBMic8AYP1MBWQ+9udAQFSDQf8CXxsoBlLZIpXORcT2pkRYO67eFgVQehU
9Mzc1uVyb9k8JKzID4zMEEuRiUF38GMaVC9PJdmSGObzulhpduNgRwu15bXDPK80
gf4El696ncHqRqPNBZw+6JXWuNbotryZUVVAr+98LgwViP4jm6/U8KCkWd5scjll
gfxQi7vxXCAAz1lGf6N+NZhP54m37PbTIkyXu59M2Js85LlVLZ0nY+aSsebjVzXt
ojCn6QQKnq4Zns9bxxuhm71AmyVhT09cKzgwR8xrnCPOXLAvtx6m7a0q1rBbqh+Y
QiNT95YmJovOIgtUB+xCa706W1X4N1MqPD36n1S5lumhSrCiPBg9jg==
=l4SF
-----END PGP SIGNATURE-----
                              ...  __o
                             ..   -\<,
Claborne at CYBERTHOUGHT.com    ...(*)/(*)._ Providing thoughts on 
					  your computing problems.
http://www.CYBERTHOUGHT.com/cyberthought/
PGP Pub Key fingerprint =  7E BF 38 3F 24 A7 D1 B0  54 44 96 AA 10 D0 5D 51
Avail on Pub Key server.  PGP-encrypted e-mail welcome!
Dreams.  They are just a "screen saver" for the brain.






From mpd at netcom.com  Fri Aug 30 15:06:43 1996
From: mpd at netcom.com (Mike Duvos)
Date: Sat, 31 Aug 1996 06:06:43 +0800
Subject: Penet Bites the Dust
Message-ID: <199608301913.MAA22151@netcom23.netcom.com>


An interesting Net tidbit.  Note that the "International Conference
on Child Sexual Exploitation" in Stolkholm which served as a platform
for these accusations and various coordinated stories in numerous
media outlets is simply a circus put on by ECPAT, a well-known
pressure group whose propaganda is modeled after the now-defunct 
National Coalition on Pornography, and whose spurious and laughable
claims about child pornography and vast pedophile conspiracies would fill 
volumes.  The only odd thing here is that the mainstream press is
presenting this gathering with a perfectly straight face, as if it were
some sort of credible event, which of course it is not. 

-----

   HELSINKI (Reuter) - A Finnish Internet specialist said on Friday he
   was closing his remailer, or anonymous forwarding system, after
   rejecting allegations it was being used as a conduit for child
   pornography.
   
   Johan Helsingius, whose remailer is one of the largest in the world
   with over half a million users, said in a statement he was closing
   down the system because the legal issues governing the Internet in
   Finland are unclear.
   
   ``The legal protection of users needs to be clarified. At the moment
   the privacy of Internet messages is judicially unclear,'' said
   Helsingius, who said he set up and ran the remailer in his free time
   partly as an initiative to help abused children.
   
   Internet remailers are computers which receive and forward messages
   with a pseudonym or anonymous source.
   
   There are about five large ones in the world, and they exist to enable
   anonymous discussion of sensitive subjects -- for instance by victims
   of child abuse, potential suicides or people in politically repressed
   societies.
   
   Helsingius, supported by Finnish police, earlier this week dismissed
   claims in Britain's Observer Sunday newspaper that his remailing
   system handled up to 90 percent of child pornography on the Internet.
   
   ``I have also personally been a target because of the remailer for
   three years,'' he said on Friday. ``Unjustified accusations affect
   both my job and my private life.''
   
   The newspaper reported the charges, by a U.S. policeman and FBI
   adviser, as Belgian police were investigating horrific child sex
   crimes and ahead of an international conference in Stockholm on the
   commercial sexual exploitation of children.
   
   In Helsingius's statement, Helsinki police sergeant Kaj Malmberg was
   quoted as saying he had found no evidence of child porn being
   transmitted from Finland.

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd at netcom.com     $    via Finger.                      $






From tcmay at got.net  Fri Aug 30 15:18:31 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 31 Aug 1996 06:18:31 +0800
Subject: MUD anyone?
Message-ID: <ae4c85ab040210040813@[205.199.118.202]>


At 4:27 PM 8/30/96, Jon Leonard wrote:
>Tim May wrote:
>> I second many of the comments about the difficulties in coding a reasonably
>> plausible game or MUD for exploring list ideas.
>
>["Crypto Anarchy Game." value and difficulties stuff snipped]
>
>> Coding nearly any of the core cryptographic concepts for use in an online
>> game, even without a real crypto core (e.g., using other trust mechanisms)
>> is likely to be almost as big a job as actually coding the concepts for
>> real-world use. Could be very educational, and a useful dry run for later
>> real-world reification of concepts, but by no means easy.
>
>I don't think it's quite that hard, so I tried to implement asymetric key
>cryptography:
>
>20 minutes, to write and debug:

Well, cryptography (per se) is the most basic, and in some sense simplest,
part of the whole thing: the "semantics" of crypto are well-understood
(even if not to the snake oil salesmen and repeated inventors of one time
pads).

Consider that PGP was basically a realization (others existed, natch) of
ideas that were almost 20 years old.

Some much harder (to me) protocols: fair coin tosses, blinded coins,
oblivious transfers, digital cash in all its many forms (and issues),
DC-Nets, and so on. Sure, bits and pieces are codable--and have been--but a
comprehensive package is tough to write. Wei Dai's and Matt Blaze's
libraries are excellent, I hear, but are not targetted at creating these
building blocks for crypto anarchy.

And the social and organization assumptions coded into software is a major
issue to think about. Some Scheme or C code doing part of these things will
likely not be real useful.

Your code is admirable. I did the same thing in Mathematica, a few years
ago when I was still interested in the innards of RSA. (It took me longer
than 20 minutes to write, though...but I also got to play around with big
primes, the basic number theory stuff, etc. A useful learning experience.)

But implementing more recent cryptographic building blocks seems more than
an order of magnitude harder. (If you can implement a reasonably robust
bank-digicash system in 10 x 20 minutes = 3.5 hours, I'll be impressed.
Merely speccing what it should do and how it should behave in various
situations would take far, far longer than this. Just my view. Maybe I'm
wrong.)



>It is a big project, but the big part is writing the MUD, not adding the
>crypto-anarchy stuff to it.  I'm writing a MUD anyway, and have been off
>and on for over a year.  Mark Grant's message made me think about what it
>would take to add the features I wasn't already planning on.

Depends on what you mean by "crypto-anarchy stuff." As I see it, it means
building a reasonably robust economic system, a market or agora with
various transaction mechanisms built in. Sort of a cross between "SimCity"
and Vinge's "True Names."

>I'm still interested in ideas as to what primitives I should fake.
>
>> And as Jim Bell noted, there are all sorts of costs which are not properly
>> accounted for. I would not, for example, expect anything interesting to
>> emerge out of the simulation of "assassination politics" in such a game, as
>> the costs, dangers, moral issues, and whatnot are not properly
>> accounted-for in such a MUD-type simulation. (No more so than in a fantasy
>> role-playing game, where characters die routinely...)
>
>After I think about it more, I realize that a MUD simulation can't show
>that something like "assassination politics" wouldn't work.  At best it
>can show that it does or doesn't work in that particular environment,
>leaving open the question of what key difference between MUD and reality
>might change the result.  Still, it would be interesting to see how it
>worked, or why it didn't.

Even if well-implemented (a _lot_ of effort), I doubt it would say anything
more about the real-world aspects of some future crypto-anarchic world
than, say, playing "Risk" or "Diplomacy" has meaningful things to say about
how nations form alliances and go to war with other nations. Or as much as
playing "Monopoly" teaches one about actual business and economic
interactions.

(Before defenders of these games jump in with comments about how useful and
enjoyable these games are, sure, some knowledge is gained. But huge
differences are obvious. A conclusion drawn from playing these games will
not hold up in the real world. I expect the same is true of "assassination
politics.")

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jimbell at pacifier.com  Fri Aug 30 15:26:34 1996
From: jimbell at pacifier.com (jim bell)
Date: Sat, 31 Aug 1996 06:26:34 +0800
Subject: **"OuR" Project press release** (fwd)
Message-ID: <199608301928.MAA02910@mail.pacifier.com>


>Forwarded message:
>> Subject: (Fwd) Re: **"OuR" Project press release**
>> Priority: normal
>> X-mailer: Pegasus Mail for Windows (v2.23)
>> Pulled this off of the net.  The was even better than SkyeDance IV ;-)
>> ------- Forwarded Message Follows -------
>> Paul Robinson & Ken Mizoi wrote:
>> > To All Fellow Rocketeers:
[stuff deleted]
>> >         Unfortunately, the rocket failed to deploy its recovery systems and
>> > accelerated to over Mach 1 and impacted into the sand dunes several
>> > miles away.  There was a loud sonic boom heard by all that literally
>> > shook the earth.  In fact, instead of the nominal "hole and fin slits"
>> > seen in previous impacts, there was a twenty foot diameter area with
>> > large chunks of sheared earth as if a high energy charge had been
>> > detonated under the ground.  The rocket was not recovered, but several
>> > pieces of metal, fiberglass, and burnt Nomex were found indicating the
>> > ejection charges did in fact fire.
>> >         Once again, the "OuR" Project members wish to express sincere thanks
>> > to all those who listened, donated, and gave their support who were
>> > not specifically named.  This project would not have flown if were not
>> > for the "believers" and the tremendous team spirit.  Only they know
>> > the sweat and the number of hours it takes to fly such a rocket.
>> >                                                         Members of the "OuR" Team 
>> -----------------
>> Stu Barrett
>> e-mail: stu at zilker.net


Recommendation for the next one:  Rather than try to brute force  an LEO 
from about sea level, how about  lofting the rocket by balloon up to a 
starting altitude of, say, 100,000 feet, and letting'er'rip from there?  
(this is probably not a new technique...)

Using a hydrogen balloon, a cubic meter of balloon volume would loft 1.2 
kilograms at sea level, although only 1/50th of that at 100,000 feet, or 25 
grams.  A 700-pound (320 kilogram)rocket would require 12,000 cubic meters of 
envelope volume, discounting the weight of the balloon itself, equivalent to 
the volume of a cube 25 meters on a side.  

Obvious advantages:  First, you're 20 miles closer to an LEO altitude of 
about 200 miles or so, a considerable advantage.  Even more important, 
my back-of-the-envelope calculation says that at 100,000 feet, you're above 
about 98% of the atmosphere.  There'd be a minor advantage if you managed to 
find a 300 mph easterly airstream just before launch.

(Derived from the numbers included in the original note, I assume that the 
average upward speed is 1000 feet per second, and a top speed of about 2000 
feet per second reached at an altitude of about 10,000 feet (Mach 2).   This 
peak velocity occurs when the barometric pressure is not greatly different 
than sea level, which is a huge waste of energy.    I'd like to see the real 
numbers, or at least a simulation.  Could they re-run the simulation for a 
starting altitude of 100,000 feet?)

And I don't think they have a prayer of doing an LEO without substantially 
increasing the proportion of fuel in the rocket from their current 35%, and 
possibly doing a two-stage rocket. 

I'd like to hear much more about this.

 


Jim Bell
jimbell at pacifier.com





From erehwon at c2.net  Fri Aug 30 15:51:40 1996
From: erehwon at c2.net (William Knowles)
Date: Sat, 31 Aug 1996 06:51:40 +0800
Subject: Reprogramming Beepers?
In-Reply-To: <Pine.BSD.3.92.960830143925.25311A-100000@miso.wwa.com>
Message-ID: <Pine.SUN.3.94.960830124632.1792B-100000@infinity.c2.net>


Comrade,

> Does anyone know how to reprogram a beeper to a new number. Please
> Help Brendan
 
The Cypherpunks wouldn't be the list to ask this unless you are 
using encryption for your RadioMail pagers <g>

The best place I could forward you to would be L0pht at:

http://www.l0pht.com

and there is some information on pagers last I checked.


William Knowles
erehwon at c2.net

--
William Knowles    <erehwon at c2.net>
PGP mail welcome & prefered / KeyID 1024/2C34BCF9
PGP Fingerprint 55 0C 78 3C C9 C4 44 DE   5A 3C B4 60 9C 00 FB BD
Finger for public key
--
Vote for Harry Browne in November -- http://www.HarryBrowne96.org







From droelke at rdxsunhost.aud.alcatel.com  Fri Aug 30 16:11:27 1996
From: droelke at rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Sat, 31 Aug 1996 07:11:27 +0800
Subject: Encryption
Message-ID: <9608302028.AA00579@spirit.aud.alcatel.com>



I don't have a vested interest other than keeping my data safe.

A *good* cipher will work, even if someone knows the exact 
implementation of it.  Given complete source code to your cipher,
(including the pseudo-random number generator you use) 
and I could easily crack it with about a week's worth of effort.

If you knew anything about cryptography, you'ld know that just
giving someone some cyphertext and challenging them to crack
is not a valid test of the cipher's strength.

Again - go get a copy of Applied Cryptography and don't 
come back until you have read it.

Dan

> 
> Your comments are typical for persons with vested interests.
> Attached is a test file so you can have someone try to crack it.  In the 
> meantime, don't assume because I don't use your favorite methods I don't 
> know what I'm doing.
> 
> Daniel R. Oelke wrote:
> > 
> > Sorry to say this - but your idea stinks.
> > 
> > If you are trying to send something encrypted, your
> > receiving party would need the keys, which are the seed
> > values of the pseudo-random number generators.
> > 
> > Your adversary could keep trying a whole series of
> > different seeds until they found the correct one.
> > With a little more work, they could analyze the
> > pseudo-random number generator that you used, and
> > then work backwards.
> > 
> > Go get a copy of Applied Cryptography Edition II.
> > Don't come back until you have read it.
> > 
> > ------------------------------------------------------------------
[ crap deleted ]

------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke at aud.alcatel.com                             Richardson, TX






From ben at alliedtours.com  Fri Aug 30 16:19:03 1996
From: ben at alliedtours.com (Benjamin Suto)
Date: Sat, 31 Aug 1996 07:19:03 +0800
Subject: Encryption
Message-ID: <01BB9693.9F57A220@ben.alliedtours.com>


I'm probably the last person who could mention something intelligible here, but assuming this encryption algorithm works, and Joe wants to give Jane a file, how would he tell her how to decrypt it?  

If he found a "secure medium" to give her the passcode under, wouldn't encrypting it be useless since he could just use that secure medium to send the original file?  

I think that was the whole point of public key encryption, in that there is no need for a secure medium of any sort, since the public key can only be used to encrypt a message.. that only the private key can decode.

Someone correct me if I'm wrong.
There are probably other flaws inherent in this encryption system mentioned.. I can imagine that you won't even be able to unencrypt the original message. :)



----------
From: 	Dale Thorn[SMTP:dthorn at gte.net]
Sent: 	Friday, August 30, 1996 5:00 AM
To: 	cypherpunks at toad.com
Subject: 	Encryption

It appears to me that PGP encryption et al is really 1940's technology, 
albeit fancied up by 1990's computers.  Why use keys and cyphers when 
all you should have to do is maximize the randomization of bits in a 
script?  Big computers should not be able to de-randomize such encoding, 
since the permutations/combinations would be astronomical after just a 
half-dozen or so random number initializations, as well as the fact that 
the bits are relatively undifferentiated (just ones and zeros) and are 
not maintained with their original bytes, words, paragraphs, or pages?

<<File: ATT00003.txt>>






From nobody at replay.com  Fri Aug 30 16:19:19 1996
From: nobody at replay.com (Anonymous)
Date: Sat, 31 Aug 1996 07:19:19 +0800
Subject: www.anonymizer.com
Message-ID: <199608302014.WAA08916@basement.replay.com>



At 06:12 AM 8/30/96 -1000, NetSurfer wrote:
>
>I have found and reported to the anonymizer that it does not 
>always protect you against perl-based cgi scripts.  I did this by 
>accessing a form-based email page (based on Matt's script) which includes 
>environment variable values in the msg to the recipient.  I didn't 
>receive any response back from them after I emailed them the info.


   Am I missing something here because isn't the easiest way around all of this is simply not to enter your personal info when setting up Netscape?  Granted the page can pick up your ISP and what port you used, but so what?  It can't get your name and email address.  Use a newsreader such as Free Agent so there's no reason to enter your personal info.  If there is a reason to respond to someone who's email is in on a particular page, then copy it and paste to your emailer...







From bf578 at scn.org  Fri Aug 30 16:29:41 1996
From: bf578 at scn.org (SCN User)
Date: Sat, 31 Aug 1996 07:29:41 +0800
Subject: Reprogramming Beepers?
Message-ID: <199608302046.NAA03041@scn.org>


>
>Does anyone know how to reprogram a beeper to a new number. Please
>Help Brendan

Are you talking about the beeper's ESN or CAP code? changing it to another
that is active?

Or reconfiguring the beeper company's system?


--
------------------------------------------
There are no facts, only interpretations.

I always wanted to be somebody, 





From dbell at maths.tcd.ie  Fri Aug 30 16:33:40 1996
From: dbell at maths.tcd.ie (Derek Bell)
Date: Sat, 31 Aug 1996 07:33:40 +0800
Subject: Encryption
In-Reply-To: <3226ADC6.6C87@gte.net>
Message-ID: <9608302207.aa06439@salmon.maths.tcd.ie>


In message <3226ADC6.6C87 at gte.net>, Dale Thorn writes:
>It appears to me that PGP encryption et al is really 1940's technology, 
>albeit fancied up by 1990's computers. 

	1940s cyphers all had a secret key. Said key had to be forwarded to
the recipient, usually via a courier. PGP doesn't need this. It is a hybrid
system using IDEA to encrypt the message with a random session key and RSA to
encrypt the session key. It also offers digital signatures, something 1940s
cyphers didn't. 

	Your proposal, however, looks as if it is impossible for the recipient
to decrypt the message!

	Derek Bell





From steve at miranova.com  Fri Aug 30 16:49:54 1996
From: steve at miranova.com (Steven L Baur)
Date: Sat, 31 Aug 1996 07:49:54 +0800
Subject: Nuke Singapore Back into the Stone Age
In-Reply-To: <199608300938.FAA08698@booz.bah.com>
Message-ID: <m2d9085yrx.fsf@deanna.miranova.com>


>>>>> "Charley" == Charley Sparks <sparks at bah.com> writes:

Charley> We could launch a mail-bomb campaign.. I am looking for the
Charley> source for a mail bomb program. WinTel would be nice but I
Charley> could use Linux

This isn't rocket science.

#! /bin/sh
# call as:  mailbomb victim at somewhere.sg
while true; do
	mail $1 < /usr/local/bin/xemacs
done

Mail bombing is an evil thing -- the most likely victims of a mail
bombing are innocent of wrong doing (such as the other users on the
system where a script similar to the above is run on).
-- 
steve at miranova.com baur
Unsolicited commercial e-mail will be billed at $250/message.
What are the last two letters of "doesn't" and "can't"?
Coincidence?  I think not.





From jf_avon at citenet.net  Fri Aug 30 16:50:09 1996
From: jf_avon at citenet.net (Jean-Francois Avon)
Date: Sat, 31 Aug 1996 07:50:09 +0800
Subject: Nuke Singapore Back into the Stone Age
Message-ID: <9608302209.AB20820@cti02.citenet.net>


On 30 Aug 96 at 5:38, Charley Sparks wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> To: tcmay at got.net, cypherpunks at toad.com
> Date: Fri Aug 30 05:45:44 1996
> We could launch a mail-bomb campaign.. I am looking for the source
> for a mail bomb program. WinTel would be nice but I could use Linux

Far from my mind to commit such nuisance acts, but by simple 
curiosity, is there a mailbomb HOW-TO or FAQ floating around?

jfa
 DePompadour, Societe d'Importation Ltee; Limoges porcelain, silverware and crystal
 JFA Technologies, R&D consultants: physicists, technologists and engineers.

 PGP keys at: http://w3.citenet.net/users/jf_avon
 ID# C58ADD0D : 529645E8205A8A5E F87CC86FAEFEF891 
 





From root at anx0918.slip.appstate.edu  Fri Aug 30 17:00:49 1996
From: root at anx0918.slip.appstate.edu (Phillip)
Date: Sat, 31 Aug 1996 08:00:49 +0800
Subject: (Fwd) Re: New file system
In-Reply-To: <199608300642.CAA16656@unix.asb.com>
Message-ID: <Pine.LNX.3.94.960830170029.6378A-100000@anx0918.slip.appstate.edu>


On Fri, 30 Aug 1996, Deranged Mutant wrote:

> I'm not on the list currently, but I this person is looking for info on 
> putting filesystems in other files and I no longer have the refs to 
> what some members of the list were doing.
> 
> ------- Forwarded Message Follows -------
> 
> At 12:38 PM 7/26/96 +0000, you wrote:
> >On 26 Jul 96 at 3:07, free-dos at vpro.nl wrote:
> >
> >> I ask this here since I can't find anywhere else to ask this.
> >
> >> I'm looking for / thinking about writing a library that allows 
> >> for a file system to exist inside of a single file (much 
> >> like the microsoft OLE document).  This is needed for a project 
> >> of mine.
> >
> >Check the Linux 2.0 distribution. I believe it allows this.  There's 
> >also some cypherpunks talk recently about hiding encrypted 
> >filesystems in other files, so you may want to check the archives in 
> >hks.net.
> >
CONFIG_BLK_DEV_LOOP
  Enabling this option will allow you to mount a file as a file system.
  This is useful if you want to check an ISO9660 file system before
  burning the CD, or want to use floppy images without first writing
  them to floppy.
  This option also allows one to mount a filesystem with encryption.
  To use these features, you need a recent version of mount, such as
  the one found at ftp.win.tue.nl:/pub/linux/util/mount-2.5X.tar.gz.
  If you want to use encryption, you might also be interested in the
  (old) DES package ftp.funet.fi:/pub/OS/Linux/BETA/loop/des.1.tar.gz.
  Note that this loop device has nothing to do with the loopback
  device used for network connections from the machine to itself.
  Most users will answer N here.

> 
> Could you give me a good site to look into this? I tried coast.net with
> no luck since the source is spread over a good number of directorys.
> 
> 
> 
> >> Requirements:   
> >> 
> >>    Mulitiple files and a hiarchial directory reside in a single
> >> file.
> >> 
> >>    The file starts out as small as possible then it becomes 
> >> bigger as more files and directorys are added to it.
> >> 
> >>    The files inside the file system can be added, renamed, 
> >> delete, moved, fragged.  (there must be a way to defrag the 
> >> files)
> >> 
> >>    Each file in the file system can have mulitiple streams much
> >> like the NTFS file system.
> >> 
> >> End of requirements.
> >> 
> >>    Does anyone know of a library like this and if so where 
> >> if not does anyone have any ideas on how this could work.  
> >> Currently i'm looking at modiling the system after the 
> >> UNIX file system.
> >> 
> >> Any ideas / comments please respond by email to:
> >> hawk at idir.net.  
> >> 
> >> Use subject: 'Re: New file system'
> >> 
> >> 
> >> e-mail: hawk at inf.net
> > 
> 
> ---
> No-frills sig. Befriend my mail filter by sending a message with the subject "send help"
> Key-ID: 5D3F2E99 1996/04/22 wlkngowl at unix.asb.com (root at magneto)
> Send a message with the subject "send pgp-key" for a copy of my key.
> 
> 

A professor is one who talks in someone else's sleep. 







From jf_avon at citenet.net  Fri Aug 30 17:24:52 1996
From: jf_avon at citenet.net (Jean-Francois Avon)
Date: Sat, 31 Aug 1996 08:24:52 +0800
Subject: **"OuR" Project press release** (fwd)
Message-ID: <9608302225.AA22270@cti02.citenet.net>


On 30 Aug 96 at 12:25, jim bell wrote:


> Recommendation for the next one:  Rather than try to brute force  an
> LEO from about sea level, how about  lofting the rocket by balloon
> up to a starting altitude of, say, 100,000 feet, and letting'er'rip
> from there?  (this is probably not a new technique...)

This technique has been used a lot.  But bear in mind that the goal
of the whole operation was to perfect their knowledge of the
technology of rockets.  Launching from a balloon born platform is
not a triviality.  Ground launch enables much more control in the
super critical phase called "countdown and launch", where a lot of
the failures occurs.  When they will have mastered theses phases, 
then, the'll start thinking about an airborne launch platform.

If you want to learn about it, there is a rocketry group on Usenet.
>From there, you can ask directions for various sites, mainly outside
of north america, where they experiment with homebuilt liquid-liquid,
liquid-solid and other engines.  There is also quite a large movement
in USA, but I did not find (a year ago), sites that were as
experimental as the europeans (Belgians?) ones.   It seems that the 
US sites are more talking about using some commercially built motors, 
mainly using liquid-solid technology.

Have fun

jfa
 DePompadour, Societe d'Importation Ltee; Limoges porcelain, silverware and crystal
 JFA Technologies, R&D consultants: physicists, technologists and engineers.

 PGP keys at: http://w3.citenet.net/users/jf_avon
 ID# C58ADD0D : 529645E8205A8A5E F87CC86FAEFEF891 
 





From youssefy at ucla.edu  Fri Aug 30 17:38:12 1996
From: youssefy at ucla.edu (youssefy at ucla.edu)
Date: Sat, 31 Aug 1996 08:38:12 +0800
Subject: Cypherpunks Lite
Message-ID: <2.2.32.19960830224901.006adf2c@pop.ben2.ucla.edu>


There was a posting by someone about three weeks ago that gave the address
for a person who ran a filtered version of the cypherpunks list, can someone
please repost that information?






From jad at dsddhc.com  Fri Aug 30 17:41:08 1996
From: jad at dsddhc.com (John Deters)
Date: Sat, 31 Aug 1996 08:41:08 +0800
Subject: Dr. Vulis is a test, right? [was RE: Desubscribe]
Message-ID: <2.2.32.19960830224855.00355560@labg30>


I can't believe it any more.

On Fri, 30 Aug 96 02:47:21 EDT, Dr. (of what, pray tell?) Vulis blathers first:

>> > If you don't have the brains to forge the From:, then you have no
>> > business being subscribed to any mailing list.

and then again:

>Whoever uses the term "spam" in derogatory manner, opposes free
>speech and deserves to be caned.

First, accusing someone of stupidity for not having learned how to telnet to
an SMTP server is a bit harsh, especially since the guy might be stuck
behind a firewall that mungs his addresses AFTER his messages goes out --
not that Dr. V bothered to find out before the accusation.

Second, suggesting anyone be caned for their political beliefs (and
resultant speech) is quite obviously NOT the action taken by someone who
defends free speech.  Again, Dr. V. put those beliefs in his words through
his flawed logic.

It's like watching a KKKlucker yelling, "you have no right to say that we
don't support free speech," and not getting it.

And for what -- the thoughtcrime of calling Dr. V a spammer?  Hmm.  About
the closest I can come to finding a "crime" here is trademark infringement.
I'm sure Hormel is following this closely.

All of this is merely annoying.  But slamming Tim May because of his
heritage?  "criminal Arm*nian grandparents"?  Now it's a crime not only to
call Dr. V a spammer, but to have ancestors born someplace his ancestors
taught him to not approve of.  (Can you say "racism", kids?  Sure.  I knew
you could.)

When I first started reading this list, it was about the time Jim Bell was
espousing the A.P. theories, and I thought him a fool for it.  I put his
name in my filter, sending his posts to the trash.  More and more, I found
myself heading to the trash bin to follow a thread that Jim was contributing
to.  Valuable contributions, mind you, not just more of his A.P. stuff.  Of
course, I ended up removing him from my filter.  (For missing that month of
your posts, Jim, I owe you an apology.)

At that time, I realized a few things:  Filters certainly aren't the answer;
and everybody can come up with valuable contributions.

Anyway, my current status is to have the filters set to remove posts with
the words [NOISE] or [OFF-TOPIC] somewhere in the headers.  It helps weed
out stuff that really isn't why I'm here reading this list.

Given that I feel that even Dr. Vulis might possibly contribute something of
value to this list at some unspecified time in the future, I have come to
the conclusion that the only solution is to ask him to change his e-mail
name field to:

  dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM [NOISE] )

until such time as he can actually come up with something useful to say to
the rest of us.  Maybe he could even throw in an [-L18] tag, if he's going
to continue to [spit | fuck | fart] every posting that leaps through his screen.

[ Note to everyone else:  that's SARCASM there, hope you got it! ]

So, my original question is:  is there really a Dr. Dmitri Vulis (KOTM)
somewhere?  Or is he just some made-up straw man, created by Tim May, John
Gilmore and Eric Hughes for their personal amusement, and to add a spot of
controversy so we can feel like we're not preaching to the choir with every
pro-cypher posting?  I often thought that was the case with David Sternlight
as well.  Or is Dr. Vulis really best-buddies with Tim May, and his way of
showing affection is to "fart in his general direction" with every post?

If he exists, I pity the unsuspecting students who wander into his class who
might not have the genetic makeup he approves of.  And now I *completely*
understand tenure.

John (soon-to-be-spit-upon,no-doubt) Deters.
--
J. Deters  "Captain's log, stardate 25970-point-5.  I am nailed to the hull."
+-------------------------------------------------------+
| NET:   jad at dsddhc.com (work)    jad at pclink.com (home) |
| PSTN:  1 612 375 3116 (work)    1 612 894 8507 (home) |
| ICBM:  44^58'36"N by 93^16'27"W Elev. ~=290m (work)   |
| PGP Key ID:  768 / 15FFA875                           |
+-------------------------------------------------------+






From ichudov at algebra.com  Fri Aug 30 18:13:21 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Sat, 31 Aug 1996 09:13:21 +0800
Subject: MUD anyone?
In-Reply-To: <ae4c85ab040210040813@[205.199.118.202]>
Message-ID: <199608302312.SAA12806@manifold.algebra.com>


Timothy C. May wrote:
> (Before defenders of these games jump in with comments about how useful and
> enjoyable these games are, sure, some knowledge is gained. But huge
> differences are obvious. A conclusion drawn from playing these games will
> not hold up in the real world. I expect the same is true of "assassination
> politics.")

By the way, has anyone noticed how injections of money from the 
Central Bank in the Monopoly game fuel inflation?

The interesting thing is, in Monopoly inflation does not seem to be
as destructive as in real life...

	- Igor.





From jya at pipeline.com  Fri Aug 30 18:51:59 1996
From: jya at pipeline.com (John Young)
Date: Sat, 31 Aug 1996 09:51:59 +0800
Subject: GAK by TIS
Message-ID: <199608302326.XAA02261@pipe2.t1.usa.pipeline.com>


   Network World, August 26, 1996, Page 1 
 
 
   Key-escrow firewall ready to leave the country 
 
   by Ellen Messner, Washington D.C. 
 
 
   After months of talk about exporting encryption software, 
   there will finally be action. 
 
   Fulfilling the Clinton Administration's vow to end export 
   restrictions on strong encryption products if they use 
   key-escrow features, the U.S. government this week is 
   expected to permit Trusted Information Systems, Inc. 
   (TIS) to sell its Data Encryption Standard (DES)-equipped 
   Gauntlet firewall overseas. 
 
   Such exports will allow U.S.-based companies to 
   standardize on an encrypting firewall for all global 
   operations. 
 
   The Department of Commerce is granting mass-market export 
   status to a specific version of the Gauntlet firewall 
   based on a key-escrow scheme that gives U.S. law 
   enforcement access to a master key for decrypting IP 
   datastreams. 
 
   The master key for each firewall will reside at Oakland, 
   Calif.-based Source Files, Inc., the third-party private 
   key holder chosen under the government's groundbreaking 
   plan. 
 
   Vice President Al Gore has supported the Defense 
   Department's view that unbreakable encryption should be 
   controlled because it is a powerful weapon and subject to 
   misuse by criminals and terrorists. However, Gore 
   recently said the government will allow mass export of 
   64-bit encryption products if they use key escrow. The 
   agreement with TIS is the first evidence that the policy 
   is being put into practice. 
 
   Until now, few companies other than banks could get the 
   State Department and National Security Agency (NSA) to 
   let them export 56-bit and higher Data Encryption 
   Standard (DES) products. Only 40-bit products, easily 
   broken with available computer resources, were allowed 
   for mass-market export. 
 
   "We're on the verge of a major shift," said TIS president 
   Steve Walker last week. TIS expects to unveil a raft of 
   other vendors in the network industry that will license 
   the TIS data recovery method for accessing data encrypted 
   with a session key. 
 
   The government is also considering approving other third- 
   party keyholders in addition to Source File, which has 
   traditionally held source code in escrow on behalf of 
   companies worried about the long-term viability of their 
   suppliers. 
 
   Just say no 
 
   Not all are key-escrow converts, however. In fact, it is 
   painfully clear that corporations will continue to balk 
   at the prospect of their encryption keys being held by a 
   third party or the government. 
 
   Netherlands-based Royal Dutch Petroleum Co., with 
   hundreds of subsidiaries and offices all over the world, 
   is looking to ditch dedicated private lines and send 
   encrypted IP traffic over the Internet instead. 
 
   The State Department's mass-market license for the 
   Gauntlet means TIS can compete to provide Royal Dutch 
   Petroleum with its encrypting firewall. But Homayoon 
   Tajalli, TIS vice president, acknowledged that the Dutch 
   oil conglomerate is unwilling to hand its encryption keys 
   over to Source File. 
 
   Hence, as part of negotiations with the U.S. and Dutch 
   governments, Royal Dutch Petroleum agreed to operate its 
   own data recovery center for the Gauntlet master keys. 
   Royal Dutch Petroleum would hand over the master 
   encryption keys to to Dutch law enforcement, which in 
   turn would give the keys to U.S. authorities "if the 
   government shows up with a valid warrant," Tajalli said. 
 
   TIS went to great lengths to broker the international 
   arrangement, and hopes that not every firewall export 
   will entail such laborious negotiations. 
 
   Some firewall users are extremely ambiguous about the 
   government's key-escrow plan. 
 
   "I'm not sure I want the government to have that 
   ability," said Doug Miller, information systems manager 
   at Bluestone Corp. "At all cost, we've got to keep the 
   government out of business operations." 
 
   [End] 
 
   Thanks to BC. 
 
 
 
 
 
 





From jwilk at iglou.com  Fri Aug 30 19:43:45 1996
From: jwilk at iglou.com (Blake Wehlage)
Date: Sat, 31 Aug 1996 10:43:45 +0800
Subject: anon.penet.fi closing down
Message-ID: <m0uwdkO-000bJjC@relay.iglou.com>


what would be alternatives to anon.penet.fi..... 
==========================================
   Blake Wehlage <jwilk at iglou.com>
   ��� R�V�L����� B�+ ��mP@� � ���
 Goto: http://members.iglou.com/jwilk






From ichudov at algebra.com  Fri Aug 30 20:03:18 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Sat, 31 Aug 1996 11:03:18 +0800
Subject: libertarian-punks@toad.com
Message-ID: <199608310037.TAA13127@manifold.algebra.com>


how about creating a mailing list with the captioned name?

	- Igor.





From whgiii at amaranth.com  Fri Aug 30 20:32:12 1996
From: whgiii at amaranth.com (William H. Geiger III)
Date: Sat, 31 Aug 1996 11:32:12 +0800
Subject: Intel to rule the basic crypto engine market?
In-Reply-To: <199608300330.UAA14539@mail.pacifier.com>
Message-ID: <199608310131.UAA01464@mailhub.amaranth.com>


In <199608300330.UAA14539 at mail.pacifier.com>, on 08/29/96 at 08:27 PM,
   jim bell <jimbell at pacifier.com> said:

>At 03:56 AM 8/24/96 -0500, William H. Geiger III wrote:

>>Intresting but..., In the era of ITAR, GAK, Key Escrows,Clipper,& FileGate 
>>do we really want to put all our eggs in one basket? And that basket being 
>>based on hardware? IMHO I don't see Intell standing up to the government any 
>>more than Netscape, Mircosoft, IBM, or Lotus has. I have serious doubts that 
>>our "beloved" goverment will alow any standard to be adopted that does not 
>>allow them access whenever they please. I personally do not run any security 
>>code on my machines that I do not have the
>>source for & have instpected.


>The one kind of standardization in the crypto market that we truly need, 
>NOW, is a standard format/protocol so that crypto telephones from all 
>manufacturers can talk to each other.  The last thing we need is a 
>tower-of-Babel situation, which would be even worse than the VHS/Beta wars 
>of 20-10 years ago.


But who's standard?

I constantly here cries for standardization from those in the computer industry. I for one am against it. I like having choices, choices that are taken away by standardization.

In the area of crypto telephones I am definitely against standardization. If I wish to have an encrypted telephone connection my primary concern is that it is secure not whether or not I can communicate to every other phone out there.

I fear that an organized attempt to standardize will only bring about a 'weak' protocol for encrypted communications. One only has to look at what other standardization atemps have produced. Look at the works of IBM, Lotus, Microsoft, Netscape, all who have a vested interest in international sales. They have all to often tried to pawn off weak security in favor of the $$ from international sales.

A tower-of-babel is exactly what we need. The free market at its finest. The lemmings and the ignorant will use products from the "major" manufactures falsely believeing that they are secure. Those of us truly concerned with our security will have other choices to make.

Just my 2 cents,


--
-----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    WebExplorer & Java Enhanced!!!
Merlin Beta Test Site - WarpServer SMP Test Site

Author of PGPMR2 - PGP Front End for MR/2 Ice

Look for MR/2 Tips & Rexx Scripts
Get Work Place Shell for Windows!!
PGP & MR/2 the only way for secure e-mail.
                            
Finger whgiii at amaranth.com for PGP Key and other info
-----------------------------------------------------------






From stu at zilker.net  Fri Aug 30 21:15:53 1996
From: stu at zilker.net (Stu Barrett)
Date: Sat, 31 Aug 1996 12:15:53 +0800
Subject: **"OuR" Project press release** (fwd)
Message-ID: <199608310209.VAA11299@oak.zilker.net>


 Jim, as your back of the envelope calculations indicate LEO is very
difficult.  Luckily, the members of ouR team know this, and have no naive
desire to achieve such a goal.  Don't know how you thought they did....

Stu
-----------------
Stu Barrett
e-mail: stu at zilker.net
Phone: 512-255-6052

"Out the transceiver, down the coax, through the router, down the
fiber, off another router, down the T1, past the firewall.....nothing
but Net."





From bf578 at scn.org  Fri Aug 30 21:48:19 1996
From: bf578 at scn.org (SCN User)
Date: Sat, 31 Aug 1996 12:48:19 +0800
Subject: www.anonymizer.com
Message-ID: <199608310245.TAA21234@scn.org>


>
>
>>
>>I have found and reported to the anonymizer that it does not 
>>always protect you against perl-based cgi scripts.  I did this by 
>>accessing a form-based email page (based on Matt's script) which includes 
>>environment variable values in the msg to the recipient.  I didn't 
>>receive any response back from them after I emailed them the info.
>
>
>   Am I missing something here because isn't the easiest way around all 
of this is simply not to enter your personal info when setting up 
Netscape?  Granted the page can pick up your ISP and what port you used, 
but so what?  It can't get your name and em
ail address.  Use a newsreader such as Free Agent so there's no reason 
to enter your personal info.  If there is a reason to respond to someone 
who's email is in on a particular page, then copy it and paste to your 
emailer... >
>
  I don't like getting the junk-email after visiting some pages, telling
  me what a great service they have (Hey I was just there!!), etc.


--
------------------------------------------
There are no facts, only interpretations.

I always wanted to be somebody, 





From rwright at adnetsol.com  Fri Aug 30 21:50:50 1996
From: rwright at adnetsol.com (Ross Wright)
Date: Sat, 31 Aug 1996 12:50:50 +0800
Subject: Intel to rule the basic crypto engine market?
Message-ID: <199608310237.TAA10525@adnetsol.adnetsol.com>


On Or About: 30 Aug 96, 19:44, William H. Geiger III misspelled:

goverment  (government)
alow   (allow)        
here cries  (Should be hear)
atemps  (attempts)
instpected  (inspected)
believeing   (believing)

But, he is getting better.





From nobody at cypherpunks.ca  Fri Aug 30 22:41:10 1996
From: nobody at cypherpunks.ca (John Anonymous MacDonald)
Date: Sat, 31 Aug 1996 13:41:10 +0800
Subject: www.anonymizer.com
In-Reply-To: <199608302014.WAA08916@basement.replay.com>
Message-ID: <199608310328.UAA19396@abraham.cs.berkeley.edu>


> 
> 
> At 06:12 AM 8/30/96 -1000, NetSurfer wrote:
> >
> >I have found and reported to the anonymizer that it does not 
> >always protect you against perl-based cgi scripts.  I did this by 
> >accessing a form-based email page (based on Matt's script) which includes 
> >environment variable values in the msg to the recipient.  I didn't 
> >receive any response back from them after I emailed them the info.
> 
> 
>    Am I missing something here because isn't the easiest way around all 
> of this is simply not to enter your personal info when setting up Netscape?  
> Granted the page can pick up your ISP and what port you used, but so what?  
> It can't get your name and email address.  Use a newsreader such as Free 
> Agent so there's no reason to enter your personal info.  If there is a reason 
> to respond to someone who's email is in on a particular page, then copy it 
> and paste to your emailer...

Please hit your carriage return once in a while. I had to format your post
manually so I could read it.

If the destination server can pick the port you used, there's a good chance
they can figure out your account name, and therefore your email address.
Many sites these days run identd, which in my opinion is a simply annoying
daemon. Most of those that run it run it because some of their users, most
of whom couldn't find two brain cells to rub together, whine about their
precious IRC servers not allowing them on without it, instead of simply
using IRC servers that will.







From Adamsc at io-online.com  Fri Aug 30 23:56:27 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sat, 31 Aug 1996 14:56:27 +0800
Subject: Nuke Singapore Back into the Stone Age
Message-ID: <19960831045604375.AAB197@IO-ONLINE.COM>


On 30 Aug 1996 14:48:34 -0700, Steven L Baur wrote:


>Charley> We could launch a mail-bomb campaign.. I am looking for the
>Charley> source for a mail bomb program. WinTel would be nice but I
>Charley> could use Linux
>This isn't rocket science.
>#! /bin/sh
># call as:  mailbomb victim at somewhere.sg
>while true; do
>	mail $1 < /usr/local/bin/xemacs
>done

Better yet, use ls -r /news to build a list of things to send. Nasty!

>What are the last two letters of "doesn't" and "can't"?
>Coincidence?  I think not.
<ooh> BAD!  Somebody shoot him!

- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said.
* Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
* Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
* Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
* Member in good standing of the GNU whirled hors d'oeuvre






From Adamsc at io-online.com  Fri Aug 30 23:58:16 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sat, 31 Aug 1996 14:58:16 +0800
Subject: Mimic Function Stego Programs?
Message-ID: <19960831045604375.AAA197@IO-ONLINE.COM>


On Fri, 30 Aug 1996 09:33:18 +0100, Andy Brown wrote:

>> dictionary: 1=sofa 0=couch
>> input: The couch is very comfortable
>> output (0): The sofa is very comfortable.
>> output (1): The couch is very comfortable.
>
>This idea generalises well from human to computer assembly languages.
>You often have a choice of which instruction to use to achieve your goal,
>and a stego assembler could quite easily be constructed.

I *like* it!

- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said.
* Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
* Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
* Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
* Member in good standing of the GNU whirled hors d'oeuvre






From bf578 at scn.org  Sat Aug 31 00:06:17 1996
From: bf578 at scn.org (SCN User)
Date: Sat, 31 Aug 1996 15:06:17 +0800
Subject: ~~ Bankers' Secrets ~~
Message-ID: <199608310253.TAA23490@scn.org>


>From MAILER-DAEMON  Fri Aug 30 19:41:53 1996
X-FreePort-Flags:        
Received: from emin02.mail.aol.com (emin02.mx.aol.com [198.81.11.51]) by scn.org (8.7.5/8.6.12) with SMTP id TAA20565 for <bf578 at scn.org>; Fri, 30 Aug 1996 19:41:50 -0700 (PDT)
Received: by emin02.mail.aol.com (8.6.12/8.6.12) id WAA26649 for bf578 at scn.org; Fri, 30 Aug 1996 22:36:32 -0400
Date: Fri, 30 Aug 1996 22:36:32 -0400
Message-Id: <199608310236.WAA26649 at emin02.mail.aol.com>
From: Mailer-daemon at aol.com
Subject: Returned Mail: Undeliverable
To: bf578 at scn.org

The mail you sent could not be delivered to:
550 massmail at aol.com is not a known user

The text you sent follows:

>From bf578 at scn.org  Fri Aug 30 22:36:02 1996
Return-Path: bf578 at scn.org
Received: from scn.org (scn.org [198.137.188.24]) by emin02.mail.aol.com (8.6.12/8.6.12) with ESMTP id WAA26547 for <massmail at aol.com>; Fri, 30 Aug 1996 22:36:01 -0400
Received: (from bf578 at localhost) by scn.org (8.7.5/8.6.12) id TAA20156; Fri, 30 Aug 1996 19:40:32 -0700 (PDT)
Date: Fri, 30 Aug 1996 19:40:32 -0700 (PDT)
Message-Id: <199608310240.TAA20156 at scn.org>
From: bf578 at scn.org (SCN User)
To: massmail at aol.com
Subject: Re: ~~ Bankers' Secrets ~~
Reply-To: bf578 at scn.org

>
>=======> BANKING SECRETS REVEALED!! <=======
>
>====> SAVE $100,000 & EARN 7% to 10% INTEREST <====
>
>Dear Friend, 
>
>Did you know that you can save up to $100,000 on the 
>biggest investment in your life? For MANY Americans they
>have a dream to one day own their home. When that dream is
>reached, they spend the rest of their life paying that dream

  Funny, they didn't leave an email address?
  Probably don't even know what lists this is be posted to!

 
  For the money you probably get info on how to call your
  mortgage company and find out if makeing smaller/earlier payments
  will reduce the principle and the interest re-caculated.
  Then invest the money you save to earn interest!
  
  I know several people who do this.  You don't make extra payments
  just divde your $1000 month (or whatever) into 3 $333.33 payments.
  You need a sizable principle/long term loan for this to
   be worthwhile, and of course a properly worded mortgage.


--
------------------------------------------
There are no facts, only interpretations.

I always wanted to be somebody, 





From Adamsc at io-online.com  Sat Aug 31 00:32:42 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sat, 31 Aug 1996 15:32:42 +0800
Subject: Intel to rule the basic crypto engine market?
Message-ID: <19960831053943812.AAA111@IO-ONLINE.COM>


On Fri, 30 Aug 1996 19:42:31 -0700, Ross Wright wrote:

>goverment  (government)
>alow   (allow)        
>here cries  (Should be hear)
>atemps  (attempts)
>instpected  (inspected)
>believeing   (believing)

You know, we've all realized that even an anal retentive can use a spell
checker on someone else's posts.  Do we really need continual proof?

- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said.
* Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
* Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
* Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
* Member in good standing of the GNU whirled hors d'oeuvre






From patrickbc at juno.com  Sat Aug 31 01:49:33 1996
From: patrickbc at juno.com (patrick b cummings)
Date: Sat, 31 Aug 1996 16:49:33 +0800
Subject: your mail
In-Reply-To: <Pine.SCO.3.93.960826094019.6590A-100000@grctechs.va.grci.com>
Message-ID: <19960830.014955.9606.3.patrickbc@juno.com>


Their is a half decent credit card generater that comes with aohell.





From amehta at giasdl01.vsnl.net.in  Sat Aug 31 02:15:40 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Sat, 31 Aug 1996 17:15:40 +0800
Subject: Phoneco vs X-Phone
Message-ID: <1.5.4.32.19960831063510.00348e9c@giasdl01.vsnl.net.in>


At 17:45 20/08/96 -0800, jim bell wrote:
>
>The fact is, LD phone is a business that, like it or not, is going to shrink 
>drastically _in_terms_of_dollars_, simply because the cost of that service 
>will likewise, go down.  That's life.

Perhaps the answer to this interesting debate between Vipul and Jim lies in
looking at what happened to computers as they became cheaper. There was
a time when someone at IBM predicted that the needs of the entire world would
be met by about 50 computers or so, but now that computers are almost free
(as Jim argues bandwidth has become), we have almost that many in a single
household (counting all the video games, watches, car and
appliance electronics).
People found new ways to use computers, so they used far more of them. So
much so, that the computer industry overall did not shrink, but
grew. There was a
time when you bought "time"  on a computer, as you do in
long-distance telephony. Changing over to computer purchase
didn't kill the industry.

So if you were sold a size of bandwidth pipe instead of how many hours you 
actually use it, and eliminated the cost of accounting for time usage, I think
we'd all be happier -- except maybe the  IBMs of telecom.

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From amehta at giasdl01.vsnl.net.in  Sat Aug 31 02:15:50 1996
From: amehta at giasdl01.vsnl.net.in (Arun Mehta)
Date: Sat, 31 Aug 1996 17:15:50 +0800
Subject: DON'T Nuke Singapore Back into the Stone Age
Message-ID: <1.5.4.32.19960831063502.0033b25c@giasdl01.vsnl.net.in>


At 17:55 29/08/96 -0700, Timothy C. May wrote:

>Personally, if this crackdown in Singapore happens, I intend to post
>various anti-Singapore and anti-Lee Kwan Yew & Sons screeds to various
>newsgroups that Singaporans might like to read. Then, if the Yew Dynasty
>decides to pull the plug, it'll be to more and more groups.

There are two sides to this: after all, it is the Singaporeans who finally 
have to sort out this problem with their government, and denying them
the Usenet platform for discussion would only hinder that process.

Then again, inappropriate postings are the bane of the Internet: the consensus 
on which the Net functions relies heavily on people not posting
inappropriately. 
Of course, posting anti LKY stuff on a Singapore newsgroup might be perfectly
appropriate -- it is the "more and more groups" part I am worried about.

I quite frankly disapprove of the mail-bomb suggestions made on
the list. Accessing
the Internet is hard enough without these additional roadblocks.
Mail-bombing one
person on a server punishes everybody else on that server too. We need to work
with the people in Singapore on this, not make enemies of them.

I'm glad that the situation in Singapore is attracting much
attention on this list, and that
people want to do something about it. China is seriously
interested in the experiment, 
and India will be too: the law here holds the ISPs responsible
for ensuring that nothing objectionable and obscene is carried by
them, and what simpler way to comply than to
simply use the Singapore proxy. Right now, the law isn't being
enforced, but soon some
headline-seeking politician will point out this out, and the
problem will be with us. So, 
it is important to nip the Singapore experiment in the bud.
However, I think that  the constructive approach, one which
furthers the Net, "routes around", would work better.

For instance, I'd love to see some smart venture capitalist fund
a project that makes
use of surplus, off-peak bandwidth on a transponder on any of the
myriad satellites 
floating over Asia to download Web pages on request. Ideally, I
should be able to 
send via pgp and anonymous remailer a request for a page, which would soon
come beamed down unencrypted via satellite. No more waiting hours
for the latest 
version of Netscape to download, and then restarting from scratch
every time the line drops. Also, goodbye censorship. Even if the
government decided to cut off
Internet access completely, I'd still be able to receive what others such as Tim
think might be of interest to me.

How would this generate revenue? Well, there could be advertising appended to 
select pages, for instance. In any case, with so much uncertainity about how
commerce on the net will work, and in good Internet tradition a la Netscape,
it would probably be smarter to start with a free service, and figure out later
how to make money from it, once it becomes popular.

In a few years, satellite-based Internet access will become widespread and
affordable. However,  the next few years are  really crucial. Governments are
still trying to figure out how to deal with the Net, frame
legislation, etc. This
would be a good time to present them with a fait accompli. Hong Kong will
revert to China next year. What better gift to the nervous freedom fighters 
there, than to help them with their Internet access? Maybe Hong Kong will
take over China, instead of the other way around...

I remember in Sculley's book "Odyssey: from Pepsi to Apple"  he mentions how
Steve Jobs finally convinced him to join Apple by asking if he wanted to sell 
sugared water for the rest of his life, or would he rather change the world. 
The Internet presents opportunities like that to far more people,
and this, IMHO,
is one of them: any would-be Sculleys out there?

Arun Mehta Phone +91-11-6841172, 6849103 amehta at cpsr.org
http://www.cerfnet.com/~amehta/  finger amehta at cerfnet.com for public key






From patrickbc at juno.com  Sat Aug 31 02:16:30 1996
From: patrickbc at juno.com (patrick b cummings)
Date: Sat, 31 Aug 1996 17:16:30 +0800
Subject: encryption
Message-ID: <19960830.020300.9606.7.patrickbc@juno.com>


Will pay $5.00 for a good encryption program.   Write to
patrickbc at juno.com





From tcmay at got.net  Sat Aug 31 03:29:08 1996
From: tcmay at got.net (Timothy C. May)
Date: Sat, 31 Aug 1996 18:29:08 +0800
Subject: Encryption
Message-ID: <ae4d2e5407021004a8c9@[205.199.118.202]>


At 8:52 PM 8/30/96, Benjamin Suto wrote:
>I'm probably the last person who could mention something intelligible
>here, but assuming this encryption algorithm works, and Joe wants to give
>Jane a file, how would he tell her how to decrypt it?

There are two parts to this: the algorithm and the key.

For a strong cipher, the algorithm can be told to Jane...there is no real
security in "security through obscurity."

The remaining part is the _key_. It can be communicated in person, prior to
sending the message (or after, though this is of course a less interesting
situation). Or by a trusted courier, again prior to the encrypted
communication.

(A common thought error newcomers make is to ask "If the key can be
communicated securely, why is encryption needed?" Think of military
communications--the keys are established before a mission, then units can
communicate securely, even over insecure radio channels.)

Public key cryptography allows Joe and Jane to communicate without any
exchange of private key material. Joe encrypts a message to Jane's public
key, then sends it by some channel. Jane can decrypt it, using her private
key.

>If he found a "secure medium" to give her the passcode under, wouldn't
>encrypting it be useless since he could just use that secure medium to
>send the original file?

As I said, think of _time value_. It is often necessary to exchange key
material (or get public keys in advance of a communication) before a
message sending is needed. Also, key materials may be exchanged via
reasonably-secure channels, such as FedEx delivery, and then the Internet
may be used for actual messages. While FedEx may be vulnerable to
interception in certain cases, clearly this is an improvement over using no
encryption.

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From jleonard at divcom.umop-ap.com  Sat Aug 31 03:35:17 1996
From: jleonard at divcom.umop-ap.com (Jon Leonard)
Date: Sat, 31 Aug 1996 18:35:17 +0800
Subject: MUD anyone?
In-Reply-To: <ae4c85ab040210040813@[205.199.118.202]>
Message-ID: <9608310823.AA00984@divcom.umop-ap.com>


Tim May wrote:
>At 4:27 PM 8/30/96, Jon Leonard wrote:
>>Tim May wrote:

[difficulty of coding crypto, even for a MUD]

>>I don't think it's quite that hard, so I tried to implement asymetric key
>>cryptography:
>>
>>20 minutes, to write and debug:
>
>Well, cryptography (per se) is the most basic, and in some sense simplest,
>part of the whole thing: the "semantics" of crypto are well-understood
>(even if not to the snake oil salesmen and repeated inventors of one time
>pads).
>
>Consider that PGP was basically a realization (others existed, natch) of
>ideas that were almost 20 years old.
>
>Some much harder (to me) protocols: fair coin tosses, blinded coins,
>oblivious transfers, digital cash in all its many forms (and issues),
>DC-Nets, and so on. Sure, bits and pieces are codable--and have been--but a
>comprehensive package is tough to write. Wei Dai's and Matt Blaze's
>libraries are excellent, I hear, but are not targetted at creating these
>building blocks for crypto anarchy.

Thanks for the list of useful protocols to consider.  I'll wind up
getting the rest from Applied Cryptography and your Cyphernomicon if
I don't get any more input.

Some of these are fairly easy to fake, though.  Fair coin tosses, for
example:

Assume a perfectly trustworthy escrow agent.  (A bad assumption in
real life, but workable on a MUD, where it's the server.)
Tell the agent to wait until all parties have contributed a bit,
and then announce the XOR of the bits.  As long as an individual
has picked a bit randomly, and given it to the escrow agent securely,
the result is random.

That doesn't answer the questions of integration into a game, or how
make a crypto anarchy out of it.  I'll just have to try things and
see what works.

>Your code is admirable. I did the same thing in Mathematica, a few years
>ago when I was still interested in the innards of RSA. (It took me longer
>than 20 minutes to write, though...but I also got to play around with big
>primes, the basic number theory stuff, etc. A useful learning experience.)

My code doesn't do nearly as much as you seem to think it does.
All of its "security" relies on a mutually trusted interpreter, which
isn't a bad assumption on a MUD.  I'm cheating on the cryptography,
but I think I can get away with it for the purposes of a game.

And, of course, I didn't comment it, document it, or integrate it into
the rest of the game.

>But implementing more recent cryptographic building blocks seems more than
>an order of magnitude harder. (If you can implement a reasonably robust
>bank-digicash system in 10 x 20 minutes = 3.5 hours, I'll be impressed.
>Merely speccing what it should do and how it should behave in various
>situations would take far, far longer than this. Just my view. Maybe I'm
>wrong.)

Even if it's more than that much harder, it's still worth doing.  I'll
see how long it takes, but I'll try for robustness instead of coding
speed.

>>It is a big project, but the big part is writing the MUD, not adding the
>>crypto-anarchy stuff to it.  I'm writing a MUD anyway, and have been off
>>and on for over a year.  Mark Grant's message made me think about what it
>>would take to add the features I wasn't already planning on.
>
>Depends on what you mean by "crypto-anarchy stuff." As I see it, it means
>building a reasonably robust economic system, a market or agora with
>various transaction mechanisms built in. Sort of a cross between "SimCity"
>and Vinge's "True Names."

"True Names" is a better fit than SimCity for what I'm imagining.  In
the absence of any better ideas, it'll borrow a lot from LPmud too.

I've considered a game-run anonymous market, with bid and asked prices
akin to the stock market equivalents.  Characters would have the money
(or whatever) unavailable until the bid or ask was withdrawn, and clearing
would be automatic in case of a match.

It's more appealing if the market is magically provided by a wizard of
some reputation, but game-run is simpler to start with.

>--Tim May

Jon Leonard





From stewarts at ix.netcom.com  Sat Aug 31 03:40:51 1996
From: stewarts at ix.netcom.com (stewarts at ix.netcom.com)
Date: Sat, 31 Aug 1996 18:40:51 +0800
Subject: Real-time key server
Message-ID: <199608310844.BAA00275@toad.com>


At 04:30 PM 8/27/96 DST, "Osborne, Rick" <OSBORRI at msmail.northgrum.com> wrote:
>In my research into keyservers, I find that none of them are realtime. 
> Sure, there are CGI interfaces to them, but that's not what I mean.  I was 
>hoping for something along the line of a Finger or SMTP protocol, such that 
>a client connects to a host (say, keyserv.northgrum.com) on a certain port 
>(say, 5397) and goes through a realtime version of what is accomplished via 
>email. [...]
>Why?  Because:
>1. I do not want to reinvent the wheel.
>2. I would like to conform to existing standards.

There are at least three shapes of wheel readily available.

Some of the keyservers have had finger interfaces; there was one on
wasabi.io.com for a while, though it may be inactive.  John Perry
may know where to find source code for it?  Assuming you want PGP keys
delivered in ASCII format, finger protocol should work just fine - you could
easily enough hack your own fingerd server to live on the fingerd port,
which gets PGP key files from a directory or database instead of from
users' home directories, and run it on pgp.northgrum.com or whatever.
You could even hack the existing finger code from {Free,Net}BSD,
making sure to clean up any remaining sprintf()s and {*}get()s.

Alternatively, a CGI query _is_ an easy way to do it, and there's
existing code on the MIT keyserver that's blazingly fast.

John Gilmore's SWAN project is using a DNS-based PGP key server;
check out http://www.cygnus.com/~gnu/swan.html for more details.


>Okay, I was told to not post to the list until I'd:
>1. Lurked for a month,
>2. Figured out who Detweiler was,
>3. Found out about BlackNet and DC Nets,
>4. Learned of at least three of David Chaum's innovations.
>And at that point "[I] may be ready to post [my] first comments."
>
>Well, dammit, I can't wait that long.  I need help now.  I've only been on 
>for 2 weeks, I have no clue who Detweiler is (other than the
>welcome message I haven't heard two words about him/her/it), and I know 
>enough to sound stupid about the other stuff.  But if you still think I'm 
>worthy of listeneing to, then read on.

Three out of four ain't bad, and Detweiler's been using his alias on
the list for a couple of years and acting quite civilized :-)
Some good reading sources are Bruce Schneier's book "Applied Cryptography"
and Tim May's "Cyphernomicon" piece which is on the web somewhere.
Also, asking for pointers to existing work does categorize you
with the clueful minority.....

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From stewarts at ix.netcom.com  Sat Aug 31 03:42:25 1996
From: stewarts at ix.netcom.com (stewarts at ix.netcom.com)
Date: Sat, 31 Aug 1996 18:42:25 +0800
Subject: PGP Comments Considered Occasionally Harmful Re: Pronto making a comment
Message-ID: <199608310847.BAA00304@toad.com>


-----BEGIN PGP SIGNED MESSAGE-----

To cypherpunks, Re: mbabcock and Jim Ray's discussion.

>> How did you get Pronto to do a comment?
>
>I added a "comment=" in my config.txt ;) ... the old fashionned way.
...
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.3i
>Charset: ascii
>Comment: http://www.cyberbeach.net/~mbabcock/PGP/

Note that the comment makes traffic analysis much easier.
Sure, you can send your mail through five different remailers,
but if each layer of PGP has your home page URL or some other
distinctive Comment:, it's traceable.

-----BEGIN PGP SIGNATURE-----
Version: 2.7.1
Comment: PGP available outside U.S.A. at ftp.ox.ac.uk

iQBVAwUBMif6ZvthU5e7emAFAQHh2AH/R4KY4MPQBjF2XCeeFCY5XPVQTePvPwT6
5MAAzyTL/8RwU0Ul7G7rQgeb/08CxqetC0Ry22AhMV8uEV6DgTbcLg==
=4Ttw
-----END PGP SIGNATURE-----

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From billstewart at worldnet.att.net  Sat Aug 31 04:14:28 1996
From: billstewart at worldnet.att.net (Bill Stewart)
Date: Sat, 31 Aug 1996 19:14:28 +0800
Subject: FWD: Re: Tiger?
In-Reply-To: <5jITplH.padrote@delphi.com>
Message-ID: <3228029E.233F@worldnet.att.net>


Bruce Schneier wrote in sci.crypt :
> 
> In article <505bms$2m1 at kadri.ut.ee>, sander at haldjas.folklore.ee (Sander
> Vesik) wrote:
> 
> > Bruce Schneier (schneier at counterpane.com) wrote:
> > : Tiger is a one-way hash function designed by Eli Biham and Ross Anderson.
> > : It is optimized for a 64-bit chip (DEC Alpha).  While interesting, Tiger
> > : is very new, completely unanalyzed (except by the authors), and hence
> > : still suspect.  On the other hand, it's lightning fast on 64-bit machines.
> >
> > : Wired is displaying typical uneducated hype in its mention.  I recommend
> > : that everyone look at Tiger, but that no one use it yet.
> >
> > It is round 2.3 times faster than MD5 on my Pentium - so the part about
> > high speed on the 32bit chips also seems to hold.
> 
> It is certainly fast, and it is definitely not your typical snake oil.
> It's just a mistake
> to start using an algorithm immediately after it is published.
> 
> Bruce
> 
> **************************************************************************
> * Bruce Schneier              APPLIED CRYPTOGRAPHY, 2nd EDITION is
> * Counterpane Systems         available.  For info on a 15%
> * schneier at counterpane.com    discount offer, send me e-mail.
> *
> * For Blowfish C code, see ftp.ox.ac.uk:/pub/crypto/misc/blowfish.c.gz
> **************************************************************************

-- 
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 
#			Dispel Authority!





From billstewart at worldnet.att.net  Sat Aug 31 04:29:24 1996
From: billstewart at worldnet.att.net (Bill Stewart)
Date: Sat, 31 Aug 1996 19:29:24 +0800
Subject: IDEA and timing attacks
In-Reply-To: <RDPyBl2.jmkelsey@delphi.com>
Message-ID: <3228024F.1C1A@worldnet.att.net>


John Kelsey <jmkelsey at delphi.com> wrote in sci.crypt
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> [ To: sci.crypt ## Date: 08/24/96 03:11 am ##
>   Subject: IDEA and Timing Attacks ]
> 
> I'm still kind-of recovering from this year's Crypto conference, but
> I told several people I would post this.  At the rump session this
> year, I presented an arguably practical timing attack on many
> implementations of IDEA.  There are actually two attacks available,
> but one requires extremely fine timing results.  After I gave the
> presentation, Willi Meier told me he had independently found the
> same results, and had implemented the full attack (which I hadn't
> yet done).
> 
> There are two different attacks.  The most practical is an
> adaptive chosen-plaintext attack, which requires about 5*n*2^{16}
> chosen plaintexts (read ``five n times two to the sixteenth''),
> where the parameter n depends on the precision of timings available
> and the timing variability of the implementation.  The second attack
> is ciphertext-only, but requires timing measurements precise enough
> to detect the difference between a single multiply of a zero vs.
> nonzero value.  It requires about 5*n*2^{16} values, as well.
> 
> The basic idea behind the attack is as follows:  in many
> implementations, a zero input into the multiply operation is handled
> by an if statement, and so does not cause a multiply instruction to
> actually be executed.  The result on a 486 is that it is
> significantly faster to multiply by a zero rather than a nonzero
> value.  This timing difference gives us a really nice way to learn
> information about the internal values of the cipher.
> 
> This presentation is necessarily not very good, since I can't embed
> a diagram here.  If you have a copy of _Applied Cryptography_, then
> turn to the section on IDEA (page 321 in the hardback version of the
> second edition).  The diagram shows one round of IDEA, and then
> (after the ellipses) the output transformation.
> 
> The chosen plaintext attack works as follows:
> 
> 1.   Build a run of n*2^{16} chosen plaintexts, by choosing a
> single value for X_1, and choosing n of each possible value for X_3,
> with X_2 and X_4 taking on values at random.  Time the encryption of
> each batch of n plaintexts with the same X_3 value.
> 
> 2.   Choose a new value for X_1, and then build another run of
> chosen plaintexts exactly as above.
> 
> 3.   For each of these two runs, if the value of Z_5 is not zero,
> there should be a different value for X_3 that gives the lowest
> encryption time.  (These are the values that force the input to the
> multiply with Z_5 to be zero.)  Call these X_3 and X_3'.  This gives
> us two equations in two unknowns, and we can solve for it with a
> 32-bit brute-force search.  (There may be faster ways, as well.)
> 
>      (X_1 (*) Z_1) = (X_3 + Z_3)
>      (X_1'(*) Z_1) = (X_3'+ Z_3)
> 
> We now have recovered Z_1 and Z_3.
> 
> 4.   Let's call the input to the multiply with Z_5 A.  We can use
> knowledge of Z_1 and Z_3 to force A to keep the same value.  We then
> choose three new runs of chosen plaintexts, each containing 2^{16}
> batches of n plaintexts apiece.  Each of these ensures that A and
> X_2 are kept constant, so that we wind up three difference values
> for A, X_2 and X_4 which correspond to zero inputs into the multiply
> with Z_6.  This means that we wind up with three equations in three
> unknowns.
> 
>      (A  (*) Z_5) + ((Z_2 + X_2  ) XOR (Z_4 (*) X_4  )) = 0
>      (A' (*) Z_5) + ((Z_2 + X_2' ) XOR (Z_4 (*) X_4' )) = 0
>      (A''(*) Z_5) + ((Z_2 + X_2'') XOR (Z_4 (*) X_4'')) = 0.
> 
> This can be solved with a 48-bit brute force search (there are
> probably faster ways).  We now have 80 bits of IDEA's key, and can
> brute-force search the remaining 48 bits.
> 
> Note that this is actually an adaptive chosen-plaintext attack as
> described.  I'm pretty sure this can be turned into a proper
> chosen-plaintext attack with some work, and I'll probably be hacking
> on this in the next few weeks, as time allows.
> 
> The ciphertext only attack is simpler in some ways.  The first 32
> bits are extremely easy to recover--find the average time to encrypt
> blocks with each value in their first and last 16 bits, and then
> solve for the subkey values that would be necessary for those
> multiplies to have zeros as their inputs.  Next, we look for a
> correlation between low encryption times and the values for Z_3 in
> the output transformation that would result in zero inputs into the
> previous round's MA box multiply.  Finally, we attack the second
> multiply in that MA box, using all four output values.  The
> approximate computational difficulty is 2^{48}, as before.
> 
> There are other timing attacks on IDEA.  We gave one in our paper at
> Crypto this year (the one on related-key cryptanalysis of several
> ciphers, by Bruce Schneier, David Wagner, and me), and the
> related-key timing attack is where I got the idea to try a timing
> attack on the whole cipher.
> 
> All timing attacks are implementation-dependent to some extent.  On
> a Pentium, I suspect the timing attack will be considerably harder.
> (One person I discussed the attack with said he thought it would
> take longer to do the conditional branch for the if statement than
> to do the multiply, so we might have zero multiplies taking more
> rather than less time.)
> 
> Most applications aren't really susceptible to timing attacks,
> because of the way they're used.  In addition, chosen-plaintext
> attacks on block ciphers are pretty nicely thwarted by using CBC or
> CFB modes.  It is probably also possible to implement IDEA so that
> it executes in constant time.  I should point out that it is *NOT*
> enough either to add random delays (which fall out if you add more
> samples), nor to just get rid of the big timing difference with zero
> inputs (though that will make timing attacks somewhat more
> difficult).  As long as internal (secret) information is being
> leaked by timing, the cipher is probably vulnerable to some kind of
> timing attack.
> 
>    --John Kelsey, jmkelsey at delphi.com / kelsey at counterpane.com
>  PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBMh7GKEHx57Ag8goBAQEqGQQApXRQUMWz3gpJIwGrLbVhcgcpSMXyrq0g
> iTi2qjH7dJjmWugpLnbm18XHzOPZMKizdZ/gin1O3Rk89dXfqK4sIICwY3QmkwFR
> ZQ2My4mTUn27ibjAjZTDuvxLXnqqoOFRrMUTQGIlMTCZdBooSWrif+pTLQbIsoPr
> saHlDl2bWts=
> =tWIq
> -----END PGP SIGNATURE-----





From maverick at thepentagon.com  Sat Aug 31 05:19:44 1996
From: maverick at thepentagon.com (Sean Sutherland)
Date: Sat, 31 Aug 1996 20:19:44 +0800
Subject: Local Obscenity Regulations
Message-ID: <19960831100811343.AAA184@maverick>


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks at toad.com
Date: Sat Aug 31 05:05:19 1996
If the BS coming from the Observer wasn't bad enough, check this out:

http://www.cnet.com/Content/News/Files/0,16,2316,00.html

Seems that Oregon has a ballot up for measure which will allow each city 
and county to decide for itself what obscenity is.  I'm really not sure if 
this'll hold up or not, but I can see every hick sheriff in the state 
trying to get his fame by busting someone or something.  
- ---
Sean Sutherland       | GCS/C d- s+:+ a--- C+++ V--- P L E- W++ N++ K- w o 
PGP Key ID: E43E6489  | O-(++) M-- V PS+ PE++ Y++ PGP++(+) t--- 5+++ X++ R 
Vote Harry Browne '96 | b++ DI+ D+ G e- h! !r y
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: For key finger me or http://www2.interconnect.net/maverick

iQEVAwUBMigOYVZoKRrkPmSJAQEUIwf+O/J8Uy9ZThNnnNagwROWj6uFww8Nuktf
Y1m5rV3dGEyNxGVgaNh4hubI56vUodvk2RhjDrELvc7dwwxgDzK0YNvFk7vmzVFD
o8IT/FjRwCIxx2OUwV2e8jnRiP3okTRecmRpeeL0GaUqulYSsijaTnjTofapARYU
18PpKJxrgJg5a07ybdU4B5JVJ7HzAraY/w32LIGTqRNhoRcORvcox0FDLnswNk7W
ALh4dhCBMyQEhey/v/RfFwjtEBTIarjA6b8zUf+dFweRsNWZAdCugpNWNv6OE65h
in1x5PFttn7ldad2c0PNN7fsu5NUCIjSQNljRsyTnkO1Jctp3Z02mw==
=W3Vk
-----END PGP SIGNATURE-----






From stewarts at ix.netcom.com  Sat Aug 31 06:02:37 1996
From: stewarts at ix.netcom.com (stewarts at ix.netcom.com)
Date: Sat, 31 Aug 1996 21:02:37 +0800
Subject: Building the Singapore Free Press
Message-ID: <199608311101.EAA01447@toad.com>


Suppose you wanted to build a free press for a country like
Singapore that has a government that doesn't want one -
on the net, from the inside and outside.  What tools would you need?
Assume a Firewall Curtain proxy that can block sites and keywords but
can't really block encryption.  Also assume that the ISPs inside the
Firewall Curtain can't do much to help you, given government licensing
and other threats.  How can you help people communicate with each other
without interference?

The Web isn't a bad tool for it, but it's easy to block 
specific web sites and specific host machines, so you'd need
some combination of replication and DNS-manipulation to let
sites change names conveniently and frequently.
Has anybody developed a good DNS mechanism for reassigning
namespace conveniently (e.g. a meet-me system allowing any machine 
to connect up to a given name, so anybody who wants to can be
foobar23.remailer.net)?

There are web conferencing tools that would be a decent
user interface.

You'd need some mechanism for anonymous submissions;
remailers and web-based forms both work. 
Journalists have a long history under pseudonyms 
in British colonies and other non-free territory :-)

You'd need a mechanism for finding the news from inside SG;
search engines like AltaVista can pretty much handle that
except that you need a method for sending encrypted requests,
so the Firewall Curtain can't block them and the
government can't tell what you're searching for.
Perhaps an SSL-protected form with a CGI to submit to AltaVista?

Does anybody know the protocols of the Firewall Curtain
well enough to slide things into the cache?  (This is an 
httpd hacking question....)

What other tools would be useful?

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From morgan at keilin.helsinki.fi  Sat Aug 31 09:29:58 1996
From: morgan at keilin.helsinki.fi (Joel Morgan)
Date: Sun, 1 Sep 1996 00:29:58 +0800
Subject: singapore and penet
Message-ID: <199608311221.PAA05193@keilin.helsinki.fi>


There is a report in a Helsinki newspaper (Helsingin Sanomat 31 Aug
1996, p A11) that the Singapore government has asked Finland to help
them obtain the name of a person who posted via anon.penet.fi to
usenet.  Apparently the messages in question criticize the strict laws
in Singapore and were signed using the name of the former prime
minister Lee Kwan Yew.

-- 
=====================================================================
Joel.Morgan at Helsinki.FI              http://blues.helsinki.fi/~morgan
=====================================================================





From qut at netcom.com  Sat Aug 31 09:57:56 1996
From: qut at netcom.com (Dave Harman OBC)
Date: Sun, 1 Sep 1996 00:57:56 +0800
Subject: anon.penet.fi closing down
Message-ID: <199608311504.IAA01014@netcom21.netcom.com>


! what would be alternatives to anon.penet.fi..... 
! ==========================================
!    Blake Wehlage <jwilk at iglou.com>
!    ��� R�V�L����� B�+ ��mP@� � ���
!  Goto: http://members.iglou.com/jwilk

Gee, aren't you already using an account you started with fake personal data? 





From wb8foz at nrk.com  Sat Aug 31 10:03:28 1996
From: wb8foz at nrk.com (David Lesher)
Date: Sun, 1 Sep 1996 01:03:28 +0800
Subject: WashPost report on airline security plan
Message-ID: <199608311514.LAA15443@nrk.com>


Today's WashPost reports that one plan the new commission
is studying is a massive Big Brother database of any&everyone
boarding a plane. ""Suspects"" will then be subjected to
extra attention.

-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From qut at netcom.com  Sat Aug 31 10:03:31 1996
From: qut at netcom.com (Dave Harman OBC)
Date: Sun, 1 Sep 1996 01:03:31 +0800
Subject: Waging War On Singapore
Message-ID: <199608311513.IAA02186@netcom21.netcom.com>


So what is the information that the Singapore dictatorship is trying to 
ban?  Whatever it is, the Singapore internal networks should be flooded 
with it.  How to get an internet account in Singapore, preferably 
anonymous? 





From qut at netcom.com  Sat Aug 31 10:22:10 1996
From: qut at netcom.com (Dave Harman OBC)
Date: Sun, 1 Sep 1996 01:22:10 +0800
Subject: [FUCKHEAD] Re: Dr. Vulis is a test, right? [was RE: Desubscribe]
In-Reply-To: <2.2.32.19960830224855.00355560@labg30>
Message-ID: <199608311526.IAA03410@netcom21.netcom.com>


ON
! 
! I can't believe it any more.
! 
! On Fri, 30 Aug 96 02:47:21 EDT, Dr. (of what, pray tell?) Vulis blathers first:
! 
! >> > If you don't have the brains to forge the From:, then you have no
! >> > business being subscribed to any mailing list.
! 
! and then again:
! 
! >Whoever uses the term "spam" in derogatory manner, opposes free
! >speech and deserves to be caned.
! 
! First, accusing someone of stupidity for not having learned how to telnet to
! an SMTP server is a bit harsh, especially since the guy might be stuck
! behind a firewall that mungs his addresses AFTER his messages goes out --
! not that Dr. V bothered to find out before the accusation.
! 
! Second, suggesting anyone be caned for their political beliefs (and
! resultant speech) is quite obviously NOT the action taken by someone who
! defends free speech.  Again, Dr. V. put those beliefs in his words through
! his flawed logic.
! 
! It's like watching a KKKlucker yelling, "you have no right to say that we
! don't support free speech," and not getting it.
! 
! And for what -- the thoughtcrime of calling Dr. V a spammer?  Hmm.  About
! the closest I can come to finding a "crime" here is trademark infringement.
! I'm sure Hormel is following this closely.
! 
! All of this is merely annoying.  But slamming Tim May because of his
! heritage?  "criminal Arm*nian grandparents"?  Now it's a crime not only to
! call Dr. V a spammer, but to have ancestors born someplace his ancestors
! taught him to not approve of.  (Can you say "racism", kids?  Sure.  I knew
! you could.)
! 
! When I first started reading this list, it was about the time Jim Bell was
! espousing the A.P. theories, and I thought him a fool for it.  I put his
! name in my filter, sending his posts to the trash.  More and more, I found
! myself heading to the trash bin to follow a thread that Jim was contributing
! to.  Valuable contributions, mind you, not just more of his A.P. stuff.  Of
! course, I ended up removing him from my filter.  (For missing that month of
! your posts, Jim, I owe you an apology.)
! 
! At that time, I realized a few things:  Filters certainly aren't the answer;
! and everybody can come up with valuable contributions.
! 
! Anyway, my current status is to have the filters set to remove posts with
! the words [NOISE] or [OFF-TOPIC] somewhere in the headers.  It helps weed
! out stuff that really isn't why I'm here reading this list.
! 
! Given that I feel that even Dr. Vulis might possibly contribute something of
! value to this list at some unspecified time in the future, I have come to
! the conclusion that the only solution is to ask him to change his e-mail
! name field to:
! 
!   dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM [NOISE] )
! 
! until such time as he can actually come up with something useful to say to
! the rest of us.  Maybe he could even throw in an [-L18] tag, if he's going
! to continue to [spit | fuck | fart] every posting that leaps through his screen.
! 
! [ Note to everyone else:  that's SARCASM there, hope you got it! ]
! 
! So, my original question is:  is there really a Dr. Dmitri Vulis (KOTM)
! somewhere?  Or is he just some made-up straw man, created by Tim May, John
! Gilmore and Eric Hughes for their personal amusement, and to add a spot of
! controversy so we can feel like we're not preaching to the choir with every
! pro-cypher posting?  I often thought that was the case with David Sternlight
! as well.  Or is Dr. Vulis really best-buddies with Tim May, and his way of
! showing affection is to "fart in his general direction" with every post?
! 
! If he exists, I pity the unsuspecting students who wander into his class who
! might not have the genetic makeup he approves of.  And now I *completely*
! understand tenure.
Fuckhead.





From alanh at infi.net  Sat Aug 31 11:04:42 1996
From: alanh at infi.net (Alan Horowitz)
Date: Sun, 1 Sep 1996 02:04:42 +0800
Subject: WashPost report on airline security plan
In-Reply-To: <199608311514.LAA15443@nrk.com>
Message-ID: <Pine.SV4.3.91.960831115709.16705A-100000@larry.infi.net>


THe CBS Radio News (I think that's who) mentioned this morning that the
screening criteria for deciding whose baggage to search with fancy
machines, would include methods the passenger had chosen to make payments,
not merely for the ticket, but for his daily purchases. That this idea was
floating around a long time and has been given new impetus since the
flight 800 take-down. 

Any one else see the analysis I saw on newsgroup (forget which) which 
analyzed the pattern of damage to the aircraft, and came to the conclusion 
that it had to be a proximity-fused missle.





From lutz at as-node.jena.thur.de  Sat Aug 31 11:19:55 1996
From: lutz at as-node.jena.thur.de (Lutz Donnerhacke)
Date: Sun, 1 Sep 1996 02:19:55 +0800
Subject: LACC: Helsingius shuts down anon.penet.fi server in Finland (fwd)
In-Reply-To: <Pine.3.89.9608301041.A7465-0100000@netcom>
Message-ID: <m0uwlUp-0003u4C@as-node.jena.thur.de>


* Z.B. wrote:
> 

Try out anon at as-node.jena.thur.de, which offers pseudonymity without an
user database. It's open to the public and able to post.

-- 
|   Lutz Donnerhacke   +49/3641/380259 voice, -60 ISDN, -61 V.34 und Fax    |





From charlee at netnet.net  Sat Aug 31 11:20:27 1996
From: charlee at netnet.net (kickboxer)
Date: Sun, 1 Sep 1996 02:20:27 +0800
Subject: WARNING vIRuS!
Message-ID: <199608311621.LAA20992@netnet1.netnet.net>


        There is a new and VERY dangerous virus called the HAZ-MAT virus!
it fucks up the sectors on your hd, and really messes up the partition
tables.  It does this once a week, picking a random time to do it.  99.9% of
virus scanners and other antivirus programs will not recognize it, for it is
a totally new strain, using a never before seen code.... Be warned!  The
HAZ-MAT virus usually resides in JPG, and GIF files... once the files are
viewed, the virus takes effect.
scan all images upon download!
                                                                               






From alanh at widomaker.com  Sat Aug 31 11:24:29 1996
From: alanh at widomaker.com (Alan Horowitz)
Date: Sun, 1 Sep 1996 02:24:29 +0800
Subject: found the flight-800 missle thing
Message-ID: <Pine.UW2.3.93.960831122726.28039A-100000@wilma>



---------- Forwarded message ----------
Date: Fri, 30 Aug 1996 22:51:33 -0800
From: Dan Robbins <kl7y at alaska.net>
To: alanh at widomaker.com
Subject: RE: Our old thread on airport security (fwd)

>Return-Path: <cas at alaska.net>
>Date: Fri, 30 Aug 1996 11:46:10 -0800
>X-Sender: cas at alaska.net
>To: kl7y at alaska.net
>From: Cas Gadomski <cas at alaska.net>
>Subject: RE: Our old thread on airport security (fwd)
>
>>Return-Path: <jcs1 at MAILNET.ho.ATT.com>
>>From: jcs1 at MAILNET.ho.att.com
>>Original-From: jcs1 at MAILNET.ho.ATT.com
>>Original-From: "Schaefer, John" <jcs1 at MAILNET.ho.ATT.com>
>>To: "'Cas Gadomski'" <cas at alaska.net>
>>Subject: RE: Our old thread on airport security (fwd)
>>Date: Fri, 30 Aug 1996 10:32:38 -0400
>>
>>Cas:
>>
>>As far as I know, PETN while often used as a detonator, is also a
>>component of many initiators (a "booster" rather than a detonator--that
>>is the detonator fires the larger booster charge, which fires the main
>>charge) but it is also found as a main charge many weapons.
>>
>>Am not familiar with what we/"they" use as a bursting charge in SAMs but
>>I would expect that they would use something with major blast
>>capabilities like PETN.  I've always like Octol for a big blast but
>>there are all kinds of things out there now.  As to fragments the
>>message is right on target.  One report from the crash sited frag damage
>>of plane parts and some bodies but the subject never appeared in the
>>press again.
>>
>>For air to ground against surface targets or tunnels NOTHING beats a
>>fuel-air bomb.  Next best thing to a nuke. (One story out of the Sandbox
>>War relates a couple of British SAS folks observing from a distance a
>>concentration of enemy when the USAF unloaded an FAE bomb on the target.
>> The Brits called their HQ to report that the US had gone nuclear!
>>
>>Am still wondering about the "missile" theory.  An errant SM-1 is highly
>>unlikely, and Stingers and Strellas have a very small warhead (2-3
>>pounds) and the plane would have been at the far limit of their range
>>even if fire from directly underneath.  We may never know what happened.
>> (One really way-out theory was that it as done in by a major SAM fired
>>from a submarine by China/Iran/Iraq/Martians, etc. (take your pick). 
>>Next will be it was shot down by a particle beam weapon fired from a
>>UFO.
>>
>>If I was a terrorist who wanted to do an airliner externally the best
>>way would be to sit in a very small fiberglass boat about a half-mile
>>off shore of JFK very late at night or very early in the morning (to
>>avoid spectators) and get them with a Stinger/Strella on climb out. 
>>Toss the launcher overboard and paddle away.
>>
>>As to terrorist bombs in crowded places I still can't believe that some
>>nut hasn't used dynamite and a couple of propane tanks--MAJOR bang
>>there. A standard "home" size tank as used for cooking with a big
>>initiator would probably clear a major mall.  Very scary. 
>>
>>As of late Sue and I avoid, if at all possible, crowded public places
>>like malls, shopping centers, and theaters.  They're disasters waiting
>>to happen.
>>
>>As to sending obnox mail to the "postmaster"--yup, that works.
>>
>>If you want to really worry read Tom Clancy's new book "Executive
>>Decision."
>>
>>Stout heart and good cheer,
>>
>>John
>>
>>
>>
>>>----------
>>>From: 	Cas Gadomski[SMTP:cas at alaska.net]
>>>Sent: 	Friday, August 30, 1996 4:52 AM
>>>To: 	Schaefer, John
>>>Subject: 	Our old thread on airport security (fwd)
>>>
>>>
>>>John . . .
>>>
>>>What do you think???     I'll forward any clarifications and/or updates
>>>and
>>>confirmations as I get them.
>>>
>>>                                       Cas.
>>>
>>>>Return-Path: <kl7y at alaska.net>
>>>>Date: Thu, 29 Aug 1996 18:20:13 -0800
>>>>X-Sender: kl7y at alaska.net
>>>>To: cas at alaska.net
>>>>From: Dan Robbins <kl7y at alaska.net>
>>>>Subject: Our old thread on airport security (fwd)
>>>>
>>>>One problem with this.  My friend at work who used to be in EOD
>>>>said PETN is found only in detonators and occasionally in boosters, not
>>>>in the explosives themselves. He said he knew of no US weapon or bomb
>>>>that used PETN in the main charge  See 6) below.  If PETN is
>>>>only in the detonator, then there would not be very much of it in any
>>>>explosion.   
>>>>
>>>>
>>>>
>>>>>Return-Path: <alanh at widomaker.com>
>>>>>Date: Thu, 29 Aug 1996 19:41:05 -0400 (EDT)
>>>>>From: Alan Horowitz <alanh at widomaker.com>
>>>>>X-Sender: alanh at wilma
>>>>>To: jennett at citicom.com, kl7y at alaska.net
>>>>>Subject: Our old thread on airport security (fwd)
>>>>>
>>>>>
>>>>>
>>>>>---------- Forwarded message ----------
>>>>>Date: Thu, 29 Aug 1996 14:51:54 +1300
>>>>>From: Joop Teernstra <terastra at TERABYTZ.CO.NZ>
>>>>>Reply-To: Cebu Discussion List <CEBU-L at CEBU.USC.EDU.PH>
>>>>>To: Multiple recipients of list CEBU-L <CEBU-L at CEBU.USC.EDU.PH>
>>>>>Subject: Our old thread on airport security
>>>>>
>>>>>Dear fellow airtravellers,
>>>>>
>>>>>I think the following is relevant to a point I made at that last
>>>>>discussion,
>>>>>and I like to share it with you, even if some of you may have seen it
>>>>>already:
>>>>>
>>>>>>Newsgroups: alt.current-events.clinton.whitewater,alt.conspiracy
>>>>>>Subject: Re: POSSIBILITY OF AN RBS 70 SAM ON TWA 800
>>>>>>Date: Mon, 26 Aug 1996 09:48:51 GMT
>>>>>>Organization: The Scannerist
>>>>>>Lines: 144
>>>>>>Message-ID: <4vrs85$3cp at ash.ridgecrest.ca.us>
>>>>>>References: <011303Z25081996 at anon.penet.fi>
>>>>>>Reply-To: cheshire at ridgecrest.ca.us
>>>>>>NNTP-Posting-Host: annex033.ridgecrest.ca.us
>>>>>>X-Newsreader: Forte Free Agent 1.0.82
>>>>>>Xref: news.express.co.nz alt.current-events.clinton.whitewater:60503
>>>>>alt.conspiracy:198774
>>>>>>
>>>>>>an623250 at anon.penet.fi wrote:
>>>>>>
>>>>>>Very concise report. It is also interesting to note that you mention,
>>>>>>"Tungsten, perhaps? "  Tungsten pellets are not the only thing used by
>>>>>>ground to air weapons.  Sidewinder [Chaparral] is known to use an
>>>>>>"expandable rod" war head.  Also, a casing of  FRANGABLE tungsten is
>>>>>>being used in some weapons. This means that the case itself explodes
>>>>>>into thousands of razor sharp pieces. So sharp that you could shave
>>>>>>wih them.  Bad news for anyone or anything within reach.   :-{
>>>>>>
>>>>>>>From: RONALD LEWIS <INTELLIGYST at WORLDNET.ATT.NET>
>>>>>>>Subject:      POSSIBILITY OF AN RBS 70 SAM ON TWA 800
>>>>>>>To: Multiple recipients of list FLIGHT-800
>>>>>>>              <FLIGHT-800 at HOME.EASE.LSOFT.COM>
>>>>>>
>>>>>>>According to the 8-23-96 edition of the New York Times, residue of PETN
>>>>>>>explosive has been confirmed on wreckage of TWA Flight 800.  We now have
>>>>>>>either a bomb or a missile as the cause.
>>>>>>
>>>>>>>PETN is said to be a component of missile warheads as well. 
>>>>>>>Interesting how
>>>>>>>that was mentioned in all of the news reports tonight on various networks
>>>>>>>and even local TV.  Now that the investigators have concluded that it
>>>>>>>definitely was a bomb or a missile, they are supposedly going through and
>>>>>>>trying to collect evidence to indicate which it was.
>>>>>>
>>>>>>>Two things highly significant:  1)  Weeks ago, a reliable source
>>>>>>>advised me
>>>>>>>that the investigators were not worried about explosive residue fading in
>>>>>>>salt water because they had other evidence.  Components of a missile,
>>>>>>>perhaps?  Couldn't say.
>>>>>>
>>>>>>>2)  Same source told me the other day that the investigators were now
>>>>>>>conducting "metalurgical studies",  i.e., they were looking for and
>>>>>>>analzying certain types of metal.  Tungsten, perhaps?  Bombs don't
>>>>>>>contain
>>>>>>>tungsten but SAM warheads are often surrounded by tungsten balls or
>>>>>>>pellets.
>>>>>>>They help cut the metal skin of their target aircraft.
>>>>>>
>>>>>>>OTHER NOTES:
>>>>>>
>>>>>>>1) Rocket motor of a missile would be capable of touching off a fire in
>>>>>>>nearby fuel tanks.   An Exocet missile sank the destroyer SHEFFIELD
>>>>>>>in the
>>>>>>>Falklands War without the warhead even detonating.  The missile cut
>>>>>>>through
>>>>>>>the hull, severed fuel lines and the rocket motor touched off the spilled
>>>>>>>fuel, causing a fatal fire.
>>>>>>
>>>>>>>2)  Something ejected the air conditiioning plant in the first
>>>>>>>debris field.
>>>>>>>What would blow out the missing bottom of the aircraft center without
>>>>>>>collapsing the internal structures, then manage to blow the forward
>>>>>>>fuselage
>>>>>>>off, rip away the right side of the fuselage and cause burn marks
>>>>>>>there and
>>>>>>>in the adjacent wing?  A titanic explosion which quickly ripped the
>>>>>>>fuselage
>>>>>>>apart faster than Pan Am 103 went.
>>>>>>
>>>>>>>3)  The sound on the cockpit voice recorder is different from any
>>>>>>>other they
>>>>>>>have heard before on two other 747s downed by bombs (Pan Am and Air
>>>>>>>India).
>>>>>>>Perhaps the sound was not caused by a bomb?  It seems we have only a
>>>>>>>bomb or
>>>>>>>a missile left at this point.  If it's not a bomb, then....?
>>>>>>
>>>>>>>4)  Nose gear damaged in its hold.  Nose gear door gone.  Right side
>>>>>>>forward
>>>>>>>cargo hatch blown off in first field.  The doors and AC unit located
>>>>>>>together.  How does a bomb inside the center fuselage do such damage
>>>>>>>to the
>>>>>>>nose gear area?  It doesn't seem possible.  However, an external
>>>>>>>blast and
>>>>>>>shock wave would be consistent with this, especially if it initiated
>>>>>>>at the
>>>>>>>left rear and traveled forward, rippling along the bottom of the
>>>>>>>aircraft.
>>>>>>>It would be very interesting to note if the nose gear door found in
>>>>>>>Area #3
>>>>>>>(the "first" debris field, that closest to JFK) happens to have been from
>>>>>>>the right side.
>>>>>>
>>>>>>>5)  Latest pieces of wreckage with fuselage stringers and stiffeners
>>>>>>>AGAIN
>>>>>>>show at least subtle evidence of an external explosion rippling the outer
>>>>>>>fuselage inward.  Look at the video of all outer hull sections recovered.
>>>>>>>The outer skin is pushed inward around the  stringers.  If it had been an
>>>>>>>internal bomb, the metal would be almost universally bowed OUTWARD
>>>>>>>away from
>>>>>>>the stringers and ribs.  But they aren't.  In virually every case I have
>>>>>>>seen so far, the sheet metal is not pulled AWAY from the stringers.  They
>>>>>>>may be popped loose but even in those rare cases, the indentations on the
>>>>>>>outer skin make it appear as though the stringers have been pushed inward
>>>>>>>away from the outer sheet metal, not as though the steet metal had been
>>>>>>>pused outward away from the stringers.
>>>>>>
>>>>>>>6)  If a bomb, why so little PETN?  Why isn't it virtually
>>>>>>>everywhere?  Pan
>>>>>>>AM 103 HAD lots of it even though the bomb went off contained in a cargo
>>>>>>>bin.  What would account for so little PETN in this case?
>>>>>>
>>>>>>>A proximity fuze detonation of a missile would touch off the blast
>>>>>>>outside
>>>>>>>the aircraft.  Kinetic energy would still send a large portion of it into
>>>>>>>the aircraft, penetrating it and passing through, but most of the
>>>>>>>explosive
>>>>>>>residue would burn away or dissipate outside of the aircraft.  If
>>>>>>>they can
>>>>>>>find fragments of the 747 underbelly and subject them to tests, I
>>>>>>>strongly
>>>>>>>believe they will find higher concentrations of both PETN residue and
>>>>>>>tungsten fragments embedded in the metal.
>>>>>>
>>>>>>>If this was a bomb, it had to be enormously powerful, skillfully
>>>>>>>planted or
>>>>>>>just unfortunately "lucky."  The entire bottom of the plane around the
>>>>>>>center wing box is said to be missing but, bewteen the passenger
>>>>>>>cabin and
>>>>>>>the outer surface of the bottom of the plane is some of the most robust
>>>>>>>construction known to exist on the 747.  How is it, then,  that that the
>>>>>>>"device" was able to blow off the front of the fuselage, blow away
>>>>>>>at least
>>>>>>>the right side of the fuselage, then make it past the heavy-duty
>>>>>>>wings and
>>>>>>>AC unit to shread the bottom of the plane into fragments so small
>>>>>>>they may
>>>>>>>have to dredge to recover them?
>>>>>>
>>>>>>>It seems that only a missile could rip away the bottom exterior upon
>>>>>>>contact
>>>>>>>to blast away the AC unit lying right above that area.  As the hot
>>>>>>>remains
>>>>>>>of the missile body continue into the aircraft, they could tear open the
>>>>>>>center fuel tanks and, with the compression of air and kinetic
>>>>>>>energy, blow
>>>>>>>out the right side and cause separation of the forward fuselage.  The
>>>>>>>thousands of tungsten fragments and the armor-piercing capability of
>>>>>>>the RBS
>>>>>>>70 would surely be capable of such incredible damage.  It has destroyed
>>>>>>>light armored vehicles when fired in the air-to-ground mode, so it
>>>>>>>shouldn't
>>>>>>>be hard to imagine it doing severe damage to the thin skin of a
>>>>>>>pressurized
>>>>>>>airliner hull at 13000+ feet.
>>>>>>
>>>>>>>And there are precedents for using SAMs against airliners and civilian
>>>>planes.
>>>>>>
>>>>>>>In the former Soviet Republic of Georgia, airliners were being used
>>>>>>>to ferry
>>>>>>>out refugees and to bring in weapons and supplies during the civil
>>>>>>>war with
>>>>>>>Abkhazian separatists.  SAM gunners, in boats out on the Black Sea, are
>>>>>>>known to have shot down at LEAST two airliners as they approached
>>>>>>>and took
>>>>>>>off from Sukhumi, Georgia.
>>>>>>
>>>>>>>In April, 1995, a Falcon executive jet carrying the president of
>>>>>>>Rwanda was
>>>>>>>on final approach to Kigali airfield in the capital city of Rwanda
>>>>>>>when it
>>>>>>>was shot down by a shoulder-fired SAM (RBS 70 is NOT shoulder-fired
>>>>>>>but is a
>>>>>>>MANPAD, or man-portable system mounted on a pedestal mount).
>>>>>>
>>>>>>>It has happened before, it may have happened with TWA 800.  Now, what
>>>>>>>measures do we take to make sure it doesn't happen again?
>>>>>>
>>>>>>
>>>>>>>Ron Lewis
>>>>>>>CHIEF MILITARY & AVIATION ANALYST
>>>>>>>THE INTELLIGYST GROUP
>>>>>>
>>>>>>
>>>>>>
>>>>>>>--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENT
>>>>>>>ON***
>>>>>>>Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
>>>>>>>Please, report inappropriate use to                abuse at anon.penet.fi
>>>>>>>For information (incl. non-anon reply) write to    help at anon.penet.fi
>>>>>>>If you have any problems, address them to          admin at anon.penet.fi
>>>>>>
>>>>>>Dr Pepper
>>>>>>10 - 2 - 4
>>>>>
>>>>>
>>>>>Uh, oh!
>>>>>Joop Teernstra
>>>>>http://serve.com/terastra
>>>>>If you want to make up your mind about an argument, see who attacks the
>>>>>person, rather than the matter at hand.
>>>>>
>>>>>
>>>>>* CEBU-L DISCUSSION LIST * Comments/Complaints, write:
>>>>>ADMIN at CEBU.USC.EDU.PH
>>>>>To unsubscribe, write: LISTSERV at CEBU.USC.EDU.PH w/ body text: SIGNOFF
>>>>>CEBU-L
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>
>>
>
>
>






From joelm at eskimo.com  Sat Aug 31 11:32:55 1996
From: joelm at eskimo.com (Joel McNamara)
Date: Sun, 1 Sep 1996 02:32:55 +0800
Subject: Moscowchannel.com hack
Message-ID: <3.0b11.32.19960831074406.0067aee0@mail.eskimo.com>


Not really crypto, but related to the DOJ hack in a way.

Moscow Channel is a pretty slick, Russian news/commentary page.  Their Web
site was hacked and altered by someone who didn't seem to like Russians all
that well.  See:

http://www.moscowchannel.com/

While not as elaborate as the DOJ hack, it's interesting that Web page
vandalism is starting to turn into a unique form of protest and social
commentary.

As Web sites with security holes increase, my guess is vandalism will
increase incrementally.  Both in terms of random graffiti, and targeted attacks.

Just a matter of time before some builds a dedicated Satan type tool that
scans for  HTTP server holes or messed up file permissions to make locating
potential victims easy.






From qut at netcom.com  Sat Aug 31 12:00:20 1996
From: qut at netcom.com (Dave Harman OBC)
Date: Sun, 1 Sep 1996 03:00:20 +0800
Subject: Code Review Guidelines (draft)
In-Reply-To: <199608300700.AAA09287@toad.com>
Message-ID: <199608311517.IAA02622@netcom21.netcom.com>


! At 09:58 AM 8/29/96 -0500, Igor wrote:
! >The decision that have just made is not a technical decision, it is 
! >a business decision. You just decided that the needs of security 
! >outweight the need to be able to deal with 100% of potential customers.
! 
! I strongly agree.  You've also potentially annoyed a bunch of Europeans,
! Unicode-speakers, and other users of non-ASCII alphabets.
! Just because the domain name in somebody's address is case-insensitive 
! (and culturally-insensitive :-) ASCII, that doesn't mean their user
! name will be also, especially if their _real_ mail system is some
! ugly proprietary thing like Microso-Cc:PR0FS-HS.400 or if their
! name is Swedish or Chinese.

Agreed, the DNS and other systems should be upgraded to 8bit.
Unix should also allow / in file names, it can be escaped somehow.





From dlv at bwalk.dm.com  Sat Aug 31 12:03:23 1996
From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Sun, 1 Sep 1996 03:03:23 +0800
Subject: Dr. Vulis is a test, right? [was RE: Desubscribe]
In-Reply-To: <2.2.32.19960830224855.00355560@labg30>
Message-ID: <6DBJTD35w165w@bwalk.dm.com>


John Deters <jad at dsddhc.com> writes:
> I can't believe it any more.

That's because you're a pathological liar and have no credibility.

<non-crypto-relevant lies and personal attacks, displaying the idiot's
ignorance of SMTP, KKK, Dr. Serdar Argic, et al deleted without reading>
> John (soon-to-be-spit-upon,no-doubt) Deters.

You're not worthy of our spittle, fuckhead.

---

Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From ichudov at algebra.com  Sat Aug 31 12:14:03 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Sun, 1 Sep 1996 03:14:03 +0800
Subject: Moscowchannel.com hack
In-Reply-To: <3.0b11.32.19960831074406.0067aee0@mail.eskimo.com>
Message-ID: <199608311714.MAA19352@manifold.algebra.com>


Joel McNamara wrote:
> 
> Not really crypto, but related to the DOJ hack in a way.
> 
> Moscow Channel is a pretty slick, Russian news/commentary page.  Their Web
> site was hacked and altered by someone who didn't seem to like Russians all
> that well.  See:
> 
> http://www.moscowchannel.com/
> 
> While not as elaborate as the DOJ hack, it's interesting that Web page
> vandalism is starting to turn into a unique form of protest and social
> commentary.

At least they had more sense of humor than USDoJ and made the
hacked page available from their website. To compensate for lack
of humor at USDOJ, I made their page available at 

http://www.algebra.com/~ichudov 

(follow the links). A tarred archive is available from there for 
downloading.

	- Igor.

P.S. I am very surprised by huge number of hits to my usdoj page. I wonder
where are the links to my page.





From dthorn at gte.net  Sat Aug 31 12:25:30 1996
From: dthorn at gte.net (Dale Thorn)
Date: Sun, 1 Sep 1996 03:25:30 +0800
Subject: Below-bit-level encoding
Message-ID: <322877E4.C79@gte.net>


Does anyone have info or know of a text source on less-than-bit-level 
file preparation?  I presume the crypto techniques would be the usual 
stuff; I'd like to dig into bit deconstruction a little, and a text 
which has a chapter or more devoted to this and other esoteric file 
processing would be helpful.  Note that this is not substitution or 
bit-packing or whatever.  Thanx.






From tcmay at got.net  Sat Aug 31 12:31:41 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 1 Sep 1996 03:31:41 +0800
Subject: DON'T Nuke Singapore Back into the Stone Age
Message-ID: <ae4dc381000210043ce5@[205.199.118.202]>


At 6:35 AM 8/31/96, Arun Mehta wrote:

>There are two sides to this: after all, it is the Singaporeans who finally
>have to sort out this problem with their government, and denying them
>the Usenet platform for discussion would only hinder that process.

The point is to make clear to them that the Usenet and similar Web sites
are global in nature, not subject to censorship without a very high local
cost. If discussions of Lee Kwan Yew's dynasty are considered illegal, then
Singaporans will have to choose not to carry the various newsgroups into
which *I* post such messages!

(This was done by many of us during the Karla Homulka and Teale trial in
Canada a couple of years ago: Canada imposed press restrictions on
discussion of the trial and the grisly evidence...and then was chagrinned
to find that the global Net did not adhere to their notions of what should
and could be discussed. They even seized copies of "Wired" at the border,
very much akin to Singapore's stone age policies.)

>Then again, inappropriate postings are the bane of the Internet: the consensus
>on which the Net functions relies heavily on people not posting
>inappropriately.

This works imperfectly, as all long-time surfers of the Usenet will attest!
And _never_ has it involved determinations of "inappropriate" by
_governments_!

Our point in protesting Singapore's actions (and Germany's, France's,
America's, India's, etc., in other cases) is to technologically subvert
their notions that their politicians can determine what the Net, Web, and
Usenet carry.

To be blunt, if Singapore wants to stop me from discussing the dictator Yew
and his feeble son, they can't. Except by pulling the plugs on forums in
which my posts are carried. I consider this a Good Thing (that politicians
in Country A generally have no power to tell citizen-units in Country B
what they can say and what they can't).

The point of being sometimes "impolite" (*) is to "force their hand."

(* I find it Orwellian that being "polite" is taken to mean not saying
anything controversial. It was impolite for Salman Rushdie to write "The
Satanic Verses," is was impolite for people to mention Karla Homulka in
talk.politics.canada, it was impolite to point out that the prime minister
of India drinks a glass of his own urine every day, it was impolite to
refer to Bill Clinton's dalliances with Paula Jones, and so on. In a free
society, all things are discussable. That various countries want to make
the Net less free is not something we should support, even if it is more
"polite" to accede to the wishes of their dictators, secret policemen,
demagogues, preachers, and henchmen.)

--Tim May


--
[This Bible excerpt awaiting review under the U.S. Communications Decency
Act of 1996]
And then Lot said, "I have some mighty fine young virgin daughters. Why
don't you boys just come on in and fuck them right here in my house - I'll
just watch!"....Later, up in the mountains, the younger daughter said:
"Dad's getting old. I say we should fuck him before he's too old to fuck."
So the two daughters got him drunk and screwed him all that night. Sure
enough, Dad got them pregnant, and had an incestuous bastard son....Onan
really hated the idea of doing his brother's wife and getting her pregnant
while his brother got all the credit, so he pulled out before he
came....Remember, it's not a good idea to have sex with your sister, your
brother, your parents, your pet dog, or the farm animals, unless of course
God tells you to. [excerpts from the Old Testament, Modern Vernacular
Translation, TCM, 1996]







From declan at eff.org  Sat Aug 31 13:10:14 1996
From: declan at eff.org (Declan McCullagh)
Date: Sun, 1 Sep 1996 04:10:14 +0800
Subject: Waging War On Singapore
In-Reply-To: <199608311513.IAA02186@netcom21.netcom.com>
Message-ID: <Pine.SUN.3.91.960831111801.3100A-100000@eff.org>


>From memory, the SBA regs ban anything that is offensive to the public
morals or dignity.  Anything that would undermine public confidence in the
government. Look at: 

  http://www.eff.org/~declan/global/sg

If you do get an account, let me know.  Perhaps I'll join you. 

-Declan


On Sat, 31 Aug 1996, Dave Harman OBC wrote:

> So what is the information that the Singapore dictatorship is trying to 
> ban?  Whatever it is, the Singapore internal networks should be flooded 
> with it.  How to get an internet account in Singapore, preferably 
> anonymous? 
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From declan at eff.org  Sat Aug 31 13:14:06 1996
From: declan at eff.org (Declan McCullagh)
Date: Sun, 1 Sep 1996 04:14:06 +0800
Subject: WashPost report on airline security plan
In-Reply-To: <199608311514.LAA15443@nrk.com>
Message-ID: <Pine.SUN.3.91.960831111947.3100B-100000@eff.org>


The Post front-paged this story and probably would have led with it if it 
weren't for the gas leak at National Airport late last night.

Read the story. It's quite disturbing. The proposal will be released in a 
week, I recall.

-Declan


On Sat, 31 Aug 1996, David Lesher wrote:

> Today's WashPost reports that one plan the new commission
> is studying is a massive Big Brother database of any&everyone
> boarding a plane. ""Suspects"" will then be subjected to
> extra attention.
> 
> -- 
> A host is a host from coast to coast.................wb8foz at nrk.com
> & no one will talk to a host that's close........[v].(301) 56-LINUX
> Unless the host (that isn't close).........................pob 1433
> is busy, hung or dead....................................20915-1433
> 


// declan at eff.org // I do not represent the EFF // declan at well.com //







From qut at netcom.com  Sat Aug 31 13:14:51 1996
From: qut at netcom.com (Dave Harman OBC)
Date: Sun, 1 Sep 1996 04:14:51 +0800
Subject: Code Review Guidelines (draft)
In-Reply-To: <199608311706.MAA19288@manifold.algebra.com>
Message-ID: <199608311831.LAA23860@netcom21.netcom.com>


! Dave Harman OBC wrote:
! > 
! > ! At 09:58 AM 8/29/96 -0500, Igor wrote:
! > ! >The decision that have just made is not a technical decision, it is 
! > ! >a business decision. You just decided that the needs of security 
! > ! >outweight the need to be able to deal with 100% of potential customers.
! > ! 
! > ! I strongly agree.  You've also potentially annoyed a bunch of Europeans,
! > ! Unicode-speakers, and other users of non-ASCII alphabets.
! > ! Just because the domain name in somebody's address is case-insensitive 
! > ! (and culturally-insensitive :-) ASCII, that doesn't mean their user
! > ! name will be also, especially if their _real_ mail system is some
! > ! ugly proprietary thing like Microso-Cc:PR0FS-HS.400 or if their
! > ! name is Swedish or Chinese.
! > 
! > Agreed, the DNS and other systems should be upgraded to 8bit.
! > Unix should also allow / in file names, it can be escaped somehow.
! 
! It is not possible.

Oh, every value can be escaped, there's no reason that the full 8bit 
range cannot be incorporated throughout every operating system.  It's 
just legacy junk which keeps us putting up restrictions in everything 
that we really don't want.  Ditto for network software.





From bf578 at scn.org  Sat Aug 31 13:23:33 1996
From: bf578 at scn.org (SCN User)
Date: Sun, 1 Sep 1996 04:23:33 +0800
Subject: Mailings lists looping
Message-ID: <199608311839.LAA04494@scn.org>



The current issue of the RISKS digest has a couple of submissions about 
this issue (incluing one from Brent Chapman, majordomoman)

It can be found at:
    http://catless.ncl.ac.uk/Risks/18.39.html



--
------------------------------------------
There are no facts, only interpretations.

I always wanted to be somebody, 





From cme at cybercash.com  Sat Aug 31 14:11:36 1996
From: cme at cybercash.com (Carl Ellison)
Date: Sun, 1 Sep 1996 05:11:36 +0800
Subject: gopher://gopher.npr.org...1996/Jul.96/fa.07.31.96
Message-ID: <3.0b11.32.19960831152041.0068b3d8@cybercash.com>


gopher://gopher.npr.org:70/00/NPR_Online/Programs/FreshAir/Fresh_Air_Rundown
s/1996/Jul.96/fa.07.31.96

Washington Post investigative reporter JIM McGEE. He has co-written 
with Brian Duffy the new book "Main Justice: The Men And Women 
Who Enforce The Nation's Criminal Laws And Guard Its Liberties." 
It's published by Simon and Schuster. The book is about the changing 
role of the U.S. Justice Department. As the fears of terrorism increase, 
Congress and the White House are giving the Justice Department 
more investigative powers and a wider jurisdiction which includes
actions in foriegn countries. McGee warns in the book that along with 
the apparent protection this could provide Americans it could also 
erode individual liberties. McGee shared a 1987 Pulitzer Prize for a 
series of stories on the Iran Contra Affair. McGee lives in Virginia. 






From unicorn at schloss.li  Sat Aug 31 14:17:24 1996
From: unicorn at schloss.li (Black Unicorn)
Date: Sun, 1 Sep 1996 05:17:24 +0800
Subject: WashPost report on airline security plan
In-Reply-To: <Pine.SV4.3.91.960831115709.16705A-100000@larry.infi.net>
Message-ID: <Pine.SUN.3.94.960831151506.18155A-100000@polaris>


On Sat, 31 Aug 1996, Alan Horowitz wrote:

> Any one else see the analysis I saw on newsgroup (forget which) which 
> analyzed the pattern of damage to the aircraft, and came to the conclusion 
> that it had to be a proximity-fused missle.

If so it was most likely radar guided.  These tend to be larger, more
restricted, and harder to come by.

The terrorist angle becomes harder to develop in this case.

--
I hate lightning - finger for public key - Vote Monarchist
unicorn at schloss.li






From furballs at netcom.com  Sat Aug 31 14:40:27 1996
From: furballs at netcom.com (Paul S. Penrod)
Date: Sun, 1 Sep 1996 05:40:27 +0800
Subject: WARNING vIRuS!
In-Reply-To: <199608311621.LAA20992@netnet1.netnet.net>
Message-ID: <Pine.3.89.9608311205.A15184-0100000@netcom>



I doubt very seriously that this is anything more than a troll.

First off, the algorythms used to find polymorphics are sophisticated 
enough to detect newly published viruses.

Secondly, DOS/Windows et al. are not much more than boot sector viruses 
themselves. :-) Their structure is well know and there isn't any back 
door available to bang the OS from that hasn't already been exploited.

Real OS's like Unix, OS/2 etc. are also know quantities.

Binary launches are the way they do it, and the way a virus spreads, 
unless you get caught up with autoexecuting Word and Excel macros.

I have yet to see *any* truly data propogating viruses.

None the less, it is always a good idea to keep a scanner handy for 
thoses files that wander in off the Net. You never really know what 
they've been doing and who they've been doing it with. :-)

...Paul

-------------------------------------------------------------------------

"Faced with the choice between changing one's mind and proving that there
 is no need to do so, almost everybody gets busy on the proof"

                                            -- John Kenneth Galbraith

"Success is attending a funeral as a spectator"

                                            -- E. BonAnno 

-------------------------------------------------------------------------

On Sat, 31 Aug 1996, kickboxer wrote:

>         There is a new and VERY dangerous virus called the HAZ-MAT virus!
> it fucks up the sectors on your hd, and really messes up the partition
> tables.  It does this once a week, picking a random time to do it.  99.9% of
> virus scanners and other antivirus programs will not recognize it, for it is
> a totally new strain, using a never before seen code.... Be warned!  The
> HAZ-MAT virus usually resides in JPG, and GIF files... once the files are
> viewed, the virus takes effect.
> scan all images upon download!
>                                                                                
> 
> 





From gbroiles at io.com  Sat Aug 31 14:56:54 1996
From: gbroiles at io.com (Greg Broiles)
Date: Sun, 1 Sep 1996 05:56:54 +0800
Subject: Local Obscenity Regulations
In-Reply-To: <19960831100811343.AAA184@maverick>
Message-ID: <Pine.BSI.3.95.960831140224.4825A-100000@xanadu.io.com>


On Sat, 31 Aug 1996, Sean Sutherland wrote:

> Seems that Oregon has a ballot up for measure which will allow each city 
> and county to decide for itself what obscenity is.

Initiatives like this keep popping up in Oregon (we had another anti-free
speech initiative in '94) because Oregon's state constitution has been 
interpreted to protect speech more broadly than the US constitution. 
It seems like a robust set of constitutional rights makes some people
nervous, and they respond by asking that those rights be curtailed. (cf
the initiative which limited California's constitutional search & seizure
protections to the federal standard. feh. Oregon will probably face such
an initiative soon, because Oregon's constitutional search & seizure
provisions are significantly more protective than the federal standard.) 

But the good (?) news is that the US constitution acts as a "floor" for
rights; the gentle citizens of Oregon can't restrict their own free speech
rights below the federal standard, no matter how frustrating that is to
Ayatollah Mannix and his ilk. (The notion of "community standards" is
already part of federal free speech jurisprudence; but "community" is not
necessarily coterminous with city or county boundaries.) 

But all of my books are in boxes and I'll be a California resident again 
in ~24 hours. Goodbye, Oregon lunacy. Hello, California lunacy. :)






From declan at well.com  Sat Aug 31 15:04:56 1996
From: declan at well.com (Declan McCullagh)
Date: Sun, 1 Sep 1996 06:04:56 +0800
Subject: Los Angeles Times article on Helsingius and anon.penet.fi
Message-ID: <Pine.3.89.9608311202.A7161-0100000@well.com>


The attached article was reposted to fight-censorship with the permission
of the Los Angeles Times, which ran it on the front page today. 

It's a good story. Compare it to the Reuters dispatch, which yowled about 
child porn but didn't even mention threats from the Church of Scientology:

 >Finn To Close Net Remailer After Child Porn Claim
 >
 >HELSINKI - A Finnish Internet specialist said today he's closing his
 >remailer, or anonymous forwarding system, after rejecting allegations 
 >it was being used as a conduit for child pornography.  [...]

Note Esther Dyson's comments:

         "The damage that can be done by anonymity is far bigger" than in
   any other medium, said Esther Dyson, chairwoman of the Electronic
   Frontier Foundation. "In the end, you need to be able to get at
   somebody's identity to enforce accountability, and the question is how
   do you also enforce freedom of speech and freedom from prosecution for
   unpopular opinions."

Also, on the "Mick Williams Cyberline" radio show I was on this 
afternoon, we heard an unconfirmed report that Helsingius is suing the 
Observer, but I haven't seen it on the wires yet...

-Declan

---

Los Angeles Times
Saturday, August 31, 1996

Internet Figure Pulls Plug   (- 0p9)
on His Anonymity Service   (- 0p6)
 
By AMY HARMON 
TIMES STAFF WRITER Byline ends here.

        Johan Helsingius, an Internet icon who for 3 1/2 years has
   championed anonymous communication over the global computer network by
   running a service that makes it possible, pulled the plug Friday on
   the machine known as anon.penet.fi.
         Civil liberties advocates said the move, prompted by a Finnish
   court decision that the anonymity of the service could be breached by
   court order, raised serious concerns about the future of anonymous
   speech on the rapidly growing network.
         A strong privacy ethic has prevailed on the Internet since its
   early days as a tool for academics and the military. The network was
   largely self-policed, and anonymous services--including
   Helsingius'--explained to users that they were not to be used for
   criminal activity, otherwise they would get shut down.
        
         But the recent explosion of electronic commerce and community
   has raised the stakes. Law enforcement agencies, as well as
   anti-pornography advocates and many others, maintain that total
   anonymity provides too much shelter for a variety of criminal
   activities.
         Based in Helsinki, the Finnish capital, Helsingius' service was
   the biggest of its kind in the world, with more than half a million
   users and with 7,500 messages passing through it each day.
         Frequent users included suicide counseling groups, human rights
   organizations and "anyone who wanted to discuss anything without their
   neighbors and employers looking on," Helsingius said.
         The amorphous structure of the Internet, which ignores
   international boundaries, means that users throughout the world will
   be affected by the shutdown. They will be offered the option of
   revealing their true identities or finding another service--there are
   about 40 others worldwide.
         The idea of an anonymous remailer is to protect the
   confidentiality of its users' identities. When a piece of e-mail was
   sent to anon.penet.fi, its identifying information was stripped off
   and a code number was substituted. The message was then forwarded to
   the individual, mailing list or discussion group for which it was
   intended.
         The only link between the real and assumed identity resided on
   the computer in Helsingius' home.
         More sophisticated remailers use encryption software to create a
   new identity and route messages through a string of several computers
   around the world, never recording the transactions. That way no
   individual operator has a record of the original sender.
         But Helsingius' service was notable because it allowed others to
   respond directly to the sender via the pseudonym on anon.penet. It
   also did not require any special software programs--and it was free.
         *
         In a telephone interview Friday from Helsinki, the 35-year-old
   Finn--known by his e-mail handle, Julf--said he was discouraged by the
   court's interpretation of the communication privacy laws in a case
   that involved a petition from the Church of Scientology, which wants
   Helsingius to reveal the identity of an individual who is alleged to
   have posted its copyrighted material on the Internet through
   Helsingius' remailer.
         "The court made it quite clear that the privacy of electronic
   mail isn't covered in Finland anymore," Helsingius said. "I would be
   running to the courtroom all the time because the suspicion of a
   crime, however minor, would be enough grounds to get a court decision
   to have the sender revealed. What's the point?"
         The Scientologists' petition underlines the heightened
   threat--and potential benefit--of anonymity on the Internet. While
   anonymity is possible via traditional mail or over the telephone, the
   Internet provides far greater reach for far less cost than any other
   medium, and it is technically much harder to eavesdrop upon.
         Helsingius, who has run the remailer in his spare time, has for
   three years been fending off requests from law enforcement authorities
   to discover the identity of his users. He was forced last February to
   provide Finnish authorities with the name of a user who was alleged to
   have broken into the church's computer to steal copyrighted
   information.
         The legal protection for digital anonymity has not yet been
   tested in U.S. courts, but Internet legal experts expect that it will
   be soon. The American Civil Liberties Union of Georgia is currently
   seeking to restrict the application of the new Georgia Computer
   Systems Protection Act, which broadly prohibits the use of pseudonyms
   on the Internet.
         The issue of how to deal with anonymity is a crucial one for
   those trying to establish the medium as a place to work, play and live
   in the coming decades.
         Internet-spawned activists such as the Cypherpunks argue that
   the system will collapse without a guarantee of secure and private
   communication. And advances in cryptography have made that, for the
   most part, technologically possible.
         But other Internet enthusiasts disagree.
         *
         "The damage that can be done by anonymity is far bigger" than in
   any other medium, said Esther Dyson, chairwoman of the Electronic
   Frontier Foundation. "In the end, you need to be able to get at
   somebody's identity to enforce accountability, and the question is how
   do you also enforce freedom of speech and freedom from prosecution for
   unpopular opinions."
         Anonymous services have in fact been used for
   "mail-bombing"--crashing computer systems by overloading them with
   e-mail--and for obscene postings to discussion groups that are
   tantamount to broadcasting obscene phone calls.
         Anti-pornography advocates have also begun to target anonymous
   Internet services, which they blame for enabling the easy distribution
   of illicit material over the network.
         Last week, in a front-page headline, the London weekly newspaper
   the Observer called Helsingius "the Internet middleman who handles 90%
   of all child pornography."
         Helsingius says the sensational article had nothing to do with
   his decision, but he is clearly tired of the situation. Most anonymous
   remailers, included anon.penet.fi, he says, filter out the
   transmission of large image files that are likely to contain
   pornographic pictures.
         "I have personally been a target because of the remailer for
   three years. Unjustified accusations affect both my job and my private
   life," he said.
         After setting up his server so that it can be used on a limited
   basis by certain nonprofit groups, Helsingius plans to set up a task
   force to discuss the practical problems related to ethical and civil
   rights issues on the Internet.
         Meanwhile, many Internet denizens mourned the passing of
   anon.penet on Friday and hailed Helsingius as a "net.hero."
         "This is a sad day in the history of the Net," wrote Declan
   McCullagh, who runs a widely distributed electronic mailing list
   called "fight-censorship." "Hundreds of thousands of people had
   accounts on Julf's pseudonmyous server and many netizens relied on it
   daily to preserve their privacy online."
         "[Helsingius] has done a lot of good work. He's been attacked on
   all sides, and he's hung in there," said Sameer Parekh, founder of
   Community Connexion in Berkeley, which hopes to build a business out
   of providing anonymous remailer services.
         "It's too bad that he had to shut down. But we believe there's a
   demand for anonymity, and use of these systems is only going to
   increase."
   
        BACKGROUND
         Anonymous remailers make it possible to send messages over the
   global Internet computer network without revealing who or where they
   come from. Anyone with an Internet account can contact a remailer
   service and register for an account. Then, when sending electronic
   mail or posting messages to an electronic discussion group, the
   subscriber addresses it to the remailer as well as to the final
   destination. The message travels to the remailer computer, which
   automatically strips off the originating name and address and forwards
   it to the final destination. Some remailers also allow the recipient
   of an anonymous message to respond anonymously, so that the entire
   exchange is "double-blind."
        
   Copyright 1996, Los Angeles Times

###







From ichudov at algebra.com  Sat Aug 31 15:52:02 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Sun, 1 Sep 1996 06:52:02 +0800
Subject: Code Review Guidelines (draft)
In-Reply-To: <199608311831.LAA23860@netcom21.netcom.com>
Message-ID: <199608312040.PAA20696@manifold.algebra.com>


Dave Harman OBC wrote:
> ! > Agreed, the DNS and other systems should be upgraded to 8bit.
> ! > Unix should also allow / in file names, it can be escaped somehow.
> ! 
> ! It is not possible.
> 
> Oh, every value can be escaped, there's no reason that the full 8bit 
> range cannot be incorporated throughout every operating system.  It's 
> just legacy junk which keeps us putting up restrictions in everything 
> that we really don't want.  Ditto for network software.
> 

It is not possible because all old programs will be broken.

It is also not possible because non-ascii characters have different
meanings in different languages. I mean, words 

�������� ����� �,
�������� ��� ���.
�� ��� ��� ��� ���, 
����� � ���� �� ���?

have meaning only to Russian speakers. A German or a Japanese would
never be able to remember a hostname like 
��������.��������.�������.������,
because in _their_ representation of these characters this text is a 
complete gibberish.

	- Igor.






From exl at castles.com  Sat Aug 31 15:56:35 1996
From: exl at castles.com (James Erickson)
Date: Sun, 1 Sep 1996 06:56:35 +0800
Subject: DON'T Nuke Singapore Back into the Stone Age
Message-ID: <9608312104.AA11740@castles.com>


how do i get off this list?





From exl at castles.com  Sat Aug 31 16:00:14 1996
From: exl at castles.com (James Erickson)
Date: Sun, 1 Sep 1996 07:00:14 +0800
Subject: No Subject
Message-ID: <9608312106.AA11807@castles.com>


list





From exl at castles.com  Sat Aug 31 16:02:32 1996
From: exl at castles.com (James Erickson)
Date: Sun, 1 Sep 1996 07:02:32 +0800
Subject: Below-bit-level encoding
Message-ID: <9608312103.AA11724@castles.com>


how the hell do i get of this list?





From snow at smoke.suba.com  Sat Aug 31 16:08:28 1996
From: snow at smoke.suba.com (snow)
Date: Sun, 1 Sep 1996 07:08:28 +0800
Subject: Moscowchannel.com hack
In-Reply-To: <3.0b11.32.19960831074406.0067aee0@mail.eskimo.com>
Message-ID: <Pine.LNX.3.93.960831151026.1002B-100000@smoke.suba.com>


On Sat, 31 Aug 1996, Joel McNamara wrote:

> Not really crypto, but related to the DOJ hack in a way.
> 
> Moscow Channel is a pretty slick, Russian news/commentary page.  Their Web
> site was hacked and altered by someone who didn't seem to like Russians all
> Just a matter of time before some builds a dedicated Satan type tool that
> scans for  HTTP server holes or messed up file permissions to make locating
> potential victims easy.


Write your web site to a CD-ROM and hard-code the base directory into the
webserver.


Petro, Christopher C.
petro at suba.com <prefered for any non-list stuff>
snow at smoke.suba.com






From attila at primenet.com  Sat Aug 31 16:29:25 1996
From: attila at primenet.com (attila)
Date: Sun, 1 Sep 1996 07:29:25 +0800
Subject: FC: The end of an era: anon.penet.fi shutdown, Stockholm conf
Message-ID: <199608312127.PAA16191@InfoWest.COM>


Addressed to: Declan McCullagh <declan at eff.org>
              Cypherpunks <cypherpunks at toad.com>

= The shutdown of anon.penet.fi marks an end of an era -- and perhaps it was 
= inevitable.  [--snip--]
= But the closure isn't a permanent loss to the Net. The concept behind 
= deploying anonymous remailers is that [--snip--]
= ...they're temporary and expendable -- if one government attacks a 
= remailer, another appears in another jurisdiction. [--snip--] it was
= time for Helsingus' remailer to go offline. It had served its purpose.  
= 

    Declan:

        I think you are missing the most import service that 
    Johan Helsingius provided:  a means of anonymous corres-
    pondence with services for victims of child abuse, domestic
    violence, alcholism, etc.  *** people who needed to reach
    out to someone ***

        I fully subscribe to the Cypherpunk remailers, particu-
    lary MixMaster and Middleman, but they do not serve this
    purpose.  

        However, maybe as part of social responsibility, we 
    should provide one or more remailers with databases --and 
    EXCLUDE addressing except to the help lines.  and, of 
    course, make it easy enough for the victims to request 
    additional addresses.

        yes, it may take a little effort to upgrade the target
    addresses, etc. but it should be done.

        noone knows what the courts will rule on any matter of
    privacy with Bubba at the helm, but correspondence to 
    shelters and the like has been adjudicated off-limits to 
    FOI, etc.

        I will speak to several ISPs, and if one of them will 
    permit me to accept the "responsibility,"   I will initiate
    one. I have no problem defending it legally.

        attila
          


--
Now, with a black jack mule you wish to harness, you walk up,
look him in the eye, and hit him with a 2X4 over the left eye.  
If he blinks, hit him over the right eye! He'll cooperate 
    --so will politicians.






From youssefy at ucla.edu  Sat Aug 31 16:30:36 1996
From: youssefy at ucla.edu (youssefy at ucla.edu)
Date: Sun, 1 Sep 1996 07:30:36 +0800
Subject: Cypherpunks Lite
Message-ID: <2.2.32.19960831214553.006cf514@pop.ben2.ucla.edu>


There was a posting by someone about three weeks ago that gave the address
for a person who ran a filtered version of the cypherpunks list, can someone
please repost that information?






From frogfarm at yakko.cs.wmich.edu  Sat Aug 31 16:43:52 1996
From: frogfarm at yakko.cs.wmich.edu (Damaged Justice)
Date: Sun, 1 Sep 1996 07:43:52 +0800
Subject: SNAKEOIL? Top Secret for Windows
Message-ID: <199608312153.RAA16444@yakko.cs.wmich.edu>


>From: sk510019 at mail.idt.net (Siva Krishna)
Newsgroups: comp.archives.ms-windows.announce
Subject: tsecret.zip - TOPSECRET!: Easily encrypts any file.
Message-ID: <9608312039.cg4898 at Simtel.Net>
Date: Sat, 31 Aug 1996 20:39:29 GMT

I have uploaded to Simtel.Net:

http://www.simtel.net/pub/simtelnet/win3/security/tsecret.zip
ftp://ftp.simtel.net/pub/simtelnet/win3/security/tsecret.zip     12070 bytes

tsecret.zip     TOPSECRET!: Easily encrypts any file

TOPSECRET is a program to encrypt your sensitive files.  This program
does not use the RSA standard (which is restricted for export).  This
program uses the aid of a "Catalyst" file (which can be any file) to
encrypt another file (any file).  The Catalyst acts as a key to code and
decode your sensitive files.  Of course you can even make your own
catalyst by encrypting one file with another.  A periodically changing
Catalyst can be made by combining 1-Registered mail file 2-Courier file
3-Last message file; This would ensure high security for the transmission
of your sensitive files.I am sure you will come up with your own methods.

Shareware.  Uploaded by the author.

Siva Krishna
sk510019 at mail.idt.net

-- 
http://yakko.cs.wmich.edu/~frogfarm ...for the best in unapproved information
 EmmaGoldmanCamillePagliaMarieCurieAynRandSapphoDianaToriAmosPJHarvey&Demona
        All generalizations are false, with the exception of this one
 I feel a groove comin' on |            $           | Freedom...yeah, right.






From loki at infonex.com  Sat Aug 31 16:44:02 1996
From: loki at infonex.com (Lance Cottrell)
Date: Sun, 1 Sep 1996 07:44:02 +0800
Subject: Los Angeles Times article on Helsingius and anon.penet.fi
Message-ID: <ae4e63ca01021004ac2b@[206.170.115.3]>


At 12:45 PM 8/31/96, Declan McCullagh wrote:
<SNIP>
>Note Esther Dyson's comments:
>
>         "The damage that can be done by anonymity is far bigger" than in
>   any other medium, said Esther Dyson, chairwoman of the Electronic
>   Frontier Foundation. "In the end, you need to be able to get at
>   somebody's identity to enforce accountability, and the question is how
>   do you also enforce freedom of speech and freedom from prosecution for
>   unpopular opinions."
>
<SNIP>

Is this the official EFF position on remailers? This strong anti-remailer
position needs to be retracted or widely publicized.

        -Lance


----------------------------------------------------------
Lance Cottrell   loki at obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://www.obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------







From jya at pipeline.com  Sat Aug 31 16:52:31 1996
From: jya at pipeline.com (John Young)
Date: Sun, 1 Sep 1996 07:52:31 +0800
Subject: BOM_ban
Message-ID: <199608312202.WAA19609@pipe5.t2.usa.pipeline.com>


Thanks to DL for noting this report. 
 
 
   8-31-96. WaPo: 
 
   "New Airport Bomb Plan Considered. Computer Profiles, 
   High-Tech Detectors Central to System" 
 
      A presidential commission on aviation security is 
      considering a bomb detection plan that would require 
      U.S. airlines to scrutinize all passengers at U.S. 
      airports using massive computer files to identify 
      potential terrorists or other suspicious individuals. 
 
      The plan would require creation of a computer profiling 
      system that would examine passengers' bill-paying 
      records, flying habits and much other data to determine 
      which checked baggage should undergo examination by 
      sophisticated explosives detection equipment. 
 
      Numerous legal issues still need to be resolved, 
      including thorny civil liberties questions such as 
      whether the airlines would be given access to 
      information from government computer systems like those 
      containing criminal records. 
 
      Would the airlines store information on individuals? 
      Would they go out and seek information from credit 
      bureaus and other private sources? 
 
   ----- 
 
   http://jya.com/bomban.txt  (10 kb) via anonymizer 
 
   BOM_ban 
 
 
 
 
 
 
 





From patrickbc at juno.com  Sat Aug 31 17:05:13 1996
From: patrickbc at juno.com (patrick b cummings)
Date: Sun, 1 Sep 1996 08:05:13 +0800
Subject: Sen. Leahy's "impeccable cyberspace credentials"
In-Reply-To: <199608270304.UAA07482@mail.pacifier.com>
Message-ID: <19960830.170609.9758.0.patrickbc@juno.com>


jimbell,
I agree with what you are saying but not all polititions are that bad. 
You make it sound as if their are no politisions are for freedom of the
net.





From tcmay at got.net  Sat Aug 31 17:17:33 1996
From: tcmay at got.net (Timothy C. May)
Date: Sun, 1 Sep 1996 08:17:33 +0800
Subject: "Security risks" vs. "credit risks"
Message-ID: <ae4e076b0102100432c4@[207.167.93.63]>



The news that airports/airlines (more on this difference in a bit) may be
establishing a data base of security risks sounds Big Brotherish.

But, how is it so much different from credit risks and credit reporting
data bases? If, for example, private airlines (and the U.S. has only
private airlines, not any "public" or "national" airline) wish to check the
data bases on their customers, is this not quite similar to checking credit
risks and ratings before lending money?

There is great danger, to be sure, especially if one's writings and public
utterances become entries into a "threat data base." But I see nothing
unsurprising in, say, American Airlines expressing more interest in Jim
Bell or Tim May, both of whom have written publically about terrorism and
"soft targets," and both of whom have written about how to make pipe bombs,
than in Marianne Smith, retired school teacher from Peoria.

And there is even more danger--even unconstitutionality--in *government
involvement* in such data bases. It's unclear from what I've seen if this
data base is to be run like the private credit ratings agencies or if it is
to have inputs from the FBI, NSA, Interpol, SDECE, etc.

Remember, private airlines are just that: private. Surely we do not support
laws which limit a private airline from using data it has acquired to
decide whom to pay closer attention to. This is the essence of what
knowledge is.

(So long as none of this is mandatory. If Tim's Pretty Good Airline wishes
to not bother screening customers, this should not be illegal. Nor, to my
mind, should TPGA be exposed to negligence lawsuits, so long as his
policies are clearly spelled out.)

I find the notion that one's speeches and Usenet utterances could "harm
one's security rating" a distasteful idea, but so long as such security
ratings are handled by private players, and used by private players, I see
no illegality.

(Of course, the major credit reporting agencies--TRW Credit, Equifax, and
TransUnion--already collude with the government. They collude to falsify
credit ratings, to create identies and histories that never existed when
they say they did, and to provide government with data bases for various
purposes. Obviously a "TRW Security" function would be at least as corrupt,
maybe more so.)

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









From patrickbc at juno.com  Sat Aug 31 17:50:18 1996
From: patrickbc at juno.com (patrick b cummings)
Date: Sun, 1 Sep 1996 08:50:18 +0800
Subject: No Subject
Message-ID: <19960830.174816.9758.3.patrickbc@juno.com>


I am planning to make a list of hacker's of america and would appreciate
it for your help.  please send me your 
    handle
    e-mail address
    city, state
    (optional) your mailing address 
    and url
    whether or not you would like to recieve hackers list
    type of hacking you do
Thank You for your cooperation





From patrickbc at juno.com  Sat Aug 31 17:58:28 1996
From: patrickbc at juno.com (patrick b cummings)
Date: Sun, 1 Sep 1996 08:58:28 +0800
Subject: "Douglas R. Floyd" <dfloyd@io.com>: Re: File System Encryption
Message-ID: <19960830.175522.9758.4.patrickbc@juno.com>


--------- Begin forwarded message ----------
From: "Douglas R. Floyd" <dfloyd at io.com>
To: drifter at c2.net (Drifter)
Cc: cypherpunks at toad.com
Subject: Re: File System Encryption
Date: Tue, 27 Aug 1996 09:01:03 -0500 (CDT)
Message-ID: <199608271401.JAA04116 at xanadu.io.com>

> 
> I'm aware of the three main disk encryption programs SFS, SECDRV, and
> SECDEV, but I need to find a solution that works with Windows 95 32bit
> or Windows NT 4.0.
> 
> I'm currently using SFS 1.17 and Secure Drive under Win-95, but am
> unable to continue to work in dos compatability mode due to severe
> performance hits.  I am open to commercial products that have passed
> peer review, but know of none.
> 
> If anyone could suggest a solution (outside of switching OS's), I
> would be *most* gratefull.
> 
> Please respond to the list, as I am a subscriber under another
> account.

If you have another 386 or 486 lying around, you could install Linux and
Ian's encrypted loopback code on a remote box, then NFS or Samba the
filesystem over.  For protection, you could modify the vlock command to
lock the console (and not unlock it), and disable inetd.  Then, unless
someone has the permissions to access the files through the network, the
files are inaccessable ;-).

> 
> The Drifter
> 


--------- End forwarded message ----------
You could find some programers on the net and make a new one that is
windows 95 compatible.





From lucas at wasteland.org  Sat Aug 31 18:30:49 1996
From: lucas at wasteland.org (Synthesizer Punk)
Date: Sun, 1 Sep 1996 09:30:49 +0800
Subject: your mail
In-Reply-To: <19960830.174816.9758.3.patrickbc@juno.com>
Message-ID: <Pine.LNX.3.95.960901192944.6602A-100000@wrath.netline.net>


On Sat, 31 Aug 1996, patrick b cummings wrote:

:I am planning to make a list of hacker's of america and would appreciate
:it for your help.  please send me your 
:    handle
:    e-mail address
:    city, state
:    (optional) your mailing address 
:    and url
:    whether or not you would like to recieve hackers list
:    type of hacking you do
:Thank You for your cooperation
:
:
:
	May I ask, ill fatedly, WHY you're doing this?
	What goals you wish to accomplish by doing this?
	How many friends will you make?
	Will you go to Disney World when done?

	sigh

                      __  .__https://aleph.tessier.com__   lucas at wasteland.org
  _________.__. _____/  |_|  |__ ______  __ __  ____ |  | __   If privay is 
 /  ___<   |  |/    \   __\  |  \\____ \|  |  \/    \|  |/ /  outlawed, only
 \___ \ \___  |   |  \  | |   Y  \  |_> >  |  /   |  \    <    outlaws will
/____  >/ ____|___|  /__| |___|  /   __/|____/|___|  /__|_ >   have privacy.
     \/ \/ sXe sXe \/          \/|__| figlet       \/just Another P.C. Fascist
           Tessier/Ashpool_-//-..()_=+www(ashpool/tessier).com.-+|\







From stewarts at ix.netcom.com  Sat Aug 31 18:33:59 1996
From: stewarts at ix.netcom.com (stewarts at ix.netcom.com)
Date: Sun, 1 Sep 1996 09:33:59 +0800
Subject: DON'T Nuke Singapore Back into the Stone Age
Message-ID: <199608312341.QAA09753@toad.com>


At 10:35 AM 8/31/96 -0700, tcmay at got.net (Timothy C. May) wrote:
>The point is to make clear to them that the Usenet and similar Web sites
>are global in nature, not subject to censorship without a very high local
>cost. If discussions of Lee Kwan Yew's dynasty are considered illegal, then
>Singaporans will have to choose not to carry the various newsgroups into
>which *I* post such messages! 
[.....]
>To be blunt, if Singapore wants to stop me from discussing the dictator Yew
>and his feeble son, they can't.  Except by pulling the plugs on forums in
>which my posts are carried. 

Or they'll have to implement per-article filtering, whether done by
bots (easy to evade) or by humans (normally much harder.)
It's easy to have bots get rid of all postings/email/web mentioning
Tim May or Klaus von Future Prime, though tougher to do so if
you start posting anti-government-slander from your various Tentacles.

And they don't have to use humans to filter the whole web - 
have bots identify any material containing the words "Singapore" or "Yew"
and forward it to the humans, though that makes web proxies a bit slow :-)

Reuters reports:
R>Contents deemed objectionable include those ``which tend to  
R>bring the government into hatred or contempt, or which excite 
R>disaffection against the government,'' an SBA statement said

Disaffection?  Everybody loves Lee Kwan Yew (or else) -
he's like a Big Brother to us!


#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!






From torment at goodnet.com  Sat Aug 31 18:41:52 1996
From: torment at goodnet.com (pomp pood thai)
Date: Sun, 1 Sep 1996 09:41:52 +0800
Subject: Got to be kidding right?
Message-ID: <Pine.SOL.3.91.960831165106.28166A@goodguy>



At 06:54 PM 8/31/96 EDT, patrick b cummings wrote:
>I am planning to make a list of hacker's of america and would appreciate
>it for your help.  please send me your 
>    handle
>    e-mail address
>    city, state
>    (optional) your mailing address 
>    and url
>    whether or not you would like to recieve hackers list
>    type of hacking you do
>Thank You for your cooperation

                               $   $
      See ya soon...              $$     $$
                                 $$       $$          |
                           $    $$$oo    oo$$         X
                           $    X^^'$$$$$$^^'$      | X |
                        $ $$$ $ XXX^^^$$^^^$$$      X X X
                        ``$$$'' XX^^^'$$'^^^$$      X%X%X
                          $$$$o  XXo      o$$       o X
                           $$$$$$ $$$    $$$  oOo o$$$$^
                            `$$$$$$ $$oo$$ o$$$$$$$'^$$^
                             $$$$$$$ $$$$ $$$$$$$^    X
                               $$$$$$ $$ $$$$$ ^      X
                                $$$$$$oo$$$$          X
                                $$$$$$$$$$^           X
                              o$$$$$$$$$$^            X
                            o$$$$$$$$$^^              X
                           ^$$$$$$$^                  X
                             $$$$$$o                  |
                              ``$$$4$$
                                 ``$$$
                                    $               
Tormentia






From qut at netcom.com  Sat Aug 31 18:52:18 1996
From: qut at netcom.com (Dave Harman OBC)
Date: Sun, 1 Sep 1996 09:52:18 +0800
Subject: Below-bit-level encoding
In-Reply-To: <9608312103.AA11724@castles.com>
Message-ID: <199609010005.RAA04542@netcom5.netcom.com>


! how the hell do i get off this list?

We won't let you go until you contribute as much hacking tips as you've 
learned.  Sorry, buddy.

Perhaps you can start by giving us some bit programming techniques.





From joelm at eskimo.com  Sat Aug 31 18:59:27 1996
From: joelm at eskimo.com (Joel McNamara)
Date: Sun, 1 Sep 1996 09:59:27 +0800
Subject: Mail OnNet
Message-ID: <199609010014.RAA03254@mail.eskimo.com>


In my never-ending search for the perfect PGP e-mail client, I just stumbled on to a beta of a product put out by FTP Software called Mail OnNet.  Unlike the Pronto Secure and Pegasus, this client actually has PGP code (licensed from PGP Inc.) built directly in.  No shelling out to DOS!

Very nice interface and almost complete idiot-proof encrypting/decrypting/signing.  Extremely powerful rules based processing too.

Check out:

http://www.ftp.com/mkt_info/onnet32/try.htm

IMHO, this is getting very close to transparent secure e-mail for the masses.

Joel

Two notes.  (1) It only runs under Win95 and NT.  (2) It's ITAR restricted.






From patrickbc at juno.com  Sat Aug 31 19:01:30 1996
From: patrickbc at juno.com (patrick b cummings)
Date: Sun, 1 Sep 1996 10:01:30 +0800
Subject: wardialer
Message-ID: <19960830.190333.9758.7.patrickbc@juno.com>


Does any body know where I can get a half decent war dialer.





From mikedoug at texas.net  Sat Aug 31 19:38:24 1996
From: mikedoug at texas.net (Michael Douglass)
Date: Sun, 1 Sep 1996 10:38:24 +0800
Subject: BoS: Got to be kidding right?
In-Reply-To: <Pine.SOL.3.91.960831165106.28166A@goodguy>
Message-ID: <Pine.GSO.3.94.960831193721.19264C-100000@staff1.texas.net>


On Sat, 31 Aug 1996, pomp pood thai wrote:

People, I don't particularily agree with this posting, and I already emailed
the original poster with my thoughts on that subject.  Now, before you reply
to this post, please read the charter. BoS is supposed to be the *BEST* of
security, not the *LONG-DRAWN-OUT-DISCUSSION-OF-SECURITY-ISSUES*.  I
understood that I when I subscribe and I have tried to limit any posting
to strictly security issues, and only those important and not ones starting
threads of conversation.  Read the charter!  (Who's in charge of this
group anyways??  Hope I'm not stepping on toes!)

> At 06:54 PM 8/31/96 EDT, patrick b cummings wrote:
> >I am planning to make a list of hacker's of america and would appreciate
> >it for your help.  please send me your 
> >    handle
> >    e-mail address
> >    city, state
> >    (optional) your mailing address 
> >    and url
> >    whether or not you would like to recieve hackers list
> >    type of hacking you do
> >Thank You for your cooperation

Michael Douglass
Texas Networking, Inc.

  "To be a saint is to be an exception; to be a true man is the rule.
   Err, fail, sin if you must, but be upright.  To sin as little as
   possible is the law for men; to sin not at all is a dream for angels."

              - Victor Hugo, "Les Miserables"






From jkoum at leland.Stanford.EDU  Sat Aug 31 20:25:39 1996
From: jkoum at leland.Stanford.EDU (Jan Koum)
Date: Sun, 1 Sep 1996 11:25:39 +0800
Subject: BoS: Re: your mail
In-Reply-To: <Pine.LNX.3.95.960901192944.6602A-100000@wrath.netline.net>
Message-ID: <Pine.SUN.3.95.960831181450.8212D-100000@elaine37.Stanford.EDU>



	Well, I think we all seen and heard what type of people use
phrases like: "Thank You for your cooperation". 

On Sun, 1 Sep 1996, Synthesizer Punk wrote:

> On Sat, 31 Aug 1996, patrick b cummings wrote:
> 
> :I am planning to make a list of hacker's of america and would appreciate
> :it for your help.  please send me your 
> :    handle
> :    e-mail address
> :    city, state
> :    (optional) your mailing address 
> :    and url
> :    whether or not you would like to recieve hackers list
> :    type of hacking you do
> :Thank You for your cooperation
> :
> :
> :
> 	May I ask, ill fatedly, WHY you're doing this?
> 	What goals you wish to accomplish by doing this?
> 	How many friends will you make?
> 	Will you go to Disney World when done?
> 
> 	sigh
> 
>                       __  .__https://aleph.tessier.com__   lucas at wasteland.org
>   _________.__. _____/  |_|  |__ ______  __ __  ____ |  | __   If privay is 
>  /  ___<   |  |/    \   __\  |  \\____ \|  |  \/    \|  |/ /  outlawed, only
>  \___ \ \___  |   |  \  | |   Y  \  |_> >  |  /   |  \    <    outlaws will
> /____  >/ ____|___|  /__| |___|  /   __/|____/|___|  /__|_ >   have privacy.
>      \/ \/ sXe sXe \/          \/|__| figlet       \/just Another P.C. Fascist
>            Tessier/Ashpool_-//-..()_=+www(ashpool/tessier).com.-+|\
> 
> 
> 






From patrickbc at juno.com  Sat Aug 31 20:38:22 1996
From: patrickbc at juno.com (patrick b cummings)
Date: Sun, 1 Sep 1996 11:38:22 +0800
Subject: mailing lists
Message-ID: <19960830.205359.4758.1.patrickbc@juno.com>


If any body knows any good mailings lists please tell me.


                                                                         
      -P. Cummings-
                                                   		     
Patrickbc at juno.com





From ichudov at algebra.com  Sat Aug 31 20:38:50 1996
From: ichudov at algebra.com (Igor Chudov @ home)
Date: Sun, 1 Sep 1996 11:38:50 +0800
Subject: "Security risks" vs. "credit risks"
In-Reply-To: <ae4e076b0102100432c4@[207.167.93.63]>
Message-ID: <199609010153.UAA22411@manifold.algebra.com>


Timothy C. May wrote:
> There is great danger, to be sure, especially if one's writings and public
> utterances become entries into a "threat data base." But I see nothing
> unsurprising in, say, American Airlines expressing more interest in Jim
> Bell or Tim May, both of whom have written publically about terrorism and
> "soft targets," and both of whom have written about how to make pipe bombs,
> than in Marianne Smith, retired school teacher from Peoria.

... bobbit ... 
> 
> Remember, private airlines are just that: private. Surely we do not support
> laws which limit a private airline from using data it has acquired to
> decide whom to pay closer attention to. This is the essence of what
> knowledge is.
> 

Unfortunately, most private businesses suck up to the government. It 
is understandable if we note that they can be harassed by the government.
Airlines, for example, are under tight and rather arbitrary control of 
the FAA.

	- Igor.





From wb8foz at nrk.com  Sat Aug 31 21:08:05 1996
From: wb8foz at nrk.com (David Lesher)
Date: Sun, 1 Sep 1996 12:08:05 +0800
Subject: Mail OnNet
In-Reply-To: <199609010014.RAA03254@mail.eskimo.com>
Message-ID: <199609010219.WAA17853@nrk.com>


Joel McNamara sez:
> 
> http://www.ftp.com/mkt_info/onnet32/try.htm
> 
> IMHO, this is getting very close to transparent secure e-mail for the mas=
> ses.
 
> Two notes.  (1) It only runs under Win95 and NT.  (2) It's ITAR restricte=

Three. It's stuck in MIME mode.


-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From invalid at upt.org  Sat Aug 31 21:09:38 1996
From: invalid at upt.org (Tom Jackiewicz)
Date: Sun, 1 Sep 1996 12:09:38 +0800
Subject: 
In-Reply-To: <19960830.174816.9758.3.patrickbc@juno.com>
Message-ID: <3228F3AD.7B70E4EA@upt.org>


a hackers of america list? 

that would be really stupid and give the wrong impression. while i am a
'hacker', i would rather not be associated with the media definion of a
hacker, and i am sure that this is what your list will be associated
with. either that, or be given to the wrong people..

is there any point to all this?

i apologize for responding to this thread, but it just seems like a
really stupid idea.
-- 
from the superkeen and highly electronic desk of...

	 _ __/|  Tom Jackiewicz
	 \'x.X'  System/Network Security
	 =(___)= Senior Systems Administrator
	     U	 invalid at upt.org, invalid at goodnet.com
				
		...fo ksed cinortcele ylhgih dna neekrepus eht morf





From minow at apple.com  Sat Aug 31 21:32:06 1996
From: minow at apple.com (Martin Minow)
Date: Sun, 1 Sep 1996 12:32:06 +0800
Subject: Ester Dyson's comment on anonymity
In-Reply-To: <ae4e63ca01021004ac2b@[206.170.115.3]>
Message-ID: <v03007803ae4ea4353d05@[17.219.102.1]>


Declan McCullagh wrote:
>Note Esther Dyson's comments:
>
>         "The damage that can be done by anonymity is far bigger" than in
>   any other medium, said Esther Dyson, chairwoman of the Electronic
>   Frontier Foundation. "In the end, you need to be able to get at
>   somebody's identity to enforce accountability, and the question is how
>   do you also enforce freedom of speech and freedom from prosecution for
>   unpopular opinions."

I wonder whether Esther was speaking about the Federalist Papers?
Who did write those subversive documents anywhy?

Martin Minow
minow at apple.com









From drose at AZStarNet.com  Sat Aug 31 21:32:39 1996
From: drose at AZStarNet.com (David M. Rose)
Date: Sun, 1 Sep 1996 12:32:39 +0800
Subject: BoS: Re: your mail
Message-ID: <199609010258.TAA18705@web.azstarnet.com>


Jan Koum wrote:

>	Well, I think we all seen and heard what type of people use
>phrases like: "Thank You for your cooperation". 

Yowsuh! We sho' nuffs be all done seen 'em.

Stanford, hmm?






From jamesd at echeque.com  Sat Aug 31 21:41:44 1996
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 1 Sep 1996 12:41:44 +0800
Subject: Anti-Racist Laws Stifle Political Liberty
Message-ID: <199609010253.TAA28257@dns2.noc.best.net>


At 09:01 AM 8/29/96 -0700, Dave Harman OBC wrote:
> Some examples of dangerous dead letter laws:
>
> * Abortion
>
> [...] If 
> the previous Supreme Court decisions are overturned, most states will 
> suddenly start enforcing their fascist anti-abortion laws.

This seems unlikely; Abortion was illegal in the US for about 75 years
before there was any serious attempt to enforce these laws.  As soon as 
people got serious about enforcing them in the 1950s, the shit hit the 
fan.

No semi free country has ever got away with banning abortion 
unless there was a convenient neighbor a short day trip away, where
abortions are reasonably available.  (If Ulster went back to Ireland,
I predict Irelands policy on abortions would swiftly change)

Your points concerning other dangerous dead letter laws are very
true.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From chen at chen.com  Sat Aug 31 21:43:41 1996
From: chen at chen.com (Mark Chen)
Date: Sun, 1 Sep 1996 12:43:41 +0800
Subject: Elliptic Curve Y**2 = x**3 + a * x**2 + b
In-Reply-To: <Pine.SUN.3.95.960829124919.16763B-100000@eskimo.com>
Message-ID: <9609010250.AA00997@pela.chen.com.>


Wei Dai writes:
> On Thu, 29 Aug 1996, Tom Rollins wrote:
> 
> > Questions are:
> > 
> >   1: How can I take the suqare root mod p ?
> 
> Here's some C++ code for taking modular square roots:
> 
> Integer ModularSquareRoot(const Integer &a, const Integer &p)
> {
> 	if (p%4 == 3)
> 		return a_exp_b_mod_c(a, (p+1)/4, p);
> 
> 	Integer q=p-1;
> 	unsigned int r=0;
> 	while (q%2==0)   // while q is even
> 	{
> 		r++;
> 		q >>= 1;
> 	}
> 
> 	Integer n=2;
> 	while (Jacobi(n, p) != -1)
> 		++n;
> 
> 	Integer y = a_exp_b_mod_c(n, q, p);
> 	Integer x = a_exp_b_mod_c(a, (q-1)/2, p);
> 	Integer b = (x.Square()%p)*a%p;
> 	x = a*x%p;
> 	Integer tempb, t;
> 
> 	while (b != 1)
> 	{
> 		unsigned m=0;
> 		tempb = b;
> 		do
> 		{
> 			m++;
> 			b = b.Square()%p;
> 			if (m==r)
> 				return Integer::ZERO;
> 		}
> 		while (b != 1);
> 
> 		t = y;
> 		for (unsigned i=0; i<r-m-1; i++)
> 			t = t.Square()%p;
> 		y = t.Square()%p;
> 		r = m;
> 		x = x*t%p;
> 		b = tempb*y%p;
> 	}
> 
> 	assert(x.Square()%p == a);
> 	return x;
> }
> 
> >   2: How to determine if a solution exists for a
> >      selected value of x ?
> 
> The Jacobi symbol tells you whether x has a square root mod p:
> 
> // if b is prime, then Jacobi(a, b) returns 0 if a%b==0, 1 if a is
> // quadratic residue mod b, -1 otherwise
> // check a number theory book for what Jacobi symbol means when b is not
> // prime
> 
> int Jacobi(const Integer &aIn, const Integer &bIn)
> {
>     assert(bIn[0]==1);
> 
>     Integer b = bIn, a = aIn%bIn;
>     int result = 1;
> 
>     while (!!a)
>     {
> 	unsigned i=0;
> 	while (a[i]==0)
> 		i++;
> 	a>>=i;
> 
> 	if (i%2==1 && (b%8==3 || b%8==5))
> 		result = -result;
> 
>         if (a%4==3 && b%4==3)
>             result = -result;
> 
>         swap(a, b);
>         a %= b;
>     }
> 
>     return (b==1) ? result : 0;
> }
> 
> >   3: Is the a simpler method than find a square root ?
> 
> I don't think so.  Let me know if you do find one.

If you work in GF(2^m), you can use a normal basis representation
which allows you to do much faster math.  Squaring, for example,
becomes a simple rotation.

There are also very efficient algorithms for computing inverses and
solving quadratics.

These speedups currently account for most of the performance
improvements which elliptic curve systems offer over their
integer-field counterparts.

   - Mark -


--
Mark Chen 
415/341-5539
chen at chen.com
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D





From jamesd at echeque.com  Sat Aug 31 21:45:43 1996
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 1 Sep 1996 12:45:43 +0800
Subject: Penet Bites the Dust
Message-ID: <199609010253.TAA28252@dns2.noc.best.net>


At 12:13 PM 8/30/96 -0700, Mike Duvos wrote:
> An interesting Net tidbit.  Note that the "International Conference
> on Child Sexual Exploitation" in Stolkholm which served as a platform
> for these accusations and various coordinated stories in numerous
> media outlets is simply a circus put on by ECPAT, a well-known
> pressure group whose propaganda is modeled after the now-defunct 
> National Coalition on Pornography, and whose spurious and laughable
> claims about child pornography and vast pedophile conspiracies would fill 
> volumes.  The only odd thing here is that the mainstream press is
> presenting this gathering with a perfectly straight face, as if it were
> some sort of credible event, which of course it is not. 


Nothing odd about it.

Everytime a new medium appears, the old media run to the 
politicians to have it controlled and regulated to death.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From markm at voicenet.com  Sat Aug 31 21:47:42 1996
From: markm at voicenet.com (Mark M.)
Date: Sun, 1 Sep 1996 12:47:42 +0800
Subject: WARNING vIRuS!
In-Reply-To: <Pine.3.89.9608311205.A15184-0100000@netcom>
Message-ID: <Pine.LNX.3.95.960831225055.1669B-100000@gak>


On Sat, 31 Aug 1996, Paul S. Penrod wrote:

> Binary launches are the way they do it, and the way a virus spreads, 
> unless you get caught up with autoexecuting Word and Excel macros.
> 
> I have yet to see *any* truly data propogating viruses.

Would you count the fingerd exploit used in the Internet Worm as a data
propogating virus?  If a poorly written mail program doesn't do bounds
checking, it could conceivably allow for a Good Times-like virus.  However,
highly unlikely, since mail programs are too diverse and it would be very
doubtful that a brain-dead mail program would become very widespread.  I would
be much more worried about other non-email programs that fail to do bounds
checking (like Netscape v1.1).

-- Mark

PGP encrypted mail prefered.
Key fingerprint = d61734f2800486ae6f79bfeb70f95348
http://www.voicenet.com/~markm/






From alanh at widomaker.com  Sat Aug 31 22:10:59 1996
From: alanh at widomaker.com (Alan Horowitz)
Date: Sun, 1 Sep 1996 13:10:59 +0800
Subject: FLT 800: From the Rumor Mill...But It Makes Sense.. (fwd)
Message-ID: <Pine.UW2.3.93.960831232038.22836C-100000@wilma>




---------- Forwarded message ----------
Date: Sat, 31 Aug 1996 21:29:56 -0400
From: Ralph Jennett <jennett at citicom.com>
To: Alan Horowitz <alanh at widomaker.com>
Subject: Re: FLT 800: From the Rumor Mill...But It Makes Sense..

The problem is, from my experience at Roosevelt Roads, the Navy never
conducts live fire exercises without declaring the area of operation
strictly off limits to non-military aircraft.  Also, the 747 would have
shown up WITH ITS TRANSPONDER DATA on the screens on an Aegis ship, so why
would they fire?  And, I didn't think that a P3 pilot would fly around in
controlled air space with his transponder shut off, especially when he might
become a target himself (or just a victum of a mid air collision) if he
isn't squawking.  I suppose the story that you sent could be true, but if it
is, I'm surprised that nothing like that ever happened before, given the
sloppy procedures being followed.  The latest RELEASED data makes it sound
like a bomb in the cabin (row 24, right side) is responsible.  I'm not sure
that I don't believe that, although I am quite suspicious of anything coming
out of the justice department under the current President and Attorney General.






From Adamsc at io-online.com  Sat Aug 31 22:12:50 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sun, 1 Sep 1996 13:12:50 +0800
Subject: PGP Comments Considered Occasionally Harmful Re: Pronto making a comment
Message-ID: <19960901031602750.AAA140@IO-ONLINE.COM>


On Sat, 31 Aug 1996 01:44:15 -0700, stewarts at ix.netcom.com wrote:

>>> How did you get Pronto to do a comment?
>>I added a "comment=" in my config.txt ;) ... the old fashionned way.
>...
>>-----BEGIN PGP SIGNATURE-----
>>Version: 2.6.3i
>>Charset: ascii
>>Comment: http://www.cyberbeach.net/~mbabcock/PGP/
>
>Note that the comment makes traffic analysis much easier.
>Sure, you can send your mail through five different remailers,
>but if each layer of PGP has your home page URL or some other
>distinctive Comment:, it's traceable.

OTOH, a signature has your distinctive key-id anyway.

- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said.
* Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
* Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
* Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
* Member in good standing of the GNU whirled hors d'oeuvre






From Adamsc at io-online.com  Sat Aug 31 22:31:13 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sun, 1 Sep 1996 13:31:13 +0800
Subject: WARNING vIRuS!
Message-ID: <19960901031602750.AAB140@IO-ONLINE.COM>


On Sat, 31 Aug 1996 11:21:05 -0500, kickboxer wrote:

>        There is a new and VERY dangerous virus called the HAZ-MAT virus!
>it fucks up the sectors on your hd, and really messes up the partition
>tables.  It does this once a week, picking a random time to do it.  99.9% of
>virus scanners and other antivirus programs will not recognize it, for it is
>a totally new strain, using a never before seen code.... Be warned!  The
>HAZ-MAT virus usually resides in JPG, and GIF files... once the files are
>viewed, the virus takes effect.
>scan all images upon download!
As soon as you said that, it's obvious it's a hoax.  The first law of computer
viruses: You have to run a program to get one.  JPG and GIF files are *never*
executed.  There is no possible way for you to get a virus from one.

- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said.
* Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
* Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
* Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
* Member in good standing of the GNU whirled hors d'oeuvre






From ponder at freenet.tlh.fl.us  Sat Aug 31 22:40:14 1996
From: ponder at freenet.tlh.fl.us (P. J. Ponder)
Date: Sun, 1 Sep 1996 13:40:14 +0800
Subject: Esther Dyson on Remailers
Message-ID: <Pine.OSF.3.91.960831233808.23669B-100000@fn3.freenet.tlh.fl.us>


pretty grim reading in the LA Times article if that is really the EFF 
position on remailers.

could someone straighten this out, or at least give us the EFF's view of 
why remailers are a bad thing? 

with friends like that, who needs enemies?

---------------

So long, Julf - Thank you for a valuable public service!
Best of luck to you!
--
to unsubscribe, mail to majordomo at toad.com a message that reads:
unsubscribe cypherpunks (in the message body, not subject line).





From zachb at netcom.com  Sat Aug 31 22:53:10 1996
From: zachb at netcom.com (Z.B.)
Date: Sun, 1 Sep 1996 13:53:10 +0800
Subject: wardialer
In-Reply-To: <19960830.190333.9758.7.patrickbc@juno.com>
Message-ID: <Pine.3.89.9608312051.A21374-0100000@netcom19>


On Sat, 31 Aug 1996, patrick b cummings wrote:

> Does any body know where I can get a half decent war dialer.
> 

Use a websearch utility, and stop posting to cryptography-based mailing 
lists.

---

Zach Babayco

zachb at netcom.com  <----- finger for PGP public key
http://www.geocities.com/SiliconValley/Park/4127








From Adamsc at io-online.com  Sat Aug 31 22:58:21 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sun, 1 Sep 1996 13:58:21 +0800
Subject: (null)
Message-ID: <19960901040353468.AAA172@IO-ONLINE.COM>


On Sat, 31 Aug 1996 18:54:29 EDT, patrick b cummings wrote:

>I am planning to make a list of hacker's of america and would appreciate
>it for your help.  please send me your 
>    handle
3VIL HACK3R
>    e-mail address
hacker at stupid.troll.com
>    city, state
>    (optional) your mailing address 
<G> Paranoia lives deep. I wouldn't count on many addresses from real hackers.
>    and url
http://www.stupid.troll.com/HACK3RZ/k00d_d00d.html
>    whether or not you would like to recieve hackers list
No.
>    type of hacking you do
Dismembering people who post off topic? <g>
>Thank You for your cooperation


- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said.
* Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
* Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
* Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
* Member in good standing of the GNU whirled hors d'oeuvre






From Adamsc at io-online.com  Sat Aug 31 23:04:14 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sun, 1 Sep 1996 14:04:14 +0800
Subject: Sen. Leahy's "impeccable cyberspace credentials"
Message-ID: <19960901042711375.AAA140@IO-ONLINE.COM>


On Sat, 31 Aug 1996 18:11:52 EDT, patrick b cummings wrote:

>I agree with what you are saying but not all polititions are that bad. 
>You make it sound as if their are no politisions are for freedom of the
>net.

For the most part there aren't.  Why? Well the media has sensationalized it. 
How many politicians want to go on record as "protecting the rights of
child-pornographers"?  Now, this isn't a major portion of Internet usage, but
you'd never know that from what you read in the paper.  If you only listened to
them, it'd be something like this:
40% kiddie-porn
20% terrorists, bomb instructions, etc.
15% "evil hackers" who are going to steal our money, shut off our power, etc.
10% hate groups
10% pornography
03% right-wing gun nuts
02% other (research, entertainment, etc)


- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said.
* Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
* Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
* Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
* Member in good standing of the GNU whirled hors d'oeuvre






From Adamsc at io-online.com  Sat Aug 31 23:27:58 1996
From: Adamsc at io-online.com (Adamsc)
Date: Sun, 1 Sep 1996 14:27:58 +0800
Subject: Los Angeles Times article on Helsingius and anon.penet.fi
Message-ID: <19960901041425937.AAA191@IO-ONLINE.COM>


On Sat, 31 Aug 1996 14:54:37 -0700, Lance Cottrell wrote:

>>Note Esther Dyson's comments:
>>   "The damage that can be done by anonymity is far bigger" than in
>>   any other medium, said Esther Dyson, chairwoman of the Electronic
>>   Frontier Foundation. "In the end, you need to be able to get at
>>   somebody's identity to enforce accountability, and the question is how
>>   do you also enforce freedom of speech and freedom from prosecution for
>>   unpopular opinions."
<SNIP>

>Is this the official EFF position on remailers? This strong anti-remailer
>position needs to be retracted or widely publicized.

I doubt they'd publicize it; it'd probably cost them a *lot* of supporters.


- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said.
* Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
* Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
* Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
* Member in good standing of the GNU whirled hors d'oeuvre






From apache at quux.apana.org.au  Sat Aug 31 23:28:12 1996
From: apache at quux.apana.org.au (Charles Senescall)
Date: Sun, 1 Sep 1996 14:28:12 +0800
Subject: Los Angeles Times article on Helsingius and anon.penet.fi
In-Reply-To: <Pine.3.89.9608311202.A7161-0100000@well.com>
Message-ID: <Pine.LNX.3.91.960901145443.1716A-100000@quux.apana.org.au>


On Sat, 31 Aug 1996, Declan McCullagh wrote:

> The attached article was reposted to fight-censorship with the permission
> of the Los Angeles Times, which ran it on the front page today. 
[snip]
> Note Esther Dyson's comments:
> 
>          "The damage that can be done by anonymity is far bigger" than in
>    any other medium, said Esther Dyson, chairwoman of the Electronic
>    Frontier Foundation. "In the end, you need to be able to get at
>    somebody's identity to enforce accountability, and the question is how
>    do you also enforce freedom of speech and freedom from prosecution for
>    unpopular opinions."

Is this _really_ the EFF policy on anonymopus remailers??

I will check with our local version of the EFF and see what they have to say.

If the EFF is not for anonymity it needs to be publicised. Perhaps the 
EFF has been in bed with the political pigs too long. *OINK*

-- 
   .////.   .//    Charles Senescall            apache at quux.apana.org.au
 o:::::::::///     Fuck TEL$TRA                    
>::::::::::\\\     Finger me for PGP PUBKEY           Brisbane AUSTRALIA
   '\\\\\'   \\    <A HREF="http://quux.apana.org.au/~apache/">