[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: alt.whistleblowing-cypherpunk FAQ



According to L. Detweiler:
> 
> Mr. Diehl:
> If you had taken the time to read any significant portion of
> alt.whistleblowing traffic, I would imagine you would have stumbled on
> messages where I presented an outline/preliminary FAQ and an anonymous
> posting described precisely how to use Julf's remailer to send traffic

I read the entire newsgroup! All 27 articles.  In these articles, I counted 
exactly ONE from you, and it had nothing to do with what you describe above.

> (which were posted under a week ago).  I take great offense at your
> hasty, flippant denigration of it so far as a `flamefest'. While of

Then, IMHO, you are easily offended.  But, lets look at what I was refering to:

Several messages in alt.whistleblowing.... Drasticly condensed to save BW.

From cypherpunks-request  Tue Jun 15 20:49:52 1993
Received: by toad.com id AA21533; Tue, 15 Jun 93 20:48:23 PDT
Return-Path: <[email protected]>
Received: from triton.unm.edu ([129.24.8.235]) by toad.com id AA21529; Tue, 15 Jun 93 20:48:19 PDT
Received: by triton.unm.edu (5.65/0.1)
	id <AA20651>; Tue, 15 Jun 1993 21:48:06 -0600
From: J. Michael Diehl <[email protected]>
Message-Id: <[email protected]>
Subject: Re: Digital Cash$$$$
To: [email protected] (Duncan Frissell)
Date: Tue, 15 Jun 1993 21:48:05 -0600 (MDT)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Duncan Frissell" at Jun 14, 93 04:09:37 pm
X-Also-Known-As: Thunder
X-Goal-In-Life:  To make a lot of money -- Wanna make a donation?
X-Mailer: ELM [version 2.4 PL21]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 1721      

According to Duncan Frissell:

> A digital cash economy doesn't have to be separate from the regular economy.

> 1.)     You mail cash/MO to First Digital Bank of Cyberspace (at an offshore
> maildrop) together with a public (unique if you like) key and anonymous email
> address (on Julf's remailer perhaps).

Then DC is actually backed by "legal" currency?  Then, what's to keep someone 
from opening a digital bank, and takeing the money and runing?

> 4.)     You find someone to accept the digital cash.  Initially it can be used
> for gambling and telecoms/storage fees, eventually buying digital goods
> (software, print, audio, video, VR) will be easy.  Remember, within a few 
> years 100 million homes in OECD countries will have 1.5 megabit lines into 
> them.  This is a huge market for digital entertainment.

OECD?

Obviously, DC can lead to quite a few opportunities for corruption, taxes for 
example.  This will hinder (or help, in Washington D.C! ;^]) the spread of DC.
Is there any arguements for DC, to offer to counter this major drawback?
+-----------------------+-----------------------------+---------+
| J. Michael Diehl ;-)  | I thought I was wrong once. | PGP KEY |
| [email protected] |   But, I was mistaken.      |available|
| [email protected]   |                             | Ask Me! |
| (505) 299-2282        +-----------------------------+---------+
|                                                               |
+------"I'm just looking for the opportunity to be -------------+
|            Politically Incorrect!"   <Me>                     |
+-----If codes are outlawed, only criminals wil have codes.-----+
+----Is Big Brother in your phone?  If you don't know, ask me---+

From cypherpunks-request  Tue Jun 15 22:09:53 1993
Received: by toad.com id AA23778; Tue, 15 Jun 93 22:08:10 PDT
Return-Path: <[email protected]>
Received: from jarthur.Claremont.EDU ([134.173.42.1]) by toad.com id AA23770; Tue, 15 Jun 93 22:08:04 PDT
Message-Id: <[email protected]>
To: [email protected]
From: nobody@eli-remailer
Subject: REMAIL: X-TTL and X-Discard
Date: Tue Jun 15 22:07:41 PDT 1993
Remailed-By: Eli Brandt <[email protected]>
Source-Info:  From (or Sender) name not authenticated.

-----BEGIN PGP SIGNED MESSAGE-----

I don't see that X-TTL is very useful as currently proposed.  As I see
it, I would have to create something like this:

=======================================
::
X-TTL: 5
Request-Remailing-To: remailer1

::
Request-Remailing-To: remailer2

::
Request-Remailing-To: remailer3

::
Request-Remailing-To: remailer4

::
Request-Remailing-To: remailer5

Dummy message to be sent.
=======================================

(Or an equivalent structure could be set up with nested PGP encryptions.)

This would go through remailers 1, 2, 3, 4, and 5, decrementing the
X-TTL field each time, and after the last one when it was 0 the message
would be deleted.  The X-TTL is not very convenient in this case since
you still have to come up with a path for sending your message which is
at least as long as the X-TTL value.

It seems to me that the X-Discard idea is simpler; you can just put the
X-Discard in the command block for the last remailer, and you don't have
to count them.

What is needed to make X-TTL useful is for the remailer to choose another
remailer as its destination, and ideally to encrypt the message before
sending it.  This way X-TTL can be used to insert a random remailer path of
n hops in the middle of a sender-constructed remailing path.  This leads to
a system where the remailer decrypts an incoming message, reads the X-TTL
value, decrements it, re-encrypts the message for the next remailer in the
chain, and sends it.  The X-TTL value is never exposed to outsiders.

At one point I wrote a modification to my remailer to cause it to
encrypt any message which it sent to another remailer which supported
PGP.  But I decided that this didn't really help security enough to
be worthwhile.  It would be much better to encourage users to encrypt
their messages themselves in a nested fashion so that no remailer sees
any more information than the bare minimum necessary.

Hal Finney
[email protected]

-----BEGIN PGP SIGNATURE-----
Version: 2.2

iQCVAgUBLB5mUKgTA69YIUw3AQHlRwQAmQ4t6ZcSNbieK4Y8ywj2t1vT1WR9amsY
RB1H/cBGfIsVZOcpFb7K5OLrwhTh+aIO6b7sUzXVBsbsgNKLtv0yPjracDpPH5y1
EJ6U9k+74mXDpxl7vo4tqFUiEFd3s3I6by/TjmVAtKy8eX1+o83yo0BJgt9YgNSr
psi8xbAFGUI=
=4DtE
-----END PGP SIGNATURE-----


From cypherpunks-request  Tue Jun 15 21:14:38 1993
Received: by toad.com id AA22244; Tue, 15 Jun 93 21:11:02 PDT
Return-Path: <[email protected]>
Received: from relay2.UU.NET by toad.com id AA22240; Tue, 15 Jun 93 21:10:58 PDT
Received: from spool.uu.net (via LOCALHOST) by relay2.UU.NET with SMTP 
	(5.61/UUNET-internet-primary) id AA04442; Wed, 16 Jun 93 00:11:04 -0400
Received: from sytex.UUCP by spool.uu.net with UUCP/RMAIL
	(queueing-rmail) id 000929.231; Wed, 16 Jun 1993 00:09:29 EDT
Received: by sytex.com (Smail3.1.28.1 #1)
	id m0o5oMo-00017IC; Tue, 15 Jun 93 23:40 EDT
To: [email protected]
Subject: YAA (yet another article)
From: [email protected] (Paul Ferguson)
Message-Id: <[email protected]>
Date: Tue, 15 Jun 93 23:39:20 EDT
Organization: Sytex Communications, Inc

ComputerWorld
June 14, 1993
Volume 27, Number 24
pages 73,74
 
Enterprise Networking
 
Commentary
 
All Eyes On Clipper
by Gary H. Anthes
 
If any conclusion can be drawn from the cacophony of conflicting
views put forth at a recent public hearing on government-sponsored
encryption technology, it is that the Clinton administration should
slow down and take a closer look at Clipper.
 
Clipper is the government's attempt to give law enforcers the ability
to unscramble coded messages from suspected criminals while
guaranteeing constitutional safeguards to legitimate users. To do
that, a secret algorithm embedded in a chip will use
encryption/decryption keys maintained "in escrow" by two
government-approved agencies and subject to use in wiretaps only via
court order.
 
The first image brought to mind when presented with the key-escrow
concept is that of a digital Big Brother, able to siphon off
electronic secrets from anyone not in favor with the establishment.
Stanford University Professor Martin E. Hellman says former Attorney
General John Mitchell was in the habit of handing down blank but
signed wiretap authorizations, 40 to 50 at a pop, rather than
personally reviewing each request as required by law. "Two escrow
authorities do little good if only one court order is required,"
Hellmman contends.
 
The government has done little so far to put those fears to rest or to